Installing the iSecurity ICAP Server on a PC

While the iSecurity ICAP Client can communicate with any supported ICAP server, you can install the iSecurity ICAP server on a Windows PC within your organization's network. To download the daily virus definitions update, the PC must be able to check clamav.net on port 80.

1. Download the file RazleeICAP.ova to the PC from http://as400.razlee.com/products/security/anti%20virus/rand_ksymcckz/RazleeICAP.ova

2. On the PC and its firewall, open ports 1344 and 1345 that are used for ICAP.

3. Install the Oracle Virtual machine from https://www.virtualbox.org/wiki/Downloads

4. Within the virtual machine, select File > Import appliance and choose the RazleeICAP.ova file.

5. Start the installed appliance.

6. NOTE: If a message appears about USB 2.0, disable USB within the virtual machine settings, then restart the appliance.

7. In the virtual machine, which runs a form of Linux, log in with the username smz and the password razlee.

8. Change to the root user by entering the command su and the password razlee.

9. Enter the command cp /etc/network/interfaces /home/interfaces-bck

10. Edit the /etc/network/interfaces file with the commandvi /etc/network/interfacesor your favorite Linux text editor.

11. Edit the following lines to change them to the appropriate IP address, network mask, and gateway, respectively:

    • address 1.1.1.122

    • netmask 255.255.255.0

    • gateway 1.1.1.254

12. Save the file and exit the editor.

13. Restart Linux by entering the command reboot.

14. Check the IP address of the ICAP server by entering the command ip a | grep global The IP address following the string inet in the response should match the value that you entered in the address line in the interfaces file.

15. Connect to the server from the Widows PC with the command
    ssh -o UserKnownHostsField=no smz@ADDRESS
    where ADDRESS is the value that you had entered in the address line of the interfaces file.

16. Enter the password razlee

17. Enter the command menu

18. Wait for four or five minutes for the definitions to update.

19. Select option 1) ICAP State. The output should resemble these lines:
    root 459 1 17 10:23 ? 00:00:49 /usr/local/sbin/clamd
    
    root 493 1 22 10:24 ? 00:00:47 /usr/local/c-icap/bin/c-icap -N -D -d 2
    
    root 503 493 0 10:25 ? 00:00:00 /usr/local/c-icap/bin/c-icap -N -D -d 2
    
    root 515 493 0 10:25 ? 00:00:00 /usr/local/c-icap/bin/c-icap -N -D -d 2
    
    root 527 493 0 10:25 ? 00:00:00 /usr/local/c-icap/bin/c-icap -N -D -d 2

20. Test whether ClamAV is running, passing it the name of a file to check. For example, to check the file /tmp/fn, run the command
    c-icap-client -i debian -s srv_clamav -f /tmp/fn
    The result should resemble:
    ICAP server:debian, ip:127.0.0.1, port:1344
    
    No modification needed (Allow 204 response)

21. On the IBM i, run these commands, replacing "1.1.1.122" in the last command with the IP address of the ICAP server:
    CALL QP2TERM
    
    export LIBPATH=/SMZVDTA/lib/ppc64:/SMZVDTA/lib
    
    /SMZVDTA/bin/c-icap-client -i 1.1.1.122 -s srv_clamav

22. The output contains sections on OPTIONS and ICAP HEADERS.
    NOTE: It should not end with the string "Connection: close".