squid2.6stable12+clamav+havp搭建防毒代理

./configure --prefix=/opt/squid 

--enable-async-io=40 

--enable-storeio="aufs,coss,diskd,ufs" 

--enable-useragent-log 

--enable-referer-log 

--enable-kill-parent-hack 

--enable-forward-log 

--enable-snmp 

--enable-cache-digests 

--enable-default-err-language=Simplify_Chinese 

--enable-poll --enable-removal-policies="heap,lru" 

--enable-large-cache-files 

--disable-internal-dns 

--enable-x-accelerator-vary 

--enable-follow-x-forwarded-for 

--with-large-files --disable-ident-lookups 

--enable-underscore 

--disable-arp-acl 

--with-maxfd=65500

cd /opt/squid

mkdir cache1 cache1

chown -R squid.squid cache1 cache2 var

http_port 3128

cache_mem 100 MB

cache_swap_low 75

cache_swap_high 98

emulate_httpd_log on

logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %
access_log /opt/web-squid/var/logs/access.log combined
redirect_rewrites_host_header off
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all
cache_effective_user squid
cache_effective_group squid
cache_replacement_policy lru
cache_dir aufs /opt/web-squid/cache1 50 32 64
cache_dir aufs /opt/web-squid/cache2 50 32 64
cache_log /opt/web-squid/var/logs/cache.log
cache_store_log none
cache_swap_log /opt/web-squid/var/logs/swap.log
log_ip_on_direct on
pid_filename /opt/web-squid/var/logs/squid.pid
visible_hostname testwebsquid
logfile_rotate 5

useradd clamav

./configure

make

make install

./configure

make

make install

useradd havp

./configure

make

make install

chown -R havp.havp /var/log/havp /var/tmp/havp /var/run/havp

vi /usr/local/etc/havp/havp.config

#REMOVETHISLINE deleteme

ENABLECLAMLIB true

CLAMDBDIR /var/lib/clamav

ENABLECLAMD true

CLAMDSOCKET /tmp/clamd

SERVERNUMBER 40

MAXSERVERS 200

LOGLEVEL 0

SCANIMAGES false

PORT=3129

mount -o mand /dev/hda3 /var/tmp/havp

mkfs -t ext2 /dev/ram0 8192 (建立 8MB RAM Disk)

mount -o mand /dev/ram0 /var/tmp/havp

dd if=/dev/zero of=/root/havp_tmp.img bs=128K count=1 seek=1024 (建立 128MB Virtual Disk)

mkfs.ext2 /root/havp_tmp.img

mount -o loop,mand /root/havp_tmp.img /var/tmp/havp

vi /etc/ld.so.conf --> 加入: /usr/local/lib

ldconfig

/usr/local/sbin/havp &

squid和havp的捆绑

cache_peer 127.0.0.1 parent 3129 0 no-query no-digest no-netdb-exchange default

cache_peer_access 127.0.0.1 allow all

vi /usr/local/clamav/etc/freshclam.conf

##

## Example config file for freshclam

## Please read the clamav.conf(5) manual before editing this file.

## This file may be optionally merged with clamav.conf.

##

# You can change the default database directory here.

#DatabaseDirectory /var/lib/clamav

# Path to the log file (make sure it has proper permissions)

UpdateLogFile /var/log/freshclam.log

# Enable verbose logging.

LogVerbose

# Use system logger (can work together with UpdateLogFile).

LogSyslog

# By default when freshclam is started by root it drops privileges and

# switches to the "clamav" user. You can change this behaviour here.

#DatabaseOwner clamav

# The main database mirror is database.clamav.net (this is a round-robin

# DNS that points to many mirrors on the world) and in most cases you

# SHOULD NOT change it.

DatabaseMirror database.clamav.net

# How many attempts to make before giving up.

MaxAttempts 3

# How often check for a new database. We suggest checking for it every

# two hours.

Checks 12

# Proxy settings

#HTTPProxyServer myproxy.com

#HTTPProxyPort 1234

#HTTPProxyUsername myusername

#HTTPProxyPassword mypass

# Send the RELOAD command to clamd.

#NotifyClamd [/optional/config/file/path]

# Run command after database update.

#OnUpdateExecute command

# Run command if database update failed.

#OnErrorExecute command