Few HAVP Issues
HAVP was working fine on my system till recently.
Was getting this error in the logs
(clamd), uid 0: exited on signal 11
At that point, i turned off HAVP
When i went back to test again and started HAVP, the error disappeared.
HAVP would start to block eicar test files again. BUT, eicarcom2.zip would now pass HAVP. Before it was always blocked.
I rebooted the system and when it came backup, HAVP service was running, nothing was being blocked when testing all the eicar files. (i could however browse the internet)
Had to go into HAVP config and hit save and it seem to start blocking again…but eicarcom2.zip still does not get blocked.
I did have this problem before, but i rebuilt the box.
Thanks in advance.
EDIT: After another reboot nothing is blocked. Everything is on. PLS see image. thx
looks like someone else might have had the same problem here http://forum.pfsense.org/index.php/topic,24027.0.html
this post comment removed. problem is still what is listed above
Very strange with some things that are happening
I am getting different scan results with different browsers
See the pick below…. Same file, using IE the file can be downloaded. With FireFox it was Blocked
Now, i can get different results with different Virus test files. FireFox might let a file go, and IE will block it.
This site now never blocks files from FireFox
But IE will block all but eicarcom2.zip
I am also using Squid and Squid Guard.
You have cached result.
hmmm, I never noticed this before in my testing
Files would just be blocked all the time when ever i tested….IE and FF
So which is cached, the block result or non blocking result.
Either way, isn't that a little dangerous if a cache will let some files go?
How can the cache be cleared?
Thanks again for your help.
I will assume that this is the cache for HAVP/Squid?
I just tested on a different computer and things are getting by HAVP.
(testing with same test pages)
Now, some things will get blocked…but others are not.
I cleared all cache from IE and FF before testing.