Squid3-dev - c-icap - amd64 - ICAP protocol error
-
Hi
Is there any solution to getting clamav working together with squid3-dev on amd64
i'm currently on2.1.5-RELEASE (amd64)
FreeBSD 8.3-RELEASE-p16
and
squid3-dev
3.3.10 pkg 2.2.6when activating the antivirus option on squid i end up with this error when trying to access any web pages
"The following error was encountered while trying to retrieve the URL: http://www.itavisen.no/
ICAP protocol error.
The system returned: [No Error]
This means that some aspect of the ICAP communication failed.
Some possible problems are:
The ICAP server is not reachable.
An Illegal response was received from the ICAP server."
T.I.A
Thrond -
Go to Diagnostics > edit file
Browse to /usr/local/pkg
Load squid.inc
modify these two lines:icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamavTO THIS:
icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamavSave file.
Then reboot. Done
-
I had that error too!
Second thing was that c-icap service died all time with error 11.So looking at the c-icap.conf i found a whitespace after:
KeepAliveTimeout 600
Port 1344
Deleted the whitecaps and the suggested patch can be reverted. So the exits on Signal 11 are gone, but still ICAP-protocol-errors.
Then i changed the port to 1345 and now I don't get the ICAP-protocol-error anymore.Only bad thing is that no virus is recognized (eicar testfile). :(
-
Go to Diagnostics > edit file
Browse to /usr/local/pkg
Load squid.inc
modify these two lines:icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamavTO THIS:
icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamavSave file.
Then reboot. Done
This fix is disable antivirus integration.
How to fix error without bypass=1 ?!
Friends, please, help. -
First: which Version of pfsense are you using?
-
This fix is disable antivirus integration.
How to fix error without bypass=1 ?!Yes, bypass disable integration.
follow instructions from other many squid3 posts
https://forum.pfsense.org/index.php?topic=77264.msg485524#msg485524
-
With V 2.2 it isn't needed anymore. I would consider an upgrade.
-
Ok, thanks, I read it…
Error in system log (PFsense 2.1.5 x64, squid 3.3.10):kernel: pid 85487 (c-icap), uid 9595: exited on signal 11It is possible to fix it, or it really nonremovable error in 2.1.5 x64 in ICAP?
-
It is possible to fix it, or it really nonremovable error in 2.1.5 x64 in ICAP?
https://forum.pfsense.org/index.php?topic=77264.msg487042#msg487042
