ICAP не доступен
Здравствуйте, уважаемые! Необходимо настроить проверку трафика http и ftp шлюза squid на вирусы. Выбрал протокол ICAP. Настроил по руководствам разработчиков ICAP и описаниям на нескольких сайтах. В результате браузер пишет следующее: * ICAP protocol error. Some aspect of the ICAP communication failed. Possible problems: * ICAP server is not reachable. * Illegal response from ICAP server. Your cache administrator is root. Generated Wed, 15 Aug 2007 13:58:15 GMT by adminserver (squid/2.6.STABLE1)Далее привожу все мои настройки. Посмотрите, пожалуйста, в чем может крыться ошибка.
Версия c_icap: c_icap-030606rc1 Конфигурировал с параметрами: --prefix=/usr/local/c_icap --with=/usr/lib (так как читал, что icap не может существовать без библиотек clamav).
Squid поддерживает ICAP
Это конфмгурация squid: http_port 3128 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl Apache rep_header Server ^Apache broken_vary_encoding allow apache cache_mem 64 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB minimum_object_size 0 KB maximum_object_size_in_memory 8 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 cache_dir ufs /var/spool/squid 1000 32 512 access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log debug_options ALL,1 auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic casesensitive off refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl mynet src 192.168.0.0/24 http_access allow mynet http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all http_reply_access allow all icp_access allow all cache_effective_user squid cache_effective_group squid visible_hostname adminserver icap_enable on icap_preview_enable on icap_preview_size 128 icap_send_client_ip on icap_service service_1 reqmod_precache 0 icap://localhost:1344/reqmod icap_service service_2 respmod_precache 0 icap://localhost:1344/respmod icap_class class_1 service_1 service_2 icap_access class_1 allow all logfile_rotate 12 error_directory /usr/lib/squid/errors/English coredump_dir /var/spool/squid
Запуск icap в нормальном режиме: [root@shluz bin]# ./c-icap Initialization of echo module...... Initialization of url_check module...... LibClamAV Warning: ******************************************************** LibClamAV Warning: * This version of the ClamAV engine is outdated. * LibClamAV Warning: * DON'T PANIC! Read http://www.clamav.net/faq.html * LibClamAV Warning: ******************************************************** LibClamAV Warning: ************************************************** LibClamAV Warning: * The virus database is older than 7 days. * LibClamAV Warning: * Please update it IMMEDIATELY! * LibClamAV Warning: ************************************************** LibClamAV Warning: ******************************************************** LibClamAV Warning: * This version of the ClamAV engine is outdated. * LibClamAV Warning: * DON'T PANIC! Read http://www.clamav.net/faq.html * LibClamAV Warning: ******************************************************** LibClamAV Warning: Signature for Trojan.Small-3108 requires new ClamAV version. Please update! LibClamAV Warning: Signature for W32.Cervan requires new ClamAV version. Please update! LibClamAV Warning: Signature for Trojan.Small-3169 requires new ClamAV version. Please update! LibClamAV Warning: Signature for Trojan.Small-3171 requires new ClamAV version. Please update! LibClamAV Warning: Signature for W32.Dwee-1 requires new ClamAV version. Please update! LibClamAV Warning: Signature for Trojan.Small-3184 requires new ClamAV version. Please update! LibClamAV Warning: Signature for Trojan.Small-3204 requires new ClamAV version. Please update! LibClamAV Warning: Signature for Trojan.Crypted-4 requires new ClamAV version. Please update! LibClamAV Warning: Signature for Trojan.Packed-75 requires new ClamAV version. Please update!
Проверка результатов запуска: [root@shluz bin]# netstat -apn | grep 1344 tcp 0 0 0.0.0.0:1344 0.0.0.0:* LISTEN 6315/c-icap
[root@shluz bin]# netstat -apn | grep 1344 tcp 0 0 0.0.0.0:1344 0.0.0.0:* LISTEN 6315/c-icap tcp 0 0 127.0.0.1:42004 127.0.0.1:1344 TIME_WAIT - tcp 0 0 127.0.0.1:34943 127.0.0.1:1344 TIME_WAIT - tcp 0 1 59.109.39.117:51640 69.25.27.173:1344 SYN_SENT 6482/(squid).
[root@shluz bin]# netstat -apn | grep c-icap tcp 0 0 0.0.0.0:1344 0.0.0.0:* LISTEN 11381/c-icap unix 2 [ ] DGRAM 85200 11381/c-icap
Это файл конфигурации c_icap: PidFile /var/run/c-icap.pid Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 600 StartServers 3 MaxServers 10 MinSpareThreads 10 MaxSpareThreads 20 ThreadsPerChild 10 MaxRequestsPerChild 0 Port 1344 User squid Group squid TmpDir /var/tmp MaxMemObject 131072 ServerLog /usr/local/c_icap/var/log/server.log AccessLog /usr/local/c_icap/var/log/access.log ModulesDir /usr/local/c_icap/lib/c_icap Module logger sys_logger.so Module perl_handler perl_handler.so sys_logger.Prefix "C-ICAP:" sys_logger.Facility local1 Logger /usr/local/c_icap/var/log acl localnet_respmod src 127.0.0.1 type respmod acl localnet src 127.0.0.1 acl externalnet src 0.0.0.0/0.0.0.0 icap_access allow localnet_respmod icap_access allow localnet icap_access deny externalnet ServicesDir /usr/local/c_icap/lib/c_icap Service echo_module srv_echo.so Service url_check_module srv_url_check.so Service antivirus_module srv_clamav.so srv_clamav.ScanFileTypes TEXT DATA EXECUTABLE ARCHIVE GIF JPEG MSOFFICE srv_clamav.SendPercentData 5 srv_clamav.StartSendPercentDataAfter 2M srv_clamav.MaxObjectSize 5M srv_clamav.ClamAvTmpDir /var/tmp srv_clamav.ClamAvMaxFilesInArchive 0 srv_clamav.ClamAvMaxFileSizeInArchive 100M srv_clamav.ClamAvMaxRecLevel 5 srv_clamav.VirSaveDir /tmp/virusstor/ srv_clamav.VirHTTPServer "http://fortune/cgi-bin/get_file.pl?usename=%f&remove=1&file=" srv_clamav.VirUpdateTime 15 srv_clamav.VirScanFileTypes ARCHIVE EXECUTABLE
Что пишет лог c_icap (фрагмент): /usr/local/c_icap/var/log/server.log: Fri Aug 17 10:41:01 2007, general, Service not found Fri Aug 17 10:41:01 2007, general, Service not found Fri Aug 17 10:41:06 2007, general, Service not found Fri Aug 17 10:41:06 2007, general, Service not found
/usr/local/c_icap/var/log/access.log- пустой
С правами доступа кажется все нормально, хотя... Возможно что-то упустил в описании проблемы. Может быть у кого-то успешно работает сервис ICAP, посмотрите, пожалуйста, в чем моя ошибка. Буду очень признателен за посильную помощь! Спасибо!