Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    HAVP

    pfSense Packages
    16
    52
    23954
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      techmania last edited by

      How to install HAVP and CLAMAV on pfsense ,please instruct step by step!

      10x

      1 Reply Last reply Reply Quote 0
      • D
        dvserg last edited by

        @techmania:

        How to install HAVP and CLAMAV on pfsense ,please instruct step by step!

        10x

        For 1.2.2/FreeBSD 7.1
        1 pkg_add -r http://mirrors.linux.edu.lv/ftp.freebsd.org/ports/i386/packages-7.1-release/www/havp-0.88_1.tbz
        2 download HAVP xml/inc from http://www.diskatel.narod.ru/pfSense/ and put to /usr/local/pkg (via winscp3)
        3 exec gui http://you_pfsense/pkg_edit.php?xml=havp.xml&id=0

        ps GUI not addable to menu - use only (3) URL OR add manually to /cf/conf/config.xml -> <installed_packages>'menu' item

        
        <menu>
        			<name>Proxy HAVP</name>
        			Services
        			<url>/pkg_edit.php?xml=HAVP.xml&id=0</url>
        		</menu>
        
        

        and Del /tmp/config.cache file.</installed_packages>

        1 Reply Last reply Reply Quote 0
        • T
          techmania last edited by

          10x so a lot

          1 Reply Last reply Reply Quote 0
          • E
            eri-- last edited by

            dvserg why don't you put this in pfSense packages?

            1 Reply Last reply Reply Quote 0
            • S
              sullrich last edited by

              Why not turn this into a package?

              1 Reply Last reply Reply Quote 0
              • D
                dvserg last edited by

                Ok. I wiil prepare package & check ports for FreeBSD 7/7.1

                1 Reply Last reply Reply Quote 0
                • M
                  mishou last edited by

                  I had to change the url line from

                  <menu>
                  <name>Proxy HAVP</name>
                  Services
                  <url>/pkg_edit.php?xml=HAVP.xml&id=0</url>
                  </menu>

                  to

                  <menu>
                  <name>Proxy HAVP</name>
                  Services
                  <url>/pkg_edit.php?xml=havp.xml&id=0</url>
                  </menu>

                  When I wget them from your link it took them in lower case

                  Mishou

                  1 Reply Last reply Reply Quote 0
                  • D
                    dvserg last edited by

                    yes - need lower case

                    1 Reply Last reply Reply Quote 0
                    • T
                      ToxIcon last edited by

                      dvserg did you turn HAVP and CLAMAV into a pfSense packages?

                      1 Reply Last reply Reply Quote 0
                      • D
                        dvserg last edited by

                        @ToxIcon:

                        dvserg did you turn HAVP and CLAMAV into a pfSense packages?

                        I work with this. I test for 1.2.2/freeBSD 7.1
                        I need small time for all tests

                        1 Reply Last reply Reply Quote 0
                        • D
                          dvserg last edited by

                          HAVP - HTTP Antivirus package added to packages list.
                          Pls test.

                          1 Reply Last reply Reply Quote 0
                          • C
                            Cino last edited by

                            How do you setup HAVP in transparent proxy mode? And correct me if i'm wrong, transparent proxy mode means I dont have to set the proxy settings in each client pc..

                            thanks,

                            Cino

                            1 Reply Last reply Reply Quote 0
                            • N
                              n1ko last edited by

                              Does HAVP work with squid? I found http://www.server-side.de/ideas.htm but does this apply to pfsense also?

                              1 Reply Last reply Reply Quote 0
                              • D
                                dvserg last edited by

                                @Cino:

                                How do you setup HAVP in transparent proxy mode? And correct me if i'm wrong, transparent proxy mode means I dont have to set the proxy settings in each client pc..

                                thanks,
                                Cino

                                Transparent proxy option now not ready. Will be in near time.

                                1 Reply Last reply Reply Quote 0
                                • D
                                  dvserg last edited by

                                  @n1ko:

                                  Does HAVP work with squid? I found http://www.server-side.de/ideas.htm but does this apply to pfsense also?

