How to configure HAVP

akintemel

Hello ,

I installed 1.2.2 version and i want to use squid + squidguard + imspector+ havp ..squid and squidguard are working but havp i think is not running i am not sure . ( how to decide this dont know ) .I conf to squid port 8080 and havp port is the same squid port 8080.I read this form this port must diffrent.When i change the proxy port 3128 and havp port 8080 and set the client proxy port to 8080.this time client can't access web .What isthe mistake i did.

Thank you very much.

Ps: I am a new user .

dvserg

@akintemel:

Hello ,

I installed 1.2.2 version and i want to use squid + squidguard + imspector+ havp ..squid and squidguard are working but havp i think is not running i am not sure . ( how to decide this dont know ) .I conf to squid port 8080 and havp port is the same squid port 8080.I read this form this port must diffrent.When i change the proxy port 3128 and havp port 8080 and set the client proxy port to 8080.this time client can't access web .What isthe mistake i did.

Thank you very much.

Ps: I am a new user .

You can use HAVP independently - define Interface & free port (different by squid). Configure you clients browser to this interface ip/port
Also for use HAVP with squid (INET -> HAVP -> SQUID -> Client) you must configure HAVP with internal client and configure squid : http://doc.pfsense.org/index.php/Squid_Package_Tuning - 'Parent proxy' part.

trinli

Currently, I have a firewall that can use havp to AV scan things that squid is proxying. It's configured in the way you describe: INET -> HAVP -> SQUID -> Client And, I have squid set up to be a transparent proxy also. Everything seems to be working. Question is, squid can work as an FTP proxy also. But, when I send the ftp request to squid, it gets the files, but it does not seem to be scanning the files. Any ideas how I can make havp scan the files that squid gets through ftp?

Also, is there a way to make squid and/or havp work as an ftp transparent proxy? (I know the last question is a little off topic)

Thanks

dvserg

Squid & HAVP is a http proxy. Maybe ftp over http only will filtered (via browser)?

LiquiD_85

I've another problem, HAVP block me if i want to download a big file for example ubuntu that is 700MB and say:"Not enough free space on server" i've set "Scan max file size" to 100, but it's the same!
Someone can help me to set HAVP block only files bigger then XX bytes?? Thanks a lot!!!

dvserg

@LiquiD_85:

I've another problem, HAVP block me if i want to download a big file for example ubuntu that is 700MB and say:"Not enough free space on server" i've set "Scan max file size" to 100, but it's the same!
Someone can help me to set HAVP block only files bigger then XX bytes?? Thanks a lot!!!

Look this option
Max download size /*Enter value or leave empty. Value in bytes. Downloads larger than 'Max download size' will be blocked. Only if not Whitelisted! */

LiquiD_85

It's the same :'( :'( :'(

Strongly i've notice that my Memory usage is 54% ??? ??? ???

LiquiD_85

Here my whole HAVP config. Thanks

1.JPG_thumb

Immagine.JPG_thumb

trinli

According to the FAQ on HAVP's website… HAVP can support ftp only if the parent proxy allows FTP. Then, looking at the first line of the squid website, it says that squid is a "proxy for the Web supporting HTTP, HTTPS, FTP, and more.". If my understanding of parent proxies is correct, then with this situation: squid -> HAVP -> inet, HAVP is the parent proxy for squid. So, HAVP doesn't have a parent proxy. Would there be any problem with switching the order of the proxies? Specifically, if HAVP found a virus in something that squid already downloaded, would it be able to remove the file from the cache?

trinli

This is just a first look at trying to help:

From what I can see of the config screens, the max download size is in bytes. Can you set it to 1 000 000 000 (1Gb), and see what happens?

LiquiD_85

It's the same ??? ??? ???

dvserg

If max download size set empty ??

LiquiD_85

Max download size -> empty

Selected only "Enable" and "Use external interface" (on LAN)

Same problem :'(

LiquiD_85

HAVP give me same error also if i want to download a driver or a free anti-virus for example www.tgsoft.it, files of a little ammount of MB about 2-3MB!!! I can't think that pfsense don't have 2-3MB of free space!!!

trinli

I'm not sure if this will help or not, but some virus scanners have a max stream size. Clamav is one of them. I don't know if this applies to your situation, but you might want to look there just to be sure.

daniele_dll

you need to fix the memory device used for havp, if i'm not wrong it is actually 1mb

Just open havp.inc into /usr/local/pkg and look for mdconfig

Remember that this value is used to create a in-memory fs so don't set it too high or you will get problems :) (if your FW have 128mb of memory, a value of 32mb would be good)

dvserg

Ram grid:

# RAM disk
#  Mem -  RAM
# 128M -  16M
# 256M -  32M
# 512M -  64M
#   1G - 128M
#
function mountRAMdisk()
{
    # ! not use RAM disk with VM !
    if (!VMWare_detect()) {
        # 2 Mb by default
        $mem = 2;

        # available system memory (Mb)
        $av_mem = get_memory();
        $av_mem = intval($a_mem[0]);

        # use mem
        if      ($av_mem >= 1024) $mem = 128;
        else if ($av_mem >=  512) $mem = 64;
        else if ($av_mem >=  256) $mem = 32;
        else if ($av_mem >=  128) $mem = 16;
        else if ($av_mem >=   64) $mem = 8;

        # detach and free all resources used by /dev/md10:
        mwexec("umount /var/tmp/havp");
        mwexec("mdconfig -d -u 10");

        # create and mount a swap backed file system on /var/tmp/havp by /dev/md10:
        mwexec("mdconfig -a -t swap -s {$mem}M -u 10");
        mwexec("newfs -U /dev/md10");
        mwexec("mount /dev/md10 /var/tmp/havp");
        mwexec("chmod 1777 /var/tmp/havp");
    }
}

function VMWare_detect()
{
    global $g;
    $fc = '';

    if (file_exists("{$g['varlog_path']}/dmesg.boot") !== false)
        $fc = file_get_contents("{$g['varlog_path']}/dmesg.boot");

    return (strpos($fc, "<vmware virtual")="" !="=" false);<br="">}</vmware>

LiquiD_85

Ok, i'm trying to change 1MB into 32MB …

@dvserg: $av_mem and $mem are two variables or two built-in procedures? I understand a little bit of programmation (C C++ access Delphi Pascal) i'm not an expert programmer but i can understand a source code!

Thanks a lot!

LiquiD_85

I've changed 1MB into 32MB, but if i save and try without restart pfsense same problem, if i restart pfsense havp.inc came back to the original with 1MB!!! ??? ??? ??? ??? ??? ??? ??? ??? ???

LiquiD_85

Ok, setting mdconfig to 16 or 32MB i can download files from internet such as virIT from www.tgsoft.it waiting about 20-30 seconds before download it but for bigger download such as ubuntu iso image also waiting 4-5 minutes the download not start at all!!

If any idea please tell me, i've finished my tests!