Revision as of 14:06, 30 September 2024

Procedure

Install Packages on RHEL 9

1) Install EPEL Repository in RHEL 9

subscription-manager repos --enable codeready-builder-for-rhel-9-$(arch)-rpms

2) run dnf

dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y

3) Install Clamav packages

dnf -y install clamav clamav-data clamav-devel clamav-freshclam clamav-filesystem clamav-lib clamd

4) Install C-ICAP packages

dnf install c-icap c-icap-libs c-icap-modules -y

Step 2: Update Virus definition

Check install with update virus definition

freshclam

Step 3: Configure ICAP Server

1) Backup default ICAP server configuration file:

cd /etc/c-icap

mv c-icap.conf c-icap.conf_original

2) Create a c-icap.conf and add the following content:

Include virus_scan.conf
Include srv_content_filtering.conf
PidFile /run/c-icap/c-icap.pid
CommandsSocket /run/c-icap/c-icap.ctl
Timeout 300
MaxKeepAliveRequests 100
KeepAliveTimeout 600
StartServers 3
MaxServers 10
MinSpareThreads     10
MaxSpareThreads     20
ThreadsPerChild     10
MaxRequestsPerChild  0
Port 1344
ServerAdmin [email protected]
ServerName YourServerName
TmpDir /var/tmp
MaxMemObject 131072
DebugLevel 1
Pipelining on
SupportBuggyClients off
ModulesDir /usr/lib64/c_icap
ServicesDir /usr/lib64/c_icap
TemplateDir /usr/share/c_icap/templates/
TemplateDefaultLanguage en
LoadMagicFile /etc/c-icap/c-icap.magic
RemoteProxyUsers off
RemoteProxyUserHeader X-Authenticated-User
RemoteProxyUserHeaderEncoded on
acl all src 0.0.0.0/0.0.0.0
acl PERMIT_REQUESTS type REQMOD RESPMOD OPTIONS
icap_access allow all PERMIT_REQUESTS
ServerLog /var/log/c-icap/server.log
AccessLog /var/log/c-icap/access.log
Service echo srv_echo.so

Save and exit the file

Step 4: Start the ICAP Server

systemctl start clamav-icap

Step 5: Verify Configuration

1) Check the ICAP server's status

sudo systemctl status clamav-icap

2) Ensure there are no errors in the log file

tail -f /var/log/clamav-icap.log

Ver também