HTTP Anti-Virus Proxy

Official HAVP Support Forum
Registration disabled, I'm tired of spambots. E-mail havp@hege.li if you have questions.
HAVP project is pretty much frozen/abandoned at this time anyway.
It is currently 22 Jun 2014 09:52

All times are UTC + 2 hours [ DST ]




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: 04 Jul 2007 13:21 
Offline

Joined: 04 Jul 2007 12:54
Posts: 2
i have a problem with squid -> havp 0.86 -> squid (2.6.STABLE12) on gentoo.
i use ntlm auth in win2000 domain. i see in squid access.log this when try any site:
Quote:
1183543178.759 1 192.168.0.155 TCP_DENIED/407 1932 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543178.762 1 192.168.0.155 TCP_DENIED/407 2109 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543178.778 1 192.168.0.155 TCP_DENIED/407 1932 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543178.795 32 192.168.0.155 TCP_MISS/407 2084 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer jet DEFAULT_PARENT/127.0.0.1 text/html
1183543181.062 1 192.168.0.155 TCP_DENIED/407 2109 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543181.078 1 192.168.0.155 TCP_DENIED/407 1932 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543181.095 32 192.168.0.155 TCP_MISS/407 2084 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer jet DEFAULT_PARENT/127.0.0.1 text/html
1183543184.903 1 192.168.0.155 TCP_DENIED/407 2109 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543184.918 1 192.168.0.155 TCP_DENIED/407 1932 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543184.936 32 192.168.0.155 TCP_MISS/407 2084 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer jet DEFAULT_PARENT/127.0.0.1 text/html
1183543185.718 1 192.168.0.155 TCP_DENIED/407 2109 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543185.734 0 192.168.0.155 TCP_DENIED/407 1932 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer - NONE/- text/html
1183543185.751 32 192.168.0.155 TCP_MISS/407 2084 GET http://www.yandex.ru/yandsearch?rpt=rad&text=wer jet DEFAULT_PARENT/127.0.0.1 text/html

jet is a users name. looks like squid get it, but after few auth requests in browser i get ERROR: access denied.
in havp log i get:
Quote:
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser
04/07/2007 13:28:55 (127.0.0.1) Could not send body to browser

and in havp access.log:
Quote:
04/07/2007 13:59:38 192.168.0.155 GET 407 http://www.yandex.ru/yandsearch? 523+1407 OK
04/07/2007 13:59:41 192.168.0.155 GET 407 http://www.yandex.ru/yandsearch? 523+1407 OK
04/07/2007 13:59:44 192.168.0.155 GET 407 http://www.yandex.ru/yandsearch? 523+1407 OK
04/07/2007 13:59:45 192.168.0.155 GET 407 http://www.yandex.ru/yandsearch? 523+1407 OK

in squid store.log:
Quote:
2007/07/04 14:16:32| comm_select: timeout 0
2007/07/04 14:16:32| comm_select: timeout 0
2007/07/04 14:16:32| comm_select: timeout 0
2007/07/04 14:16:32| comm_select: timeout 0

and i don't know what this meen.

seems like havp gets page from squid, but client can't get page from squid.
yesterday it works, but not today. without havp it works too, but i need antivirus check on proxy, and i realy like how havp do this.
please, show me the way, and sorry for my bad english.


Top
 Profile  
 
 Post subject:
PostPosted: 05 Jul 2007 08:38 
Offline

Joined: 04 Jul 2007 12:54
Posts: 2
well, i decided to use 2 instances of squid. like it shown here: viewtopic.php?t=11
1st squid auth. users, second - cache requests.
i add this acl to squid1.conf:
Quote:
acl noscan urlpath_regex -i \.(jpe?g|gif|png|ico|swf|flv|pdf|bmp|mov|avi)$

and change this rule:
Quote:
cache_peer_access 127.0.0.1 allow !Proto_HTTPS !noscan

after this all works.
thanks all, sorry again for my bad english =)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 2 hours [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group