HTTP Anti-Virus Proxy

When I attempt to place an order over the web, I see the HTML code rather than
the expected page. Disabling HAVP 0.82 fixes this; havp uses clamav, which is
current. Putting the IP in the whitelist does not resolve the problem. What
am I doing wrong?

whitelist:
x.y.z.205/*

Steps to recreate:
http://x.y.z.205/appfinityweborder
login 0012
password april
customer alr08
item # 1
quantity 700
ENTER
click SAVE

SECOND SUBJECT: Is it possible to whitelist by IP address, specifying a
range? I want to whitelist x.y.z.200/29* so that any url from any IP
between .202 and .206 is whitelisted.
--
buck

I got around this by creating nat rules with iptables:
#!/bin/bash
# /usr/sbin/havp.sh

# Remove all rules added after the 'if' below:
iptables -t nat -D PREROUTING -p tcp -s 192.168.1.0/24 --dport 80 -j HAVP 2>/dev/null
iptables -t nat -D HAVP -p tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to 192.168.1.1:8080 2>/dev/null
# Exceptions:
iptables -t nat -D HAVP -d c.b.a.144/29 -j RETURN 2>/dev/null
iptables -t nat -D HAVP -d x.y.z.200/29 -j RETURN 2>/dev/null
# End exceptions
iptables -t nat -X HAVP 2>/dev/null

if [ "$1" = "up" ] || [ "$1" = "start" ]; then
iptables -t nat -N HAVP
# Exceptions:
iptables -t nat -A HAVP -d x.y.z.200/29 -j RETURN
iptables -t nat -A HAVP -d c.b.a.144/29 -j RETURN
# End exceptions
iptables -t nat -A HAVP -p tcp -s 192.168.1.0/24 --dport 80 -j DNAT --to 192.168.1.1:8080
iptables -t nat -A PREROUTING -p tcp -s 192.168.1.0/24 --dport 80 -j HAVP
fi

# EOF havp.sh
--
buck

This could be a bug, but I would need to access the page to verify it.



It's recommended to use Squid before HAVP (and after) so you can do this all easier and more efficiently. Perhaps whitelisting IP's is added later to HAVP.

Cheers,
Henrik

Henrik,

I cannot post the URL in a public forum, but if you will send me a message off list I will reply with the information you need.

buckprivatemil yahoo com

I appreciate your offer to check this out. Thank you.
--
buck