Squid, Dansguardian and ClamAV installation FreeBSD
Last Modified: 29-Apr-2009; 19:30 WST; adrian
This document covers some high level notes relating to a Squid + Dansguardian + ClamAV configuration under FreeBSD.
In this configuration, clients will speak directly to dansguardian. Dansguardian will then use ClamAV for virus scanning and Squid for caching and general internet access.
Server preparation
NTP
FreeBSD does not ship with NTP enabled by default; it is reasonably easy to enable this from a basic server install.
Add a basic server configuration to /etc/ntp.conf; for example:
server 0.pool.ntp.org
Next, run ntpdate to ensure the time is current. For example:
# ntpdate 0.pool.ntp.org
Then enable it on startup. Place the following in /etc/rc.conf:
ntpd_enable="YES"
Finally start it now:
# /etc/rc.d/ntpd start
Local caching BIND
FreeBSD ships by default with a recursive resolver which listens only on IPv4 localhost. It can easily be configured to start on boot by enabling it in /etc/rc.conf:
named_enable="YES"
Start it using the init script:
# /etc/rc.d/named start
Finally add the resolver in /etc/resolv.conf:
server 127.0.0.1
ClamAV
Installation
I'm just using the FreeBSD-built binary port rather than installing it from source.
# pkg_add -vr clamav
Basic Configuration
Configure the server to start by adding the following to /etc/rc.conf:
clamav_clamd_enable="YES" clamav_freshclam_enable="YES"
Then start the server:
# /usr/local/etc/rc.d/clamav-clamd
Updating via Freshclam
Run freshclam to pull down the initial updates and then start the background updater:
# freshclam # /usr/local/etc/rc.d/clamav-freshclam