Clamav Antivirus integrated in GL-MT6000

Hello all,

Have you thought of integrating an antivirus in the GL-MT6000 software, did you know that this solution exists and is supported by OpenWrt?

To use it, you need to get a proxy up and running (like squid). End to really use it, you need some TLS interception as well. This is not the job of a router.

2 Likes

I rather think dns sinkholing or banip would fit better, ive been using clamav before in my very early days of OpenWrt but actually this is not really what you want if you want good security :wink:

Indeed clamav uses a transparant proxy probably squid, but then you also have to troubleshoot how it will scan https connections, to be honest what it actually comes down to is that you end up with degrading encryption and no way to validate if a certificate is legitimate because like root certificates the squid instance uses https with its own certificate with probably also lower encryption standards.

There might be ways to get a cert cleaner via nginx openssl cache module or mitmproxy but you gonna have a hard time figuring it out, i did not bother :yum:

And then you have more advanced ones like suricata, snort but these are big ones and requires maybe more powerfull hardware, idd a router is a router, what you may want is looking for some type of UTM system (Unified Threat Management) as hardware :smile:.