Hi,
I want to setup viaralator with squid and clamav. I have never set it up . Is anybody out there who has set ip up on CentOS 4.4.
If so, Pls guide me with nessasary info.
On Mon, 2007-02-05 at 13:47 +0530, Indunil Jayasooriya wrote:
Hi,
I want to setup viaralator with squid and clamav. I have never set it up . Is anybody out there who has set ip up on CentOS 4.4.
I advice you to use havp instead of viralator ... Havp package exists in the rpmforge repo for centos 4.x ...
Hi,
I set up HAVP. I got the below RPM from Dag.
havp-0.82-1.el4.test.i386.rpm
It says test.i386.rpm.
Why is that ? Is it not stable.
Any way, I installed it. I set it up in both ways that are havp as parent proxy and a squid as a parent proxy.
First I set it up as squid as parent proxy enabling below 2 things in /etc/havp/havp.config
PARENTPROXY localhost PARENTPORT 3128
It worked. I checked both squid and havp logs.
Then I set it up HAVP as a parent proxy. I disabled the above 2 lines in /etc/havp/havp.config and added below lines to /etc/squid/squid.conf
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default acl Scan_HTTP proto HTTP never_direct allow Scan_HTTP
It also woked. I checked both squid and havp logs.
Now I want to know which is better for productiuon enviroment?
Squid as a Parent proxy or HAVP as Paernt proxy ?
and I also want to know that whether anti-virus proceess occurs in both ways, while browsing web?
Is there a way to test it?
And one more thing ....
I mounted my /var partition in following way.
mount -o remount,mand /var
How to add this to /etc/fstab ? Then I do not need to add it to /etc/rc.d/rc.local
Pls help me.
On 2/5/07, Fabian Arrotin fabian.arrotin@arrfab.net wrote:
On Mon, 2007-02-05 at 13:47 +0530, Indunil Jayasooriya wrote:
Hi,
I want to setup viaralator with squid and clamav. I have never set it up . Is anybody out there who has set ip up on CentOS 4.4.
I advice you to use havp instead of viralator ... Havp package exists in the rpmforge repo for centos 4.x ...
-- Fabian Arrotin fabian.arrotin@arrfab.net
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Fri, 2007-02-09 at 12:31 +0530, Indunil Jayasooriya wrote:
Hi,
<snip>
Now I want to know which is better for productiuon enviroment?
Squid as a Parent proxy or HAVP as Paernt proxy ?
It's up to you to decide and both are 'supported' and documented on the havp website. Usually i use HAVP as a parent proxy for Squid because squid can use authentication programs (like ntlm that i use a lot in M$ networks) and can handle blacklist, ACLs etc ... so squid does all the job and havp is just used one step further just for the antivirus stuff .... On the other hand, every is logged in squid log file and i can genereate reports easily with sarg (also available in the rpmforge repo )
I mounted my /var partition in following way.
mount -o remount,mand /var
How to add this to /etc/fstab ? Then I do not need to add it to /etc/rc.d/rc.local
Pls help me.
For this one you should just have look in the standard /etc/fstab file, but let's just say that you just to change defaults to defaults,mand
On 2/5/07, Fabian Arrotin fabian.arrotin@arrfab.net wrote: On Mon, 2007-02-05 at 13:47 +0530, Indunil Jayasooriya wrote: > Hi, > > I want to setup viaralator with squid and clamav. I have never set it > up . Is anybody out there who has set ip up on CentOS 4.4.
I advice you to use havp instead of viralator ... Havp package exists in the rpmforge repo for centos 4.x ... -- Fabian Arrotin <fabian.arrotin@arrfab.net> _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos-- Thank you Indunil Jayasooriya
Now I want to know which is better for productiuon enviroment?
Squid as a Parent proxy or HAVP as Paernt proxy ?
