Project

General

Profile

Actions

Bug #5117

closed

HAVP fails to start after claimed to be successfull install 2.2.4

Added by NA NA about 6 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
HAVP
Target version:
-
Start date:
09/09/2015
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

2.2.4-RELEASE (i386) Fresh install in VM, no other packages
FreeBSD 10.1-RELEASE-p15

package havp-0.91_3-i386

Sep 10 06:28:15 php-fpm23105: /pkg_mgr_install.php: Beginning package installation for HAVP antivirus .
Sep 10 06:28:18 check_reload_status: Syncing firewall
Sep 10 06:28:46 php-fpm23105: /pkg_mgr_install.php: HAVP: RAMDisk not used. Diagnostic: system MB, available MB, calculated MB. Try reducing 'MAXSCANSIZE' value.
Sep 10 06:28:46 php-fpm23105: /pkg_mgr_install.php: HAVP: RAMDisk not used. Diagnostic: system MB, available MB, calculated MB. Try reducing 'MAXSCANSIZE' value.
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: XML error: XML_ERR_NAME_REQUIRED at line 562 in /conf/config.xml
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: pfSense is restoring the configuration /cf/conf/backup/config-1441837698.xml
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: New alert found: pfSense is restoring the configuration /cf/conf/backup/config-1441837698.xml
Sep 10 06:28:47 check_reload_status: Syncing firewall
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: HAVP: RAMDisk not used. Diagnostic: system MB, available MB, calculated MB. Try reducing 'MAXSCANSIZE' value.
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: Stopping HAVP
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: XML error: XML_ERR_NAME_REQUIRED at line 562 in /conf/config.xml
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: pfSense is restoring the configuration /cf/conf/backup/config-1441837698.xml
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: New alert found: pfSense is restoring the configuration /cf/conf/backup/config-1441837698.xml
Sep 10 06:28:47 check_reload_status: Syncing firewall
Sep 10 06:28:47 check_reload_status: Reloading filter
Sep 10 06:28:47 php-fpm23105: /pkg_mgr_install.php: Successfully installed package: HAVP antivirus.

Line 562 corresponds to

<rrd>
<enable/>
</rrd>

Here is another user experiencing the same issue.
https://forum.teksyndicate.com/t/pfsense-and-havp-proxy/87251

Actions #1

Updated by Kill Bill about 6 years ago

NA NA wrote:

Line 562 corresponds to

<rrd>
<enable/>
</rrd>

Look at /cf/conf/config.xml.bad instead.

Actions #2

Updated by NA NA about 6 years ago

Thanks, was stupid of me looking at the working thing
Here is the portion from config.xml.bad

501 <cron>
502 <item>
503 <minute>1,31</minute>
504 <hour>0-5</hour>
505 <mday>*</mday>
506 <month>*</month>
507 <wday>*</wday>
508 <who>root</who>
509 <command>/usr/bin/nice -n20 adjkerntz -a</command>
510 </item>
511 <item>
512 <minute>1</minute>
513 <hour>3</hour>
514 <mday>1</mday>
515 <month>*</month>
516 <wday>*</wday>
517 <who>root</who>
518 <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
519 </item>
520 <item>
521 <minute>*/60</minute>
522 <hour>*</hour>
523 <mday>*</mday>
524 <month>*</month>
525 <wday>*</wday>
526 <who>root</who>
527 <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
528 </item>
529 <item>
530 <minute>*/60</minute>
531 <hour>*</hour>
532 <mday>*</mday>
533 <month>*</month>
534 <wday>*</wday>
535 <who>root</who>
536 <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout</command>
537 </item>
538 <item>
539 <minute>1</minute>
540 <hour>1</hour>
541 <mday>*</mday>
542 <month>*</month>
543 <wday>*</wday>
544 <who>root</who>
545 <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
546 </item>
547 <item>
548 <minute>*/60</minute>
549 <hour>*</hour>
550 <mday>*</mday>
551 <month>*</month>
552 <wday>*</wday>
553 <who>root</who>
554 <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
555 </item>
556 <item>
557 <minute>30</minute>
558 <hour>12</hour>
559 <mday>*</mday>
560 <month>*</month>
561 <wday>*</wday>
562 <who>root</who>
563 <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
564 </item>
565 <item>
566 <minute>
567 <0>0</0>
568 <1></1>
569 <2>*</2>
570 <3>*</3>
571 <4>*</4>
572 <5>root</5>
573 </minute>
574 <hour>*</hour>
575 <mday>*</mday>
576 <month>*</month>
577 <wday>*</wday>
578 <who>root</who>
579 <command>/usr/bin/nice -n20 /usr/local/etc/rc.d/havp_avupdate</command>
580 </item>
581 </cron>
582 <wol/>

