• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to configure HAVP

Scheduled Pinned Locked Moved pfSense Packages
66 Posts 10 Posters 64.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    LiquiD_85
    last edited by Apr 7, 2009, 11:14 AM

    Thanks a lot i wait for your response dvserg, if you wanti can give you my msn contact!

    1 Reply Last reply Reply Quote 0
    • D Offline
      dvserg
      last edited by Apr 7, 2009, 1:03 PM

      @LiquiD_85:

      Thanks a lot i wait for your response dvserg, if you wanti can give you my msn contact!

      Possible test option ?
      KEEPBACKBUFFER 600

      I download 30-50 mbyte files success.

      SquidGuardDoc EN  RU Tutorial
      Localization ru_PFSense

      1 Reply Last reply Reply Quote 0
      • L Offline
        LiquiD_85
        last edited by Apr 7, 2009, 2:54 PM

        What's your mdconfig?I need to restart HAVP?

        1 Reply Last reply Reply Quote 0
        • L Offline
          LiquiD_85
          last edited by Apr 7, 2009, 2:58 PM

          Changed keepbackbuffer to 600 (was 200000), and NOT ENOUGH FREE SPACE ON SERVER again, it's impossible!!!
          If i restart pfsense havp.inc rollback to the original settings  ??? ??? ???

          1 Reply Last reply Reply Quote 0
          • D Offline
            dvserg
            last edited by Apr 7, 2009, 7:39 PM

            # Temporary file will grow only up to this size. This means scanner
            # will scan data until this limit is reached.
            #
            # There are two sides to this setting. By limiting the size, you gain
            # performance, less waiting for big files and less needed temporary space.
            # But there is slightly higher chance of virus slipping through (though
            # scanning large archives should not be gateways function, HAVP is more
            # geared towards small exploit detection etc).
            #
            # VALUE IN BYTES NOT KB OR MB!!!!
            #  0 = No size limit
            #
            # Default:
            # MAXSCANSIZE 5000000
            

            MAXSCANSIZE 5000000

            SquidGuardDoc EN  RU Tutorial
            Localization ru_PFSense

            1 Reply Last reply Reply Quote 0
            • L Offline
              LiquiD_85
              last edited by Apr 7, 2009, 9:39 PM

              Ok i'm trying to restore all previous modification ti havp.inc file and modifying MAXSCANSIZE to 5000000
              I've to restart pfsense or havp?
              thnx

              1 Reply Last reply Reply Quote 0
              • L Offline
                LiquiD_85
                last edited by Apr 7, 2009, 10:04 PM

                Same damned problem, it's hard to belive really!! Restarted pfsense and havp.inc rollback to defaults values, changed MAXSCANSIZE to 5000000 and KEEPBACKBUFFER to 600 and mdconfig to 16MB, saved file and tried … still the same! I've tried also with MAXSCANSIZE to 5000 and 5, nothing changed!!!
                I think something happen to my pfsense installation, tomorrow i'll try with a fresh installation!

                1 Reply Last reply Reply Quote 0
                • D Offline
                  dvserg
                  last edited by Apr 8, 2009, 3:52 AM

                  After save config you must call from shell for reload config
                  killall havp
                  havp

                  SquidGuardDoc EN  RU Tutorial
                  Localization ru_PFSense

                  1 Reply Last reply Reply Quote 0
                  • L Offline
                    LiquiD_85
                    last edited by Apr 8, 2009, 1:12 PM

                    Finally this wonderfull tool works fine, i'm going to explain my tests:

                    New installation in a new machine, installed HAVP and set Max download size and Scan max file size in Services -> HTTP Antivirus to 100
                    and it's doesn't work .. I've changed MAXSCANSIZE and KEEPBACKBUFFER to 5000 and 600 saved and in Diagnostics -> Command i've executed killall havp and havp .. and it's doesen't work … NOW i've changed "Max download size" and "Scan max file size" to empty and it's work like a charm, so i understand that the "secret" was the SAVE button in Services -> HTTP Antivirus ..

                    Now i've removed and reinstalled HAVP, set MAXSCANSIZE to 5000 saved and went to Services -> HTTP Antivirus and pressed SAVE, it's work perfectly!!! I think HAVP do not scan files bigger then 5K with MAXSCANSIZE=5000 and for me it's ok!!!

                    I think also that in Diagnostics -> Command "killall havp" and "havp" do not make the changes effective, or maybe i'm wrong, i don't know, i hope that my experience will help some people that have same problem!!!

                    Thanks a lot to all!!! :D

                    LiquiD

                    1 Reply Last reply Reply Quote 0
                    • D Offline
                      dvserg
                      last edited by Apr 8, 2009, 1:16 PM

                      I test different configurations Need set MAXSCANSIZE to any not-empty (and not 0) value
                      I use 5000000.
                      This possible set via gui and all work.

                      SquidGuardDoc EN  RU Tutorial
                      Localization ru_PFSense

                      1 Reply Last reply Reply Quote 0
                      • L Offline
                        LiquiD_85
                        last edited by Apr 8, 2009, 1:29 PM

                        Yes MAXSCANSIZE in the havp.inc file is now 5000 and i've never set it to 0 or empty!!
                        In the gui now i've checked only Enabled and Use external interface, and it's work like a charm!!!

