Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Icap protocol error

    Scheduled Pinned Locked Moved Cache/Proxy
    13 Posts 3 Posters 13.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      genesislubrigas
      last edited by

      I am having icap protocol error when I enable antivirus on squid proxy.  I can disable it so that there will be internet connection but I need this feature.  How to resolve this ?

      1 Reply Last reply Reply Quote 0
      • T
        tohil
        last edited by

        Hi,

        Same issue I have…what underlaying hardware do you use?

        1 Reply Last reply Reply Quote 0
        • W
          werwasw94
          last edited by

          same here
          after enable -> Package -> Proxy Server: AntivirusAntivirus -> "Enable Squid antivirus check using ClamAV." i got an error (see error.PNG):

          what can i do?

          2.3.2-RELEASE (amd64)
          built on Tue Jul 19 12:44:43 CDT 2016
          FreeBSD 10.3-RELEASE-p5

          error.PNG_thumb
          error.PNG

          1 Reply Last reply Reply Quote 0
          • W
            werwasw94
            last edited by

            maybe the problem is in the squid.conf:

            icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squid_clamav bypass=off
            adaptation_access service_avi_req allow all
            icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squid_clamav bypass=on
            adaptation_access service_avi_resp allow all

            and should be:

            icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squidclamav bypass=off
            adaptation_access service_avi_req allow all
            icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squidclamav bypass=on
            adaptation_access service_avi_resp allow all

            1 Reply Last reply Reply Quote 0
            • G
              genesislubrigas
              last edited by

              Is there no solution to this problem ?

              1 Reply Last reply Reply Quote 0
              • W
                werwasw94
                last edited by

                now it is working
                i have installed pfsense from the scratch.
                installing only squid-package (with dep)
                activating claimav and it is working now (see attached squid.conf - file)

                Unbenannt.GIF
                Unbenannt.GIF_thumb
                laptopsq.txt

                1 Reply Last reply Reply Quote 0
                • G
                  genesislubrigas
                  last edited by

                  I wonder if snort or suricata breaks squid clamav or icap.  The icap error occurs when i install snort and suricata but i dont know exactly if snort or suricata breaks it.

                  1 Reply Last reply Reply Quote 0
                  • T
                    tohil
                    last edited by

                    @werwasw94:

                    maybe the problem is in the squid.conf:

                    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squid_clamav bypass=off
                    adaptation_access service_avi_req allow all
                    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squid_clamav bypass=on
                    adaptation_access service_avi_resp allow all

                    and should be:

                    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squidclamav bypass=off
                    adaptation_access service_avi_req allow all
                    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squidclamav bypass=on
                    adaptation_access service_avi_resp allow all

                    Same Here, have squid_clamav in the config.

                    is this a bug of the webgui Configurator?

                    1 Reply Last reply Reply Quote 0
                    • T
                      tohil
                      last edited by

                      @werwasw94:

                      now it is working
                      i have installed pfsense from the scratch.
                      installing only squid-package (with dep)
                      activating claimav and it is working now (see attached squid.conf - file)

                      I'had also Snort installed on my APU Board. do you think that snort can crash icap?

                      now I reinstalled my box from scratch again… no packeges installed and removed everthing from the XML... unsure, if i already should retry to install just squid...

                      1 Reply Last reply Reply Quote 0
                      • T
                        tohil
                        last edited by

                        hi

                        tested squid with clamav in a VM right now… also these ICAP protocol errors, when i try to surf some pages.
                        no ramdisk

                        regards

                        1 Reply Last reply Reply Quote 0
                        • G
                          genesislubrigas
                          last edited by

                          Is there an update fix to this icap error ?

                          1 Reply Last reply Reply Quote 0
                          • T
                            tohil
                            last edited by

                            there is a comment in the icap package -> it is currently not mainainted. a volunteer is needed

                            1 Reply Last reply Reply Quote 0
                            • G
                              genesislubrigas
                              last edited by

                              if there is only a step by step procedure how to maintain it, i will volunteer.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.