HAVP
-
Dvserg,
Can HAVP be used in transparent mode without using squid? I dont use squid but would be nice if HAVP can scan for viruses as I use the web without changing any settings to my browser.
-
Dvserg,
Can HAVP be used in transparent mode without using squid? I dont use squid but would be nice if HAVP can scan for viruses as I use the web without changing any settings to my browser.
HAVP create rule for transparent but i not tested how this work (i have only bridged router).
On bridge transparent not worked. Can you test transparent on self pfsense? -
I did just like this, but eicar code didn't blocked (from the link above).
What's wrong? How can I test that HAVP works?- Update AV base (need wait some time)
- Set HAVP to standard mode
- Set Browser proxy settings > to HAVP_IP:PORT
- Test eicar …. /* if not - it is havp problem */
- Start scan squid cache with AV files scanner.
- Set squid non transparent (uncheck transparent) + HAVP as Parent for squid;
- Set Browser Proxy Settings > to squid_IP:PORT
- Test eicar .... /* if not - havp-squid LINK problem */
- Set squid as Transparent
- Unset Browser proxy settings
- Test eicar .... /* if not - squid TRANSPARENT problem */
#1…worked as expected
#2...did not work..did not block
#3...did not block as well. -
I found one - squid CAN ignore parent proxy
Try change in you Squid Custom option manually as:never_direct allow all;cache_peer 127.0.0.1 parent YOU_HAVP_PORT_HERE 0 name=havp no-query no-digest no-netdb-exchange defaultAnd Save.
Check work with this settings.ps added 'never_direct allow all' and deleted 'proxy-only' string.
-
I have a question. I have havp installed and running great in transparent mode. My question is how do I whitelist youtube. The caching of the videos is driving my wife crazy!!! I've tried in the whitelist section *.youtube.com *.googlevideo.com but still it caches the videos.
-
Try as this
Example: *.pfsense.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc -
I have a question. I have havp installed and running great in transparent mode. My question is how do I whitelist youtube. The caching of the videos is driving my wife crazy!!! I've tried in the whitelist section *.youtube.com *.googlevideo.com but still it caches the videos.
How did you get it to work successfully working in Transparent mode with Squid. It 's still not working for me. What's your settings in Havp?? I have Proxy mode set as Parent for Squid. Transparent mode gives me an error in the logs to use Standard mode.
-
Now i edit HowTo. Pls look this
http://doc.pfsense.org/index.php/HAVP_Package_for_HTTP_Anti-Virus_Scanning -
Dvserg,
Wow, now works like a charm…Great help!!!
Thanks again,
John
-
Try as this
Example: *.pfsense.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.incI tried this
*.googlevideo.com/* and *.youtube.com/*Both are on new lines correct? Not comma delimited. Just wondering. It's still caching the videos. ???
-
I will check you issue. Maybe streaming scaning need configure
-
-
I will check you issue. Maybe streaming scaning need configure
Cool. Thanks a ton!
Can you make this ?
- edit file /usr/local/pkg/havp.inc, find '$conf[] = "STREAMSCANSIZE 20000";' string and replace 20000 to 0
- goto HAVP gui and Save
- test you stream content (video) new.
-
I will check you issue. Maybe streaming scaning need configure
Cool. Thanks a ton!
Can you make this ?
- edit file /usr/local/pkg/havp.inc, find '$conf[] = "STREAMSCANSIZE 20000";' string and replace 20000 to 0
- goto HAVP gui and Save
- test you stream content (video) new.
I made those changes as well. Still caching videos. :'(
-
I made those changes as well. Still caching videos.OK
Will test more.. -
Hi DvSerg,
We are running the havp + squid in transparent mode sucessfully. But, one strange thing happens, the first that we try to access an page that contains virus or other malware it be blocked. But, if you try a second access to this same page so we can it.
Why?
Have you any idea about?
-
In current configuration squid can load pages, bypass havp.
Wait next update with fix. -
Update:
- squid 'cache_peer' options, now squid can't bypass parent proxy;
- added stream scan option - possible disable streaming content 'audio/video';
- modified TMPRam disk, now RAM disk probably will be quckly;
- fix errors;
-
Hi Dvserg ! It's working like a charm ! :D
-