Virus Scanning Through HTTP web traffic with Dansguardian & ClamAV
Hi,
I'm trying to scan for viruses during http web traffic and viruses that comes through mail through my RHEL ES 3.
I installed Clamav from clamav-0.87.1.tar.gz . It was installed in /usr/local/etc . I also installed libesmtp. My mailserver is postfix. I added the necessary entries in Postfix and Mailscanner to scan for viruses through mail. It is working perfectly fine and I've no problem with that.
My problem starts when I try to scan http web traffic for viruses. Let me explain what I've done to scan for http web traffic:.
I installed Dansguardian with ClamAV plugin from Dansguardian-2.9.2.0.tar.gz. as my content scanner .I configured it with the command :
./configure –sysconfdir=/etc –enable-clamd=yes option.
Squid is my proxy server. Dansguardian uses port 8080 and squid is configured on port 3128. Client browsers are configured to access internet through port 8080 . ie, Client ==>DG==>Squid==>ISP. Upto this everything works fine. I can block certain sites, urls,extensions,mimetypes etc... through the files in /etc/dansguardin/lists. Internet browsing also works fine upto here.
Now I changed my /etc/dansguardin/dansguardian.conf to scan http web traffic for viruses. I uncommented the line :
contentscanner = '/etc/dansguardian/contentscanners/clamdscan.conf '
to enable content scanning on html pages for viruses.
And in /etc/dansguardian/contentscanners/clamdscan.conf ,
I changed the line ,
clamduds file = '/var/run/clamav/clamd.sock '
to
clamduds file = '/tmp/clamd '
( I assume this is correct . If I don't change that I get error)
I restarted dansguardian , and tried to access internet . But to whatever pages I'm trying to access , I get the “Access Denied” Message from Dansguardian with the Reason :
WARNING : Could Not Perform Virus Scan !
Categories
Content Scanning
I get the following message in /var/log/messages
ScanFile/Memory returned error : -1
The result I'm looking for is to get a Virus warning message when I try to execute or download a virus from HTML Pages
Waiting for your valued suggestions & solutions
Regards,
Jomy
|