Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using CLAM AV without Squid

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alevene
      last edited by

      I've been having problems using Squid under 2.3.2, that is pages are periodically blank so I removed the plugin and everything works again.

      Is there a way to use CLAM AV without using Squid? I think that Squid MUST be used by the PCs for CLAM AV to serve any purpose.

      Is that correct, or can I reinstall Squid again, not use its proxy features but just CLAM?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Without Squid the AV will not ever see the traffic. So no, that's a definitive no go. (For AV fans, you are WAY better off with AVs on the endpoints anyway; wouldn't rely on ClamAV.)

        1 Reply Last reply Reply Quote 0
        • G
          genesislubrigas
          last edited by

          @doktornotor:

          Without Squid the AV will not ever see the traffic. So no, that's a definitive no go. (For AV fans, you are WAY better off with AVs on the endpoints anyway; wouldn't rely on ClamAV.)

          Thanks for the advice but can you expound why not to reply on ClamAV  and its better for AVs on the endpoints ?
          I am curious because I would wonder why the developer did come up with ClamAV with ICAP on Squid Proxy if it will not be reliable and endpoint AVs are way better.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            Because people we asking for it over and over again and there's nothing else available as open-source you could distribute?

            ClamAV has an abysmal detection rate and is extremely slow. OK for scanning mail with third-party signatures, other than that, wouldn't use it.

            1 Reply Last reply Reply Quote 0
            • RangoR
              Rango
              last edited by

              So i'm assuming ClamAV is still NOT preffered way to do AV screening. I'm sort of glad to hear that anyway as when i enable squid proxy and clamav, one of those two slows down my DNS significantly to

              the order of 10x where dns lookup was 30ms now with all those services running is 600ms which is 2000% slow down. I think it's proxy not clam av but that's a no go for me if that's the price to pay.

              I'm still trying to figure out why i would need proxy server for 3 clients max and why would anyone want to deal with cache of that later.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.