                                  Havp will be work with squid. But before need test current variant havp.

                                  1 Reply Last reply Reply Quote 0
                                  • L
                                    lordarcane last edited by

                                    This is absolutly great! When migrating to pfsense and removing our old proxy server that had havp+squid+squidguard i really missed the virus checking function that havp offered. Please continue working and add support for squid in transparent mode! Thank you for all the great work!

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      dvserg last edited by

                                      Update havp test - xml & inc in ZIP archive:
                                      http://diskatel.narod.ru/pfSense/packages/havp/havp.zip

                                      Changes:

                                      • proxy mode are : standard, parent for squid, transparent, internal
                                      • multiinterface
                                      • work with user-defined rdr(mapping) from gui
                                      • optimised RAM temp options

                                      Store you old inc and xml from havp GUI
                                      Download, unpack and copy to /usr/local/pkg
                                      Check config HAVP from gui and Save.

                                      –---------------------
                                      Also new version with file AV-scanner. Possible, for example, scan Squid cache.
                                      http://diskatel.narod.ru/pfSense/packages/havp/havpnew.zip

                                      If errors or any other issues  - pls post here.

                                      NOTE: This 'test only' version, not use for work systems.

                                      1 Reply Last reply Reply Quote 0
                                      • C
                                        ColdFusion last edited by

                                        The file scanner seems to work, but I get this error in system log: php: : havp: Havp is installed but not started. Filter rules not created.

                                        Squid=Transparent
                                        Havp proxy mode=transparent
                                        Havp proxy port=3129
                                        ram disk enabled

                                        Squid custom options=redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3

                                        I did have cache peer 127.0.0.1 3129 0…etc etc...but now that disappeared also...but either way..I got:Havp is installed but not started. Filter rules not created.

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          dvserg last edited by

                                          Havp now updated as 'HAVP antivirus'
                                          Please delete previous package and install new.
                                          Changes: transparent proxy, parent for squid (autoconfigure), filter RDR rules, local files scanner, use clamd daemon (more quickly HAVP start, memory economy mode) - previous version used libclam.

                                          1 Reply Last reply Reply Quote 0
                                          • T
                                            ToxIcon last edited by

                                            Thanks dvserg for put the time and giving us Havp

                                            unfortunility I have a question can squid and Havp work together in transparent mode because i get this

                                            php: : Havp: Squid is already configured as transparent proxy. Use 'Standard' proxy mode

                                            I also try testing Havp  by using http://www.eicar.org/anti_virus_test_file.htm

                                            and it did not stop the http or https files download my desktop av popup on all files

                                            and their is nothing in the log files

                                            1 Reply Last reply Reply Quote 0
                                            • D
                                              dvserg last edited by

                                              I tested HAVP transparent mode - and have some problem (i have bridged ifaces).
                                              This options declared but not worked ( rdr rule ).
                                              I hope in future to solve this problem.   :-\

                                              About squid - i success use squid(non transparent) > havp > inet on my system. Before only need check saquid cache (must use 'File scan').

                                              1 Reply Last reply Reply Quote 0
                                              • K
                                                kongar last edited by

                                                How to configure HAVP to use it with transparent SQUID?
                                                Or should I disable transparent in SQUID?

                                                1 Reply Last reply Reply Quote 0
                                                • D
                                                  dvserg last edited by

                                                  @kongar:

                                                  How to configure HAVP to use it with transparent SQUID?
                                                  Or should I disable transparent in SQUID?

                                                  Setup HAVP as 'ParentForSquid' mode
                                                  Setup Squid as Transparent

                                                  1 Reply Last reply Reply Quote 0
                                                  • K
                                                    kongar last edited by

                                                    I did just like this, but eicar code didn't blocked (from the link above).
                                                    What's wrong? How can I test that HAVP works?

                                                    1 Reply Last reply Reply Quote 0
                                                    • D
                                                      dvserg last edited by

                                                      @kongar:

                                                      I did just like this, but eicar code didn't blocked (from the link above).
                                                      What's wrong? How can I test that HAVP works?

