OPNsense Forum

English Forums => General Discussion => Topic started by: Deepak Kumar on January 28, 2018, 12:43:19 pm

Title: ClamAV in Bridge (Transport) mode without proxy
Post by: Deepak Kumar on January 28, 2018, 12:43:19 pm

Hi,
I am using OPNSense in transport mode in my office. I want to use its AntiVirus feature as ClamAV without any proxy configuration.
Can you guide me, is it possible? and will it work without any proxy configuration?

Regards,
Deepak Kumar

Title: Re: ClamAV in Bridge (Transport) mode without proxy
Post by: fabian on January 28, 2018, 01:08:09 pm

This will NOT work because ClamAV is NOT an IDS/IPS doing DPI. This is what suricata (Services -> IDS) is used for. Please note that in contrast to a proxy server, you cannot analyse encrypted traffic (IPSec, TLS etc.).