Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Proxy optimizations

Back to proxy main Page

Squidclamav and the problems with video- or webradiostreams

If you watch videos on youtube or listen to webradio there could be problems and dropouts.

A whitelist entry in /etc/squidclamav.conf is a simple workaround of this problem.

A major disadvantage of this approach is that you have to know the server from which the stream is coming.

In this examples, streams from .akamaistream.net, .googlevideo.com, .youtube.com, Internetradio, Tagesschau-News, Arte-Mediathek are excluded from virus scanning and so they will played without problems.

whitelist .*\.akamaistream.net
whitelist .*\.googlevideo.com
whitelist .*\.youtube.com
whitelist .*\.radiobob.de
whitelist ^.*bob.hoerradar.de.*$
whitelist .*\.xxl-radio.de:8000
whitelist .*\.tagesschau-lh.akamaihd.net
whitelist .*\.arte.tv

Here are exclusions for Web content such as Flash, MP4 and MPEG:

# Do not scan streaming videos
abortcontent ^video\/mp4$
abortcontent ^.*audio\/mp4.*$
abortcontent ^video\/x-flv$
abortcontent ^audio/mpeg$
abortcontent ^application/x-apple-plist$

Debug Streams

Streams are not at all or only play with long delays , this can be determined in order to find a stream link for the whitelist as follows.

Over the Terminal or SSH connecting to IPFire.

Logging must be enabled for the Proxy.

Stop the Proxy:

/etc/init.d/squid stop

Change in the file "squidclamav.conf" the value "debug 0" to "debug 3".

Start the Proxy:

/etc/init.d/squid start

Search and play the Stream and look in the debug output "squidclamav.log"

tail -f /var/log/squid/squidclamav.log

Search now for the line "DEBUG Content-Type: (null) will be scanned" and look in the front row by the called URL. Looks e.g. as follows:

Sat Dec 21 21:12:37 2013 [1873] DEBUG Parsed request: http://62.27.47.15:8000/radioffh/livestream.mp3 192.168.2.21/- - GET
Sat Dec 21 21:12:37 2013 [1873] DEBUG Curl will use proxy: http://127.0.0.1:800
Sat Dec 21 21:12:37 2013 [1873] DEBUG looking for Content-Type of url http://62.27.47.15:8000/radioffh/livestream.mp3
Sat Dec 21 21:12:37 2013 [1873] DEBUG bad header (22: The requested URL returned error: 400 Bad Request)
Sat Dec 21 21:12:37 2013 [1873] DEBUG bad header (22: The requested URL returned error: 400 Bad Request)
Sat Dec 21 21:12:37 2013 [1873] DEBUG File size is -1.00
Sat Dec 21 21:12:37 2013 [1873] DEBUG Content-Type: (null) will be scanned

It is then the whitelist entry:

whitelist 62.27.47.15:8000

After work, stop the proxy, change in the file " squidclamav.conf " entry "debug 3 " in " debug 0 " and start the new proxy.

Back to proxy main Page

Edit Page ‐ Yes, you can edit!

Older Revisions • August 27 at 9:55 pm • Jon