OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: Mitheor on April 16, 2020, 10:00:11 am

Title: How to troubleshoot Clamav?
Post by: Mitheor on April 16, 2020, 10:00:11 am

Hi,

i´ve just added ClamAV in my Opnsense (20.1.4) but it´s not working (i´m downloading infected files to my computer without the AV doing nothing).

Is there any way to troubleshoot this process?

Clamd, freshclam, cicap and proxy are up and running.

Everything is basically with default config.

Any idea?

Thanks in advance   :)


Edit. Nevermind, solved.

Title: Re: How to troubleshoot Clamav?
Post by: bartjsmit on April 16, 2020, 11:36:21 am

There is a harmless "virus" exactly for this purpose.

https://en.wikipedia.org/wiki/EICAR_test_file

Bart...

Title: Re: How to troubleshoot Clamav?
Post by: guest23448 on April 16, 2020, 05:47:19 pm

• ensure that clamAV downloaded the signatures etc. --> Log from clamAV
• ensure that desired traffic (HTTP / HTTPS) is routed to the proxy (transparent way= using NAT rule / explicit way = config the proxy in browsers/OS) --> access log from the proxy
• ensure that file is handled by clamAV --> Log from C-ICAP