How to troubleshoot Clamav?

Started by Mitheor, April 16, 2020, 10:00:11 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 16, 2020, 10:00:11 AM Last Edit: April 16, 2020, 10:16:05 AM by Mitheor
Hi,

i´ve just added ClamAV in my Opnsense (20.1.4) but it´s not working (i´m downloading infected files to my computer without the AV doing nothing).

Is there any way to troubleshoot this process?

Clamd, freshclam, cicap and proxy are up and running.

Everything is basically with default config.

Any idea?

Thanks in advance   :)


Edit. Nevermind, solved.
April 16, 2020, 11:36:21 AM #1
There is a harmless "virus" exactly for this purpose.

https://en.wikipedia.org/wiki/EICAR_test_file

Bart...
April 16, 2020, 05:47:19 PM #2

  • ensure that clamAV downloaded the signatures etc. --> Log from clamAV
  • ensure that desired traffic (HTTP / HTTPS) is routed to the proxy (transparent way= using NAT rule / explicit way = config the proxy in browsers/OS) --> access log from the proxy
  • ensure that file is handled by clamAV --> Log from C-ICAP
Print
Go Up Pages1
User actions