Running ClamAV on router is a bad idea?

I'm trying to get squid running on my LEDE Reboot 17.01.4 r3560-79f57e422d.

I think this link has some poor suggestions (firewall redirect rule), so I'm beginning to read this ArchLinux wiki article for now. That's where I saw a suggestion to run ClamAV.

But I've seen some older threads in this forum that seem to suggest running ClamAV on (any?) router running OpenWRT is a bad idea because of low hardware resources.

Is that still true with more recent routers like my Linksys WRT1900ACS?

If it's underpowered yes....
At least 1G of RAM and ARM (you'll most likely need more like 2G+ and a fairly fast x86 CPU however)

3 Likes

While SoCs are now more powerful than they were 10 years ago, the demands on them are much higher as well.

All-in-one routers aren’t general-purpose computers. Not only that, but the security risks of running complex, potentially insecure software on the border router / firewall strongly suggest running things elsewhere.

3 Likes

Depends on. Squid alone has high demands on RAM. However, I have it running as proxy-only on 64MB router with small swapfile on SD. The 1900ACS is much more powerful, so it will work.
However, adding clam increases RAM requirements drastically. But you can give it a try.
Question is, is it worth the effort, because https helps hiding virus and malware.
clam can not detect embedded virus/malware, in case you do not decrypt https on the router.
People are asking for security. But it is a two sided sword.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.