So whats the deal with the hapv package? I can't surf when its active. I
also notice on the general tab.
File scanner Scanner status
Path:
Enter file path or catalog for scanning.
------------------------------------------------------------------------
_Squid cache path (scan you squid cache now)._
_Common DB path._
_Temp path._
Start Scanner
2014.07.29 13:18:00 Starting scan file '/var/squid'.
--------------------------------------
ERROR: Can't connect to clamd: No such file or directory
----------- SCAN SUMMARY -----------
Infected files: 0
Total errors: 1
Time: 0.000 sec (0 m 0 s)
Path= /var/squid all three scan.transparent SUGGESTIONS???
<http://bbs.dlois.com:8888/index.php>
home.dlois.com
*
System
*
Interfaces
*
Firewall
*
Services
*
VPN
*
Status
*
Diagnostics
*
Help
Antivirus: HTTP proxy (havp + clamav)
<http://bbs.dlois.com:8888/pkg_edit.php?xml=havp.xml&id=0>help
<http://bbs.dlois.com:8888/help.php?page=havp.xml>
* General page <http://bbs.dlois.com:8888/antivirus.php>
* HTTP proxy <http://bbs.dlois.com:8888/pkg_edit.php?xml=havp.xml&id=0>
* Settings
<http://bbs.dlois.com:8888/pkg_edit.php?xml=havp_avset.xml&id=0>
Enable
Check this for enable proxy.
Proxy mode
Select interface mode:
*standard*- client(s) bind to the 'proxy port' on selected interface(s);
*parent for squid*- configure HAVP as parent for Squid proxy;
*transparent*- all HTTP requests on interface(s) will be directed to the
HAVP proxy server without any client configuration necessary (works as
parent for squid with transparent Squid proxy);
*internal*- HAVP will listen on the loopback (127.0.0.1) on configured
'proxy port.' Use you own traffic forwarding rules.
Proxy interface(s)
The interface(s) for client connections to the proxy. Use 'Ctrl' + L.
Click for multiple selection.
Proxy port
This is the port the proxy server will listen on (for example: 8080).
This port must be different from Squid proxy.
Parent proxy
Enter the parent (upstream) proxy settings as PROXY:PORT format or leave
empty.
Enable X-Forwarded-For
If client sent this header, FORWARDED_IP setting defines the value, then
it is passed on. You might want to keep this disabled for security reasons.
Enable this if you use your own parent proxy after HAVP, so it will see
the original client IP.
Disabling this also disables Via: header generation.
Enable Forwarded IP
If HAVP is used as a parent proxy for some other proxy, this allows
writing the real user's IP to log, instead of the proxy IP.
Language
Select the language in which the proxy server will display error
messages to users.
Max download size, Bytes
Enter value (in Bytes) or leave empty. Downloads larger than 'Max
download size' will be blocked if not whitelisted.
HTTP Range requests
Set this for allow HTTP Range requests, and broken downloads can be
resumed. Allowing HTTP Range is a security risk, because partial HTTP
requests may not be properly scanned. Whitelisted sites are allowed to
use Range in any case.
Whitelist
Enter each destination URL on a new line that will be accessable to the
users without scanning. Use '*' symbol for mask. Example:
*.github.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc
Blacklist
Enter each destination domain on a new line that will be accessable to
the users that are allowed to use the proxy.
Block file if error scanning
If set, the proxy will block the files on which an error scanning.
Enable RAM Disk
This option allow use RAM disk for HAVP temp files for more quick
traffic scan. RAM disk size depends on 'ScanMax' file size and available
memory. This option can be ignored on systems with low memory. ( RAM
disk size calculated as [1/4 available system memory] > [Scan max file
size] * 100 )
Scan max file size
Select this value for limit maximum file size or leave '---(5M)'. Files
larger than this limit won't be scanned. Small values increace scan
speed and maximum new connections per second and allow RAM disk use.
NOTE: Setting limit is a security risk, because some archives like ZIP
need all the data to be scanned properly! Use this only if you can't
afford temporary space for big files.
Scan images
Check this for scan image files. This option allows you to increase
reliability, but also slows down the scanning process.
Scan media stream
Check this for scan media (audio/video) stream. Use this for additional
scan exploits for players.
Scan Broken Executables
Check this to enable the Heuristic Broken Executable scan.
Log
Check this for enable log.
Syslog
Check this for enable Syslog.
pfSense <https://www.pfsense.org/?gui211>is © 2004 - 2014 byElectric
Sheep Fencing LLC <http://www.electricsheepfencing.com/>. All Rights
Reserved. [view license <http://bbs.dlois.com:8888/license.php>]
--
Brian Caouette
DJ-BrianC
(207) 212-6560
www.djbrianc.us
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list