Squid/ClamAV - Steam/Blizzard/Etc

  • Hello everyone;

    I am using Squid with ClamAV scanning.  Everything works as I would expect. Squid is setup as a Transparent Proxy, and I have a WPAD.DAT/WPAD.DA etc setup.  I mainly do this because I also have squidguard setup and my kids use Apple devices to connect.  Also if my daughter has a friend over she's filtered w/o me having to configure a proxy on her device.

    I have an older Intel Dual Core Duo as my pfsense, 1gb nics, 4gb's of ram etc.

    Whenever I download or patch a game from steam, or my ps4 downloads a game, or blizzard updates, or ffxiv, or whatever game …. they all go thru squid.  Squid is not caching these downloads, which is fine.

    I've tried setting Max FileSize in Squid back to the default 4mb (it was 50mb).... but that hasn't helped.

    What's going on is, ClamAV is trying to scan the downloads, and it is literally maxing my cpu and killing the box....

    Is there a way to throttle ClameAV?  Can I tell ClamAV not to scan the chunks/threads/streams that download from Steam or what ?

    Do I just need to write a rule for squid to tell it not cache stuff from steam... will that stop ClamAV from trying to scan it?

    Thank you :)

  • ClamAV is too heavy to be on a firewall IMO and puts an undue burden on all your network traffic.  Plus, I don't know how effective their signatures are as compared to the large anti-threat vendors.  Better to run client protection of some sort.

Log in to reply