Havp Update problems and crash



  • May 6 18:03:59 havp[4932]: === Starting HAVP Version: 0.90
    May 6 18:03:59 havp[4932]: === Mandatory locking disabled! KEEPBACK settings not used!
    May 6 18:03:59 havp[4932]: Running as user: havp, group: havp
    May 6 18:03:59 havp[4932]: –- Initializing Clamd Socket Scanner
    May 6 18:03:59 havp[4932]: Clamd Socket Scanner passed EICAR virus test (Eicar-Test-Signature)
    May 6 18:03:59 havp[4932]: –- All scanners initialized
    May 6 18:03:59 havp[4933]: Process ID: 4933
    May 6 18:04:00 check_reload_status: reloading filter
    May 6 18:04:30 freshclam[5221]: Your ClamAV installation is OUTDATED!
    May 6 18:04:30 freshclam[5221]: Local version: 0.95.1 Recommended version: 0.96

    how to update Havp antivirus package

    im already using 0.90

    or how to manual update for clamav ?



  • PFsense 1.2.3-RELEASE

    freebsd  ver 7.2

    havp 0.90
    clamav 0.95.1



  • This is Warning - not error. Not need update clamd - HAVP port designed for current version clamd.

    May 6 18:03:59 havp[4932]: Clamd Socket Scanner passed EICAR virus test (Eicar-Test-Signature) 
    May 6 18:03:59 havp[4932]: --- All scanners initialized
    


  • but, after this massage havp crashing and disconnecting internet connection.

    i dont have any idea.



  • @technical:

    but, after this massage havp crashing and disconnecting internet connection.

    i dont have any idea.

    Enable log & syslog on  'Http proxy' & ' Settings' tabs. Then start AV update on Settings tab. Looking 'system logs' for error messages.
    After 20-30 min click Save on 'Http proxy' tab and looking error messages on System log too
    Post log's here.



  • I'll send as fast I can



  • May 7 11:14:50 snort[942]: +–-----------------------------------------------
    May 7 11:14:50 snort[942]: Snort initialization completed successfully (pid=942)
    May 7 11:14:50 snort[942]: Snort initialization completed successfully (pid=942)
    May 7 11:14:50 snort[942]: Not Using PCAP_FRAMES
    May 7 11:14:50 snort[942]: Not Using PCAP_FRAMES
    May 7 11:14:52 check_reload_status: updating dyndns
    May 7 11:14:58 clamd[1042]: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: No such file or directory
    May 7 11:14:58 clamd[1042]: Can't unlink the socket file /var/run/clamav/clamd.sock
    May 7 11:15:26 havp[1054]: Clamd: Could not connect to scanner! Scanner down?
    May 7 11:15:26 havp[1054]: ERROR: Clamd Socket Scanner failed EICAR virus test! (Could not connect to scanner socket)
    May 7 11:16:35 freshclam[1808]: Your ClamAV installation is OUTDATED!
    May 7 11:16:35 freshclam[1808]: Local version: 0.95.1 Recommended version: 0.96
    May 7 11:28:14 snort[942]: [1:483:6] ICMP PING CyberKit 2.2 Windows [Classification: Misc activity] [Priority: 3]: {ICMP} 81...5 -> 81...9
    May 7 11:28:14 snort[942]: [1:483:6] ICMP PING CyberKit 2.2 Windows [Classification: Misc activity] [Priority: 3]: {ICMP} 81.
    ..5 -> 81...9
    May 7 11:28:14 snort[942]: [1:384:5] ICMP PING [Classification: Misc activity] [Priority: 3]: {ICMP} 81.
    .
    .5 -> 81...9
    May 7 11:28:14 snort[942]: [1:384:5] ICMP PING [Classification: Misc activity] [Priority: 3]: {ICMP} 81.
    .
    .5 -> 81..**.**9
    May 7 11:36:37 php: /pkg_edit.php: Starting HAVP
    May 7 11:36:38 php: /pkg_edit.php: Reloading Squid for configuration sync
    May 7 11:36:42 check_reload_status: reloading filter
    May 7 11:37:01 clamd[4516]: MaxThreads * MaxRecursion is too high: 25500, open file descriptor limit is: 11095
    May 7 11:37:01 havp[4517]: === Starting HAVP Version: 0.90
    May 7 11:37:01 havp[4517]: === Mandatory locking disabled! KEEPBACK settings not used!
    May 7 11:37:01 havp[4517]: Running as user: havp, group: havp
    May 7 11:37:01 havp[4517]: –- Initializing Clamd Socket Scanner
    May 7 11:37:01 havp[4517]: Clamd Socket Scanner passed EICAR virus test (Eicar-Test-Signature)
    May 7 11:37:01 havp[4517]: –- All scanners initialized
    May 7 11:37:01 havp[4518]: Process ID: 4518