It's up to you to decide and both are 'supported' and documented on the havp website. Usually i use HAVP as a parent proxy for Squid because squid can use authentication programs (like ntlm that i use a lot in M$ networks) and can handle blacklist, ACLs etc ... so squid does all the job and havp is just used one step further just for the antivirus stuff .... On the other hand, every is logged in squid log file and i can genereate reports easily with sarg (also available in the rpmforge repo )
Thanks a lot. Having kept SQUID in front of HAVP, I now run HAVP as a PARENT PROXY as SQUID CAN HANDLE MANY THINGS. This is the first time I use HAVP and am happy the way it works. But I am still new to HAVP. So I wnat to discuss below 3 lines I have added to squid.conf.
First I addedd below line to squid.conf and restarted squid deamon.
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default
Then I browsed the web and it worked.
Then I added below 2 lines to squid.conf and restarted squid deamon as well.
acl Scan_HTTP proto HTTP never_direct allow Scan_HTTP
Then too, I browsed the web and it worked. Now I have these 2 rules as well. But I don not have a proper idea of these 2 rules.
What does it say?
Is there any benifit, while having these 2 rules?
pls explain.
On 2/5/07, Fabian Arrotin fabian.arrotin@arrfab.net wrote:
On Mon, 2007-02-05 at 13:47 +0530, Indunil Jayasooriya wrote: > Hi, > > I want to setup viaralator with squid and clamav. I have never set it > up . Is anybody out there who has set ip up on CentOS 4.4. I advice you to use havp instead of viralator ... Havp package exists in the rpmforge repo for centos 4.x ... -- Fabian Arrotin <fabian.arrotin@arrfab.net> _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos-- Thank you Indunil Jayasooriya
Indunil Jayasooriya wrote:
Now I want to know which is better for productiuon enviroment?
Squid as a Parent proxy or HAVP as Paernt proxy ?
It's up to you to decide and both are 'supported' and documented on the havp website. Usually i use HAVP as a parent proxy for Squid because squid can use authentication programs (like ntlm that i use a lot in M$ networks) and can handle blacklist, ACLs etc ... so squid does all the job and havp is just used one step further just for the antivirus stuff .... On the other hand, every is logged in squid log file and i can genereate reports easily with sarg (also available in the rpmforge repo )
Thanks a lot. Having kept SQUID in front of HAVP, I now run HAVP as a PARENT PROXY as SQUID CAN HANDLE MANY THINGS. This is the first time I use HAVP and am happy the way it works. But I am still new to HAVP. So I wnat to discuss below 3 lines I have added to squid.conf.
First I addedd below line to squid.conf and restarted squid deamon.
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default
Then I browsed the web and it worked.
Then I added below 2 lines to squid.conf and restarted squid deamon as well.
acl Scan_HTTP proto HTTP never_direct allow Scan_HTTP
"acl" defines an access control list, and I don't know what "never_direct" does, but you should get your answers from th Squid documentation, either on your computer or from the Squid website.
My guess is that your rules make it do what it would do without them, and so they have no effect.
Fabian Arrotin wrote:
On Fri, 2007-02-09 at 12:31 +0530, Indunil Jayasooriya wrote:
Hi,
<snip>
Now I want to know which is better for productiuon enviroment?
Squid as a Parent proxy or HAVP as Paernt proxy ?
It's up to you to decide and both are 'supported' and documented on the havp website. Usually i use HAVP as a parent proxy for Squid because squid can use authentication programs (like ntlm that i use a lot in M$ networks) and can handle blacklist, ACLs etc ... so squid does all the job and havp is just used one step further just for the antivirus stuff .... On the other hand, every is logged in squid log file and i can genereate reports easily with sarg (also available in the rpmforge repo )
Sacrilege, I know, but we don't use AV software on most of our computers.
Our kids are controlled with AD so they can't write in important areas of the system, the right mouse button is emaciated.
They don't do email, and if they did it would likely be web-based.
So far, I've not _had_ to reinstall, though I did so during the hols just on the principle that it is Windows after all. Reinstalling is just a matter of running a program off the LAN (where everything important's stored) That reinstalls stuff, and a group policy or two deploys the other stuff.
Teachers have Macs, not noted for problems with viruses, and I use Linux. There are a couple of others, one does have AV software, the other never ventures outside the office except to Microsoft. And there's a server on which I do some browsing (mostly with seamonkey), for Windows stuff, but never read email.
-
Fabian Arrotin -
Indunil Jayasooriya -
John Summerfield