hi, thank you all, now I know the proble is not using iptable to redirector ip flow
| HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
| no log and can not block viruses http://havp.hege.li/forum/viewtopic.php?f=3&t=400 |
Page 1 of 1 |
| Author: | debuger [ 29 Nov 2008 14:18 ] |
| Post subject: | no log and can not block viruses |
hi all, this is my havp.config file: # Using HAVP config: /usr/local/etc/havp/havp.config ACCESSLOG=/var/log/havp/access.log ARCAVIRSOCKET=/var/run/arcavird.socket ARCAVIRVERSION=2007 AVASTPORT=5036 AVASTSERVER= AVASTSOCKET=/var/run/avast4/local.sock AVESOCKET=/var/run/aveserver AVGPORT=55555 AVGSERVER=127.0.0.1 BIND_ADDRESS=127.0.0.1 BLACKLIST=/usr/local/etc/havp/blacklist CLAMBLOCKBROKEN=FALSE CLAMBLOCKENCRYPTED=FALSE CLAMBLOCKMAX=FALSE CLAMDBDIR=/usr/local/share/clamav CLAMDPORT=3310 CLAMDSERVER= CLAMDSOCKET=/tmp/clamd CLAMMAXFILES=50 CLAMMAXFILESIZE=100 CLAMMAXRATIO=250 CLAMMAXRECURSION=8 CLAMMAXSCANSIZE=20 DAEMON=TRUE DBRELOAD=60 DISABLELOCKINGFOR=ClamAV:BinHex ClamAV:PDF ClamAV:ZIP DISPLAYINITIALMESSAGES=TRUE DRWEBHEURISTIC=TRUE DRWEBMALWARE=TRUE DRWEBPORT=3000 DRWEBSERVER= DRWEBSOCKET=/var/drweb/run/.daemon ENABLEARCAVIR=FALSE ENABLEAVAST=FALSE ENABLEAVESERVER=FALSE ENABLEAVG=FALSE ENABLECLAMD=FALSE ENABLECLAMLIB=TRUE ENABLEDRWEB=FALSE ENABLEFPROT=FALSE ENABLENOD32=FALSE ENABLESOPHIE=FALSE ENABLETROPHIE=FALSE ERRORLOG=/var/log/havp/havp.log FAILSCANERROR=TRUE FORWARDED_IP=FALSE FPROTOPTIONS= FPROTPORT=10200 FPROTSERVER=127.0.0.1 GROUP=havp IGNOREVIRUS= KEEPBACKBUFFER=200000 KEEPBACKTIME=5 LOGLEVEL=1 LOG_OKS=TRUE MAXDOWNLOADSIZE=0 MAXSCANSIZE=5000000 MAXSERVERS=150 NOD32SOCKET=/tmp/nod32d.sock NOD32VERSION=25 PARENTPORT=0 PARENTPROXY= PIDFILE=/var/run/havp/havp.pid PORT=10080 RANGE=FALSE SCANIMAGES=TRUE SCANNERTIMEOUT=10 SCANTEMPFILE=/var/tmp/havp/havp-XXXXXX SERVERNUMBER=8 SOPHIESOCKET=/var/run/sophie SOURCE_ADDRESS= STREAMSCANSIZE=20000 STREAMUSERAGENT= SYSLOGFACILITY=daemon SYSLOGLEVEL=info SYSLOGNAME=havp TEMPDIR=/var/tmp TEMPLATEPATH=/usr/local/etc/havp/templates/en TRANSPARENT=TRUE TRICKLING=30 TRICKLINGBYTES=1 TROPHIEMAXFILES=50 TROPHIEMAXFILESIZE=10 TROPHIEMAXRATIO=250 USER=havp USESYSLOG=FALSE WHITELIST=/usr/local/etc/havp/whitelist WHITELISTFIRST=TRUE X_FORWARDED_FOR=FALSE Exiting.. but I can't found any log info in the =/var/log/havp/access.log in /var/log/havp/havp.log: 29/11/2008 19:03:37 === Starting HAVP Version: 0.89 29/11/2008 19:03:37 Running as user: havp, group: havp 29/11/2008 19:03:37 Use transparent proxy mode 29/11/2008 19:03:37 --- Initializing ClamAV Library Scanner 29/11/2008 19:03:37 ClamAV: Using database directory: /usr/local/share/clamav 29/11/2008 19:04:01 ClamAV: Loaded 466505 signatures (engine 0.94.2) 29/11/2008 19:04:01 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature) 29/11/2008 19:04:01 --- All scanners initialized 29/11/2008 19:04:01 Process ID: 8461 I think there is no error, but when I click the eicar.com for viruses test, it failed what is the problem? thank you |
|
| Author: | hege [ 30 Nov 2008 12:47 ] |
| Post subject: | Re: no log and can not block viruses |
debuger wrote: I think there is no error, but when I click the eicar.com for viruses test, it failed What do you mean by "it failed"? |
|
| Author: | debuger [ 01 Dec 2008 04:38 ] |
| Post subject: | Re: no log and can not block viruses |
not block the viruses, no alarm message |
|
| Author: | hege [ 01 Dec 2008 11:51 ] |
| Post subject: | Re: no log and can not block viruses |
Does traffic even go to HAVP? Is there OK message in the log? |
|
| Author: | debuger [ 01 Dec 2008 12:32 ] |
| Post subject: | Re: no log and can not block viruses |
hi, thank you all, now I know the proble is not using iptable to redirector ip flow
|
|
| Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|