Howto: Install Squidclamav

Having already the Sourceforge as repository source on your system. You directly run

this command :

yum -y install clamd

once installed, you can start it running this command:

/etc/rc.d/init.d/clamd start

Add this service on for each runlevel:

chkconfig clamd on

We would need to download/install the c-icap, run this command:

tar zxvf c_icap-0.1.7.tar.gz
cd c_icap-0.1.7.tar.gz
make install

Copy the conf file from usr/local/etc/ run this command:

cp /usr/local/etc/c-icap.conf /etc
vi /etc/c-icap.conf

Change the email address and Server Name


Add this line:

Service squidclamav

This line might have to be changed and review in order to be able to load this librairy.

I had to set this line as below (correct path):

Service squidclamav /usr/local/c-icap/lib/c_icap/

Now, we will create the init script: here

Run this command to reset the rights:

chmod 755 /etc/rc.d/init.d/c-icap
Look to this url and download the latest version (v6.5):
tar -xvf squidclamav-6.5.tar.gz
cd squidclamav-6.5.tar.gz
make install

Edit the configuration file:

vi /etc/squidclamav.conf

Change the redirect url with the potential html page (need to be placed and created)


Change this line to match the path:

clamd_local /var/run/clamav/clamd.sock

So, you can start c-icap running this command:

/etc/rc.d/init.d/c-icap start

To check if the c-icap is running you can netstat command as follow:

netstat -anp | grep 1344

Add i-cap to run as deamon for each runlevel:

chkconfig --add c-icap
chkconfig c-icap on


Now, this is the time to say to squid that ICAP is present:

edit the squid.conf file from /etc/squid/squid.conf

vi /etc/squid/squid.conf

add these lines as below:

icap_enable on
 icap_send_client_ip on
 icap_send_client_username on
 icap_client_username_header X-Authenticated-User
 icap_service service_req reqmod_precache bypass=1 icap://
 adaptation_access service_req allow all
 icap_service service_resp respmod_precache bypass=1 icap://
 adaptation_access service_resp allow all

You can now restart the squid : service squid restart or /etc/init.d/squid restart
Try to download eicar from this url passing through your squid. Eicar would be blocked and your browser ‘s page would redirected.

clamd_local /var/run/clamav/clamd.sock

Leave a Reply