[squid-users] ACL inside ClamAV?
Alex Rousskov
rousskov at measurement-factory.com
Fri Mar 15 18:22:14 UTC 2019
On 3/15/19 9:38 AM, Felipe Arturo Polanco wrote:
> Is it possible to use SQUID ACL inside ClamAV or any other ICAP server?
Not exactly -- Squid ACLs do not cross the adaptation boundary -- but it
is possible for the ICAP or eCAP service to take Squid ACL _results_
into account. It is also possible for Squid itself to apply ACLs based
on the ICAP or eCAP service decisions.
The specifics would heavily depend on what exactly you are trying to do,
on Squid version, and on your ICAP/eCAP service capabilities. Thus,
start by detailing your use case.
> The idea is to have a list of file types to be denied for some users and
> allowed for some others.
There are many ways to interpret this description. For example, you can
use Squid ACLs to _not_ send responses (of a certain content type
requested by certain users) to an ICAP service. Or, with some ICAP or
eCAP services, you can take the service's "this file is of certain type"
decision and use that info in a Squid ACL to decide whether to block or
forward the scanned response.
Alex.
More information about the squid-users
mailing list