On 2013/04/08 22:51, Stuart Henderson wrote: > These ports provide a framework to provide ICAP services, and modules > using this framework to provide virus scanning (via libclamav) and > url filtering. > > ICAP is a standard protocol used by web proxies (including squid 3) > and content inspection software. > > (There will be an additional squidclamav port, using clamd rather than > libclamav, to follow once I've worked out how to get it working ;) > > OK to import?
btw: here's an example of how you can test it using the clamav test file [http://junkpile.org/clam.exe] $ c-icap-client -s 'antivirus_module' -d 10 -v -f /tmp/clam.exe OK done with options! ICAP server:localhost, ip:127.0.0.1, port:1344 Preview:1024 keepalive:1,allow204:0 OK allocating request going to send request Allocate a new entity of type 1 Allocate a new entity of type 3 Preview response was with status: 200 Get entity from trash.... Get entity from trash.... OK reading headers, going to read body <html> <head> <title>VIRUS FOUND</title> </head> <body> <h1>VIRUS FOUND</h1> You tried to upload/download a file that contains the virus: <b> ClamAV-Test-File </b> <br> The Http location is: <b> - </b> <p> For more information contact your system administrator <hr> <p> This message generated by C-ICAP service: <b> antivirus_module </b> <br>Clamav antivirus engine: <b> 0977/16978 </b> </p> </body> </html> ICAP HEADERS: ICAP/1.0 200 OK: Server:C-ICAP/0.2.5 Connection:keep-alive ISTag:CI0001-000-0977-6816978 X-Infection-Found:Type=0; Resolution=2; Threat=ClamAV-Test-File; Encapsulated:res-hdr=0, res-body=184 RESPMOD HEADERS: HTTP/1.0 403 Forbidden: Server:C-ICAP Connection:close Content-Type:text/html Content-Language:en Via:ICAP/1.0 wc2-pl7.xxxx (C-ICAP/0.2.5 Clamav/Antivirus service ) Done
