pfSense 2.1: Squid3-dev + Clamav (i386)

Thanks to: http://egoncalves.com.br/


In this guide I’ll show how to have Squid3-dev running with Clamav on pfSense 2.1 (i386). I’ll not show here squid’s configurations/block lists.
First access your pfSense’s dashboard.
pfsense32_squid3-dev_001
Image 01: pfSense i386 Dashboard
As this is a fresh install of pfSense we need to install squid3-dev package. Then let’s go to “System -> Package” menu, see image 02.
pfsense32_squid3-dev_002
Image 02: pfSense System’s menu
Then click on “Available Packages” tab, see image 03.
pfsense32_squid3-dev_003
Image 03: pfSense Package Manager’s tabs
It’ll list all pfSense’s available packages, look for “squid3-dev” and click on installation icon to install squid3-dev package.
pfsense32_squid3-dev_004
Image 04: pfSense packages
Then pfSense will starts squid3-dev install process.
pfsense32_squid3-dev_005
Image 05: pfSense squid3-dev installation process
As you can see in image 06, squid3-dev package comes with clamv antivirus installed.
pfsense32_squid3-dev_006
Image 06: pfSense Services status’ page
Before we configure squid3-dev we have to fix some dependencies. So go to “Diagnostics->Command Prompt“, see image 07.
pfsense32_squid3-dev_007
Image 07: pfSense Diagnostics’ menu
First let’s create clamav user, type the command below on “Execute Shell command” and click ‘Execute‘, image 08.
pw useradd clamav -G wheel
If it’s appears a message that user already exists, let’s just add clamav user to wheel’s group with command below.
pw usermod clamav -G wheel
pfsense32_squid3-dev_008
Image 08: pfSense Command Prompt / add system’s user
Now we have to create clamav’s directories and give permissions to system access them, image 09:
mkdir /var/log/clamav
chmod 775 /var/log/clamav
mkdir /var/db/clamav
chmod 775 /var/db/clamav
mkdir /var/run/clamav
chmod 775 /var/run/clamav
pfsense32_squid3-dev_009
Image 09: pfSense Command Prompt / creating folders, settings permissions
SquidClamAv uses the file “clwarn.cgi” to display virus information. This file is located on “/usr/local/www/clwarn.cgi“, but it’s no accessible via web browser, so let’s give permission to “clwarn.cgi” be accessible via browser:
chmod 775 /usr/local/www/clwarn.cgi
pfsense32_squid3-dev_010
Image 10: pfSense Command Prompt / set clwarn.cgi permission
Now it’s time to update our antivirus, otherwise it won’t run. Execute below command:
freshclam
pfsense32_squid3-dev_011
Image 11: pfSense Command Prompt / update clamav antivirus
As you can see above at the end of update system will display a warning:
WARNING: Clamd was NOT notified: Can’t connect to clamd through /var/run/clamav/clamd.sock
connect () : No such file or directory
Don’t worry about it, it’s because clamd isn’t running yet.
The file “clwarn.cgi” must be run by perl. In some cases pfSense can’t find perl on “/usr/bin/perl” because it’s located in “/usr/local/bin/perl“, so you can link “/usr/local/bin/perl” to “/usr/bin/perl“. Sometimes linking perl doesn’t work, than we have to edit perl path in file “/usr/local/www/clwarn.cgi“, changing “#!/usr/bin/perl” to “#!/usr/local/bin/perl” and hit “Save” button.
You can edit files in menu “Diagnostics->Edit File“, see image 07.
pfsense32_squid3-dev_012
Image 12: pfSense Edit file /usr/local/www/clwarn.cgi / change perl path
Now it’s time to start squid3-dev and clamv. First let’s do a basic configuration. Go to “Services->Proxy server“.
pfsense32_squid3-dev_013
Image 13: pfSense Services’ menu
Let’s configure squid3-dev to run on “LAN interface” with “transparent HTTP proxy” enable. See below in image 14.
pfsense32_squid3-dev_014
Image 14: pfSense Basic squid3-dev configuration
Optionally let’s change “visible hostname” and “administrator email“.
pfsense32_squid3-dev_015
Image 15: pfSense Basic squid3-dev configuration
And hit “Save” button at the end of the page.
pfsense32_squid3-dev_016
Image 16: pfSense Basic squid3-dev configuration
As you can see in image 17 squid3-dev is running.
pfsense32_squid3-dev_017
Image 17: pfSense squid3-dev running icon
Now let’s enable clamav integration. Click on “Antivirus” tab and then check “Enable” and hit “Save” button. Don’t worry if “squidclamav.conf” and “c-icap.conf” box is blank, after you hit “Save” button it’ll be automatically filled.
After page reloads, just change in “squidclamav.conf” box value of “redirect” option to “http://yourserverip/clwarn.cgi“, and hit “Save” button again.
pfsense32_squid3-dev_018
Image 18: pfSensesquid3-dev enabling clamav antivirus
If everything is working as it should you can try to access a page with an infected file and you’ll see a page like the one below, see image 19.
pfsense32_squid3-dev_019
Image 19: pfSense testing squid3-dev + clamv antivirus

