How to configure HAVP
-
Same damned problem, it's hard to belive really!! Restarted pfsense and havp.inc rollback to defaults values, changed MAXSCANSIZE to 5000000 and KEEPBACKBUFFER to 600 and mdconfig to 16MB, saved file and tried … still the same! I've tried also with MAXSCANSIZE to 5000 and 5, nothing changed!!!
I think something happen to my pfsense installation, tomorrow i'll try with a fresh installation! -
After save config you must call from shell for reload config
killall havp
havp -
Finally this wonderfull tool works fine, i'm going to explain my tests:
New installation in a new machine, installed HAVP and set Max download size and Scan max file size in Services -> HTTP Antivirus to 100
and it's doesn't work .. I've changed MAXSCANSIZE and KEEPBACKBUFFER to 5000 and 600 saved and in Diagnostics -> Command i've executed killall havp and havp .. and it's doesen't work … NOW i've changed "Max download size" and "Scan max file size" to empty and it's work like a charm, so i understand that the "secret" was the SAVE button in Services -> HTTP Antivirus ..Now i've removed and reinstalled HAVP, set MAXSCANSIZE to 5000 saved and went to Services -> HTTP Antivirus and pressed SAVE, it's work perfectly!!! I think HAVP do not scan files bigger then 5K with MAXSCANSIZE=5000 and for me it's ok!!!
I think also that in Diagnostics -> Command "killall havp" and "havp" do not make the changes effective, or maybe i'm wrong, i don't know, i hope that my experience will help some people that have same problem!!!
Thanks a lot to all!!! :D
LiquiD
-
I test different configurations Need set MAXSCANSIZE to any not-empty (and not 0) value
I use 5000000.
This possible set via gui and all work. -
Yes MAXSCANSIZE in the havp.inc file is now 5000 and i've never set it to 0 or empty!!
In the gui now i've checked only Enabled and Use external interface, and it's work like a charm!!! -
Hello
I can not did havp and squid work together.I use squid port 3128 and ı write squid.conf " cache_peer 127.0.0.1 parent 3128 7 no-query " and enable havp and set the port 3128 .I conf the client borwser 3128 but i can not access the page .The error messages is ;
ERROR
The request URL could not be rerieved.
…..
Access DeniedCan you help me please.
Thank you -
Hello
I can not did havp and squid work together.I use squid port 3128 and ı write squid.conf " cache_peer 127.0.0.1 parent 3128 7 no-query " and enable havp and set the port 3128 .I conf the client borwser 3128 but i can not access the page .The error messages is ;
Use different ports to HAVP and squid
squid = 3128
havp = 3125 -
Fisrt thank you very much for your reply… :)
Ok i did it ..squid port is 3128 and in squid.conf file i changed thecache_peer 127.0.0.1 parent 3121 7 no-query
and havp port i use the 3121 ..
and tested again but still not working.in havp access.log ( /var/log/havp/access.log ) i see anything log file ..and i can download virus file in http://www.eicar.org/anti_virus_test_file.htm this site. -
Fisrt thank you very much for your reply… :)
Ok i did it ..squid port is 3128 and in squid.conf file i changed thecache_peer 127.0.0.1 parent 3121 7 no-query
and havp port i use the 3121 ..
and tested again but still not working.in havp access.log ( /var/log/havp/access.log ) i see anything log file ..and i can download virus file in http://www.eicar.org/anti_virus_test_file.htm this site.Via GUI Squid custom options add
cache_peer 127.0.0.1 parent 3121 7 no-query
and disable squid GUI parent proxy options -
Thank you very much now i can see log entri in havp access.log…buy the way how can i test it could you help me again please..
Thank you very much again.. ;D
-
Thank you very much now i can see log entri in havp access.log…buy the way how can i test it could you help me again please..
Thank you very much again.. ;D
Look this
http://www.eicar.org/anti_virus_test_file.htmView log via GUI
Diagnostics: Execute command
PHP Executeecho( file_get_contents("/var/log/havp/access.log") ); -
Sorry to hi-jack but how is "transparent" and "multi-wan" coming on dvserg?
-
Sorry to hi-jack but how is "transparent" and "multi-wan" coming on dvserg?
I work with this (70-80% ready). But 2 months i really haven't free time :'(
-
I think we have the same/similar problem.
Squid and squidguard work. Havp works. But not together with havp as the parent proxy. We get
havp[22448]: (127.0.0.1) Invalid request from browser
when the above cache peer line is used.
Any more clues on what to try as I am now totally confused.
Regards
Andrew
-
I think we have the same/similar problem.
Squid and squidguard work. Havp works. But not together with havp as the parent proxy. We get
havp[22448]: (127.0.0.1) Invalid request from browser
when the above cache peer line is used.
Any more clues on what to try as I am now totally confused.
Regards
Andrew
Post pls you havp config, squid 'cutom options' and 'upstream proxy' options
-
Upstream proxy - blank - not used
Custom
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3;cache_peer 127.0.0.1 parent 3121 7 no
HAVP is now logging most entries to syslog - about 1 in 10 are either "could not send body to browser" or "Inavlid request from browser".
But Eicar test comes through no problem! I seem to either have havp working in isolation or as a parent proxy and it stops scanning.
Confused
Andrew
-
cache_peer 127.0.0.1 parent 3121 7 no-query
havp mast have port 3121
-
havp is on 3121
also just realised that whilst havp is working as much as logging some (but not all reuests), squidguard and lightsquid have both stopped working!
At this stage not impressed with havp
Andrew
-
As suspected - removed Havp and lightsquid and squidguard started working again.
Has anyone managed to get this group of packages to work together and if so how?
Regards
Andrew
-
HowTo use squid & HAVP
Scheme: {inet}->[HAVP]->[Squid cache]->{clients}HAVP:
- 'Use external proxy interface' disable
- 'Proxy port' - select HAVP-proxy-port, different from the squid-proxy-port
- 'Parent proxy' leave empty
Squid:
- disable upstream proxy
- custom options Add (here 3121 - havp proxy port, change to you self)
cache_peer 127.0.0.1 parent 3121 7 no-query(do not delete exists options)
