HAVP service doesn't start



  • Hi
    It seems that havp antivirus doesn't work  on pfsense 2.0 and 2.1.
    I enabled HTTP proxy settings in standard mode.  when i click "Start Service" icon , after few seconds, "HTTP Antivirus Proxy ( Starting .. )" changes to "Stopped".
    When i start scanner, icon is red but "Antivirus Server ( Started )" is shown.
    I had same problems with pfsense 2.0.1.
    Is there any alternative to havp in pfsense?
    I tried dansguardian, but in Content Scanners (antivirus) section, clamdscan is off.



  • Try to use only one (HAVP or Dansguardian), but not both. Unused package delete. Probably AV scaner have conflict.



  • I removed dansguardian …no difference..havp service doesn't start. in boot time this message appears: group havp not found.



  • You made the setting HAVP?



  • Yes,
    I set standard proxy mode on LAN interface.
    in boot time "pw: unknown group havp" message appears.
    It seems that when database is updated, service starts.



  • @Amirkabir:

    Yes,
    I set standard proxy mode on LAN interface.
    in boot time "pw: unknown group havp" message appears.
    It seems that when database is updated, service starts.

    Syslog pls show, about havp/clamd



  • there isn't anything about antivirus in  status:system logs .
    where can i find syslog messages about havp?



  • @Amirkabir:

    there isn't anything about antivirus in  status:system logs .
    where can i find syslog messages about havp?

    Try to (1)Save button click on settings page (2)Start service on First page (3)Search syslog for Havp/clamd messages.



  • /var/log/havp/havp.log:

    === Starting HAVP Version: 0.91
    13/09/2013 22:29:00 === Mandatory locking disabled! KEEPBACK settings not used!
    13/09/2013 22:29:00 Running as user: havp, group: havp
    13/09/2013 22:29:00 --- Initializing Clamd Socket Scanner
    13/09/2013 22:30:00 Clamd: Could not connect to scanner! Scanner down?
    13/09/2013 22:30:00 ERROR: Clamd Socket Scanner failed EICAR virus test! (Could not connect to scanner socket)
    

    /var/log/clamav/freshclam.log :

    ERROR: Can't create temporary directory /var/db/clamav/clamav-785237799a0f5131f57ad1dcf81fc6d9
    Hint: The database directory must be writable for UID 1003 or GID 2000
    


  • @Amirkabir:

    /var/log/clamav/freshclam.log :

    ERROR: Can't create temporary directory /var/db/clamav/clamav-785237799a0f5131f57ad1dcf81fc6d9
    Hint: The database directory must be writable for UID 1003 or GID 2000
    

    What platform you use (hdd/nanobsd)?



  • hdd
    right now  database updated successfully and havp started.
    havp is not stable.



  • @Amirkabir:

    hdd
    right now  database updated successfully and havp started.
    havp is not stable.

    The first start of HAVP unavailable because AV bases update is occurs. Maybe update take a long time :(



  • yes, but my problem is update failure at first time
    ERROR: Can't create temporary directory /var/db/clamav/clamav-785237799a0f5131f57ad1dcf81fc6d9



  • Seems to be related to /var/log/ permissions.
    I don't known why, but after upgrade to 2.1, i found that my /var/log has permissions "drwxrwxr–  8 root    wheel  1024 Dec  5 10:14 log"
    It is clear that all process with different uuid and ggid of root and wheel cannot go through /var/log and get access to their logs files.
    As partial solution i typed:

    chmod a+x /var/log

    and now havp process is starting to work... i still have trouble with clamav, but it is another story and i am still investigating



  • Hi,

    Hi
    It seems that havp antivirus …............................ settings in standard mode…..................

    are you tested the "parent for squid" mode ?



  • It works now in standard and parent mode. my problem was slow download process at update time.