                                                      • Update AV base (need wait some time)
                                                      • Set HAVP to standard mode
                                                      • Set Browser proxy settings > to HAVP_IP:PORT
                                                      • Test eicar …. /* if not - it is havp problem */
                                                      • Start scan squid cache with AV files scanner.
                                                      • Set squid non transparent (uncheck transparent) + HAVP as Parent for squid;
                                                      • Set Browser Proxy Settings > to squid_IP:PORT
                                                      • Test eicar .... /* if not - havp-squid LINK problem */
                                                      • Set squid as Transparent
                                                      • Unset Browser proxy settings
                                                      • Test eicar .... /* if not - squid TRANSPARENT problem */
                                                      1 Reply Last reply Reply Quote 0
                                                      • C
                                                        Cino last edited by

                                                        Dvserg,

                                                        Can HAVP be used in transparent mode without using squid? I dont use squid but would be nice if HAVP can scan for viruses as I use the web without changing any settings to my browser.

                                                        1 Reply Last reply Reply Quote 0
                                                        • D
                                                          dvserg last edited by

                                                          @Cino:

                                                          Dvserg,

                                                          Can HAVP be used in transparent mode without using squid? I dont use squid but would be nice if HAVP can scan for viruses as I use the web without changing any settings to my browser.

                                                          HAVP create rule for transparent but i not tested how this work (i have only bridged router).
                                                          On bridge transparent not worked. Can you test transparent on self pfsense?

                                                          1 Reply Last reply Reply Quote 0
                                                          • C
                                                            ColdFusion last edited by

                                                            @dvserg:

                                                            @kongar:

                                                            I did just like this, but eicar code didn't blocked (from the link above).
                                                            What's wrong? How can I test that HAVP works?

                                                            • Update AV base (need wait some time)
                                                            • Set HAVP to standard mode
                                                            • Set Browser proxy settings > to HAVP_IP:PORT
                                                            • Test eicar …. /* if not - it is havp problem */
                                                            • Start scan squid cache with AV files scanner.
                                                            • Set squid non transparent (uncheck transparent) + HAVP as Parent for squid;
                                                            • Set Browser Proxy Settings > to squid_IP:PORT
                                                            • Test eicar .... /* if not - havp-squid LINK problem */
                                                            • Set squid as Transparent
                                                            • Unset Browser proxy settings
                                                            • Test eicar .... /* if not - squid TRANSPARENT problem */

                                                            #1…worked as expected
                                                            #2...did not work..did not block
                                                            #3...did not block as well.

                                                            1 Reply Last reply Reply Quote 0
                                                            • D
                                                              dvserg last edited by

                                                              I found one - squid CAN ignore parent proxy
                                                              Try change in you Squid Custom option manually as:

                                                              never_direct allow all;cache_peer 127.0.0.1 parent YOU_HAVP_PORT_HERE 0 name=havp no-query no-digest no-netdb-exchange default
                                                              

                                                              And Save.
                                                              Check work with this settings.

                                                              ps added 'never_direct allow all' and deleted 'proxy-only' string.

                                                              1 Reply Last reply Reply Quote 0
                                                              • T
                                                                techrosis last edited by

                                                                I have a question.  I have havp installed and running great in transparent mode.  My question is how do I whitelist youtube.  The caching of the videos is driving my wife crazy!!! I've tried in the whitelist section *.youtube.com *.googlevideo.com but still it caches the videos.

                                                                1 Reply Last reply Reply Quote 0
                                                                • D
                                                                  dvserg last edited by

                                                                  Try as this

                                                                  Example: *.pfsense.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc 
                                                                  
                                                                  1 Reply Last reply Reply Quote 0
                                                                  • C
                                                                    ColdFusion last edited by

                                                                    @techrosis:

                                                                    I have a question.  I have havp installed and running great in transparent mode.  My question is how do I whitelist youtube.  The caching of the videos is driving my wife crazy!!! I've tried in the whitelist section *.youtube.com *.googlevideo.com but still it caches the videos.

