Netgate SG-1000 microFirewall

Author Topic: Squid Proxy Server + ClamAV activated decrease download rate significantlySOLVED  (Read 132 times)

0 Members and 1 Guest are viewing this topic.

Offline jlt

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-0
    • View Profile
pfsense 2.4.2-RELEASE-p1 (amd64)
Intel(R) Celeron(R) CPU 3215U @ 1.70GHz
2 CPUs: 1 package(s) x 2 core(s)

2GB RAM 64GB SSD
Packages: Backup, bandwidthd, cron, lightsquid, mailreport, nmap, ntopng, openvpn-client-export, pfBlockerNG,
squid

lMy ISP provides me about 50Mbps.
With transparent mode, If I activate "Enable Squid antivirus check using ClamAV", then the download rate decrease under 18Mbps.
If I inchecked then It recupers his speed.

No significant increment in CPU usage and RAM while AV activated.

Thanks

« Last Edit: February 11, 2018, 03:26:32 pm by jlt »

Offline Chrismallia

  • Full Member
  • ***
  • Posts: 278
  • Karma: +23/-4
    • View Profile
Re: Squid Proxy Server + ClamAV activated decrease download rate significantly
« Reply #1 on: February 11, 2018, 05:13:39 am »
If the AV is scanning a large download  it slows the download down, you should see that the AV is set to only scan small files as malware usually are small files, if it is scanning a huge file well you have to wait for AV to scan it. In my opinion I would not run AV, do not expect it to really catch anything as most content is ssl and AV only scans http, unless you do ssl inspection but that  is another can of worms to deal with
« Last Edit: February 11, 2018, 05:24:36 am by Chrismallia »

Offline jlt

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-0
    • View Profile
Re: Squid Proxy Server + ClamAV activated decrease download rate significantly
« Reply #2 on: February 11, 2018, 11:25:54 am »
So better do not activate.

Thanks

Offline Chrismallia

  • Full Member
  • ***
  • Posts: 278
  • Karma: +23/-4
    • View Profile
Re: Squid Proxy Server + ClamAV activated decrease download rate significantly
« Reply #3 on: February 11, 2018, 11:59:12 am »
A better way of protecting your network against malware would be pfblockerNG with pihole lists, that  blocks domains that contain malware, including ssl domains. Here is a great tutorial



https://www.youtube.com/watch?v=QwFpMwXEK5w&t=1100s