HTTP Anti-Virus Proxy • View topic - Why my HAVP is so slow

Board index » HAVP Support » General Support

All times are UTC + 2 hours [ DST ]

Why my HAVP is so slow

Page 1 of 1

[ 1 post ]

Print view

Previous topic | Next topic

Author

Message

iskaldvind

Post subject: Why my HAVP is so slow

Posted: 30 Dec 2011 12:25

Joined: 30 Dec 2011 11:36
Posts: 1

Good day!

I have a Squid3+ClamAv+HAVP installed on my Ubuntu 10.04 server with 4Gb RAM. There are about 400 users in our company and an internet channel of 100Mbit/s. The S+C+H group do not load system even at half, but internet connections is terribly slow - web pages like google.com loads about 10-15 seconds. When I turn off HAVP and make S+C working - any web page loads in a moments.

-----------------------------------------------
Squid configuration:

Code:

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain="****.RU"
auth_param ntlm children 100
auth_param ntlm keep_alive on

acl CONNECT method CONNECT
acl localnet src 10.105.6.0/24
acl localnet src 172.16.0.0/16
acl localnet src 192.168.0.0/16

acl _sams_4ea7cad44302c proxy_auth "/etc/squid/4ea7cad44302c.sams" 
acl _sams_4ea7cad44302c_time time MTWHFAS 00:00-23:59
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443      # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210      # wais
acl Safe_ports port 1025-65535   # unregistered ports
acl Safe_ports port 280      # http-mgmt
acl Safe_ports port 488      # gss-http
acl Safe_ports port 591      # filemaker
acl Safe_ports port 777      # multiling http

http_access allow _sams_4ea7cad44302c  _sams_4ea7cad44302c_time  
 
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all

http_port 192.168.2.3:3128
cache_peer 127.0.0.1 parent 3127 0 default no-query

logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
coredump_dir /var/cache

refresh_pattern ^ftp:      1440   20%   10080
refresh_pattern ^gopher:   1440   0%   1440
refresh_pattern -i (/cgi-bin/|\?) 0   0%   0
refresh_pattern .      0   20%   4320

memory_pools off
forwarded_for on

HAVP configuration:

Code:

ACCESSLOG=/var/log/havp/access.log
ARCAVIRSOCKET=/var/run/arcavird.socket
ARCAVIRVERSION=2007
AVASTPORT=5036
AVASTSERVER=
AVASTSOCKET=/var/run/avast4/local.sock
AVESOCKET=/var/run/aveserver
AVGPORT=55555
AVGSERVER=127.0.0.1
BIND_ADDRESS=127.0.0.1
BLACKLIST=/etc/havp/blacklist
CLAMBLOCKBROKEN=FALSE
CLAMBLOCKENCRYPTED=FALSE
CLAMBLOCKMAX=FALSE
CLAMDBDIR=/var/lib/clamav
CLAMDPORT=3310
CLAMDSERVER=
CLAMDSOCKET=/tmp/clamd
CLAMMAXFILES=50
CLAMMAXFILESIZE=10
CLAMMAXRECURSION=2
CLAMMAXSCANSIZE=20
DAEMON=TRUE
DBRELOAD=60
DISABLELOCKINGFOR=ClamAV:BinHex ClamAV:PDF ClamAV:ZIP AVG:ALL
DISPLAYINITIALMESSAGES=TRUE
DRWEBHEURISTIC=TRUE
DRWEBMALWARE=TRUE
DRWEBPORT=3000
DRWEBSERVER=
DRWEBSOCKET=/var/drweb/run/.daemon
ENABLEARCAVIR=FALSE
ENABLEAVAST=FALSE
ENABLEAVESERVER=FALSE
ENABLEAVG=FALSE
ENABLECLAMD=FALSE
ENABLECLAMLIB=TRUE
ENABLEDRWEB=FALSE
ENABLEFPROT=FALSE
ENABLENOD32=FALSE
ENABLESOPHIE=FALSE
ENABLETROPHIE=FALSE
ERRORLOG=/var/log/havp/error.log
FAILSCANERROR=FALSE
FORWARDED_IP=TRUE
FPROTOPTIONS=
FPROTPORT=10200
FPROTSERVER=127.0.0.1
GROUP=havp
IGNOREVIRUS=
KEEPBACKBUFFER=200000
KEEPBACKTIME=5
LOGLEVEL=1
LOG_OKS=FALSE
MAXDOWNLOADSIZE=0
MAXSCANSIZE=5000000
MAXSERVERS=80
NOD32SOCKET=/tmp/nod32d.sock
NOD32VERSION=25
PARENTPORT=0
PARENTPROXY=
PIDFILE=/var/run/havp/havp.pid
PORT=3127
PRELOADZIPHEADER=TRUE
RANGE=TRUE
SCANIMAGES=TRUE
SCANNERTIMEOUT=5
SCANTEMPFILE=/var/spool/havp/havp-XXXXXX
SERVERNUMBER=60
SOPHIESOCKET=/var/run/sophie
SOURCE_ADDRESS=
STREAMSCANSIZE=20000
STREAMUSERAGENT=
SYSLOGFACILITY=daemon
SYSLOGLEVEL=info
SYSLOGNAME=havp
SYSLOGVIRUSLEVEL=warning
TEMPDIR=/var/spool/havp
TEMPLATEPATH=/etc/havp/templates/ru
TRANSPARENT=FALSE
TRICKLING=30
TRICKLINGBYTES=1
TROPHIEMAXFILES=50
TROPHIEMAXFILESIZE=10
TROPHIEMAXRATIO=250
USER=havp
USESYSLOG=FALSE
WHITELIST=/etc/havp/whitelist
WHITELISTFIRST=TRUE
X_FORWARDED_FOR=FALSE

