Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid Proxy Server + ClamAV activated decrease download rate significantlySOLVED

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 369 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jlt
      last edited by

      pfsense 2.4.2-RELEASE-p1 (amd64)
      Intel(R) Celeron(R) CPU 3215U @ 1.70GHz
      2 CPUs: 1 package(s) x 2 core(s)

      2GB RAM 64GB SSD
      Packages: Backup, bandwidthd, cron, lightsquid, mailreport, nmap, ntopng, openvpn-client-export, pfBlockerNG,
      squid

      lMy ISP provides me about 50Mbps.
      With transparent mode, If I activate "Enable Squid antivirus check using ClamAV", then the download rate decrease under 18Mbps.
      If I inchecked then It recupers his speed.

      No significant increment in CPU usage and RAM while AV activated.

      Thanks

      1 Reply Last reply Reply Quote 0
      • C
        Chrismallia
        last edited by

        If the AV is scanning a large download  it slows the download down, you should see that the AV is set to only scan small files as malware usually are small files, if it is scanning a huge file well you have to wait for AV to scan it. In my opinion I would not run AV, do not expect it to really catch anything as most content is ssl and AV only scans http, unless you do ssl inspection but that  is another can of worms to deal with

        1 Reply Last reply Reply Quote 0
        • J
          jlt
          last edited by

          So better do not activate.

          Thanks

          1 Reply Last reply Reply Quote 0
          • C
            Chrismallia
            last edited by

            A better way of protecting your network against malware would be pfblockerNG with pihole lists, that  blocks domains that contain malware, including ssl domains. Here is a great tutorial

            https://www.youtube.com/watch?v=QwFpMwXEK5w&t=1100s

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.