Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. ClamAV>
  3. win32
[clamav-users] Request for guidelines to connect freshclam to Squid proxy
clamav-users at lists
Apr 29, 2021, 1:05 AM
Post #1 of 9 (823 views)
Permalink
Hello Joel,

We would like to get a manual that describes how to configure freshclam and proxy to refresh the signature files through the proxy (squid) and not directly.

Explanation:

Our servers are behind a firewall.

The freshclam is referred to different ClamAV mirror with different IP for each refresh.

We wish to open only one IP in the firewall.




We tried to set a proxy server outside the firewall and define freshclam on all the other servers apply to the proxy server.

We did not succeed to configure clamAV and Squid to work together.


  1. Is there a better solution for this problem except  proxy server?


  2. Can you please send us manual or guidelines how to use this proxy ?


Thanks,

Zvi Kave
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
uhlar at fantomas
Apr 29, 2021, 1:40 AM
Post #2 of 9 (823 views)
Permalink
On 29.04.21 11:05, Zvi Kave via clamav-users wrote:
> We would like to get a manual that describes how to configure freshclam
> and proxy to refresh the signature files through the proxy (squid) and not
> directly.

use freshclam options:

HTTPProxyServer STR, HTTPProxyPort NUMBER

> Explanation:
>
> Our servers are behind a firewall.
>
> The freshclam is referred to different ClamAV mirror with different IP for
> each refresh.
>
> We wish to open only one IP in the firewall.
>
> We tried to set a proxy server outside the firewall and define freshclam
> on all the other servers apply to the proxy server.
>
> We did not succeed to configure clamAV and Squid to work together.
>
> ?1.?Is there a better solution for this problem except? proxy server?

using local clamav mirror:

https://github.com/Cisco-Talos/cvdupdate

> ?2.?Can you please send us manual or guidelines how to use this proxy ?


--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to unexpected conditions Windows 2000 will be released
in first quarter of year 1901

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
eero.volotinen at iki
Apr 29, 2021, 1:50 AM
Post #3 of 9 (823 views)
Permalink
Please check out documentation. There are proxy settings inside of
freshclam configuration file.

Eero

On Thu 29. Apr 2021 at 11.08, Zvi Kave via clamav-users <
clamav-users@lists.clamav.net> wrote:

> Hello Joel,
>
> We would like to get a manual that describes how to configure freshclam
> and proxy to refresh the signature files through the proxy (squid) and not
> directly.
>
> Explanation:
>
> Our servers are behind a firewall.
>
> The freshclam is referred to different ClamAV mirror with different IP for
> each refresh.
>
> We wish to open only one IP in the firewall.
>
>
> We tried to set a proxy server outside the firewall and define freshclam
> on all the other servers apply to the proxy server.
>
> We did not succeed to configure clamAV and Squid to work together.
>
> 1.
>
> Is there a better solution for this problem except proxy server?
> 2.
>
> Can you please send us manual or guidelines how to use this proxy ?
>
> Thanks,
>
> Zvi Kave
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
clamav-users at lists
Apr 29, 2021, 2:21 AM
Post #4 of 9 (823 views)
Permalink
Hi there,

On Thu, 29 Apr 2021, Zvi Kave via clamav-users wrote:

> We would like to get a manual that describes how to configure
> freshclam and proxy to refresh the signature files through the proxy
> (squid) and not directly.

At the shell prompt:

man freshaclam.conf

or in a browser:

https://www.clamav.net/documents/clam-antivirus-user-manual

> Explanation:
>
> Our servers are behind a firewall.
>
> The freshclam is referred to different ClamAV mirror with different IP for each refresh.
>
> We wish to open only one IP in the firewall.

Can you explain why it matters to you how many different IPs are used
to provide the service? Do you use IPv4 and IPv6 addresses? Have you
also asked Google if they will only send mail to you from a single IP?

https://www.razlee.com/

"A global software house delivering and integrating proprietary IT products."

Is this you?