HAVP error.log:

Code:

...
30/12/2011 12:28:01 (192.168.2.206) Could not send body to browser
30/12/2011 12:28:02 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80)
30/12/2011 12:28:02 (192.168.4.102) Could not send body to browser
30/12/2011 12:28:03 (192.168.4.171) Could not send body to browser
30/12/2011 12:28:03 (192.168.6.217) Could not send body to browser
30/12/2011 12:28:05 (94.100.187.197) Could not read server header (192.168.4.150/rs.mail.ru:80)
30/12/2011 12:28:10 (192.168.4.98) Could not send body to browser
30/12/2011 12:28:10 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80)
30/12/2011 12:28:11 (192.168.2.205) Could not send body to browser
30/12/2011 12:28:14 (127.0.0.1) Invalid request from browser
30/12/2011 12:28:14 (192.168.4.171) Could not send body to browser
30/12/2011 12:28:15 (192.168.6.217) Could not send body to browser
30/12/2011 12:28:15 (94.100.187.197) Could not read server header (10.105.6.119/rs.mail.ru:80)
30/12/2011 12:28:16 (192.168.2.205) Could not send body to browser
30/12/2011 12:28:19 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80)
30/12/2011 12:28:23 (87.248.207.253) Could not read server header (192.168.6.209/cdn.eyewonder.com:80)
30/12/2011 12:28:24 (192.168.4.102) Could not send body to browser
30/12/2011 12:28:25 (94.100.187.167) Could not read server header (192.168.2.205/img.imgsmail.ru:80)
30/12/2011 12:28:26 (192.168.4.158) Could not send body to browser
30/12/2011 12:28:27 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80)
30/12/2011 12:28:27 (78.140.152.30) Could not read server header (10.105.6.138/im1-tub.com:80)
30/12/2011 12:28:28 (192.168.4.171) Could not send body to browser
30/12/2011 12:28:30 (192.168.6.217) Could not send body to browser
30/12/2011 12:28:30 (192.168.4.102) Could not send body to browser
30/12/2011 12:28:30 (10.105.6.86) Could not send body to browser
30/12/2011 12:28:30 (10.105.6.86) Could not send body to browser
30/12/2011 12:28:31 (192.168.2.205) Could not send body to browser
30/12/2011 12:28:35 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80)
30/12/2011 12:28:41 (192.168.4.171) Could not send body to browser
30/12/2011 12:28:41 (10.105.6.138) Could not send body to browser
30/12/2011 12:28:43 (192.168.6.217) Could not send body to browser
30/12/2011 12:28:43 (192.168.2.205) Could not send body to browser
30/12/2011 12:28:46 (192.168.14.29) Could not send body to browser
30/12/2011 12:28:51 (192.168.4.144) Could not send body to browser
30/12/2011 12:28:51 (192.168.2.205) Could not send body to browser
30/12/2011 12:28:51 (192.168.4.171) Could not send body to browser
30/12/2011 12:28:52 (192.168.6.217) Could not send body to browser
30/12/2011 12:28:55 (192.168.4.98) Could not send body to browser
30/12/2011 12:29:34 (10.105.6.140) Could not send body to browser
...

Top

Page 1 of 1

[ 1 post ]

Board index » HAVP Support » General Support

All times are UTC + 2 hours [ DST ]

Who is online

Users browsing this forum: Google [Bot] and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum