squid2.6stable12+clamav+havp\u642d\u5efa\u9632\u6bd2\u4ee3\u7406<\/p>\n
squid 2.6stable12 \u7684\u5b89\u88c5<\/p>\n
useradd squid<\/p>\n
.\/configure --prefix=\/opt\/squid --enable-async-io=40 --enable-storeio=\"aufs,coss,diskd,ufs\" --enable-useragent-log --enable-referer-log --enable-kill-parent-hack --enable-forward-log --enable-snmp --enable-cache-digests --enable-default-err-language=Simplify_Chinese --enable-poll --enable-removal-policies=\"heap,lru\" --enable-large-cache-files --disable-internal-dns --enable-x-accelerator-vary --enable-follow-x-forwarded-for --with-large-files --disable-ident-lookups --enable-underscore --disable-arp-acl<\/p>\n
make && make install<\/p>\n
cd \/opt\/squid
\nmkdir cache1 cache1
\nchown -R squid.squid cache1 cache2 var<\/p>\n
squid.conf\u7684\u5185\u5bb9<\/p>\n
http_port 3128<\/p>\n
cache_mem 100 MB
\ncache_swap_low 75
\ncache_swap_high 98<\/p>\n
emulate_httpd_log on
\nlogformat combined %>a %ui %un [%tl] \"%rm %ru HTTP\/%rv\" %Hs %<st \"%{Referer}>h\" \"%{User-Agent}>h\"
\naccess_log \/opt\/web-squid\/var\/logs\/access.log combined
\nredirect_rewrites_host_header off<\/p>\n
acl all src 0.0.0.0\/0.0.0.0
\nacl manager proto cache_object
\nacl localhost src 127.0.0.1\/255.255.255.255
\nacl SSL_ports port 443 563
\nacl Safe_ports port 80 # http<\/p>\n
acl CONNECT method CONNECT
\nhttp_access allow manager localhost
\nhttp_access deny manager
\nhttp_access deny !Safe_ports
\nhttp_access deny CONNECT !SSL_ports
\nhttp_access allow all<\/p>\n
cache_effective_user squid
\ncache_effective_group squid<\/p>\n
cache_replacement_policy lru<\/p>\n
cache_dir aufs \/opt\/web-squid\/cache1 50 32 64
\ncache_dir aufs \/opt\/web-squid\/cache2 50 32 64
\ncache_log \/opt\/web-squid\/var\/logs\/cache.log
\ncache_store_log none
\ncache_swap_log \/opt\/web-squid\/var\/logs\/swap.log
\nlog_ip_on_direct on
\npid_filename \/opt\/web-squid\/var\/logs\/squid.pid
\nvisible_hostname testwebsquid
\nlogfile_rotate 5<\/p>\n
\u5b89\u88dd Clam AntiVirus
\n\u9996\u5148\u4ece[url]http:\/\/www.clamav.net\/[\/url]\u4e0b\u8f7dclamav0.90\u5305<\/p>\n
useradd clamav<\/p>\n
.\/configure
\nmake
\nmake install<\/p>\n
\u6ce8:\u5b89\u88c5\u8fc7\u7a0b\u4e2d\u6709\u53ef\u80fd\u4f1a\u51fa\u73b0zlib\u7248\u672c\u4e0d\u591f\u7684\u60c5\u51b5,\u8bf7\u53bb[url]http:\/\/www.zlib.net\/[\/url]\u4e0b\u8f7d\u6700\u65b0\u7684zlib\u8fdb\u884c\u5b89\u88c5<\/p>\n
\u5b89\u88c5\u8fc7\u7a0b:
\n.\/configure
\nmake
\nmake install<\/p>\n
\u5b89\u88dd HAVP
\n\u4ece[url]http:\/\/www.server-side.de\/download.htm[\/url]\u4e0b\u8f7dhavp 0.86\u7684\u5305<\/p>\n
useradd havp<\/p>\n
.\/configure
\nmake
\nmake install<\/p>\n
chown -R havp.havp \/var\/log\/havp \/var\/tmp\/havp \/var\/run\/havp<\/p>\n
vi \/usr\/local\/etc\/havp\/havp.config<\/p>\n
### \u6ce8\u91ca\u4ee5\u4e0b\u8fd9\u884c
\n#REMOVETHISLINE deleteme<\/p>\n
### ClamAV Library Scanner (libclamav) \u2192 \u7531 HAVP \u76f4\u63a5\u53d6\u7528 ClamAV \u7684\u75c5\u6bd2\u8d44\u6599\u5e93
\nENABLECLAMLIB true
\nCLAMDBDIR \/var\/lib\/clamav<\/p>\n
### ClamAV Socket Scanner (clamd) \u2192 \u4ea4\u7531 clamd \u626b\u6bd2 (\u987b\u5148\u542f\u52a8 clamd), \u4ee5\u4e0a\u4e24\u8005\u62e9\u4e00\u4f7f\u7528\u5373\u53ef,\u6211\u4f7f\u7528\u7684\u4e0a\u9762\u90a3\u79cd\u6a21\u5f0f)
\nENABLECLAMD true
\nCLAMDSOCKET \/tmp\/clamd<\/p>\n
\u5176\u4ed6\u6548\u80fd\u76f8\u5173\u7684\u8bbe\u5b9a:<\/p>\n
### \u7406\u8ad6\u4e0a\u8d8a\u591a\u7684\u57f7\u884c\u7dd2\u6548\u80fd\u6548\u80fd\u8d8a\u597d, \u4f46\u4ecd\u9700\u8996\u4f3a\u670d\u5668\u8cc7\u6e90\u800c\u5b9a
\nSERVERNUMBER 40
\nMAXSERVERS 200<\/p>\n
### \u53ea\u8a18\u9304 error log. \u8f03\u5c11\u7684 Log \u8a18\u9304\u53ef\u6e1b\u8f15\u4f3a\u670d\u5668\u8ca0\u64d4
\nLOGLEVEL 0<\/p>\n
### \u4e0d\u5c0d\u5716\u7247\u6a94\u6383\u6bd2, \u53ef\u6e1b\u8f15 CPU \u8ca0\u64d4
\nSCANIMAGES false
\n### \u8fd9\u4e2a\u662fhavp\u7684\u76d1\u542c\u7aef\u53e3,\u9ed8\u8ba4\u662f8080,\u56e0\u4e3a8080\u662ftomcat\u7684\u9ed8\u8ba4\u7aef\u53e3,\u6240\u4ee5\u6211\u6539\u62103129\u4e86,
\nPORT=3129<\/p>\n
\u6302\u8f7d\u72ec\u7acb\u78c1\u76d8\u533a \/var\/tmp\/havp (\u4e00\u5b9a\u8981\u52a0\u4e0a -o mand \u53c3\u6578)<\/p>\n
mount -o mand \/dev\/hda3 \/var\/tmp\/havp<\/p>\n
\u5982\u679c\u6c92\u6709\u591a\u9918\u7684 device \u53ef\u4ee5\u639b\u8f09, \u53ef\u53c3\u8003\u4ee5\u4e0b\u5169\u7a2e\u65b9\u6cd5:<\/p>\n
a. \u7528\u8a18\u61b6\u9ad4\u5efa\u7acb\u865b\u64ec\u78c1\u789f<\/p>\n
mkfs -t ext2 \/dev\/ram0 8192 (\u5efa\u7acb 8MB RAM Disk)
\nmount -o mand \/dev\/ram0 \/var\/tmp\/havp<\/p>\n
b. \u4f7f\u7528\u786c\u789f\u7a7a\u9593\u5efa\u7acb\u865b\u64ec\u78c1\u789f<\/p>\n
dd if=\/dev\/zero of=\/root\/havp_tmp.img bs=128K count=1 seek=1024 (\u5efa\u7acb 128MB Virtual Disk)
\nmkfs.ext2 \/root\/havp_tmp.img
\nmount -o loop,mand \/root\/havp_tmp.img \/var\/tmp\/havp<\/p>\n
ps. HAVP \u53ef\u626b\u63cf\u7684\u6863\u6848\u5927\u5c0f\u5c06\u53d7\u9650\u4e8e\u8fd9\u91cc\u6240\u6302\u8f7d\u7684\u78c1\u76d8\u7a7a\u9593<\/p>\n
\u66f4\u65b0 shared libraries \u8d44\u6599\u5e93 (for ClamAV)<\/p>\n
vi \/etc\/ld.so.conf --> \u52a0\u5165: \/usr\/local\/lib
\nldconfig<\/p>\n
\u542f\u52a8 HAVP<\/p>\n
\/usr\/local\/sbin\/havp &<\/p>\n
squid\u548chavp\u7684\u6346\u7ed1<\/p>\n
\u7f16\u8f91squid.conf\u6587\u4ef6
\n\u52a0\u5165\u5982\u4e0b\u4e24\u884c<\/p>\n
cache_peer 127.0.0.1 parent 3129 0 no-query no-digest no-netdb-exchange default
\ncache_peer_access 127.0.0.1 allow all<\/p>\n
\u5230\u76ee\u524d\u4f4d\u7f6esquid+clamav+havp\u5c31\u5df2\u7ecf\u914d\u7f6e\u5b8c\u6210\u4e86
\n\u4f7f\u7528squid\u505a\u4ee3\u7406\u7136\u540e\u53bb[url]http:\/\/www.eicar.org\/anti_virus_test_file.htm[\/url]\u8fd9\u4e2a\u7f51\u7ad9\u8fdb\u884c\u6d4b\u8bd5\u5427<\/p>\n
HAVP \u6703\u76f4\u63a5\u4f7f\u7528 ClamAV \u7684 Library, \u6240\u4ee5 ClamAV \u7684\u670d\u52d9\u662f\u4e0d\u9700\u8981\u555f\u52d5\u7684.
\n\u60a8\u53ea\u8981\u4f7f\u7528 ClamAV \u7684 freshclam \u4f86\u66f4\u65b0 ClamAV \u7684\u75c5\u6bd2\u78bc\u5c31\u884c\u4e86,
\n\u65b9\u6cd5\u5982\u4e0b:
\n1. \u4ee5 crontab \u6392\u7a0b: 0 0 * * * \/usr\/local\/bin\/freshclam --verbose(\u6bcf\u5929\u5348\u591c\u66f4\u65b0\u75c5\u6bd2\u78bc)<\/p>\n
Clamav\u5347\u7ea7\u914d\u7f6e\u6587\u4ef6<\/p>\n
vi \/usr\/local\/clamav\/etc\/freshclam.conf
\n##
\n## Example config file for freshclam
\n## Please read the clamav.conf(5) manual before editing this file.
\n## This file may be optionally merged with clamav.conf.
\n##<\/p>\n
# You can change the default database directory here.
\n#DatabaseDirectory \/var\/lib\/clamav<\/p>\n
# Path to the log file (make sure it has proper permissions)
\n[b]UpdateLogFile \/var\/log\/freshclam.log[\/b]
\n# Enable verbose logging.
\n[b]LogVerbose[\/b]<\/p>\n
# Use system logger (can work together with UpdateLogFile).
\n[b]LogSyslog[\/b]<\/p>\n
# By default when freshclam is started by root it drops privileges and
\n# switches to the \"clamav\" user. You can change this behaviour here.
\n#DatabaseOwner clamav<\/p>\n
# The main database mirror is database.clamav.net (this is a round-robin
\n# DNS that points to many mirrors on the world) and in most cases you
\n# SHOULD NOT change it.
\nDatabaseMirror database.clamav.net<\/p>\n
# How many attempts to make before giving up.
\nMaxAttempts 3<\/p>\n
# How often check for a new database. We suggest checking for it every
\n# two hours.
\n[b]Checks 12[\/b]
\n# Proxy settings
\n#HTTPProxyServer myproxy.com
\n#HTTPProxyPort 1234
\n#HTTPProxyUsername myusername
\n#HTTPProxyPassword mypass<\/p>\n
# Send the RELOAD command to clamd.
\n#NotifyClamd [\/optional\/config\/file\/path]<\/p>\n
# Run command after database update.
\n#OnUpdateExecute command<\/p>\n
# Run command if database update failed.
\n#OnErrorExecute command<\/p>\n
\u4ee5\u4e0a\u5185\u5bb9\u6709\u90e8\u5206\u662f\u770b\u4e86\u5176\u4ed6\u6587\u7ae0\u540e\u52a0\u5165\u7684\uff0c\u5e76\u975e\u5b8c\u5168\u672c\u4eba\u539f\u521b<\/p>\n","protected":false},"excerpt":{"rendered":"
squid2.6stable12+clamav+havp\u642d\u5efa\u9632\u6bd2\u4ee3\u7406 squid 2.6stable12 \u7684\u5b89\u88c5 useradd squid .\/configure –prefix=\/opt\/squ...<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-164","post","type-post","status-publish","format-standard","hentry","category-squid"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/posts\/164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=164"}],"version-history":[{"count":0,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/posts\/164\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}