Antivurus Proxy (HAVP) not working

keinstein

Hi guys! :-)

I just installed pfsense on a Thin Client : I copied the 4gb Image to the CF.

Everything seems to be fine. I already configured the LAN and WAN settings and the box seems to be running without any problems.

Finally i tried to install HAVP and I failed. After a few seconds the service stops. I found the following lines in  the syslog:

Oct 12 13:30:47 kernel: pid 30927 (freshclam), uid 1003 inumber 4038 on /var: filesystem full
Oct 12 14:01:05 kernel: pid 75800 (freshclam), uid 1003 inumber 4038 on /var: filesystem full
Oct 12 15:06:22 kernel: pid 53366 (freshclam), uid 1003 inumber 4038 on /var: filesystem full
Oct 12 16:07:05 kernel: pid 15805 (freshclam), uid 1003 inumber 4038 on /var: filesystem full

The  filesystem looks like this:

[2.1-RELEASE][root@pfSense]/root(2): df -h
Filesystem          Size    Used  Avail Capacity  Mounted on
/dev/ufs/pfsense0    1.8G    271M    1.4G    16%    /
devfs                1.0k    1.0k      0B  100%    /dev
/dev/ufs/cf          49M    780k    44M    2%    /cf
/dev/md0              38M    444k    35M    1%    /tmp
/dev/md1              57M    16M    36M    31%    /var
devfs                1.0k    1.0k      0B  100%    /var/dhcpd/dev
/dev/md10            483M    6.0k    444M    0%    /var/tmp/havpRAM
[2.1-RELEASE][root@pfSense]/root(3):

[2.1-RELEASE][root@pfSense]/root(3): fdisk
******* Working on device /dev/ufs/pfsense0 *******
parameters extracted from in-core disklabel are:
cylinders=3813 heads=16 sectors/track=63 (1008 blks/cyl)

Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=3813 heads=16 sectors/track=63 (1008 blks/cyl)

fdisk: invalid fdisk partition table found
Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
    start 63, size 3843441 (1876 Meg), flag 80 (active)
        beg: cyl 0/ head 1/ sector 1;
        end: cyl 740/ head 15/ sector 63
The data for partition 2 is:
<unused>The data for partition 3 is:
<unused>The data for partition 4 is:
<unused>Do I have to raise the space for /tmp ?

Regards
Keinstein

</unused></unused></unused>

stephenw10

Try increasing the size of /var in System: Advanced: Miscellaneous:. It's set at 60MB by default, try 80MB. It shouldn't need much since it creates an extra ram disk, md10, presumably for the big requirements.

Steve

keinstein

Hi Steve,

thank you for your fast help! :-)

I changed the values to 128MB and I think this should be enough.

But HAVP is still not working. Seems like the arguements in the script have errors:

Oct 13 15:09:22 	php: rc.start_packages: Starting HAVP
Oct 13 15:09:22 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:22 	login: login on ttyv0 as root
Oct 13 15:09:22 	sshlockout[33143]: sshlockout/webConfigurator v3.0 starting up
Oct 13 15:09:23 	php: rc.start_packages: Antivirus: Group 'havp' was added.
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/tmp/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/db/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/tmp/havpRAM' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates_ex' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/run/havp.pid' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/rc.d/havp_avupdate' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/clamd.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:09:24 	clamd[52475]: Can't open file or directory
Oct 13 15:09:26 	clamd[61388]: Can't open file or directory
Oct 13 15:10:28 	sshd[76348]: Accepted keyboard-interactive/pam for root from 192.168.222.20 port 49599 ssh2
Oct 13 15:11:12 	php: /system_advanced_misc.php: Successful login for user 'admin' from: 192.168.222.20
Oct 13 15:11:12 	php: /system_advanced_misc.php: Successful login for user 'admin' from: 192.168.222.20
Oct 13 15:11:38 	clamd[19756]: Can't open file or directory
Oct 13 15:11:52 	clamd[26447]: Can't open file or directory
Oct 13 15:12:12 	clamd[34546]: Can't open file or directory
Oct 13 15:13:02 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/rc.d/havp_avupdate' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:03 	php: /pkg_edit.php: Antivirus: Group 'havp' was added.
Oct 13 15:13:03 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:03 	check_reload_status: Syncing firewall
Oct 13 15:13:03 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/tmp/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/db/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/tmp/havpRAM' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates_ex' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/run/havp.pid' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/rc.d/havp_avupdate' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/clamd.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
Oct 13 15:13:20 	clamd[75600]: Can't open file or directory
Oct 13 15:13:20 	clamd[77509]: Can't open file or directory
Oct 13 15:13:39 	clamd[3395]: Can't open file or directory
Oct 13 15:14:11 	clamd[7939]: Can't open file or directory

stephenw10

Hmm, well that looks more serious.  ;)
I don't run HAVP myself. I have done in the past but never under 2.1. Are other people having problems?
This should probably be asked in the packages subforum, it's more a question for the HAVP maintainer.

Steve

keinstein

Hi Steve,

ok, I started a new thread: http://forum.pfsense.org/index.php/topic,67956.msg371838.html#msg371838

Thank you so far!.

Nachtfalke

I just had a short view on the code here:
https://github.com/pfsense/pfsense-packages/blob/master/config/havp/havp.inc

And for me it looks like it wasn't modified to work properly on pfsense 2.1

There an many paths looking like this:

/usr/local/etc

which is pfsense 2.0.x

On pfsense 2.1 it should probably be:

/usr/pbi/...

stephenw10

Interesting. It's listed as working here:
https://docs.google.com/spreadsheet/ccc?key=0AojFUXcbH0ROdEFZcC1GbEV6ekpqcXFEZTE5TGpzaXc#gid=0

Steve

Nachtfalke

@stephenw10:

Interesting. It's listed as working here:
https://docs.google.com/spreadsheet/ccc?key=0AojFUXcbH0ROdEFZcC1GbEV6ekpqcXFEZTE5TGpzaXc#gid=0

Steve

Yeah, strange.

Probably service "started" but if it is really working was never tested. On the havp.inc file there are version checks for pfsense 1.x and 2.x but not for 2.1.

keinstein

Hi guys,

maybe I found another problem and probably this problem is not due to the package. I am not able write any data to filesystem.

If I open the "antivirus" menu in the webui I get the following message:

Warning: file_put_contents(/usr/local/etc/havp/havp_conf.xml): failed to open stream: Read-only file system in /usr/local/pkg/havp.inc on line 601

Therefore I tried to write data on the shell, but this didn't work either:

[2.1-RELEASE][admin@pfSense]/usr/local/etc/havp(20): mkdir test
mkdir: test: Read-only file system
[2.1-RELEASE][admin@pfSense.]/usr/local/etc/havp(21):

I checked the fstab and found the following:

[2.1-RELEASE][admin@pfSense]/usr/local/etc/havp(21): vi /etc/fstab
/dev/ufs/pfsense0 / ufs ro,sync,noatime 1 1
/dev/ufs/cf /cf ufs ro,sync,noatime 1 1

I tried to change the "ro" to "rw" - but I could not write the file (of course, it is readonly.. )

stephenw10

That is the correct behavior for a Nanobsd install. There is an option to mount the filesystem RW permanently in the webgui but it shouldn't be needed. I would suggest the package may not have installed correctly.

Steve