Comentarios

Publicar un comentario

Dime si la información de este blog te sirvio.

Entradas populares de este blog

Guía de herramientas básicas para estudiantes: 31 apps y webs imprescindibles para ayudarte con los estudios

Imagen
  Te traemos una guía con   31 aplicaciones y herramientas web para ayudarte como estudiante , una colección muy variada para sacar provecho en diferentes ámbitos en los que puedas necesitarlo. Nos hemos dejado fuera el ámbito educativo para los más jóvenes, recursos que tenemos en   esta otra guía , y nos hemos centrado en estudiantes más adultos. Hemos decidido centrarnos en herramientas prácticas, dejando fuera las plataformas para cursos online, tanto  las más conocidas  como  otras menos conocidas . Lo que hemos preferido buscar son recursos que puedas usar en tu día a día, como gestores de fuentes y citaciones, herramientas para diagramas, para intercambiar apuntes o para crear diferentes contenidos. Y lo que decimos siempre en Xataka Basics hoy cobra más sentido que nunca. Nosotros te traemos 31 herramientas, pero te invitamos a  compartir tus propuestas en la sección de comentarios  para que el resto de usuarios también pueda beneficiarse de los conocimientos de nuestros xatake
Leer más

Comando FOR para archivos BAT

Gracias a: http://profesoremiliobarco.blogspot.com/ El comando FOR sirve para ejecutar bucles de instrucciones, y es una instrucción que se encuentra disponible en todos los lenguajes de programación. Un bucle son varias repeticiones de algunas instrucciones. Este comando suele ser el más complicado de entender para las personas que empiezan a escribir archivos BAT complejos. Aqui intentaré explicar todas las opciones y usos del comando FOR, así como intentar resolver las dudas que los usuarios de Internet me puedan plantear. La sintaxis normal del comando FOR es: FOR %var IN (lista) DO (      comando     comando      ... )  Pero si lo vamos a usar dentro de un archivo BAT será así: FOR %%var IN (lista) DO (      comando     comando      ... ) Observa que la variable "var" ahora va precedida por dos simbolos de "%". Además, si este for está dentro de un archivo BAT, el nombre de la variable debe ser UNA SOLA LETRA (p.ej: %%n, %%i,  %%j , etc
Leer más

How to Fix Failed to Connect a Hyper-V Standalone to Veeam Backup

Imagen
 Thank to: https://bonguides.com/ Invalid Credentials Error Adding a Hyper-V Host When attempting to add a Hyper-V host to  Veeam Backup & Replication  using a local (non-domain) user account, the following error occurs: Failed to connect to host Access denied or timeout expired . Check if you have local administrator privileges on computer Possible reasons: 1 . Invalid credentials . 2 . Specified host is not a Hyper - V server . Solutions 1. Login into the Hyper-V host then open  Registry Editor . 2. Navigate to the following location then create a new  DWORD  value. Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System 3. Enter the name  LocalAccountTokenFilterPolicy  then double click on it and set the value data is  1. Or you can create a DWORD value using PowerShell, let run below command in PowerShell Admin. reg add HKLM\Software\Microsoft\Windows\CurrentVersion\policies\system / v LocalAccountTokenFilterPolicy / t Reg_DWORD / d 1 Fin
Leer más