How to configure HAVP

dvserg · Apr 6, 2009, 12:52 PM

I've another problem, HAVP block me if i want to download a big file for example ubuntu that is 700MB and say:"Not enough free space on server" i've set "Scan max file size" to 100, but it's the same!
Someone can help me to set HAVP block only files bigger then XX bytes?? Thanks a lot!!!

Look this option
Max download size /*Enter value or leave empty. Value in bytes. Downloads larger than 'Max download size' will be blocked. Only if not Whitelisted! */

LiquiD_85 · Apr 6, 2009, 12:59 PM

It's the same :'( :'( :'(

Strongly i've notice that my Memory usage is 54% ??? ??? ???

LiquiD_85 · Apr 6, 2009, 1:04 PM

Here my whole HAVP config. Thanks

trinli · Apr 6, 2009, 1:28 PM

According to the FAQ on HAVP's website… HAVP can support ftp only if the parent proxy allows FTP. Then, looking at the first line of the squid website, it says that squid is a "proxy for the Web supporting HTTP, HTTPS, FTP, and more.". If my understanding of parent proxies is correct, then with this situation: squid -> HAVP -> inet, HAVP is the parent proxy for squid. So, HAVP doesn't have a parent proxy. Would there be any problem with switching the order of the proxies? Specifically, if HAVP found a virus in something that squid already downloaded, would it be able to remove the file from the cache?

trinli · Apr 6, 2009, 1:26 PM

This is just a first look at trying to help:

From what I can see of the config screens, the max download size is in bytes. Can you set it to 1 000 000 000 (1Gb), and see what happens?

LiquiD_85 · Apr 6, 2009, 1:43 PM

It's the same ??? ??? ???

dvserg · Apr 6, 2009, 1:50 PM

If max download size set empty ??

LiquiD_85 · Apr 6, 2009, 2:02 PM

Max download size -> empty

Selected only "Enable" and "Use external interface" (on LAN)

Same problem :'(

LiquiD_85 · Apr 6, 2009, 2:07 PM

HAVP give me same error also if i want to download a driver or a free anti-virus for example www.tgsoft.it, files of a little ammount of MB about 2-3MB!!! I can't think that pfsense don't have 2-3MB of free space!!!

trinli · Apr 6, 2009, 4:33 PM

I'm not sure if this will help or not, but some virus scanners have a max stream size. Clamav is one of them. I don't know if this applies to your situation, but you might want to look there just to be sure.

daniele_dll · Apr 6, 2009, 5:05 PM

you need to fix the memory device used for havp, if i'm not wrong it is actually 1mb

Just open havp.inc into /usr/local/pkg and look for mdconfig

Remember that this value is used to create a in-memory fs so don't set it too high or you will get problems :) (if your FW have 128mb of memory, a value of 32mb would be good)

dvserg · Apr 6, 2009, 5:14 PM

Ram grid:

# RAM disk
#  Mem -  RAM
# 128M -  16M
# 256M -  32M
# 512M -  64M
#   1G - 128M
#
function mountRAMdisk()
{
    # ! not use RAM disk with VM !
    if (!VMWare_detect()) {
        # 2 Mb by default
        $mem = 2;

        # available system memory (Mb)
        $av_mem = get_memory();
        $av_mem = intval($a_mem[0]);

        # use mem
        if      ($av_mem >= 1024) $mem = 128;
        else if ($av_mem >=  512) $mem = 64;
        else if ($av_mem >=  256) $mem = 32;
        else if ($av_mem >=  128) $mem = 16;
        else if ($av_mem >=   64) $mem = 8;

        # detach and free all resources used by /dev/md10:
        mwexec("umount /var/tmp/havp");
        mwexec("mdconfig -d -u 10");

        # create and mount a swap backed file system on /var/tmp/havp by /dev/md10:
        mwexec("mdconfig -a -t swap -s {$mem}M -u 10");
        mwexec("newfs -U /dev/md10");
        mwexec("mount /dev/md10 /var/tmp/havp");
        mwexec("chmod 1777 /var/tmp/havp");
    }
}

function VMWare_detect()
{
    global $g;
    $fc = '';

    if (file_exists("{$g['varlog_path']}/dmesg.boot") !== false)
        $fc = file_get_contents("{$g['varlog_path']}/dmesg.boot");

    return (strpos($fc, "<vmware virtual")="" !="=" false);<br="">}</vmware>

LiquiD_85 · Apr 6, 2009, 9:24 PM

Ok, i'm trying to change 1MB into 32MB …

@dvserg: $av_mem and $mem are two variables or two built-in procedures? I understand a little bit of programmation (C C++ access Delphi Pascal) i'm not an expert programmer but i can understand a source code!

Thanks a lot!

LiquiD_85 · Apr 6, 2009, 9:34 PM

I've changed 1MB into 32MB, but if i save and try without restart pfsense same problem, if i restart pfsense havp.inc came back to the original with 1MB!!! ??? ??? ??? ??? ??? ??? ??? ??? ???

LiquiD_85 · Apr 7, 2009, 10:43 AM

Ok, setting mdconfig to 16 or 32MB i can download files from internet such as virIT from www.tgsoft.it waiting about 20-30 seconds before download it but for bigger download such as ubuntu iso image also waiting 4-5 minutes the download not start at all!!

If any idea please tell me, i've finished my tests!

dvserg · Apr 7, 2009, 10:56 AM

I will test you problem too ???

LiquiD_85 · Apr 7, 2009, 11:14 AM

Thanks a lot i wait for your response dvserg, if you wanti can give you my msn contact!

dvserg · Apr 7, 2009, 1:03 PM

@LiquiD_85:

Thanks a lot i wait for your response dvserg, if you wanti can give you my msn contact!

Possible test option ?
KEEPBACKBUFFER 600

I download 30-50 mbyte files success.

LiquiD_85 · Apr 7, 2009, 2:54 PM

What's your mdconfig?I need to restart HAVP?

LiquiD_85 · Apr 7, 2009, 2:58 PM

Changed keepbackbuffer to 600 (was 200000), and NOT ENOUGH FREE SPACE ON SERVER again, it's impossible!!!
If i restart pfsense havp.inc rollback to the original settings ??? ??? ???