Actions #3

Updated by NA NA about 6 years ago

NA NA wrote:

Thanks, was stupid of me looking at the working thing
Here is the portion from config.xml.bad

501 <cron>
502 <item>
503 <minute>1,31</minute>
504 <hour>0-5</hour>
505 <mday>*</mday>
506 <month>*</month>
507 <wday>*</wday>
508 <who>root</who>
509 <command>/usr/bin/nice -n20 adjkerntz -a</command>
510 </item>
511 <item>
512 <minute>1</minute>
513 <hour>3</hour>
514 <mday>1</mday>
515 <month>*</month>
516 <wday>*</wday>
517 <who>root</who>
518 <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
519 </item>
520 <item>
521 <minute>*/60</minute>
522 <hour>*</hour>
523 <mday>*</mday>
524 <month>*</month>
525 <wday>*</wday>
526 <who>root</who>
527 <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
528 </item>
529 <item>
530 <minute>*/60</minute>
531 <hour>*</hour>
532 <mday>*</mday>
533 <month>*</month>
534 <wday>*</wday>
535 <who>root</who>
536 <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout</command>
537 </item>
538 <item>
539 <minute>1</minute>
540 <hour>1</hour>
541 <mday>*</mday>
542 <month>*</month>
543 <wday>*</wday>
544 <who>root</who>
545 <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
546 </item>
547 <item>
548 <minute>*/60</minute>
549 <hour>*</hour>
550 <mday>*</mday>
551 <month>*</month>
552 <wday>*</wday>
553 <who>root</who>
554 <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
555 </item>
556 <item>
557 <minute>30</minute>
558 <hour>12</hour>
559 <mday>*</mday>
560 <month>*</month>
561 <wday>*</wday>
562 <who>root</who>
563 <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
564 </item>
565 <item>
566 <minute>
567 <0>0</0>
568 <1></1>
569 <2>*</2>
570 <3>*</3>
571 <4>*</4>
572 <5>root</5>
573 </minute>
574 <hour>*</hour>
575 <mday>*</mday>
576 <month>*</month>
577 <wday>*</wday>
578 <who>root</who>
579 <command>/usr/bin/nice -n20 /usr/local/etc/rc.d/havp_avupdate</command>
580 </item>
581 </cron>
582 <wol/>

Syslog throws warning about line 567

Actions #4

Updated by Kill Bill about 6 years ago

Much better. Please, test this:

cd /usr/local/pkg/
mv havp.inc havp.inc.orig
fetch https://raw.githubusercontent.com/doktornotor/pfsense-packages/f71e299b474c5fbc6879bd00ab59d83aea2f7ef7/config/havp/havp.inc

and try some HAVP config changes.

Actions #5

Updated by NA NA about 6 years ago

seems like the services are up now.
However when I click settings in HAVP, I get the following

Warning: Invalid argument supplied for foreach() in /usr/local/www/pkg_edit.php on line 447

Thanks

Actions #6

Updated by Kill Bill about 6 years ago

Afraid that message is just useless. Regarding the cron handling, it's still wrong in the link above due to strong typing, correct patch here:

https://raw.githubusercontent.com/doktornotor/pfsense-packages/f71e299b474c5fbc6879bd00ab59d83aea2f7ef7/config/havp/havp.inc

Pull Request: https://github.com/pfsense/pfsense-packages/pull/1057

Actions #8

Updated by Kill Bill about 6 years ago

NA NA wrote:

However when I click settings in HAVP, I get the following
Warning: Invalid argument supplied for foreach() in /usr/local/www/pkg_edit.php on line 447

OK, I guess I figured it out ;)

https://raw.githubusercontent.com/doktornotor/pfsense-packages/2587e3661c973b0aac3b089806e0d1ed1e253c1f/config/havp/havp_avset.xml

Actions #9

Updated by NA NA about 6 years ago

thanks, that brought the settings page.
However AV service is not starting now. Cant see any relevant logs in syslog.
Also the log tabs near settings show 404 errors. Looks like we are trying to ductape a completely broken thing :/
Any suggestions?

