#4 Freebsd 8.3 not checking files and urls

[Lefreris Sarakinos]

Does anyone have problems with squiclamav-6.11 with c-icap 0.3.3 on freebsd 8.3 (x64)
Have tried both ways (with freebsd ports ver 6-10_1 and source code ver 6.11)

with: c-icap-client -i 127.0.0.1 -p 1344 \ -s "squidclamav? allow204=on&force=on&sizelimit=off&mode=simple" -v
I get:
ICAP server:127.0.0.1, ip:127.0.0.1, port:1344

OPTIONS:
Allow 204: Yes
Preview: 1024
Keep alive: Yes

ICAP HEADERS:
ICAP/1.0 200 OK:
Methods:RESPMOD, REQMOD
Service:C-ICAP/0.3.3 server - SquidClamav/Antivirus service
ISTag:CI0001-1-squidclamav-10
Transfer-Preview:*
Options-TTL:3600
Date:Wed, 16 Apr 2014 12:32:03 GMT
Preview:1024
Allow:204
X-Include:X-Client-IP, X-Server-IP, X-Authenticated-User, X-Authenticated-Groups
Encapsulated:null-body=0

---

but when i try to scan a file i get no answer back:
c-icap-client -i 127.0.0.1 -p 1344 -f /root/eicar_com.zip \ -s "squidclamav?allow204=on&force=on&sizelimit=off&mode=simple" -v
I get:
ICAP server:127.0.0.1, ip:127.0.0.1, port:1344

ICAP HEADERS:

---

and on the server part that is running with:
c-icap -f /usr/local/etc/c-icap/c-icap.conf -D -d 8 -N
i get the following:

Allocate a new entity of type 4

type:1 Entities: 4 -1 -1 -1
squidclamav.c(283) squidclamav_init_request_data: DEBUG initializing request data handler.
pool hits:0 allocations: 1
Allocating from objects pool object 6
Requested service: squidclamav
Options responce:
Preview :1024
Allow 204:yes
Allow 206:no
TransferPreview:"Transfer-Preview: *"
TransferIgnore:
TransferComplete:
Max-Connections:-1
squidclamav.c(304) squidclamav_release_request_data: DEBUG Releasing request data.
Storing to objects pool object 6
Log request to access log file /var/log/c-icap/access.log
Width: 0, Parameter:
Width: 0, Parameter:
Width: 0, Parameter:
Width: 0, Parameter:
Width: 0, Parameter:
Width: 0, Parameter:
Keep-alive:1
Server 35603 going to serve new request from client (keep-alive)
Allocate a new entity of type 1
Allocate a new entity of type 3

type:4 Entities: 1 3 -1 -1
squidclamav.c(283) squidclamav_init_request_data: DEBUG initializing request data handler.
pool hits:1 allocations: 1
Allocating from objects pool object 6
Requested service: squidclamav
Read preview data if there are and process request
squidclamav.c(337) squidclamav_check_preview_handler: DEBUG processing preview header.
squidclamav.c(340) squidclamav_check_preview_handler: DEBUG preview data size is 184
squidclamav.c(470) squidclamav_check_preview_handler: WARNING bad http header, can not check URL, Content-Type and Content-Length.
pool hits:0 allocations: 1
Allocating from objects pool object 4
Child 35606 getting requests now ...
Child 35603 died ...
Child 35603 did not exit normally.signaled with signal:11
Free Servers: 20, children: 2. Going to start a child .....
Register in shared mem, qsize=20 stat_block_size=432 childshared data:1120
Going to execute child commands
Check command:test, type: 3
Check command:dump_statistics, type: 1
Check command:reconfigure, type: 1
Check command:stop, type: 1
Check command:relog, type: 3
Check command:squidclamav:cfgreload, type: 3
Waiting for a request....

[Darold Gilles]

Hi,

Yes, at this time, SquidClamav is not working on BSD system. I don't know the reason. I still not have time to fix this issue as it need more understanding of the particularity of BSD system. I have tested with latest development code butit is the same.

Squid + c-icap + SquidClamav is knwo to works well under Linux system so If you want to use this solution you'd better install a Debian or other Linux distribution and have it works. I can not give a date for a fix under freeBSD and if someone could help fixing it it will much appreciated.

Sorry for the bad news.

Regards.

[Lefreris Sarakinos]

Thank you Darold
I am trying to make it work for pfSense 2.1 so compile it as a freebsd is the only way.
On the other hand, using a separate machine as c-icap & clamd server seems to be the solution.
I have already test it and it seems to work pretty well with Centos 6.5 and pfsense.
Anyway thank you once again for the quick response. I have already wasted two weeks with compiling and testing.
Please update the ticket when you have news with freebsd.
Regards
Lefteris

[Lefreris Sarakinos]

Hello again
Found the solution. The problem was with CI_TMPDIR of c-icap.
I've patch it and is working now.
See here
https://sourceforge.net/p/c-icap/patches/19/
Thank for your great software
Lefteris Sarakinos

[Darold Gilles]

Hi,

Before looking at your patch with c-icap-0.3.3 I have tried with the 0.3.2 sources ( c_icap-0.3.2.tar.gz and c_icap_modules-0.3.2.tar.gz ) and the latest squidclamav code from GitHub. I was very surprised that it works great. Tested with c-icap-client direct request and with squid 3.3.11 on FreeBSD 9.1.

I think that the 0.2.5 version in BSD port is clearly not working with FreeBSD or at least with squidclamav.

c_icap-0.3.2, compile well on my FreeBSD 9.1 but for c_icap_modules-0.3.2 and squidclamav it need bash. To be able to configure thoses sources I use the following workaround as root:

mv /bin/sh /bin/sh.bkp
ln -s /usr/local/bin/bash /bin/sh
bash
./configure
make
make install

then

rm /bin/sh
mv /bin/sh.bkp /bin/sh

Don't forget those last commands or you will have great problems at reboot. There should be an easy an more secure way but I don't know.

Looking at your patch, I think that the following:

int CI_BODY_MAX_MEM = 131072;
char *CI_TMPDIR = "/var/tmp/";

should be defined into the include/c-icap.h file to avoid the double declaration in body.c and cfg_param.c

Best regards,

[Mathias H]

Thank you a million times thank you, Sarakinos!
Your patch fixes the Signal 11 issue I have been having for over quite some time now!