Icap protocol error



  • I am having icap protocol error when I enable antivirus on squid proxy.  I can disable it so that there will be internet connection but I need this feature.  How to resolve this ?



  • Hi,

    Same issue I have…what underlaying hardware do you use?



  • same here
    after enable -> Package -> Proxy Server: AntivirusAntivirus -> "Enable Squid antivirus check using ClamAV." i got an error (see error.PNG):

    what can i do?

    2.3.2-RELEASE (amd64)
    built on Tue Jul 19 12:44:43 CDT 2016
    FreeBSD 10.3-RELEASE-p5




  • maybe the problem is in the squid.conf:

    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squid_clamav bypass=off
    adaptation_access service_avi_req allow all
    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squid_clamav bypass=on
    adaptation_access service_avi_resp allow all

    and should be:

    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squidclamav bypass=off
    adaptation_access service_avi_req allow all
    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squidclamav bypass=on
    adaptation_access service_avi_resp allow all



  • Is there no solution to this problem ?



  • now it is working
    i have installed pfsense from the scratch.
    installing only squid-package (with dep)
    activating claimav and it is working now (see attached squid.conf - file)



    laptopsq.txt



  • I wonder if snort or suricata breaks squid clamav or icap.  The icap error occurs when i install snort and suricata but i dont know exactly if snort or suricata breaks it.



  • @werwasw94:

    maybe the problem is in the squid.conf:

    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squid_clamav bypass=off
    adaptation_access service_avi_req allow all
    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squid_clamav bypass=on
    adaptation_access service_avi_resp allow all

    and should be:

    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squidclamav bypass=off
    adaptation_access service_avi_req allow all
    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squidclamav bypass=on
    adaptation_access service_avi_resp allow all

    Same Here, have squid_clamav in the config.

    is this a bug of the webgui Configurator?



  • @werwasw94:

    now it is working
    i have installed pfsense from the scratch.
    installing only squid-package (with dep)
    activating claimav and it is working now (see attached squid.conf - file)

    I'had also Snort installed on my APU Board. do you think that snort can crash icap?

    now I reinstalled my box from scratch again… no packeges installed and removed everthing from the XML... unsure, if i already should retry to install just squid...



  • hi

    tested squid with clamav in a VM right now… also these ICAP protocol errors, when i try to surf some pages.
    no ramdisk

    regards



  • Is there an update fix to this icap error ?



  • there is a comment in the icap package -> it is currently not mainainted. a volunteer is needed



  • if there is only a step by step procedure how to maintain it, i will volunteer.


Log in to reply