Netgate SG-1000 microFirewall

Author Topic: Can't seem to get Squid Cache + ClamAV to work  (Read 1104 times)

0 Members and 1 Guest are viewing this topic.

Offline Aiszaxs

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Can't seem to get Squid Cache + ClamAV to work
« on: February 27, 2017, 05:20:46 pm »
Hi - Decided to try and give pfsense a  try.
I've previously used it with great success at major lan parties, and I found an old atom d450 which I decided to try and make a Op router out of.

The most important features for me would be  the cache and antivirus, however I can't seem to get them working probably.

I've tried several test downloads above 1gb, even set the local cache policy to LRU without any success.
Also at the same time, when downloading the EICAR antivirus test file, do I get no warning and the file just downloads straight down.

Here are my settings:
General:


Remote Cache:


Local Cache:


Antivirus:


Squid, clam and Icap are running


Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +962/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #1 on: February 28, 2017, 02:33:45 am »
The pics don't work and the site has invalid cert. Use attachments.
Do NOT PM for help!

Offline Chrismallia

  • Full Member
  • ***
  • Posts: 278
  • Karma: +23/-4
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #2 on: February 28, 2017, 05:00:41 am »
Are you manually pointing the devices to the proxy? If not you must tick transparent http

Offline Aiszaxs

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #3 on: February 28, 2017, 06:39:02 am »
The pics don't work and the site has invalid cert. Use attachments.

Let me try again then:


Offline Aiszaxs

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #4 on: February 28, 2017, 06:42:38 am »
Are you manually pointing the devices to the proxy? If not you must tick transparent http

The device, is that the offense server or the individual client?
I tried enabling transparrent, without any luck.

I use this page to test it.
http://www.thinkbroadband.com/download.html

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +962/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #5 on: February 28, 2017, 07:10:41 am »
And the complaint is? The non-transparent proxy won't get used fox anything unless you point your clients to it.
Do NOT PM for help!

Offline Aiszaxs

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #6 on: February 28, 2017, 07:25:59 am »
And the complaint is? The non-transparent proxy won't get used fox anything unless you point your clients to it.

There's no complaint - I'm just trying to get this to work and learn a little on the way!

I'm no IT technician, I'm an Epidemiologist - so please use layman terms.

Offline Chrismallia

  • Full Member
  • ***
  • Posts: 278
  • Karma: +23/-4
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #7 on: February 28, 2017, 07:40:55 am »
The individual client.  Go to your browser setting and set it to use proxy, point it at the pfsense gateway and proxy port , EXAMPLE GATEWAY 192.168.0.1 port 3128

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +962/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #8 on: February 28, 2017, 07:46:29 am »
I'm no IT technician, I'm an Epidemiologist - so please use layman terms.

Here's some medical documentation on configuring proxies in a browser: http://library.medicine.yale.edu/services/computing/configure-browser

Or you might try some automated infection vectors :P
Do NOT PM for help!

Offline Aiszaxs

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #9 on: February 28, 2017, 07:55:52 am »
I'm no IT technician, I'm an Epidemiologist - so please use layman terms.

Here's some medical documentation on configuring proxies in a browser: http://library.medicine.yale.edu/services/computing/configure-browser

Or you might try some automated infection vectors :P
The individual client.  Go to your browser setting and set it to use proxy, point it at the pfsense gateway and proxy port , EXAMPLE GATEWAY 192.168.0.1 port 3128

Alright guys - I've added the proxy manually.
I'm currently trying to download a 100mb test file:

http://ipv4.download.thinkbroadband.com/100MB.zip

I assume I would have to download it once, then should it be cached right ?
However once I try and re download it, I still don't exceed my 50Mbps connection.
I assume when I would download it from the RAM of the PFsense box on gigabit lan, I would get way higher speeds right?

Offline Aiszaxs

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #10 on: February 28, 2017, 09:15:30 am »
Seems like it might be working now.
I have download bursts up to 165Mbps which is tripple the speed of my WAN connection.

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +962/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #11 on: February 28, 2017, 10:04:38 am »
Hint: There's the Real Time tab with logs, in case you need more info on what's going on.
Do NOT PM for help!

Offline niebla

  • Jr. Member
  • **
  • Posts: 30
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #12 on: January 16, 2018, 04:13:29 am »
Please try temporarily removing all other packages other than Squid, squidguard and lightsquid.

Are the  Squidm services started?

Does Lightsquid get reports?

Services are all running on my

2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6

Created the ClamAV log manually.

Have not tested ClamAV to confirm it is working but the services are running.

Offline Egrar

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #13 on: January 17, 2018, 09:02:43 am »
 :) enable transparent proxy settings, check if squid proxy works with this http://amibehindaproxy.com/, then check clamav services with the eicar.org virus test file - if you were able to download the file on your pc without being intercepted by squid+clamav services then clamav doesnt work (use http test file)

Take note I just noticed yesterday that clamav wasnt filtering the eicar virus test file, downloading it flags windows about the virus file.

Offline newUser2pfSense

  • Jr. Member
  • **
  • Posts: 45
  • Karma: +1/-0
    • View Profile
Re: Can't seem to get Squid Cache + ClamAV to work
« Reply #14 on: February 08, 2018, 04:11:36 pm »