How to configure HAVP
-
I'm not sure if this will help or not, but some virus scanners have a max stream size. Clamav is one of them. I don't know if this applies to your situation, but you might want to look there just to be sure.
-
you need to fix the memory device used for havp, if i'm not wrong it is actually 1mb
Just open havp.inc into /usr/local/pkg and look for mdconfig
Remember that this value is used to create a in-memory fs so don't set it too high or you will get problems :) (if your FW have 128mb of memory, a value of 32mb would be good)
-
Ram grid:
# RAM disk # Mem - RAM # 128M - 16M # 256M - 32M # 512M - 64M # 1G - 128M # function mountRAMdisk() { # ! not use RAM disk with VM ! if (!VMWare_detect()) { # 2 Mb by default $mem = 2; # available system memory (Mb) $av_mem = get_memory(); $av_mem = intval($a_mem[0]); # use mem if ($av_mem >= 1024) $mem = 128; else if ($av_mem >= 512) $mem = 64; else if ($av_mem >= 256) $mem = 32; else if ($av_mem >= 128) $mem = 16; else if ($av_mem >= 64) $mem = 8; # detach and free all resources used by /dev/md10: mwexec("umount /var/tmp/havp"); mwexec("mdconfig -d -u 10"); # create and mount a swap backed file system on /var/tmp/havp by /dev/md10: mwexec("mdconfig -a -t swap -s {$mem}M -u 10"); mwexec("newfs -U /dev/md10"); mwexec("mount /dev/md10 /var/tmp/havp"); mwexec("chmod 1777 /var/tmp/havp"); } } function VMWare_detect() { global $g; $fc = ''; if (file_exists("{$g['varlog_path']}/dmesg.boot") !== false) $fc = file_get_contents("{$g['varlog_path']}/dmesg.boot"); return (strpos($fc, "<vmware virtual")="" !="=" false);<br="">}</vmware> -
Ok, i'm trying to change 1MB into 32MB …
@dvserg: $av_mem and $mem are two variables or two built-in procedures? I understand a little bit of programmation (C C++ access Delphi Pascal) i'm not an expert programmer but i can understand a source code!
Thanks a lot!
-
I've changed 1MB into 32MB, but if i save and try without restart pfsense same problem, if i restart pfsense havp.inc came back to the original with 1MB!!! ??? ??? ??? ??? ??? ??? ??? ??? ???
-
Ok, setting mdconfig to 16 or 32MB i can download files from internet such as virIT from www.tgsoft.it waiting about 20-30 seconds before download it but for bigger download such as ubuntu iso image also waiting 4-5 minutes the download not start at all!!
If any idea please tell me, i've finished my tests!
-
I will test you problem too ???
-
Thanks a lot i wait for your response dvserg, if you wanti can give you my msn contact!
-
Thanks a lot i wait for your response dvserg, if you wanti can give you my msn contact!
Possible test option ?
KEEPBACKBUFFER 600I download 30-50 mbyte files success.
-
What's your mdconfig?I need to restart HAVP?
-
Changed keepbackbuffer to 600 (was 200000), and NOT ENOUGH FREE SPACE ON SERVER again, it's impossible!!!
If i restart pfsense havp.inc rollback to the original settings ??? ??? ??? -
# Temporary file will grow only up to this size. This means scanner # will scan data until this limit is reached. # # There are two sides to this setting. By limiting the size, you gain # performance, less waiting for big files and less needed temporary space. # But there is slightly higher chance of virus slipping through (though # scanning large archives should not be gateways function, HAVP is more # geared towards small exploit detection etc). # # VALUE IN BYTES NOT KB OR MB!!!! # 0 = No size limit # # Default: # MAXSCANSIZE 5000000MAXSCANSIZE 5000000
-
Ok i'm trying to restore all previous modification ti havp.inc file and modifying MAXSCANSIZE to 5000000
I've to restart pfsense or havp?
thnx -
Same damned problem, it's hard to belive really!! Restarted pfsense and havp.inc rollback to defaults values, changed MAXSCANSIZE to 5000000 and KEEPBACKBUFFER to 600 and mdconfig to 16MB, saved file and tried … still the same! I've tried also with MAXSCANSIZE to 5000 and 5, nothing changed!!!
I think something happen to my pfsense installation, tomorrow i'll try with a fresh installation! -
After save config you must call from shell for reload config
killall havp
havp -
Finally this wonderfull tool works fine, i'm going to explain my tests:
New installation in a new machine, installed HAVP and set Max download size and Scan max file size in Services -> HTTP Antivirus to 100
and it's doesn't work .. I've changed MAXSCANSIZE and KEEPBACKBUFFER to 5000 and 600 saved and in Diagnostics -> Command i've executed killall havp and havp .. and it's doesen't work … NOW i've changed "Max download size" and "Scan max file size" to empty and it's work like a charm, so i understand that the "secret" was the SAVE button in Services -> HTTP Antivirus ..Now i've removed and reinstalled HAVP, set MAXSCANSIZE to 5000 saved and went to Services -> HTTP Antivirus and pressed SAVE, it's work perfectly!!! I think HAVP do not scan files bigger then 5K with MAXSCANSIZE=5000 and for me it's ok!!!
I think also that in Diagnostics -> Command "killall havp" and "havp" do not make the changes effective, or maybe i'm wrong, i don't know, i hope that my experience will help some people that have same problem!!!
Thanks a lot to all!!! :D
LiquiD
-
I test different configurations Need set MAXSCANSIZE to any not-empty (and not 0) value
I use 5000000.
This possible set via gui and all work. -
Yes MAXSCANSIZE in the havp.inc file is now 5000 and i've never set it to 0 or empty!!
In the gui now i've checked only Enabled and Use external interface, and it's work like a charm!!! -
Hello
I can not did havp and squid work together.I use squid port 3128 and ı write squid.conf " cache_peer 127.0.0.1 parent 3128 7 no-query " and enable havp and set the port 3128 .I conf the client borwser 3128 but i can not access the page .The error messages is ;
ERROR
The request URL could not be rerieved.
…..
Access DeniedCan you help me please.
Thank you -
Hello
I can not did havp and squid work together.I use squid port 3128 and ı write squid.conf " cache_peer 127.0.0.1 parent 3128 7 no-query " and enable havp and set the port 3128 .I conf the client borwser 3128 but i can not access the page .The error messages is ;
Use different ports to HAVP and squid
squid = 3128
havp = 3125