HAVP
-
dvserg did you turn HAVP and CLAMAV into a pfSense packages?
I work with this. I test for 1.2.2/freeBSD 7.1
I need small time for all tests -
HAVP - HTTP Antivirus package added to packages list.
Pls test. -
How do you setup HAVP in transparent proxy mode? And correct me if i'm wrong, transparent proxy mode means I dont have to set the proxy settings in each client pc..
thanks,
Cino
-
Does HAVP work with squid? I found http://www.server-side.de/ideas.htm but does this apply to pfsense also?
-
How do you setup HAVP in transparent proxy mode? And correct me if i'm wrong, transparent proxy mode means I dont have to set the proxy settings in each client pc..
thanks,
CinoTransparent proxy option now not ready. Will be in near time.
-
Does HAVP work with squid? I found http://www.server-side.de/ideas.htm but does this apply to pfsense also?
Havp will be work with squid. But before need test current variant havp.
-
This is absolutly great! When migrating to pfsense and removing our old proxy server that had havp+squid+squidguard i really missed the virus checking function that havp offered. Please continue working and add support for squid in transparent mode! Thank you for all the great work!
-
Update havp test - xml & inc in ZIP archive:
http://diskatel.narod.ru/pfSense/packages/havp/havp.zipChanges:
- proxy mode are : standard, parent for squid, transparent, internal
- multiinterface
- work with user-defined rdr(mapping) from gui
- optimised RAM temp options
Store you old inc and xml from havp GUI
Download, unpack and copy to /usr/local/pkg
Check config HAVP from gui and Save.–---------------------
Also new version with file AV-scanner. Possible, for example, scan Squid cache.
http://diskatel.narod.ru/pfSense/packages/havp/havpnew.zipIf errors or any other issues - pls post here.
NOTE: This 'test only' version, not use for work systems.
-
The file scanner seems to work, but I get this error in system log: php: : havp: Havp is installed but not started. Filter rules not created.
Squid=Transparent
Havp proxy mode=transparent
Havp proxy port=3129
ram disk enabledSquid custom options=redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3
I did have cache peer 127.0.0.1 3129 0…etc etc...but now that disappeared also...but either way..I got:Havp is installed but not started. Filter rules not created.
-
Havp now updated as 'HAVP antivirus'
Please delete previous package and install new.
Changes: transparent proxy, parent for squid (autoconfigure), filter RDR rules, local files scanner, use clamd daemon (more quickly HAVP start, memory economy mode) - previous version used libclam. -
Thanks dvserg for put the time and giving us Havp
unfortunility I have a question can squid and Havp work together in transparent mode because i get this
php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode
I also try testing Havp by using http://www.eicar.org/anti_virus_test_file.htm
and it did not stop the http or https files download my desktop av popup on all files
and their is nothing in the log files
-
I tested HAVP transparent mode - and have some problem (i have bridged ifaces).
This options declared but not worked ( rdr rule ).
I hope in future to solve this problem. :-\About squid - i success use squid(non transparent) > havp > inet on my system. Before only need check saquid cache (must use 'File scan').
-
How to configure HAVP to use it with transparent SQUID?
Or should I disable transparent in SQUID? -
How to configure HAVP to use it with transparent SQUID?
Or should I disable transparent in SQUID?Setup HAVP as 'ParentForSquid' mode
Setup Squid as Transparent -
I did just like this, but eicar code didn't blocked (from the link above).
What's wrong? How can I test that HAVP works? -
I did just like this, but eicar code didn't blocked (from the link above).
What's wrong? How can I test that HAVP works?- Update AV base (need wait some time)
- Set HAVP to standard mode
- Set Browser proxy settings > to HAVP_IP:PORT
- Test eicar …. /* if not - it is havp problem */
- Start scan squid cache with AV files scanner.
- Set squid non transparent (uncheck transparent) + HAVP as Parent for squid;
- Set Browser Proxy Settings > to squid_IP:PORT
- Test eicar .... /* if not - havp-squid LINK problem */
- Set squid as Transparent
- Unset Browser proxy settings
- Test eicar .... /* if not - squid TRANSPARENT problem */
-
Dvserg,
Can HAVP be used in transparent mode without using squid? I dont use squid but would be nice if HAVP can scan for viruses as I use the web without changing any settings to my browser.
-
Dvserg,
Can HAVP be used in transparent mode without using squid? I dont use squid but would be nice if HAVP can scan for viruses as I use the web without changing any settings to my browser.
HAVP create rule for transparent but i not tested how this work (i have only bridged router).
On bridge transparent not worked. Can you test transparent on self pfsense? -
I did just like this, but eicar code didn't blocked (from the link above).
What's wrong? How can I test that HAVP works?- Update AV base (need wait some time)
- Set HAVP to standard mode
- Set Browser proxy settings > to HAVP_IP:PORT
- Test eicar …. /* if not - it is havp problem */
- Start scan squid cache with AV files scanner.
- Set squid non transparent (uncheck transparent) + HAVP as Parent for squid;
- Set Browser Proxy Settings > to squid_IP:PORT
- Test eicar .... /* if not - havp-squid LINK problem */
- Set squid as Transparent
- Unset Browser proxy settings
- Test eicar .... /* if not - squid TRANSPARENT problem */
#1…worked as expected
#2...did not work..did not block
#3...did not block as well. -
I found one - squid CAN ignore parent proxy
Try change in you Squid Custom option manually as:never_direct allow all;cache_peer 127.0.0.1 parent YOU_HAVP_PORT_HERE 0 name=havp no-query no-digest no-netdb-exchange defaultAnd Save.
Check work with this settings.ps added 'never_direct allow all' and deleted 'proxy-only' string.