After the installation clamav activates itself automatically, which can be verified under status -> Services.
ClamAV is now installed, so activate the “squidclamav” in the proxy settings. If “squidclamav” does not show up here, verifiy that you installed BOTH packages.
<note>ClamAV requires more filter processes (so change the processes to 20), which leads to a higher memory consumption. If your IPFire box has not that much memory (< 512MB), advise yourself.</note>.
If you see problems with stream-providers like Youtube, find some help to optimize your ClamAV here.
Update your virus signatures with the following command over the Console:
If you like to test the security of your ClamAV, try it without any danger here. These are only virus signatures - without any harmful content. (Please verify yourself)
In the actual configuration ”squidclamav” runs without the proxy-cache. This is the safest way to face infected objects in the cache, but not the most elegant.
The following configuration is recommended to essentially speed up ”squidclamav” in bigger environments, as the cache effect will effectivly increase speed. (Remember: more cache means more memory used)
Open the file ”include.acl” with winscp (or directly on the console) and insert the following lines:
http_port 127.0.0.1:800 transparent acl to_localhost dst 127.0.0.0/8 acl purge method PURGE http_access deny to_localhost http_access allow localhost http_access allow purge localhost http_access deny purge url_rewrite_access deny localhost
In the file ”squidclamav.conf” insert/update the following (and replace “proxy none”). Remember: The port must be the same as in the configuration in the Proxy page (default is port 800).
squid_ip 127.0.0.1 squid_port 800 trust_cache enable logfile /var/log/squid/squidclamav.log redirect http://127.0.0.1:81/clwarn.cgi debug 0 stat 0
After the modifications you should restart the proxy.