openSUSE as I-CAP Server for Content filter

Components needs to be installed on openSUSE 13.2:

  • Squid
  • ClamAV
  • C-ICAP
  • SquidClamAV

They can all be found by searching on openSUSE Website. I used 1-Click install to add the repository as well.

Once the components are installed, add followings to be started automatically during system boot:

  • squid
  • clamd
  • c-icap

You can restart any of those services by running: rc(service-name) restart, e.g. rcsquid restart

I did not put too much customized configuration into squid and/or c-icap. Here below are the configures I added on top of the default configuration.

For Squid(/etc/squid/squid.conf):

icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Authenticated-User

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all

icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all

For C-ICAP(/etc/c-icap/c-icap.conf): Only updated ServerAdmin, ServerName values and added following line.

Service squidclamav squidclamav.so

For ClamAV(/etc/freshclam.conf): Uncomment the line below and Change “XY” to your country code. I am in Canada so I used CA.

DNSDatabaseInfo current.cvd.clamav.net
DatabaseMirror db.ca.clamav.net
DatabaseMirror database.clamav.net

Donot forget to add “TCP/1344” as allowed service on openSUSE Firewall.

NOTE: if file scanning is needed, the maxsize value inside /etc/squidclamav.conf file and StreamMaxLength value in /etc/clamd.conf need to be adjusted accordingly.

Advertisements