Conventions used in this article:
$ = normal linux user
# = root user
So were going to dive right into this.
Install squid, havp, clamav, ipblock and their dependencies:
NOTE: Not all distros have ipblock in their software repositories/databases if this is your case find an alternative or compile from source.
configure squid to your preferences BUT ensure you add the following:
namo \ vim
Config havp as follows:
nano \ vim /etc/havap/havp.conf
now at this point consider making a tmpsfs of 512-1024Mb for /var/tmp and setup /tmp as a sym link, Some distro’s do this by default and others have /dev/shm setup as a ramdrive but to be honest i preffer this way as you have created a fixed size for virus scanning and you know for certain that /tmp and /var/tmp will be cleared out on reboot:
if you want this to be a transparent setup the following iptables rules:
NOTE: you may want to have this update manually so make sure you edit /etc/clamav/freshclam.conf to run as daemon, then when you run the command above it will jump to background after initial update.
All done, all you test with eicar file download and you should see the havp access denied page indicating a virus was found