Squid+transparent proxy+antivirus broken [FIXED]
-
I have the latest RC and performed a clean install to attempt to get this going.
1. Installed squid package (rebooted)
2. configured squid+transparent proxy - working (rebooted)
3. configured antivirus and downloaded latested clam database - waited for it to finish (/var/db/clamav has daily/main/bytecode) (rebooted)Transparent proxy works. Browsed to eicar.org and attempted to download test virus files and I get the following squid error:
The following error was encountered while trying to retrieve the URL: http://www.eicar.org/download/eicar.com Read Error The system returned: (54) Connection reset by peer An error condition occurred while reading data from the network. Please retry your request. Your cache administrator is admin@localhost.
I checked the logs and I see "Message WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock: No such file or directory"
I checked on the firewall and it exists with what appears to be proper permissions and ownership:
[2.3-RC][root@pfSense.localdomain]/root: ls -la /var/run/clamav/clamd.sock
srw-rw-rw- 1 clamav clamav 0 Apr 8 16:12 /var/run/clamav/clamd.sockThe socket appears to be working correctly also:
[2.3-RC][root@pfSense.localdomain]/root: echo PING |nc -U /var/run/clamav/clamd.sock
PONGNothing else is running on this box (yet) - any ideas what I could have missed or what may be broken?
-
UPDATE: just updated to the latest RC (prior to Monday's release) and this is indeed working now.