OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • antivirus
« previous next »
  • Print
Pages: [1]

Author Topic: antivirus  (Read 10979 times)

nick76

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
antivirus
« on: October 12, 2016, 12:18:25 pm »
hello all,
I'm totally new to OPNSense... I'm trying to move from Sophos UTM home. I wish to add (or extend) the OPNSense with the Antivirus during webfilter. I saw the page where illustrates how to configure the symantec ICAP server.
but a question: where do I find an ICAP server free? how does it costs the ICAP? where should I find the ICAP of Symantec (for example)?
thank you very much
best regards
Nicola
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: antivirus
« Reply #1 on: October 12, 2016, 05:34:28 pm »
Hi Nicola,

ICAP is a network protocol which can be implemented by anyone (there is a RFC for that).
There are free ICAP servers around like c-icap or mine (ICAPrb::Server). You can use clamav with c-icap (maybe this link helps you: http://squidclamav.darold.net/) if you want an open source scanner.
If you want or are required to use a commercial product, many vendors provide them as their gateway products. You may have to look at the documentation if they support scanning via ICAP.

Kind regards

Fabian
Logged

nick76

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
Re: antivirus
« Reply #2 on: October 16, 2016, 10:35:26 am »
Hi Fabian,
thank you very much for your reply. so afaik I've to install (googling for c-icap project) the clam-av on my OPNSense server? is it correct?
Should I follow the instructions I find searching for c-icap (the sourceforge one) or there's something else I need to follow?
thank you very much. I really appreciate.
best regards
Nicola
« Last Edit: October 16, 2016, 10:37:37 am by nick76 »
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: antivirus
« Reply #3 on: October 16, 2016, 11:06:38 am »
Hi Nicola,

Because it is not in the repository (https://github.com/opnsense/tools/blob/master/config/16.7/ports.conf), you will need to compile it by yourself or ask Franco to add it to the OPNsense repository. I used the description on the website of c-icap when i compiled it to create the ICAP configuration page of OPNsense. This was in February this year so it should still work. Keep in mind that such a software is NOT updated by the firmware page and  you will need to configure it by hand.

It may be a better idea to install it on a second machine.
For example, you would have to install this packages on archlinux:
https://aur.archlinux.org/packages/c-icap/
https://aur.archlinux.org/packages/c-icap-modules/
https://www.archlinux.org/packages/extra/x86_64/clamav/


Kind regards

Fabian
« Last Edit: October 16, 2016, 11:08:39 am by fabian »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13929
  • Karma: 1208
    • View Profile
Re: antivirus
« Reply #4 on: October 17, 2016, 07:37:34 am »
Hi there,

We do not consider ICAP servers essential to the mission of OPNsense, so there will be no binary packages for them.

You can always build them yourself from the ports tree.


Cheers,
Franco
Logged

kyferez

  • Jr. Member
  • **
  • Posts: 83
  • Karma: 9
    • View Profile
Re: antivirus
« Reply #5 on: March 07, 2017, 12:54:30 am »
That's unfortunate :( Would be nice to have something all-in-one for very small 3-5 user deployments...
« Last Edit: March 07, 2017, 01:09:43 am by kyferez »
Logged

monstermania

  • Hero Member
  • *****
  • Posts: 524
  • Karma: 47
    • View Profile
Re: antivirus
« Reply #6 on: March 08, 2017, 09:05:55 am »
Quote from: kyferez on March 07, 2017, 12:54:30 am
That's unfortunate :( Would be nice to have something all-in-one for very small 3-5 user deployments...
If you looking for that feature you can choose i.e.
- pfsense
- ipfire
- endian comunity

Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13929
  • Karma: 1208
    • View Profile
Re: antivirus
« Reply #7 on: March 09, 2017, 07:58:26 am »
It would be nice, yes, that's why we have plugins so third parties can add their features: https://github.com/opnsense/plugins#about-the-opnsense-plugins

From a core mission perspective this is and will likely always be out of scope.


Cheers,
Franco
Logged

kyferez

  • Jr. Member
  • **
  • Posts: 83
  • Karma: 9
    • View Profile
Re: antivirus
« Reply #8 on: March 10, 2017, 07:44:04 pm »
Quote from: franco on March 09, 2017, 07:58:26 am
It would be nice, yes, that's why we have plugins so third parties can add their features: https://github.com/opnsense/plugins#about-the-opnsense-plugins

From a core mission perspective this is and will likely always be out of scope.


Cheers,
Franco
While I can understand that perspective, it takes a LOT of work to make a third party solution viable. I should know, I just got it working and it took 3 days just to fully document the process after I had it working which took over a week.

Here's the guide: http://www.tcptechs.com/opnsense-transparent-caching-filtering-proxy-with-virus-scanning/

Thanks!
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: antivirus
« Reply #9 on: March 10, 2017, 07:55:47 pm »
Your guide is dead: "Sorry, your request cannot be accepted."
Logged

kyferez

  • Jr. Member
  • **
  • Posts: 83
  • Karma: 9
    • View Profile
Re: antivirus
« Reply #10 on: March 10, 2017, 09:58:54 pm »
Quote from: fabian on March 10, 2017, 07:55:47 pm
Your guide is dead: "Sorry, your request cannot be accepted."
Sorry, was due to rules I had on my site. You should be able to access now.
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • antivirus
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2