Hello,
Please advise how to set up web + icap + avscan correctly
I tried it over eicar. Instead of the blocked page, he offered me to download the file.
Well thank you
my settings:
Version OPNsense 20.1.6-amd64
(https://i.ibb.co/d2V23tD/c-icap.png) (https://ibb.co/1qPqpMT)
upload pic (https://imgbb.com/)
(https://i.ibb.co/FVwzrQr/c-icap-log.png) (https://ibb.co/dg2DTNT)
upload pic (https://imgbb.com/)
(https://i.ibb.co/bH1Pksb/Clamav-settings.png) (https://ibb.co/wJyRfSc)
upload pic (https://imgbb.com/)
(https://i.ibb.co/WkMJ8BZ/Clamav-logs.png) (https://ibb.co/ZBFD4c5)
upload pic (https://imgbb.com/)
(https://i.ibb.co/Q9RQQW3/Web-proxy.png) (https://ibb.co/zsYxx3T)
upload pic (https://imgbb.com/)
Web proxy or transparent proxy?
That part of the config is missing.
Hi,
Sorry yes transparent proxy.
Thanks
(https://i.ibb.co/1Z4wNH5/Web-proxy-2.png) (https://ibb.co/wy2xqDX)
upload pic (https://imgbb.com/)
(https://i.ibb.co/hf2Z7qn/FW-NAT.png) (https://ibb.co/HdGxFJM)
upload pic (https://imgbb.com/)
I suppose in the first tab the proxy is enable.
And what link are you using to try the AV? Notice that you´re only using the proxy for HTTP
Hi,
I tried all the files via http protocol ...
(https://i.ibb.co/5v7whpG/Web-proxy-3.png) (https://ibb.co/XpwMx0j)
upload pic (https://imgbb.com/)
(https://i.ibb.co/NWV7fWR/eicar.png) (https://ibb.co/XF2V6FH)
upload pic (https://imgbb.com/)
Ok, everything looks fine. Maybe a service / system reboot would make it work.
I remember having to reboot my OPNSense after configuring Clamav.
If that doesn´t work i´d check first if the traffic is being forwarded to the proxy.
I'm sorry I couldn't be more helpful :(
Hi,
Thank you for supporting
The problem is on the eicar site. They also sent files via the http protocol as https.
I found another page http://www.rexswain.com/eicar.html which only goes http and it worked for me there.
Well thank you