HOWTO: Proxy with antivirus (dansguardian, havp, squid)

[hydrapolic]

The scenario is the following: A bunch of computers need to access the Internet, but we need to filter what they browse, so we use dansguardian (blacklists, blocking keywords, domains...), havp (antivirus checking) and squid (caching). This is just one of the solutions, but the only one working for me. This is also just a sample, there a lots of options when installing the abovementioned applications. All of the services work on a single computer:

computers --> proxy gateway --> Internet

We need to install:
- clamav
- squid
- havp
- dansguardian

Port allocation can be the following:
dansguardian - 8080
havp - 8090
squid - 3128

computers --> dansguardian (8080) --> havp (8090) --> squid (3128)

Relevant configuration parameters:
/etc/squid/squid.conf

[luispa]

Thank you for the info. Looks interesting, I'll give it a try.

Luis

[rjolley]

If you use havp, do you still need clamav support compiled into dansguardian?

[hydrapolic]

I think it doesn't really matter, because HAVP is doing the scanning (besides, HAVP can work with numerous anti-virus programs, not just clamav).

[rjolley]

Hmmm, may try it out.

Thanks for the info.

[andip]

hi,

thanks for the howto, after some initial setup-problems, it's now working like a charm.

one thing people might need to do is use the dns-settings in squid.conf, as it seems to have some problems using whatever is in /etc/resolv.conf with this setup. i haven't confirmed this 100%, but keep it in mind should you get what appears to be dns-issues.

[hydrapolic]

For DNS I use this:

dns_retransmit_interval 1 seconds
dns_nameservers 192.168.40.4 192.168.100.15
fqdncache_size 2048

What problems do you mean ? Well sometimes I find the processing rather slow, that's why I used the small retransmit interval. Also in Dansguardian it's desirable to set phrasefiltermode = 1 (smart mode, no raw mode). I had problems loading huge pages (like the Gentoo handbook in 1 page)