                        1 Reply Last reply Reply Quote 0
                        • A Offline
                          akintemel
                          last edited by Apr 9, 2009, 1:27 PM

                          Hello

                          I can not did havp and squid work together.I use squid port 3128 and ı write squid.conf  " cache_peer 127.0.0.1 parent 3128 7 no-query " and enable havp and set the port 3128 .I conf the client borwser 3128 but i can not access the page .The error messages is  ;
                            ERROR
                            The request URL could not be rerieved.
                            …..
                            Access Denied

                          Can you help me please.
                          Thank you

                          1 Reply Last reply Reply Quote 0
                          • D Offline
                            dvserg
                            last edited by Apr 9, 2009, 2:07 PM

                            @akintemel:

                            Hello

                            I can not did havp and squid work together.I use squid port 3128 and ı write squid.conf  " cache_peer 127.0.0.1 parent 3128 7 no-query " and enable havp and set the port 3128 .I conf the client borwser 3128 but i can not access the page .The error messages is  ;

                            Use different ports to HAVP and squid
                            squid = 3128
                            havp = 3125

                            SquidGuardDoc EN  RU Tutorial
                            Localization ru_PFSense

                            1 Reply Last reply Reply Quote 0
                            • A Offline
                              akintemel
                              last edited by Apr 9, 2009, 2:52 PM

                              Fisrt thank you very much for your reply… :)
                              Ok i did it ..squid port is 3128 and in squid.conf file i changed the

                              cache_peer 127.0.0.1 parent 3121 7 no-query

                              and havp port i use the 3121 ..
                              and tested again but still not working.in havp access.log ( /var/log/havp/access.log )  i see anything log file ..and i can download virus file in http://www.eicar.org/anti_virus_test_file.htm  this site.

                              1 Reply Last reply Reply Quote 0
                              • D Offline
                                dvserg
                                last edited by Apr 9, 2009, 4:15 PM

                                @akintemel:

                                Fisrt thank you very much for your reply… :)
                                Ok i did it ..squid port is 3128 and in squid.conf file i changed the

                                cache_peer 127.0.0.1 parent 3121 7 no-query

                                and havp port i use the 3121 ..
                                and tested again but still not working.in havp access.log ( /var/log/havp/access.log )  i see anything log file ..and i can download virus file in http://www.eicar.org/anti_virus_test_file.htm  this site.

                                Via GUI Squid custom options add
                                cache_peer 127.0.0.1 parent 3121 7 no-query
                                and disable squid GUI parent proxy options

                                SquidGuardDoc EN  RU Tutorial
                                Localization ru_PFSense

                                1 Reply Last reply Reply Quote 0
                                • A Offline
                                  akintemel
                                  last edited by Apr 10, 2009, 6:13 AM

                                  Thank you very much now i can see log entri in havp access.log…buy the way how can i test it could you help me again please..

                                  Thank you very much again..  ;D

                                  1 Reply Last reply Reply Quote 0
                                  • D Offline
                                    dvserg
                                    last edited by Apr 10, 2009, 7:34 AM Apr 10, 2009, 7:18 AM

                                    @akintemel:

                                    Thank you very much now i can see log entri in havp access.log…buy the way how can i test it could you help me again please..

                                    Thank you very much again..  ;D

                                    Look this
                                    http://www.eicar.org/anti_virus_test_file.htm

                                    View log via GUI
                                    Diagnostics: Execute command
                                    PHP Execute

                                    echo(
                                    file_get_contents("/var/log/havp/access.log")
                                    );
                                    

                                    SquidGuardDoc EN  RU Tutorial
                                    Localization ru_PFSense

                                    1 Reply Last reply Reply Quote 0
                                    • C Offline
                                      cheesyboofs
                                      last edited by Apr 10, 2009, 9:51 AM

                                      Sorry to hi-jack but how is "transparent" and "multi-wan" coming on dvserg?

                                      Author of pfSense themes:

                                      DARK-ORANGE

                                      CODE-RED

                                      1 Reply Last reply Reply Quote 0
                                      • D Offline
                                        dvserg
                                        last edited by Apr 10, 2009, 10:35 AM

                                        @cheesyboofs:

                                        Sorry to hi-jack but how is "transparent" and "multi-wan" coming on dvserg?

                                        I work with this (70-80% ready). But 2 months i really haven't free time  :'(

                                        SquidGuardDoc EN  RU Tutorial
                                        Localization ru_PFSense

                                        1 Reply Last reply Reply Quote 0
                                        • A Offline
                                          andrew0401
                                          last edited by Apr 14, 2009, 8:07 AM

                                          I think we have the same/similar problem.

                                          Squid and squidguard work.  Havp works.  But not together with havp as the parent proxy.  We get

                                          havp[22448]: (127.0.0.1) Invalid request from browser

                                          when the above cache peer line is used.

                                          Any more clues on what to try as I am now totally confused.

                                          Regards

                                          Andrew

                                          1 Reply Last reply Reply Quote 0
                                          57 out of 66
                                          • First post
                                            57/66
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                            This community forum collects and processes your personal information.
                                            consent.not_received