Squid Proxy Server + ClamAV activated decrease download rate significantlySOLVED
-
pfsense 2.4.2-RELEASE-p1 (amd64)
Intel(R) Celeron(R) CPU 3215U @ 1.70GHz
2 CPUs: 1 package(s) x 2 core(s)2GB RAM 64GB SSD
Packages: Backup, bandwidthd, cron, lightsquid, mailreport, nmap, ntopng, openvpn-client-export, pfBlockerNG,
squidlMy ISP provides me about 50Mbps.
With transparent mode, If I activate "Enable Squid antivirus check using ClamAV", then the download rate decrease under 18Mbps.
If I inchecked then It recupers his speed.No significant increment in CPU usage and RAM while AV activated.
Thanks
-
If the AV is scanning a large download it slows the download down, you should see that the AV is set to only scan small files as malware usually are small files, if it is scanning a huge file well you have to wait for AV to scan it. In my opinion I would not run AV, do not expect it to really catch anything as most content is ssl and AV only scans http, unless you do ssl inspection but that is another can of worms to deal with
-
So better do not activate.
Thanks
-
A better way of protecting your network against malware would be pfblockerNG with pihole lists, that blocks domains that contain malware, including ssl domains. Here is a great tutorial
https://www.youtube.com/watch?v=QwFpMwXEK5w&t=1100s