  • havp crashing after the system restarts

    i push save button in http proxy tab havp working again and internet connection works.

    settings here

    http://img265.imageshack.us/gal.php?g=69561282.jpg

    same problems for this post
    http://forum.pfsense.org/index.php?topic=23620.15

    May 7 11:14:58 clamd[1042]: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: No such file or directory
    May 7 11:14:58 clamd[1042]: Can't unlink the socket file /var/run/clamav/clamd.sock
    May 7 11:15:26 havp[1054]: Clamd: Could not connect to scanner! Scanner down?
    May 7 11:15:26 havp[1054]: ERROR: Clamd Socket Scanner failed EICAR virus test! (Could not connect to scanner socket)



  • @technical:

    havp crashing after the system restarts

    I confirm the problem havp.sh. I am looking for a solution.



  • ~~dvserg

    Just last night i started to get this different error, but same problem with internet connections.
    (if this is not related, i will start a new thread)

    (clamd), uid 0: exited on signal 11
    error in my system log many times.

    i had to disable HAVP for now.

    this was running very nice with the new update you did a week or so back.
    Thanks for your help

    HAVP .0.90
    PF 1.2.3
    clamav-0.95.1~~

    I don't think this is the same thing so i opened another thread….sorry :(
    http://forum.pfsense.org/index.php/topic,24958.0.html



  • Anybody can test this?
    _http://diskatel.narod.ru/pfSense/packages/havp/havp.zip

    Changes for 'reboot bug' fix.



  • I can try, just not sure what to do with the zip.  :-[



  • @vito:

    I can try, just not sure what to do with the zip.  :-[

    [/quote]
    Aaa download, unpack, copy to /usr/local/pkg



  • got it…
    doing it now...
    should i uninstall the current package?



  • I just replaced the files and rebooted…
    HAVP Service was started on reboot, but no scanning at all.
    test sites could be downloaded.

    Hit Save in HAVP and it stared blocking again.



  • After reboot need 2-3 min for CLAMD starting, Even if HAVP started.



  • waited about 8min and had to hit save (tested, then waited again)
    This is what i got in the logs.

    May 8 09:10:03 havp[3591]: Process ID: 3591
    May 8 09:10:03 havp[3590]: –- All scanners initialized
    May 8 09:10:03 havp[3590]: Clamd Socket Scanner passed EICAR virus test (Eicar-Test-Signature)
    May 8 09:10:03 havp[3590]: –- Initializing Clamd Socket Scanner
    May 8 09:10:03 havp[3590]: Running as user: havp, group: snort
    May 8 09:10:03 havp[3590]: === Mandatory locking disabled! KEEPBACK settings not used!
    May 8 09:10:03 havp[3590]: === Starting HAVP Version: 0.90

    Started to block after hitting save



  • tried this again and waited 15min and did not see anything in the system log for HAVP

    nothing was being block still, HAVP service was on.

    Went into the HAVP config and hit save…started working again.
    :(

    thanks again for your help



  • I try and write the results tomorrow



  • HAVP "reboot" updated.


Locked