From: Eugene Azarkin <admin@ligalomb.ru> To: sysadmins@lists.altlinux.org Subject: [Sysadmins] SQUID+CLAMAV+ICAP Date: Tue, 02 Oct 2007 13:34:29 +0400 Message-ID: <470210A5.9000002@ligalomb.ru> (raw) [-- Attachment #1: Type: text/plain, Size: 739 bytes --] Доброе время суток Настраиваю связку SQUID+CLAMAV через c-icap на ALS4. SQUID вылетает с (squid): xstrdup: tried to dup a NULL pointer! : Squid Parent: child process 31465 exited due to signal 6 clamav установлен, служба и c-icap вроде работает. Конф.файлы в аттаче. Вроде бы эту ошибку в сквиде пофиксили еще в 2.6stable2 а унас уже stable13 (может забыли патчик :-)) У кого нибудь эта штука работает на ALS4 ? Что можно сделать для запуска данной связки ? С уважением Азаркин Евгений [-- Attachment #2: c-icap.conf --] [-- Type: text/plain, Size: 4619 bytes --] # # This file contains the default settings for c-icap # PidFile /var/run/c-icap/c-icap.pid Timeout 300 KeepAlive On MaxKeepAliveRequests 100 # set KeepAliveTimeout to -1 for no timeout KeepAliveTimeout 600 StartServers 3 MaxServers 10 MinSpareThreads 10 MaxSpareThreads 20 ThreadsPerChild 10 MaxRequestsPerChild 0 Port 1344 User _c_icap Group nobody #ServerAdmin you@your.address # Not implemented yet #ServerName localhost:1344 # Not implemented yet TmpDir /var/tmp/c-icap MaxMemObject 131072 ServerLog /var/log/c-icap/server.log AccessLog /var/log/c-icap/access.log #DebugLevel 3 ModulesDir /usr/lib/c-icap Module logger sys_logger.so Module perl_handler perl_handler.so sys_logger.Prefix "C-ICAP" sys_logger.Facility daemon ##Specify wich logger to use...... #Logger sys_logger Logger file_logger ## AclControlers example. The default_acl is the buildin acl controller ## To load an extrernal access controller named my_acl.so use: #Module access_controller my_acl.so ## This parameter needed to specify the order of used acl controllers ## If not specified access control will be disabled #AclControllers default_acl ## An example of acl lists for default_acl controller. ## acl and icap_access are aliases for default_acl.acl and default_acl.icap_access acl localnet_options src 192.168.1.0/255.255.255.0 type options acl localnet_respmod src 192.168.1.0/255.255.255.0 type respmod acl localnet src 192.168.1.0/255.255.255.0 ##Use the folllowing to demand use of username ...... acl localnet src 192.168.1.0/255.255.255.0 user * acl externalnet src 0.0.0.0/0.0.0.0 #acl barbarian src 192.168.1.5 ## An example of acl lists for default_acl controller. ## acl and icap_access are aliases for default_acl.acl and default_acl.icap_access #acl localnet_options src 127.0.0.1/255.0.0.0 type options #acl localnet_respmod src 127.0.0.1/255.0.0.0 type respmod #acl localnet src 127.0.0.1/255.0.0.0 ##Use the folllowing to demand use of username ...... #acl localnet src 127.0.0.1/255.0.0.0 user * #acl externalnet src 0.0.0.0/0.0.0.0 #acl barbarian src 192.168.1.5 ##An example to specify access to server #icap_access deny barbarian icap_access allow localnet_options icap_access allow localnet_respmod icap_access allow localnet ## http_auth mean that the icap server must try to authenticate the request ## using the http headers .... #icap_access http_auth localnet icap_access deny externalnet #Also you can specify which hosts to log or not. # Comment out the folowing two lines to log only the external net icap_access log localnet icap_access log externalnet ##An example for authentication methods .... ## To load an extarnal authentication method module named my_authmethod.so use: #Module auth_method my_authmethod.so ##The following parameter needed to specify the order of authenticators for ##specific authentication method. file_basic is a buildin authenticator ##for buildin basic authentication method (Not implemented yet......) ...... #AuthMethod basic file_basic ServicesDir /usr/lib/c-icap Service echo_module srv_echo.so Service url_check_module srv_url_check.so Service antivirus_module srv_clamav.so # Antivirus module settings # For allowed file types or groups of file types look at c-icap.magic srv_clamav.ScanFileTypes TEXT DATA EXECUTABLE ARCHIVE GIF JPEG MSOFFICE #The percentage of data to sent if the downloaded file exceeds the StartSendPercentDataAfter size srv_clamav.SendPercentData 5 srv_clamav.StartSendPercentDataAfter 2M ##Comment out the following line to enable 204 responces outside previews for srv_clamav ## if your icap client support it. For squid let it off #srv_clamav.Allow204Responces on # The Maximum object to be scanned. srv_clamav.MaxObjectSize 5M #The directory which clamav library will use as temporary. srv_clamav.ClamAvTmpDir /var/tmp/c-icap #Sets the maximum number of files in archive.)i Set it to 0 to disable it srv_clamav.ClamAvMaxFilesInArchive 0 #Sets the maximal archived file size. Set it to 0 to disable it. srv_clamav.ClamAvMaxFileSizeInArchive 100M #The maximal recursion level.Set it to 0 to disable it. srv_clamav.ClamAvMaxRecLevel 5 # And here the viralator-like mode. # where to save documents srv_clamav.VirSaveDir /var/www/html/downloads/ # from where the documents can be retrieved (you can find the get_file.pl script in contrib dir) srv_clamav.VirHTTPServer "http://fortune/cgi-bin/get_file.pl?usename=%f&remove=1&file=" # The refresh rate.... srv_clamav.VirUpdateTime 15 # For which filetypes the "virelator like mode" will be used. srv_clamav.VirScanFileTypes ARCHIVE EXECUTABLE
next reply other threads:[~2007-10-02 9:34 UTC|newest] Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top 2007-10-02 9:34 Eugene Azarkin [this message] 2007-10-02 9:41 ` Motsyo Gennadi aka Drool 2007-10-02 11:34 ` Alexey Shabalin 2007-10-23 12:47 ` Slava Dubrovskiy
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=470210A5.9000002@ligalomb.ru \ --to=admin@ligalomb.ru \ --cc=sysadmins@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux sysadmins discussion This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \ sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com public-inbox-index sysadmins Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sysadmins AGPL code for this site: git clone https://public-inbox.org/public-inbox.git