Antivurus Proxy (HAVP) not working



  • Hi guys! :-)

    I just installed pfsense on a Thin Client : I copied the 4gb Image to the CF.

    Everything seems to be fine. I already configured the LAN and WAN settings and the box seems to be running without any problems.

    Finally i tried to install HAVP and I failed. After a few seconds the service stops. I found the following lines in  the syslog:

    Oct 12 13:30:47 kernel: pid 30927 (freshclam), uid 1003 inumber 4038 on /var: filesystem full
    Oct 12 14:01:05 kernel: pid 75800 (freshclam), uid 1003 inumber 4038 on /var: filesystem full
    Oct 12 15:06:22 kernel: pid 53366 (freshclam), uid 1003 inumber 4038 on /var: filesystem full
    Oct 12 16:07:05 kernel: pid 15805 (freshclam), uid 1003 inumber 4038 on /var: filesystem full

    The  filesystem looks like this:

    [2.1-RELEASE][root@pfSense]/root(2): df -h
    Filesystem          Size    Used  Avail Capacity  Mounted on
    /dev/ufs/pfsense0    1.8G    271M    1.4G    16%    /
    devfs                1.0k    1.0k      0B  100%    /dev
    /dev/ufs/cf          49M    780k    44M    2%    /cf
    /dev/md0              38M    444k    35M    1%    /tmp
    /dev/md1              57M    16M    36M    31%    /var
    devfs                1.0k    1.0k      0B  100%    /var/dhcpd/dev
    /dev/md10            483M    6.0k    444M    0%    /var/tmp/havpRAM
    [2.1-RELEASE][root@pfSense]/root(3):

    [2.1-RELEASE][root@pfSense]/root(3): fdisk
    ******* Working on device /dev/ufs/pfsense0 *******
    parameters extracted from in-core disklabel are:
    cylinders=3813 heads=16 sectors/track=63 (1008 blks/cyl)

    Figures below won't work with BIOS for partitions not in cyl 1
    parameters to be used for BIOS calculations are:
    cylinders=3813 heads=16 sectors/track=63 (1008 blks/cyl)

    fdisk: invalid fdisk partition table found
    Media sector size is 512
    Warning: BIOS sector numbering starts with sector 1
    Information from DOS bootblock is:
    The data for partition 1 is:
    sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
        start 63, size 3843441 (1876 Meg), flag 80 (active)
            beg: cyl 0/ head 1/ sector 1;
            end: cyl 740/ head 15/ sector 63
    The data for partition 2 is:
    <unused>The data for partition 3 is:
    <unused>The data for partition 4 is:
    <unused>Do I have to raise the space for /tmp ?

    Regards
    Keinstein




    </unused></unused></unused>


  • Netgate Administrator

    Try increasing the size of /var in System: Advanced: Miscellaneous:. It's set at 60MB by default, try 80MB. It shouldn't need much since it creates an extra ram disk, md10, presumably for the big requirements.

    Steve



  • Hi Steve,

    thank you for your fast help! :-)

    I changed the values to 128MB and I think this should be enough.

    But HAVP is still not working. Seems like the arguements in the script have errors:

    Oct 13 15:09:22 	php: rc.start_packages: Starting HAVP
    Oct 13 15:09:22 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:22 	login: login on ttyv0 as root
    Oct 13 15:09:22 	sshlockout[33143]: sshlockout/webConfigurator v3.0 starting up
    Oct 13 15:09:23 	php: rc.start_packages: Antivirus: Group 'havp' was added.
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/tmp/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/db/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/tmp/havpRAM' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates_ex' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/run/havp.pid' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/rc.d/havp_avupdate' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/clamd.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:23 	php: rc.start_packages: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:09:24 	clamd[52475]: Can't open file or directory
    Oct 13 15:09:26 	clamd[61388]: Can't open file or directory
    Oct 13 15:10:28 	sshd[76348]: Accepted keyboard-interactive/pam for root from 192.168.222.20 port 49599 ssh2
    Oct 13 15:11:12 	php: /system_advanced_misc.php: Successful login for user 'admin' from: 192.168.222.20
    Oct 13 15:11:12 	php: /system_advanced_misc.php: Successful login for user 'admin' from: 192.168.222.20
    Oct 13 15:11:38 	clamd[19756]: Can't open file or directory
    Oct 13 15:11:52 	clamd[26447]: Can't open file or directory
    Oct 13 15:12:12 	clamd[34546]: Can't open file or directory
    Oct 13 15:13:02 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/rc.d/havp_avupdate' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:03 	php: /pkg_edit.php: Antivirus: Group 'havp' was added.
    Oct 13 15:13:03 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:03 	check_reload_status: Syncing firewall
    Oct 13 15:13:03 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/tmp/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/db/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/tmp/havpRAM' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/share/examples/havp/templates_ex' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/havp' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/run/havp.pid' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /var/log/clamav' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/rc.d/havp_avupdate' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/clamd.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:04 	php: /pkg_edit.php: The command 'chgrp -R -v havp /usr/local/etc/freshclam.conf' returned exit code '1', the output was 'chgrp: havp: Invalid argument'
    Oct 13 15:13:20 	clamd[75600]: Can't open file or directory
    Oct 13 15:13:20 	clamd[77509]: Can't open file or directory
    Oct 13 15:13:39 	clamd[3395]: Can't open file or directory
    Oct 13 15:14:11 	clamd[7939]: Can't open file or directory
    

  • Netgate Administrator

    Hmm, well that looks more serious.  ;)
    I don't run HAVP myself. I have done in the past but never under 2.1. Are other people having problems?
    This should probably be asked in the packages subforum, it's more a question for the HAVP maintainer.

    Steve



  • Hi Steve,

    ok, I started a new thread: http://forum.pfsense.org/index.php/topic,67956.msg371838.html#msg371838

    Thank you so far!.



  • I just had a short view on the code here:
    https://github.com/pfsense/pfsense-packages/blob/master/config/havp/havp.inc

    And for me it looks like it wasn't modified to work properly on pfsense 2.1

    There an many paths looking like this:

    /usr/local/etc
    

    which is pfsense 2.0.x

    On pfsense 2.1 it should probably be:

    /usr/pbi/...
    

  • Netgate Administrator



  • @stephenw10:

    Interesting. It's listed as working here:
    https://docs.google.com/spreadsheet/ccc?key=0AojFUXcbH0ROdEFZcC1GbEV6ekpqcXFEZTE5TGpzaXc#gid=0

    Steve

    Yeah, strange.

    Probably service "started" but if it is really working was never tested. On the havp.inc file there are version checks for pfsense 1.x and 2.x but not for 2.1.



  • Hi guys,

    maybe I found another problem and probably this problem is not due to the package. I am not able write any data to filesystem.

    If I open the "antivirus" menu in the webui I get the following message:

    Warning: file_put_contents(/usr/local/etc/havp/havp_conf.xml): failed to open stream: Read-only file system in /usr/local/pkg/havp.inc on line 601
    

    Therefore I tried to write data on the shell, but this didn't work either:

    [2.1-RELEASE][admin@pfSense]/usr/local/etc/havp(20): mkdir test
    mkdir: test: Read-only file system
    [2.1-RELEASE][admin@pfSense.]/usr/local/etc/havp(21):
    
    

    I checked the fstab and found the following:

    
    [2.1-RELEASE][admin@pfSense]/usr/local/etc/havp(21): vi /etc/fstab
    /dev/ufs/pfsense0 / ufs ro,sync,noatime 1 1
    /dev/ufs/cf /cf ufs ro,sync,noatime 1 1
    
    

    I tried to change the "ro" to "rw" - but I could not write the file (of course, it is readonly.. )


  • Netgate Administrator

    That is the correct behavior for a Nanobsd install. There is an option to mount the filesystem RW permanently in the webgui but it shouldn't be needed. I would suggest the package may not have installed correctly.

    Steve


Log in to reply