                                                                    How did you get it to work successfully working in Transparent mode with Squid. It 's still not working for me. What's your settings in Havp?? I have Proxy mode set as Parent for Squid. Transparent mode gives me an error in the logs to use Standard mode.

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • D
                                                                      dvserg last edited by

                                                                      Now i edit HowTo. Pls look this
                                                                      http://doc.pfsense.org/index.php/HAVP_Package_for_HTTP_Anti-Virus_Scanning

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • C
                                                                        ColdFusion last edited by

                                                                        Dvserg,

                                                                        Wow, now works like a charm…Great help!!!

                                                                        Thanks again,

                                                                        John

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • T
                                                                          techrosis last edited by

                                                                          @dvserg:

                                                                          Try as this

                                                                          Example: *.pfsense.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc 
                                                                          

                                                                          I tried this

                                                                          *.googlevideo.com/* and *.youtube.com/*
                                                                          

                                                                          Both are on new lines correct?  Not comma delimited.  Just wondering.  It's still caching the videos.  ???

                                                                          1 Reply Last reply Reply Quote 0
                                                                          • D
                                                                            dvserg last edited by

                                                                            I will check you issue. Maybe streaming scaning need configure

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • T
                                                                              techrosis last edited by

                                                                              @dvserg:

                                                                              I will check you issue. Maybe streaming scaning need configure

                                                                              Cool. Thanks a ton!

                                                                              1 Reply Last reply Reply Quote 0
                                                                              • D
                                                                                dvserg last edited by

                                                                                @techrosis:

                                                                                @dvserg:

                                                                                I will check you issue. Maybe streaming scaning need configure

                                                                                Cool. Thanks a ton!

                                                                                Can you make this ?

                                                                                • edit file /usr/local/pkg/havp.inc, find '$conf[] = "STREAMSCANSIZE 20000";' string and replace 20000 to 0
                                                                                • goto HAVP gui and Save
                                                                                • test you stream content (video) new.
                                                                                1 Reply Last reply Reply Quote 0
                                                                                • T
                                                                                  techrosis last edited by

                                                                                  @dvserg:

                                                                                  @techrosis:

                                                                                  @dvserg:

                                                                                  I will check you issue. Maybe streaming scaning need configure

                                                                                  Cool. Thanks a ton!

                                                                                  Can you make this ?

                                                                                  • edit file /usr/local/pkg/havp.inc, find '$conf[] = "STREAMSCANSIZE 20000";' string and replace 20000 to 0
                                                                                  • goto HAVP gui and Save
                                                                                  • test you stream content (video) new.

                                                                                  I made those changes as well.  Still caching videos.  :'(

                                                                                  1 Reply Last reply Reply Quote 0
                                                                                  • D
                                                                                    dvserg last edited by

                                                                                    I made those changes as well.  Still caching videos.   
                                                                                    

                                                                                    OK
                                                                                    Will test more..

                                                                                    1 Reply Last reply Reply Quote 0
                                                                                    • First post
                                                                                      Last post

                                                                                    Products

                                                                                    • Platform Overview
                                                                                    • TNSR
                                                                                    • pfSense Plus
                                                                                    • Appliances

                                                                                    Services

                                                                                    • Training
                                                                                    • Professional Services

                                                                                    Support

                                                                                    • Subscription Plans
                                                                                    • Contact Support
                                                                                    • Product Lifecycle
                                                                                    • Documentation

                                                                                    News

                                                                                    • Media Coverage
                                                                                    • Press
                                                                                    • Events

                                                                                    Resources

                                                                                    • Blog
                                                                                    • FAQ
                                                                                    • Find a Partner
                                                                                    • Resource Library
                                                                                    • Security Information

                                                                                    Company

                                                                                    • About Us
                                                                                    • Careers
                                                                                    • Partners
                                                                                    • Contact Us
                                                                                    • Legal
                                                                                    Our Mission

                                                                                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                                                                    Subscribe to our Newsletter

                                                                                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                                                                    © 2021 Rubicon Communications, LLC | Privacy Policy