Actions #10

Updated by NA NA about 6 years ago

Sep 11 04:16:40 迿^D96977: Running as user: havp, group: havp
Sep 11 04:16:40 !A)M-^D쿿^Q96977: --- Initializing Clamd Socket Scanner
Sep 11 04:17:40 !A)M-^D쿿^Q96977: Clamd: Could not connect to scanner! Scanner down?

Antivirus server says started in paranthesis but status image shows stopped
av proxy starts, then stops in 5 minutes or so
Shall I reinstall maybe?

Actions #11

Updated by Kill Bill about 6 years ago

Yeah. Maybe. Or just use Squid3 + C-ICAP, it at least is not dead as a coffin nail upstream.

Actions #12

Updated by Kill Bill about 6 years ago

(BTW - the reinstall will undo both of the fixes above of course.)

Actions #13

Updated by NA NA about 6 years ago

Reinstalled, followed your workaround with the following files
https://raw.githubusercontent.com/doktornotor/pfsense-packages/f71e299b474c5fbc6879bd00ab59d83aea2f7ef7/config/havp/havp.inc
https://raw.githubusercontent.com/doktornotor/pfsense-packages/2587e3661c973b0aac3b089806e0d1ed1e253c1f/config/havp/havp_avset.xml

I played around and finally everything worked when I set the ClamAV Mode to Library and disabled RAMdisk
Setup is Squid3+HAVP

And I am truly afraid of restarting the pfsense box, I have the gut feeling that things wont work once it is up :)

Actions #14

Updated by Kill Bill about 6 years ago

Hmmm, this HAVP thing is seriously redundant with Squid3. On that note, for Squid3, you need this ATM, otherwise any config changes there require reboot due to my screw-up... https://raw.githubusercontent.com/doktornotor/pfsense-packages/patch-5/config/squid3/34/squid.inc

Actions #15

Updated by NA NA about 6 years ago

Thanks, much appreciated!

Actions #16

Updated by NA NA about 6 years ago

Just saw that you have commited 1.08.
I uninstalled and installed 1.08 and it looks good, service does not stop when I enable ramdisk
One thing though, I can not find the HAVP error pages to modify in /usr/local/share/examples/havp/ (templates folder missing only templates_ex is there and empty)

Actions #17

Updated by NA NA about 6 years ago

Kill Bill wrote:

Hmmm, this HAVP thing is seriously redundant with Squid3. On that note, for Squid3, you need this ATM, otherwise any config changes there require reboot due to my screw-up... https://raw.githubusercontent.com/doktornotor/pfsense-packages/patch-5/config/squid3/34/squid.inc

Well I saw that pfsense has additional HAVP packages for status monitoring/dashboard etc. Does there exist similar stuff for squid integrated AV?

Actions #18

Updated by Kill Bill about 6 years ago

The templates could have never worked, the paths are incorrect, no idea what the package was trying to do.

https://github.com/pfsense/pfsense-packages/pull/1062

Actions #19

Updated by NA NA about 6 years ago

Thanks to reading your commit, I changed the files in /usr/pbi/havp-i386/local/share/examples/havp/templates/en and all good!
Btw is there a way for me to fetch your commit, maybe recombile and install in pfsense? Or shall I wait for version approval for your commits and reinstall?

Actions #20

Updated by Kill Bill about 6 years ago

Eh...

1/ Just wait till it gets merged.
2/ Use Filer package or something similar to keep track of the files, otherwise your customizations will be gone after package reinstall.
3/ With the fixes in the PR, those files should go to /usr/pbi/havp-$arch/local/share/examples/havp/templates_ex/$lang directory (needs to be one of the $lang values that can be selected in the GUI), better than overwriting the shipped ones.

Actions #21

Updated by NA NA about 6 years ago

thanks!

Actions #22

Updated by Kill Bill almost 6 years ago

Fixed.

Actions #23

Updated by Chris Buechler over 5 years ago

  • Category set to HAVP
  • Status changed from New to Resolved
Actions

Also available in: Atom PDF