How to configure HAVP and squid

firefox

Hello

I want to create a situation where all my internal network
guard by HAVP

I have already installed squid  :)

Now
How do I combine them
How do I configure HAVP
Scan or test everything that comes from squid

Or maybe it's the opposite  ???
Maybe HAVP need to check all Traffic Which goes in to squid  ???

This is my version

2.0.3-PRERELEASE (i386)
built on Thu Feb 21 18:45:45 EST 2013
FreeBSD 8.1-RELEASE-p13

Topper727

I have attached a couple pictures to show how I get them to work together.

I believe it goes from HVAP to Squid then to your computer

at the bottom of Proxy Server General tab you will see

Custom Settings
Integrations
never_direct allow all;cache_peer 127.0.0.1 parent 3125 0 name=havp no-query no-digest no-netdb-exchange default;

if you setup correct.


Topper727

And here you can see if it works


firefox

I do not have this screen under status "proxy monitor"
How do I add it ?

Nachtfalke

@firefox:

I do not have this screen under status "proxy monitor"
How do I add it ?

This is a feature of the squid3 package. You are probably using squid2.
You can check this probably when looking into the access.log file of squid (if you have enabled logging).

tail -F /var/squid/logs/access.log

firefox

Thank you

I'm trying to create utm like in this link

http://fafadiatech.blogspot.co.il/2012/05/build-your-own-unified-threat.html

But unfortunately, my understanding is lacking
So I read and mark just according to the pictures

The problem is I have a different version
And I guess more new
And some of the options are different

For example in the "Snort Interfaces" pictere
it says ENABLED - ENABLED - DISABLED

in my Configuration it says ENABLED - DISABLED - DISABLED

In addition
Some sites I do not have access to them

firefox

I got into a bit

i install snort and squid gurd
and all internet Connection Gone crazy

I did not have access to all sites

At some sites received a message do not rely on this advertiser

I stopped these services snort and squidgurd
the Browsing not fall back

So I stopped also squid and havp
and still it didnt work

so i remove all Packages
Did not help
At the end I used the recovery option
The system went down and came after 30 minutes
Now the system in state it was before installation of snort and squidgurd

only squid and havp and it work

but how can i build this utm

Topper727

Maybe off topic.
About your sites being blocked. maybe look in blocked tab in Snort.  You might have add to some things to suppress list.  If you see the block in the alerts page you can hit the + on SID column and add it to suppress. Then you can unblock it and restart Snort to make it reread that config and not block for that reason anymore.

If nothing in Blocked TAB then maybe SquidGruard blocking.

Good to find out what is blocking. I have a complete setup like your are wanting. Just how to explain it all which I am not best at doing.


firefox

First of all thanks for the help

Secondly
After the installation of snort or squidguard
I did not add any site to the list of blocked
Not in snort or squidguard
The only thing I can think of is the snort rules
But turning off the snort sites were not yet available
So I turned off the squidguard and still not yet available

I'm not much of it but I
Once you install a package
The package adds {I guess} system settings that might block access to the Internet

That at some point I had no internet access
So I used the Recovery

on the Subject of the guide I found online
I think this guide is aimed at people with more extensive knowledge
I think that was missing quite a few steps

This is not a problem to find a guide to Each of the packages
But not all together :-\ Bummer

Regarding the installation guide you prepared
Could upload it here?