ClamAV in Bridge (Transport) mode without proxy

Deepak Kumar · January 28, 2018, 12:43:19 PM

Hi,
I am using OPNSense in transport mode in my office. I want to use its AntiVirus feature as ClamAV without any proxy configuration.
Can you guide me, is it possible? and will it work without any proxy configuration?

Regards,
Deepak Kumar

fabian · January 28, 2018, 01:08:09 PM

This will NOT work because ClamAV is NOT an IDS/IPS doing DPI. This is what suricata (Services -> IDS) is used for. Please note that in contrast to a proxy server, you cannot analyse encrypted traffic (IPSec, TLS etc.).

ClamAV in Bridge (Transport) mode without proxy

Deepak Kumar

January 28, 2018, 12:43:19 PM

fabian

January 28, 2018, 01:08:09 PM #1