Squid + ClamAV + i-cap: Scanning proxy for uploaded files

I'm trying to configure a virus scanning proxy server specifically to scan files being uploaded. Scanning flies being downloaded seems to be the common use case, and seems to be well documented.

Not being a squid or i-cap expert, I'm using information from these guides:

http://www.server-world.info/en/note?os=Ubuntu_11.04&p=clamav
http://squidclamav.darold.net/installv6.html

The A/V proxy is working as expected for file downloads, but is not working for file uploads. What am I missing?

Here is the i-cap configuration from squid.conf:

icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_encode off
icap_client_username_header X-Authenticated-User
icap_preview_enable on
icap_preview_size 1024
icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all

Let me know if there is any other information I can provide to help get to the bottom of this problem.

Best Answer

I think this is a limitation in c-icap. This reference is a bit old, but the main developer of c-icap says:

It has to do with the way the data coded in POST requests. When the POST request will contain multipart form data will not work well.

This means that uploads aren't well supported on c-icap. It seems the only option you have is to replace c-icap with another ICAP server but, from my research, it seems that all the others are rather old or abandoned.

Best Answer

Related Solutions

Ubuntu – Changing location of ClamAV logging files

Ubuntu – Using ClamAV to virus scan uploaded files on Ubuntu Production Servers

Related Topic