On Fri, Feb 05, 2010 at 11:26:48AM +1300, Amos Jeffries wrote:
> Fredrik Ax wrote:
> >Hi,
> >
> >This might be a bug/"feature" of the c-icap + squid 3.0 combination,
> >but I'm not sure that it might not be some kind of miss-configuration
> >on my behalf, so I therefore figured I'd try this list and see if
> >somebody else have run into this.
> >
> >To sum it up: When using the c-icap clamav service with squid and you
> >are downloading a file larger then the in c-icap.conf set
> >srv_clamav.StartSendPercentDataAfter threshold and the virus signature
> >is found after c-icap has started to "trickle" out data, the entire
> >file including the virus signature is let through.
[...]
> Well yes. You have configured c-icap to send a file through. It's
> going to get through.
> Any content alteration is up to the ICAP server. Squid passes on
> what it receives back.
Of course, and I understand that this list is primarily for pure squid
setups, but my hope was that somebody here had encountered the same
prob, and had a better understanding of c-icap and possibly a
resolution on how to force c-icap to stop sending data once the
signature was detected.
(Didn't find any appropiate c-icap mailing list, but figured that
since it's widely used in conjuction with squid for this purpose this
list might be a good bet. Also understood that the author of c-icap
have been involved in the squid3 development.)
I guess I'd better get the latest development release of c-icap and
start digging into the code to see if the problem is there.
Best regards,
/frax
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
Received on Fri Feb 05 2010 - 07:34:37 MST
This archive was generated by hypermail 2.2.0 : Fri Feb 05 2010 - 12:00:04 MST