Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ClamAV de PfSense no me funciona

    Scheduled Pinned Locked Moved Español
    13 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lucasll @starnix
      last edited by

      @starnix
      Prueba este test. Es un poco clásico, pero te ayudará.
      https://www.eicar.org --> link "download testfile"

      Enlace directo http (o sea, no https):
      http://2016.eicar.org/download/eicar.com

      1 Reply Last reply Reply Quote 0
      • S
        starnix
        last edited by

        @lucasll
        Metiendome en la página https://www.eicar.org --> link "download testfile" y clickando sobre los zips, me deja ejecutar y guardarlo sin ningún problema.

        Si me meto en el enlace directo con http http://2016.eicar.org/download/eicar.com me sale lo siguiente:

        En la barra de direcciones aparece mi dominio acompañado de lo siguiente

        eeee.PNG
        http://2016.eicar.org/download/eicar.com

        eicar.PNG

        1 Reply Last reply Reply Quote 0
        • S
          starnix
          last edited by

          @DaddyGo Does this mean that it will only work with pages that have an http certificate? well, nowadays almost no page uses http, now almost all uses https, then it is almost useless

          1 Reply Last reply Reply Quote 0
          • DaddyGoD
            DaddyGo
            last edited by

            You understand the situation exactly well.
            ClamAV cannot scan https pages due to MITM

            Cats bury it so they can't see it!
            (You know what I mean if you have a cat)

            1 Reply Last reply Reply Quote 0
            • DaddyGoD
              DaddyGo
              last edited by

              For a long time there was a problem with the redirect url and own pfSense system domain name,
              in case it works well, this page should get you

              d3aea393-b614-4c2a-960e-b797c91153c1-image.png

              Cats bury it so they can't see it!
              (You know what I mean if you have a cat)

              1 Reply Last reply Reply Quote 0
              • S
                starnix
                last edited by

                @DaddyGo The person above gave me that same website, one with https and one with http.
                If I try to enter the web page with https, I enter without problem and I can download the zips without any problem.

                Instead in http I get the image that I have attached

                L 1 Reply Last reply Reply Quote 0
                • DaddyGoD
                  DaddyGo
                  last edited by

                  Yes this is a fairly common test page among IT professionals.
                  In my example, I used that too.
                  As I mentioned, this configuration is a problem (redirect url):

                  347b6040-3246-4447-8c08-8d48ae008d5a-image.png

                  Anyway, try to upgrade to 2.4.5, it's your responsibility, but I can say that we've upgraded nearly 25 pfSense devices on our system without any problems. If you are using a virtual machine, be careful.

                  In 2.4.5 there is a pair of Squid and along with ClamAV update and patch

                  Cats bury it so they can't see it!
                  (You know what I mean if you have a cat)

                  S 1 Reply Last reply Reply Quote 0
                  • L
                    lucasll @starnix
                    last edited by

                    @starnix
                    También puedes hacer pruebas configurando el proxy explícitamente en el navegador. Es decir, sin modo transparente.

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      starnix @lucasll
                      last edited by

                      @lucasll Para configurarlo como tu dices simplemente desactivo la opción de modo transparente y ya?

                      1 Reply Last reply Reply Quote 0
                      • S
                        starnix @DaddyGo
                        last edited by

                        @DaddyGo I will try to update my pfsense in case that is what gives error

                        1 Reply Last reply Reply Quote 0
                        • DaddyGoD
                          DaddyGo
                          last edited by

                          The non-transparent mode (implicit) requires multiple configurations, which can be inconvenient on a large system

                          https://docs.netgate.com/pfsense/en/latest/cache-proxy/wpad-autoconfigure-for-squid.html
                          https://www.ssltrust.com.au/help/setup-guides/setup-squid-proxy

                          Cats bury it so they can't see it!
                          (You know what I mean if you have a cat)

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.