Hi,
the current active conf for HAVP is (result of havp -s) :
ACCESSLOG=/var/log/havp/access.log ARCAVIRSOCKET=/var/run/arcavird.socket AVASTPORT=5036 AVASTSERVER= AVASTSOCKET=/var/run/avast4/local.sock AVESOCKET=/var/run/aveserver AVGPORT=55555 AVGSERVER=127.0.0.1 BIND_ADDRESS=127.0.0.1 BLACKLIST=/etc/havp/blacklist CLAMBLOCKBROKEN=FALSE CLAMBLOCKENCRYPTED=FALSE CLAMBLOCKMAX=FALSE CLAMDBDIR= CLAMDPORT=3310 CLAMDSERVER= CLAMDSOCKET=/tmp/clamd CLAMMAXFILES=1000 CLAMMAXFILESIZE=50 CLAMMAXRATIO=250 CLAMMAXRECURSION=8 DAEMON=TRUE DBRELOAD=60 DISPLAYINITIALMESSAGES=TRUE ENABLEARCAVIR=FALSE ENABLEAVAST=FALSE ENABLEAVESERVER=FALSE ENABLEAVG=FALSE ENABLECLAMD=FALSE ENABLECLAMLIB=TRUE ENABLEFPROT=FALSE ENABLENOD32=FALSE ENABLESOPHIE=FALSE ENABLETROPHIE=FALSE ERRORLOG=/var/log/havp/error.log FAILSCANERROR=TRUE FORWARDED_IP=TRUE FPROTPORT=10200 FPROTSERVER=127.0.0.1 GROUP=squid IGNOREVIRUS= KEEPBACKBUFFER=200000 KEEPBACKTIME=5 LOGLEVEL=1 LOG_OKS=FALSE MAXDOWNLOADSIZE=0 MAXSCANSIZE=150000000 MAXSERVERS=400 NOD32SOCKET=/tmp/nod32d.sock NOD32VERSION=25 PARENTPORT=0 PARENTPROXY= PIDFILE=/var/run/havp/havp.pid PORT=8010 RANGE=FALSE SCANIMAGES=TRUE SCANNERTIMEOUT=10 SCANTEMPFILE=/var/tmp/havp/havp-XXXXXX SERVERNUMBER=120 SOPHIESOCKET=/var/run/sophie SOURCE_ADDRESS= STREAMSCANSIZE=20000 STREAMUSERAGENT= SYSLOGFACILITY=daemon SYSLOGLEVEL=info SYSLOGNAME=havp TEMPDIR=/tmp TEMPLATEPATH=/etc/havp/templates/es TRANSPARENT=FALSE TRICKLING=30 TROPHIEMAXFILES=1000 TROPHIEMAXFILESIZE=10 TROPHIEMAXRATIO=250 USER=squid USESYSLOG=FALSE WHITELIST=/etc/havp/whitelist WHITELISTFIRST=TRUE X_FORWARDED_FOR=FALSE
IPTables config is mostly like (I removed many similar lines) :
root@proxyserver:~# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination ACCEPT tcp -- 10.70.96.54 194.224.215.30 tcp dpts:7200:7210 state NEW,RELATED ACCEPT tcp -- 10.70.96.76 194.224.215.30 tcp dpts:7200:7210 state NEW,RELATED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
While HAVP is running, if I look for open handle for one HAVP process the list is : havp 10096 squid cwd DIR 104,1 4096 226241 /tmp havp 10096 squid rtd DIR 104,1 4096 2 / havp 10096 squid txt REG 104,7 324525 565694 /usr/sbin/havp havp 10096 squid mem REG 104,1 77439 161683 /lib/libresolv-2.5.so havp 10096 squid mem REG 104,1 21065 161676 /lib/libnss_dns-2.5.so havp 10096 squid mem REG 104,1 45552 161677 /lib/libnss_files-2.5.so havp 10096 squid mem REG 104,1 41045 161679 /lib/libnss_nis-2.5.so havp 10096 squid mem REG 104,7 145457 633717 /usr/lib/libclamunrar.so.3.0.3 havp 10096 squid mem REG 104,1 96480 161674 /lib/libnsl-2.5.so havp 10096 squid mem REG 104,7 24773 633723 /usr/lib/libclamunrar_iface.so.3.0.3 havp 10096 squid mem REG 104,1 110796 161682 /lib/libpthread-2.5.so havp 10096 squid mem REG 104,7 218928 630246 /usr/lib/libgmp.so.3.4.1 havp 10096 squid mem REG 104,1 66444 163173 /lib/libbz2.so.1.0.4 havp 10096 squid mem REG 104,7 77688 630269 /usr/lib/libz.so.1.2.3 havp 10096 squid mem REG 104,1 1528742 161668 /lib/libc-2.5.so havp 10096 squid mem REG 104,7 41224 630258 /usr/lib/libgcc_s.so.1 havp 10096 squid mem REG 104,1 184820 161672 /lib/libm-2.5.so havp 10096 squid mem REG 104,7 906580 630337 /usr/lib/libstdc++.so.6.0.8 havp 10096 squid mem REG 104,7 1323603 630608 /usr/lib/libclamav.so.3.0.3 havp 10096 squid mem REG 104,1 35494 161675 /lib/libnss_compat-2.5.so havp 10096 squid mem REG 104,1 131484 161710 /lib/ld-2.5.so havp 10096 squid 0w REG 104,5 43993 129866 /var/log/havp/error.log havp 10096 squid 1w REG 104,5 0 129858 /var/log/havp/access.log havp 10096 squid 2uw REG 104,6 1 114 /var/tmp/havp/havp-YQ0Cfv havp 10096 squid 3u IPv4 8897 TCP 127.0.0.1:8010 (LISTEN) havp 10096 squid 5w FIFO 0,5 9564560 pipe havp 10096 squid 6r FIFO 0,5 9564561 pipe
Hope this may help someone to find an idea about this problem...
Marc.
|