I agree it doesn't have much processing power ( only 1 x 333MHz as no SMP support ); but I don't have that much I need to scan; just dropping 1 or 2 dodgy attachments a day.
This is just for my home test setup; nothing that needs to be production worthy.
As much as making it work; I want to understand why my router reboots; I would have expected it to operate slowly; fill swap; or have the application die with some out-of-memory condition, but not the entire router die.
I have looked into this page ClamAV ArchLinux and I "tried" the Testing the software section instructions, not exactly as it says, because on openwrt it works in another way. No info was logged by clamav when I accessed EICAR test file url.
I have installed the latest package as suggested on GitHub Issue.
Is ClamAV installed on LEDE OpenWRT directed and created to deal with this kind of threats? I mean: if I access a malicious URL via wireless on my smartphone in my home network for instance, should it be blocked by ClamAV?
Would anyone know to void freshclam to hang up? It stops after 100% download and router slows down. Web pages stops loading.
root@LEDE:~# freshclam
ClamAV update process started at Thu Mar 22 13:34:06 2018
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.3 Recommended version: 0.99.4
DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
Downloading main.cvd [100%]
I seen your point. It seens that my CPU, FLA, RAM are also bottlenecks, of course. Just compared a ClearFog with my TP-LINK
I have stopped some other processes and reached this situation where memory usage just keeps going up but there are no reboot, page load stop or slow down.
This is likely because you have stopped a process that does 'watchdog-ing' of some sort...
Your device will eventually crash/lock-up when it runs out or resources to handle the data-in-memory...the LuCI web GUI will likely be its first victim. If you don't have local access to physically reset the device when this happens, I wouldn't advise running your router in such an unstable configuration.
There are routers designed to do application processing as well (@rj-45 showed you one such Firewall Appliance), you may want one of those if you plan to do inspection and scanning with you device. An old PC with LEDE and a Gigabit Ethernet card installed can also work; but probably uses more electricity.