Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
ClamAV Doubt
« previous
next »
Print
Pages: [
1
]
Author
Topic: ClamAV Doubt (Read 8943 times)
Klingon
Newbie
Posts: 2
Karma: 0
ClamAV Doubt
«
on:
November 20, 2017, 12:03:05 pm »
Hi everyone,
I'm really a noob in OPNSense world, and I have a question about ClamAV.
After installing OPNSense + Configuring WAN - LAN.. I installed ClamAV plugin following the offical guide ->
https://docs.opnsense.org/manual/how-tos/clamav.html
Is that enough to make ClamAV work? I don't need any kind of proxy configured or something like that? How can I verify if ClamAV is really working (logs....)?
Thanks a lot for your help!!
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: ClamAV Doubt
«
Reply #1 on:
November 20, 2017, 12:39:13 pm »
https://docs.opnsense.org/manual/how-tos/proxyicapantivirusinternal.html
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
xinnan
Full Member
Posts: 125
Karma: 13
Re: ClamAV Doubt
«
Reply #2 on:
November 20, 2017, 12:52:34 pm »
For clamAV to work, all your traffic has to be intercepted by a proxy. Squid.
Basically, any traffic that will become a file on a host computer has to become a file in squid cache first.
Then it gets scanned and if its ok, send on along to its ultimate destination.
It's nice, but it introduces LATENCY big time. I personally think that feature is best reserved for mail servers and file servers. AV works best at the endpoint on windows machines and linux, unix, posix, mac, bsd etc really do not need it.
«
Last Edit: November 20, 2017, 01:01:34 pm by xinnan
»
Logged
Klingon
Newbie
Posts: 2
Karma: 0
Re: ClamAV Doubt
«
Reply #3 on:
November 20, 2017, 01:20:44 pm »
Thanks a lot!!!
It's just for home use.
I think I'll uninstall ClamAV, I don't want to use a proxy at home.
Thanks again!!!
Logged
xinnan
Full Member
Posts: 125
Karma: 13
Re: ClamAV Doubt
«
Reply #4 on:
November 20, 2017, 01:25:17 pm »
Smart move. Plus, think about this. Lets say you have 10 or 20 computers all sucking down lots of files.
1 little opnsense scanning all those files is going to create a big processor load.
If the endpoints handle it, the processing load is distributed and you won't notice a performance hit. Plus, the scanners on the endpoints are typically better anyway.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
ClamAV Doubt