Can't seem to get Squid Cache + ClamAV to work
-
Hi - Decided to try and give pfsense a try.
I've previously used it with great success at major lan parties, and I found an old atom d450 which I decided to try and make a Op router out of.The most important features for me would be the cache and antivirus, however I can't seem to get them working probably.
I've tried several test downloads above 1gb, even set the local cache policy to LRU without any success.
Also at the same time, when downloading the EICAR antivirus test file, do I get no warning and the file just downloads straight down.Here are my settings:
General:
Remote Cache:
Local Cache:
Antivirus:
Squid, clam and Icap are running
-
The pics don't work and the site has invalid cert. Use attachments.
-
Are you manually pointing the devices to the proxy? If not you must tick transparent http
-
The pics don't work and the site has invalid cert. Use attachments.
Let me try again then:
-
Are you manually pointing the devices to the proxy? If not you must tick transparent http
The device, is that the offense server or the individual client?
I tried enabling transparrent, without any luck.I use this page to test it.
http://www.thinkbroadband.com/download.html -
And the complaint is? The non-transparent proxy won't get used fox anything unless you point your clients to it.
-
And the complaint is? The non-transparent proxy won't get used fox anything unless you point your clients to it.
There's no complaint - I'm just trying to get this to work and learn a little on the way!
I'm no IT technician, I'm an Epidemiologist - so please use layman terms.
-
The individual client. Go to your browser setting and set it to use proxy, point it at the pfsense gateway and proxy port , EXAMPLE GATEWAY 192.168.0.1 port 3128
-
I'm no IT technician, I'm an Epidemiologist - so please use layman terms.
Here's some medical documentation on configuring proxies in a browser: http://library.medicine.yale.edu/services/computing/configure-browser
Or you might try some automated infection vectors :P
-
I'm no IT technician, I'm an Epidemiologist - so please use layman terms.
Here's some medical documentation on configuring proxies in a browser: http://library.medicine.yale.edu/services/computing/configure-browser
Or you might try some automated infection vectors :P
The individual client. Go to your browser setting and set it to use proxy, point it at the pfsense gateway and proxy port , EXAMPLE GATEWAY 192.168.0.1 port 3128
Alright guys - I've added the proxy manually.
I'm currently trying to download a 100mb test file:http://ipv4.download.thinkbroadband.com/100MB.zip
I assume I would have to download it once, then should it be cached right ?
However once I try and re download it, I still don't exceed my 50Mbps connection.
I assume when I would download it from the RAM of the PFsense box on gigabit lan, I would get way higher speeds right? -
Seems like it might be working now.
I have download bursts up to 165Mbps which is tripple the speed of my WAN connection. -
Hint: There's the Real Time tab with logs, in case you need more info on what's going on.
-
Please try temporarily removing all other packages other than Squid, squidguard and lightsquid.
Are the Squidm services started?
Does Lightsquid get reports?
Services are all running on my
2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6Created the ClamAV log manually.
Have not tested ClamAV to confirm it is working but the services are running.
-
:) enable transparent proxy settings, check if squid proxy works with this http://amibehindaproxy.com/, then check clamav services with the eicar.org virus test file - if you were able to download the file on your pc without being intercepted by squid+clamav services then clamav doesnt work (use http test file)
Take note I just noticed yesterday that clamav wasnt filtering the eicar virus test file, downloading it flags windows about the virus file.
-
Have you looked at this post:
https://forum.pfsense.org/index.php?topic=117017.0