Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ClamAV de PfSense no me funciona

    Scheduled Pinned Locked Moved
    Español
    3
    13
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      starnix
      last edited by

      @lucasll
      Metiendome en la página https://www.eicar.org --> link "download testfile" y clickando sobre los zips, me deja ejecutar y guardarlo sin ningún problema.

      Si me meto en el enlace directo con http http://2016.eicar.org/download/eicar.com me sale lo siguiente:

      En la barra de direcciones aparece mi dominio acompañado de lo siguiente

      eeee.PNG
      http://2016.eicar.org/download/eicar.com

      eicar.PNG

      1 Reply Last reply Reply Quote 0
      • S
        starnix
        last edited by

        @DaddyGo Does this mean that it will only work with pages that have an http certificate? well, nowadays almost no page uses http, now almost all uses https, then it is almost useless

        1 Reply Last reply Reply Quote 0
        • DaddyGoD
          DaddyGo
          last edited by

          You understand the situation exactly well.
          ClamAV cannot scan https pages due to MITM

          Cats bury it so they can't see it!
          (You know what I mean if you have a cat)

          1 Reply Last reply Reply Quote 0
          • DaddyGoD
            DaddyGo
            last edited by

            For a long time there was a problem with the redirect url and own pfSense system domain name,
            in case it works well, this page should get you

            d3aea393-b614-4c2a-960e-b797c91153c1-image.png

            Cats bury it so they can't see it!
            (You know what I mean if you have a cat)

            1 Reply Last reply Reply Quote 0
            • S
              starnix
              last edited by

              @DaddyGo The person above gave me that same website, one with https and one with http.
              If I try to enter the web page with https, I enter without problem and I can download the zips without any problem.

              Instead in http I get the image that I have attached

              L 1 Reply Last reply Reply Quote 0
              • DaddyGoD
                DaddyGo
                last edited by

                Yes this is a fairly common test page among IT professionals.
                In my example, I used that too.
                As I mentioned, this configuration is a problem (redirect url):

                347b6040-3246-4447-8c08-8d48ae008d5a-image.png

                Anyway, try to upgrade to 2.4.5, it's your responsibility, but I can say that we've upgraded nearly 25 pfSense devices on our system without any problems. If you are using a virtual machine, be careful.

                In 2.4.5 there is a pair of Squid and along with ClamAV update and patch

                Cats bury it so they can't see it!
                (You know what I mean if you have a cat)

                S 1 Reply Last reply Reply Quote 0
                • L
                  lucasll @starnix
                  last edited by

                  @starnix
                  También puedes hacer pruebas configurando el proxy explícitamente en el navegador. Es decir, sin modo transparente.

                  S 1 Reply Last reply Reply Quote 0
                  • S
                    starnix @lucasll
                    last edited by

                    @lucasll Para configurarlo como tu dices simplemente desactivo la opción de modo transparente y ya?

                    1 Reply Last reply Reply Quote 0
                    • S
                      starnix @DaddyGo
                      last edited by

                      @DaddyGo I will try to update my pfsense in case that is what gives error

                      1 Reply Last reply Reply Quote 0
                      • DaddyGoD
                        DaddyGo
                        last edited by

                        The non-transparent mode (implicit) requires multiple configurations, which can be inconvenient on a large system

                        https://docs.netgate.com/pfsense/en/latest/cache-proxy/wpad-autoconfigure-for-squid.html
                        https://www.ssltrust.com.au/help/setup-guides/setup-squid-proxy

                        Cats bury it so they can't see it!
                        (You know what I mean if you have a cat)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.