Transparent proxy : squid + havp + clamav
A few months ago I posted a tutorial explaining how to make a transparent proxy using squid and pf. In the mean time (because of the need of minimising virus infections) I’ve made a few changes and added havp + clamav in the current configuration. The whole process was quite simple :
cd /usr/ports/www/havp
make install clean
After the installation all I needed to do was to add the followin lines in /etc/rc.conf
echo ‘clamav_clamd_enable=”YES”‘ >> /etc/rc.conf #start clamav
echo ‘clamav_freshclam_enable=”YES” >> /etc/rc.conf #start freshclam
echo ‘havp_enable=”YES”‘ >> /etc/rc.conf #start havp
start the services :
/usr/local/etc/rc.d/havp start
/usr/local/etc/rc.d/clamav-clamd start
/usr/local/etc/rc.d/clamav-freshclam start
and edit /usr/local/etc/havp/havp.config as following :
USER havp
GROUP havpDAEMON true
PIDFILE /var/run/havp/havp.pid
SERVERNUMBER 8
MAXSERVERS 20ACCESSLOG /var/log/havp/access.log
ERRORLOG /var/log/havp/havp.logLOG_OKS true
LOGLEVEL 1SCANTEMPFILE /var/tmp/havp/havp-XXXXXX
TEMPDIR /var/tmp
TRANSPARENT false
PARENTPROXY localhost
PARENTPORT 3128X_FORWARDED_FOR true
PORT 8080
BIND_ADDRESS 127.0.0.1TEMPLATEPATH /usr/local/etc/havp/template/en
SCANIMAGES true
KEEPBACKTIME 5
ENABLECLAMLIB true
CLAMDSERVER 127.0.0.1
CLAMDPORT 3310ENABLEFPROT false
ENABLEAVG false
ENABLEAVESERVER false
ENABLESOPHIE false
ENABLETROPHIE false
ENABLENOD32 false
ENABLEAVAST false
ENABLEARCAVIR false
ENABLEDRWEB false
In /usr/local/etc/squid/squid.conf you will need to add the following line :
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default
and restart squid :
/usr/local/etc/rc.d/squid restart
These are the settings that work for me. You can always google a little bit, read the documentation and adjust it to your needs.


[...] source here [...]