Hello!
I added virus scanning support to Squid using the OpenAntivirus
ScannerDaemon (http://www.openantivirus.org/) and the content filter
patch from Olat Titz.
Unfortunately, Olaf cannot be reached at the moment and I have some
questions to get things working right.
The patch modifies 'client_side.c' to run all traffic through the
scanner. This is done via a separate TCP/IP connection and therefore the
scanner does not answer directly. So the first calls to
'clientSendMoreData' will call
/* wrote none, but want to read more */
storeClientCopy(entry,
http->out.offset,
http->out.offset,
CLIENT_SOCK_SZ,
buf,
clientSendMoreData,
http);
The problem appears, when the data is finished and the rest of the file
has to be fetched from the scanner. I did this by checking
if (clientCheckTransferDone(http) != 0)
directly after I got the old data and get the rest if the test succeeds.
This helped for 'large' files, i.e. where 4096 byte blocks are pumped.
But some files where not transfered correctly, so I added the same at
the beginning of 'clientSendMoreData' after
} else if (size == 0) {
This helps for most pages, except some error messages. I think that my
solution is severely broken, so maybe you can help me with this as I do
not want to release this version. I attached a diff of 'client_side.c'
vs 2.3.STABLE4. The 'moduleCFilter' puts the scanned data into 'mb2'.
Iff it finds a virus, '-1' is returned.
I do also need a hint, how to send additional information to the
browser, like a redirect to an informational page indication that a
virus has been found.
Any hints welcome,
Kurt
-- Kurt Huwig iKu Netzwerklösungen http://www.iku-netz.de/ Gesellschafter Am Römerkastell 4 Telefon 0681/96751-0 kurt@iku-netz.de 66121 Saarbrücken Telefax 0681/96751-66
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:44 MST