You are not logged in.
Hello,
squid c-icap squidclamav seems broken since updating squid and c-icap to latetest version.
squid version:
squid --version
Squid Cache: Version 4.4
Service Name: squid
This binary uses OpenSSL 1.1.1 11 Sep 2018. For legal restrictions on distribution see https://www.openssl.org/source/license.html
configure options: '--prefix=/usr' '--sbindir=/usr/bin' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--with-logdir=/var/log/squid' '--with-pidfile=/run/squid.pid' '--enable-auth' '--enable-auth-basic' '--enable-auth-ntlm' '--enable-auth-digest' '--enable-auth-negotiate' '--enable-removal-policies=lru,heap' '--enable-storeio=aufs,ufs,diskd,rock' '--enable-delay-pools' '--with-openssl' '--enable-snmp' '--enable-linux-netfilter' '--enable-ident-lookups' '--enable-useragent-log' '--enable-cache-digests' '--enable-referer-log' '--enable-htcp' '--enable-carp' '--enable-epoll' '--with-large-files' '--enable-arp-acl' '--with-default-user=proxy' '--enable-async-io' '--enable-truncate' '--enable-icap-client' '--enable-ssl-crtd' '--disable-arch-native' '--disable-strict-error-checking' '--enable-wccpv2' 'CFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong' 'LDFLAGS=-Wl,-O1,--sort-common,--as-needed,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong'c-icap version:
c-icap -V
0.5.5squid config:
egrep -v '(^#|^\s*$|^\s*\t*#)' /etc/squid/squid.conf | grep icap
icap_enable on
icap_preview_enable on
icap_preview_size 1024
icap_client_username_header X-Authenticated-User
icap_client_username_encode off
icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamavicap server is running:
c-icap-client -s squidclamav -i 127.0.0.1 -p 1344 -d 10
OK done with options!
ICAP server:127.0.0.1, ip:127.0.0.1, port:1344
OPTIONS:
Allow 204: Yes
Preview: 1024
Keep alive: Yes
ICAP HEADERS:
ICAP/1.0 200 OK
Methods: RESPMOD, REQMOD
Service: C-ICAP/0.5.5 server - SquidClamav/Antivirus service
ISTag: CI0001-1-squidclamav-10
Transfer-Preview: *
Options-TTL: 3600
Date: Sun, 04 Nov 2018 16:15:38 GMT
Preview: 1024
Allow: 204
X-Include: X-Client-IP, X-Server-IP, X-Authenticated-User, X-Authenticated-Groups
Encapsulated: null-body=0
[root@squid ~]# c-icap-client -s squidclamav -i 127.0.0.1 -p 1344 -d 10
OK done with options!
ICAP server:127.0.0.1, ip:127.0.0.1, port:1344
OPTIONS:
Allow 204: Yes
Preview: 1024
Keep alive: Yes
ICAP HEADERS:
ICAP/1.0 200 OK
Methods: RESPMOD, REQMOD
Service: C-ICAP/0.5.5 server - SquidClamav/Antivirus service
ISTag: CI0001-1-squidclamav-10
Transfer-Preview: *
Options-TTL: 3600
Date: Sun, 04 Nov 2018 16:15:43 GMT
Preview: 1024
Allow: 204
X-Include: X-Client-IP, X-Server-IP, X-Authenticated-User, X-Authenticated-Groups
Encapsulated: null-body=0squidclamav config:
egrep -v '(^#|^\s*$|^\s*\t*#)' /etc/c-icap/squidclamav.conf
maxsize 5000000
clamd_local /run/clamav/clamd.ctl
timeout 3
logredir 1
dnslookup 1
safebrowsing 0But squid wont connect:
cat /var/log/squid/cache.log | grep ICAP
018/11/04 09:52:41 kid1| WARNING: Squid got an invalid ICAP OPTIONS response from service icap://127.0.0.1:1344/squidclamav; error: unsupported status code of OPTIONS response
2018/11/04 09:53:44 kid1| WARNING: Squid got an invalid ICAP OPTIONS response from service icap://127.0.0.1:1344/squidclamav; error: unsupported status code of OPTIONS response
2018/11/04 09:55:41 kid1| WARNING: Squid got an invalid ICAP OPTIONS response from service icap://127.0.0.1:1344/squidclamav; error: unsupported status code of OPTIONS response
2018/11/04 09:56:44 kid1| WARNING: Squid got an invalid ICAP OPTIONS response from service icap://127.0.0.1:1344/squidclamav; error: unsupported status code of OPTIONS responseLast edited by guggi (2018-11-04 16:49:07)
Offline
This configuration actually is working, solved.
Offline