This Code ist in a very early stage but maybe it's usefull to someone ;)

squidclam is going to be a program to scan files served to win32
machines by a squid proxy. It hast du be fast and small to get
this job done. Also it has to be secure to not weaken the server
system.

At the moment squidclam is pretty small, scans files up to 100kB for viruses
and is doing it's job pretty well for me.

If you know what your doing and have some knowledge in C and secure
programing please give it a try and provide some feedback.

Thanks to:
    the clamav team www.clamav.net for there OSS virus scanner
    the squid team www.squid-cache.org for there HTTP Proxy
    Michael Lang http://www.jackal-net.at/ for the idea to this programm


Install:
    - get and install clamav
    - get and install curl (7.12.0 is the last known good version)

    - create a tmpfs or ramdisk and mount it at /tmpdata

    - compile squidclam

        cd squidclam-$RELEASENUM
        change ERROR and MY_PROXY DEBUG ERRIGNORE TMPF in squidclam.c to suite your needs.
        ./configure
        make
        make install OR just copy the file squidclam to a location you like.

    - configure squid to use squidclam

        add the following to your squid.conf
        "redirect_program /usr/local/bin/squidclam"
        "redirect_children 15"  # make a wise choice

        and this line to your acl list to prevent loops
        "redirector_access deny localhost"

        squid doesn't pass complete ssl urls to the redirector.
        Therefor scanning them is pretty useless add something like the following 
        to avoid this and save bandwidth.
        "acl SSL_ports port 443 563"
        "redirector_access deny SSL_ports"

    - test it at www.eicar.com

    - provide me some feedback to squidclam AT users DoT sourceforge DoT net ;)
      don't use such an braindeath mailer with blacklist if you want me to answer

      
Performance:
    There is a performance decrease. That couldn't be avoided using the
    redirector technic. You can probably increase the speed by allowing
    more squidclam instances. But this will produce higher load for your
    proxy system.

    The access to the www now is working the following way.

    browser    -> squid
    squid      -> squidclam
    squidclam  -> fetch from www and cache in your proxy listening on lo
    squidclam <-> check for virus
    squidclam  -> squid (answer)
    squid      -> serve page to browser which should already be cached because
                  squidclam fetched it just befor

    So there is the time squidclam needs to check the file for a virus
    thats added to the normal time to get a file. Because there are so
    many different files which may contain a virus squidclam scanns every
    file.

    You can increase the performance of your system with the following tweaks.
    
        - use a ramdisk for the temporary files. You REALLY want this!
        - make sure squidclam uses your proxy
        - Make sure squidclam has access to a fast (local) nameserver to
          avoid lookup delays
        - if you have a high load system change the virus db reload
          intervall to something to suite your needs #define RLDB (1000)
        - place the virus db on a ramdisk too


Tempfs:

    Add the following line to /etc/fstab
    "tmpfs /tmpdata tmpfs rw,noexec 0 0"

    Make the new Directory
    mkdir /tmpdata

    Mount tmpfs
    mount /tmpdata
    
    
Common Errors:
    Curl version higher than 7.12.0 used (partial download)
    
