This is to deploy Squid Proxy in a DMZ environment. It uses SSLBump to decrypt HTTPS traffic and ClamAV to detect for malicious files.
The Dockerfile is designed to pull the code from Github and build the latest tag. This is to help ease updating with the drawback of potential build and compatability issues.
Currently configured to only server error pages in English, edit in squid.conf.
Currently everything runs as root, to change to run as local user
Some of the folders are set to 777 to just skip access rights issues, to resolve those
Base Image is fedora:40
Builds and install the following
- Squid (https://github.com/squid-cache/squid)
- ClamAV (https://github.com/Cisco-Talos/clamav)
- C-ICAP-SERVER (https://github.com/c-icap/c-icap-server)
- SquidClamAV (https://github.com/darold/squidclamav)
Build the Docker Image Using
docker build -t squidWithAV .
Run the docker image
docker run -p 3128:3128 --name squidWithAV --rm squidWithAV
SSLBump uses a self generated certificate, to use own CA/Intermediate CA, mount /etc/squid/ssl_cert with your own certificates
docker run -p 3128:3128 --name squidWithAVOwnCert -v ./certs:/etc/squid/ssl_cert --rm squidWithAVOwnCert
Save Log Files to Disk, mount /tmp/logFiles
docker run -p 3128:3128 --name squidWithAVLogFiles -v ./logFiles:/tmp/logFiles --rm squidWithAVLogFiles
Spawn the container with entrypoint /bin/bash
Run clamd
clamd
Run Squid
/usr/local/squid/sbin/squid -f /tmp/squid.conf -NCd1
Run c-icap in foreground with max debug
/usr/local/bin/c-icap -f /usr/local/etc/c-icap.conf -N -D -d 10 -S