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
eero.volotinen at iki
Apr 29, 2021, 2:41 AM
Post #5 of 9 (823 views)
Permalink
>
> > We wish to open only one IP in the firewall.
>
> Can you explain why it matters to you how many different IPs are used
> to provide the service? Do you use IPv4 and IPv6 addresses? Have you
> also asked Google if they will only send mail to you from a single IP?
>
> https://www.razlee.com/
>
>
In squid it's possible to whitelist addresses by dns names.

Eero
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
clamav-users at lists
Apr 29, 2021, 4:56 AM
Post #6 of 9 (823 views)
Permalink
Hi,
The SysAdmin that responsible for Firewall maintenance,  allows to open only one IP in the firewall for freshclam use.
I shall check squid definitions again.
Thank you,
Zvi

On 4/29/2021 12:41 PM, Eero Volotinen wrote:




> We wish to open only one IP in the firewall.

Can you explain why it matters to you how many different IPs are used
to provide the service?  Do you use IPv4 and IPv6 addresses?  Have you
also asked Google if they will only send mail to you from a single IP?

https://www.razlee.com/"]https://www.razlee.com/


In squid it's possible to whitelist addresses by dns names. 
Eero 
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users"]https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq"]https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml"]http://www.clamav.net/contact.html#ml
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
eero.volotinen at iki
Apr 29, 2021, 5:48 AM
Post #7 of 9 (823 views)
Permalink
Well. Then you need to install proxy outside of your network and open port
to that address.



Eero

On Thu, Apr 29, 2021 at 2:59 PM Zvi Kave via clamav-users <
clamav-users@lists.clamav.net> wrote:

> Hi,
>
> The SysAdmin that responsible for Firewall maintenance, allows to open
> only one IP in the firewall for freshclam use.
>
> I shall check squid definitions again.
>
> Thank you,
>
> Zvi
>
> On 4/29/2021 12:41 PM, Eero Volotinen wrote:
>
>
>
>
>>
>> > We wish to open only one IP in the firewall.
>>
>> Can you explain why it matters to you how many different IPs are used
>> to provide the service? Do you use IPv4 and IPv6 addresses? Have you
>> also asked Google if they will only send mail to you from a single IP?
>>
>> https://www.razlee.com/
>>
>>
> In squid it's possible to whitelist addresses by dns names.
>
> Eero
>
> _______________________________________________
>
> clamav-users mailing listclamav-users@lists.clamav.nethttps://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:https://github.com/vrtadmin/clamav-faq
> http://www.clamav.net/contact.html#ml
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
clamav-users at lists
Apr 30, 2021, 9:43 AM
Post #8 of 9 (823 views)
Permalink
A firewall's job is to regulate unwanted/undesired traffic and to
enforce policy as defined by the business, not to invent it.

If the business policy is to allow virus definition updates then the
firewall should be configured to do so. If not, it should be blocked
completely. Anything else is just a power-trip on the part of the
firewall administrator and the responsibility should fall to them when
their mis-configuration has consequences.



On 2021-04-29 05:56, Zvi Kave via clamav-users wrote:
> Hi,
>
> The SysAdmin that responsible for Firewall maintenance,  allows to open
> only one IP in the firewall for freshclam use.
>
> I shall check squid definitions again.
>
> Thank you,
>
> Zvi

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: [clamav-users] Request for guidelines to connect freshclam to Squid proxy [ In reply to ]
clamav-users at lists
Apr 30, 2021, 11:06 AM
Post #9 of 9 (823 views)
Permalink
If the firewall administrator is that way about AV updates, how are they with YouTube?

On Apr 30, 2021, at 12:43 PM, Dave Warren via clamav-users <clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>> wrote:

A firewall's job is to regulate unwanted/undesired traffic and to enforce policy as defined by the business, not to invent it.

If the business policy is to allow virus definition updates then the firewall should be configured to do so. If not, it should be blocked completely. Anything else is just a power-trip on the part of the firewall administrator and the responsibility should fall to them when their mis-configuration has consequences.



On 2021-04-29 05:56, Zvi Kave via clamav-users wrote:
Hi,
The SysAdmin that responsible for Firewall maintenance, allows to open only one IP in the firewall for freshclam use.
I shall check squid definitions again.
Thank you,
Zvi

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal