Re: virus plugin

Scott McGee Fri, 17 May 2002 11:44:36 -0700

Hi Nico,

This was posted previously to the list by someone else.  Attached is a
version of Viralator that is modified to work with SquidGuard.


In /etc/squidGuard.conf, add:

dest virus{
     expressionlist antivirus/expressions
     log virus.log
     redirect  http://192.168.1.1:3131/cgi-bin/viralator.cgi?url=%u
}

acl {
    default {
        pass !virus !custom all
        redirect http://ThisSiteIsBlocked.net/
}

In your dbhome directory:

#ls -l squidGuard/db/blacklists/antivirus
-rw-rw----    1 squid    squid          22 Oct 18  2001 expressions

#cat expressions
\.(zip|exe|doc|vbs)$

It's not a very elegant solution, but it gets the job done.  Basically,
squidGuard directs any downloaded files with the above extensions to be
directed through Viralator.  It then downloads the file to the Squid
box, scans for viruses, and then gives a pop-up window allowing the user
to click a link and download the file from the Squid box.

Scott

----- Original Message -----
From: "Jerry Murdock" <[EMAIL PROTECTED]>
To: "nico wenborn" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Thursday, May 16, 2002 7:42 AM
Subject: Re: virus plugin


: ----- Original Message -----
: From: "nico wenborn" <[EMAIL PROTECTED]>
: To: <[EMAIL PROTECTED]>
: Sent: Thursday, May 16, 2002 5:40 AM
: Subject: virus plugin
:
:
: > hi there.
: >
: > I am running squid on Red Hat 7.3 and have also got squidgaurd
working
: > nicely. The idea is to have a websweeping proxy for a company and so
i am
: > now in need of a virus plugin for squid. I was wondering if you
could
: > recommend one that will not conflict in any way with SG. The other
thing
: is,
: > because squid-gaurd is a re-director will a virus plug-in (like
viralator)
: > work, as this is also a re-director.
: >
: Viralator "uses" squirm as it's redirector - but there is nothing
about it
: that forces you to use squirm.
:
: All you should have to do is translate the squirm redirects provided
in the
: viralator intructions to their SG equivalent.
:
: That said, I didn't find viralator transparent enough for my users. I
had to
: break down and get Trend's VirusWall product, which I must say has
been a
: solid performer.
:
: Jerry
:
:
:

viralator.cgi
Description: Binary data

Re: virus plugin

Reply via email to