Clamav + c-icap, but I can download the virus.

[WhiteTiger]

I am new to OPNSense and I am activating the different services by following the documentation step by step.
I installed and configured clamav and c-icap, but then when I download eicar.com this arrives on my PC while I expected it to be blocked by the AV.
Nor do I see reports  somewhere in the GUI.
Where am I wrong?
In the Lobby/Dashport clamav is active and in the clamav configuration the freshclam service is enabled, but I don't see signatures in the tab.
What checks should I make to make sure everything is working properly?

[mimugmail]

Your browser forces HTTPS which you need to break whem you want to scan it

[WhiteTiger]

Your browser forces HTTPS which you need to break whem you want to scan it

By now all browsers force the https connection.
I did not understand what I have to do.
I want if someone downloads a file with a virus, or is blocked or in any case reported.

[franco]

You will have to properly proxy HTTPS in order for this to work.


Cheers,
Franco

[mimugmail]

https://docs.opnsense.org/manual/proxy.html#setup-transparent-mode-including-ssl


You cant scan encrypted traffic if you don't break it

[WhiteTiger]

https://docs.opnsense.org/manual/proxy.html#setup-transparent-mode-including-ssl


You cant scan encrypted traffic if you don't break it

I had already read that page where, however, it is also written that it is not convenient to enable it if you request access to HTTPS sites such as those of banks.
At least I have interpreted it this way and therefore I have not enabled the transparent on HTTPS.

[fabian]

You can exclude some sites where you don't want the proxy to intercept. For example online banking and domains where it might be prohibited such as email services.