Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Antivirus for all protocols

    Scheduled Pinned Locked Moved pfSense Packages
    7 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cutler
      last edited by

      Hi
      I want to extend clamav virus checking for all protocols in pfsense .
      Can you give me some guidance?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        What do you mean 'all protocols'?  Isn't ClamAV just a file scanner that works in conjunction with a web proxy?

        1 Reply Last reply Reply Quote 0
        • C
          cutler
          last edited by

          For example , virus checking for  BitTorrent and H.323 packets.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            I don't believe that ClamAV works at the packet level.

            1 Reply Last reply Reply Quote 0
            • C
              cutler
              last edited by

              These are "application layer" protocols over Packet Level (Network and Transport Layer) . I want to extend pfsense antivirus functionality like commercial products(Fortigate UTM).

              1 Reply Last reply Reply Quote 0
              • P
                P3R
                last edited by

                After using ClamAV for several years I've given up on them due to their low quality signature database.  They are way behind other free alternatives.

                You'll be spending way too much time on reacting and reporting to the frequent false positives for it to be useful. In addition to that their update servers are in my experience often unavailable.

                I don't know, maybe running a decent AV-service isn't possible as open source? :'(

                1 Reply Last reply Reply Quote 0
                • KOMK
                  KOM
                  last edited by

                  Ah, sorry. For a moment, I thought you were asking to scan the packet stream.  I agree with P3R in that ClamAV isn't that great.  I gave up on it when it was killing our performance, and we already have client/server protection.  Managing an AV service infrastructure isn't simple or cheap, and I can't imagine any FOSS project being able to keep up with the big boys in that regard.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.