If you watch videos on youtube or listen to webradio there could be problems and dropouts.
A whitelist entry in /etc/squidclamav.conf is a simple workaround of this problem.
A major disadvantage of this approach is that you have to know the server from which the stream is coming.
In this examples, streams from .akamaistream.net, .googlevideo.com, .youtube.com, Internetradio, Tagesschau-News, Arte-Mediathek are excluded from virus scanning and so they will played without problems.
whitelist .*\.akamaistream.net whitelist .*\.googlevideo.com whitelist .*\.youtube.com whitelist .*\.radiobob.de whitelist ^.*bob.hoerradar.de.*$ whitelist .*\.xxl-radio.de:8000 whitelist .*\.tagesschau-lh.akamaihd.net whitelist .*\.arte.tv
Here are exclusions for Web content such as Flash, MP4 and MPEG:
# Do not scan streaming videos abortcontent ^video\/mp4$ abortcontent ^.*audio\/mp4.*$ abortcontent ^video\/x-flv$ abortcontent ^audio/mpeg$ abortcontent ^application/x-apple-plist$
Streams are not at all or only play with long delays , this can be determined in order to find a stream link for the whitelist as follows.
Over the Terminal or SSH connecting to IPFire.
Logging must be enabled for the Proxy.
Stop the Proxy:
Change in the file “squidclamav.conf” the value “debug 0” to “debug 3”.
Start the Proxy:
Search and play the Stream and look in the debug output “squidclamav.log”
tail -f /var/log/squid/squidclamav.log
Search now for the line “DEBUG Content-Type: (null) will be scanned” and look in the front row by the called URL. Looks e.g. as follows:
Sat Dec 21 21:12:37 2013  DEBUG Parsed request: http://220.127.116.11:8000/radioffh/livestream.mp3 192.168.2.21/- - GET Sat Dec 21 21:12:37 2013  DEBUG Curl will use proxy: http://127.0.0.1:800 Sat Dec 21 21:12:37 2013  DEBUG looking for Content-Type of url http://18.104.22.168:8000/radioffh/livestream.mp3 Sat Dec 21 21:12:37 2013  DEBUG bad header (22: The requested URL returned error: 400 Bad Request) Sat Dec 21 21:12:37 2013  DEBUG bad header (22: The requested URL returned error: 400 Bad Request) Sat Dec 21 21:12:37 2013  DEBUG File size is -1.00 Sat Dec 21 21:12:37 2013  DEBUG Content-Type: (null) will be scanned
It is then the whitelist entry:
After work, stop the proxy, change in the file “ squidclamav.conf ” entry “debug 3 ” in “ debug 0 ” and start the new proxy.