Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

file extension ACLs and choosing parents

16 views
Skip to first unread message

Steve Loughran

unread,
Jun 20, 2000, 3:00:00 AM6/20/00
to
Hi All

If I set up a list of file extensions into an ACL, is there any way of
configuring Squid to use one specific parent for any entry that matches this
ACL, but use the normal configured weighted parents for everything else?

e.g.

====

#List of file extentions
acl file-ext urlpath -i \.exe$ \.zip$ \.tar$

#List of AntiVirus Checking proxy parents (I know this acl type doesnt
exist!)
acl antivirus-parent parent-list 1.2.3.4:8080 5.6.7.8:8080

#force all file extensions in file-ext to use parents in antivirus-parent
list
http_access allow file-ext parent-list

====

The closest thing I could find was a never_direct/always_direct system, but
that doesnt cope with the multiple failover system we have here. We proxy
chain from squid to 1 of 3 firewalls we have, but want to insert WebSweeper
to Virus check certain filetypes.

Any thoughts on how in implement a CLI based AntiVirus scanner into Squid?
mmm... it would need to scan the entire file before it hands it back to the
client, so the client wouldnt get any of the file until squid had received
the entire file... so squid would need to create updating HTML to show the
current download status for the item (so that the browser wouldnt time out
the connection)... on second thoughts, lets not get into this one, it could
get messy :)

Any help would be greatly appreciated.

--

Steve

-------------------------------------------------
Steve Loughran, Network Infrastructure Manager
Sony Computer Entertainment Europe (Cambridge)
http://camsg001.millennium.co.uk/index.htm
Yamaha YZF1000R Thunderace, ICQ#: 12666311
Team Waste - Where do you want to go wrong today?


Henrik Nordstrom

unread,
Jun 23, 2000, 3:00:00 AM6/23/00
to
Steve Loughran wrote:

> If I set up a list of file extensions into an ACL, is there any way of
> configuring Squid to use one specific parent for any entry that matches this
> ACL, but use the normal configured weighted parents for everything else?

Yes, by using the cache_peer_access.

acl file-ext urlpath -i \.exe$ \.zip$ \.tar$

cache_peer_access virusguard1 allow file-ext
cache_peer_access virusguard2 allow file-ext
cache_peer_access parent1 deny file-ext
cache_peer_access parent2 deny file-ext
...

--
Henrik Nordstrom
Squid hacker


brian.e...@hotmail.com

unread,
Sep 21, 2011, 9:10:45 PM9/21/11
to
Hi Steve,

I think you should check out http://www.opswat.com/ there are 2 or 3 products that may be a match. I think that OESIS Framework at http://www.opswat.com/products/oesis-framework provides a single interface to many antivirus packages. Another option is, I think, Metascan at http://www.opswat.com/products/metascan which is more for ISV.
I also found that many antivirus engines certified by OPSWAT at http://www.opswat.com/certified.

I hope this helps.
Regards,

Brian Edwards
0 new messages