1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241
|
This software is GPL2!
This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
more details.
You MUST check your antivirus licence for the use with HAVP. Maybe you are
not allowed to use it with HAVP. We don't take ANY WARRANTY!!
UPGRADING
=========
Just install HAVP normally. Your config will be preserved, but check
havp.config for possible new options. Templates are overwritten, so if
you have your own, make sure it is not in any default directory.
BASIC INSTALLATION
==================
HAVP has been tested only with GCC 3.4+.
Other compilers like Sun Studio have some problems currently.
Installation:
# ./configure (if you don't want /usr/local, use --prefix=/other/path)
# make
# make install
You can use the following path options in configure:
--prefix base directory, default "/usr/local"
--sbindir location of havp-binary, default "$prefix/sbin"
--sysconfdir location of etc, default "$prefix/etc" (+ /havp)
--localstatedir location of pidfile, default "/var" (+ /run/havp)
Also "make install DESTDIR=/tmp/havp" is supported for helping
in creating packages etc.
It is recommended to create a havp user:
# groupadd havp
# useradd -g havp havp
Check the configfile: /usr/local/etc/havp/havp.config
If Linux is used, you need to enable mandatory locking for the partition
where your tempfiles are located. Solaris supports mandatory locking
without these extra steps:
If you only have root partition available, you can enable mandatory
locking support like this:
# mount -o remount,mand /
You can naturally use this for /var or any other partition. Also add
mand-option to /etc/fstab so it will stay after reboot.
Using tmpfs might have some problems, make sure you test it properly.
NOTE: Mandatory locking could make it possible for evil local accounts
to hang the system. You should run HAVP anyway on non-public server.
Make sure the directories you are using have correct permissions:
# chown havp /var/tmp/havp /var/log/havp /var/run/havp
# chmod 700 /var/tmp/havp /var/log/havp /var/run/havp
Start havp:
# /usr/local/sbin/havp -c /path/to/config
You can also install rc-script to your system from sources etc/init.d.
If you have problems check the logfiles:
/var/log/havp/havp.log
/var/log/havp/access.log
More information and help can be found at HAVP forum: http://havp.hege.li/
OS SPECIFIC INSTRUCTIONS
========================
Linux:
------
Use GCC 3.4+.
Solaris 9:
----------
You may need lots of swap space if you use library scanners (ClamAV and
Trophie). It wants to reserve it even when it is not really used. If there
is not enough, you will get fork errors. Worst case formula: (20MB *
USEDLIBRARYSCANNERS) * (USEDSCANNERS + 1) * SERVERNUMBER.
GCC 3.4.2 from sunfreeware.com is recommended.
You may need to fix GCC headers like this:
# cd /usr/local/libexec/gcc/*/3.4.2/install-tools
# ./mkheaders
Solaris 10:
-----------
Swap space is not an issue anymore.
Use GCC 3.4.x that comes bundled at /usr/sfw/bin/gcc.
It is installed from SUNWgcc package.
FreeBSD:
--------
Use GCC 3.4+ from ports. FreeBSD does not support mandatory locking, which
means KEEPBACK settings can not be used (only TRICKLING is supported). This
means everything is first downloaded fully and only then sent to client.
You need to use --disable-locking option to compile.
SCANNER SPECIFIC INSTRUCTIONS
=============================
ClamAV
------
Library is used directly, so there is no need for clamd running.
If you choose to use clamd (which is not recommended as library support has
less overhead), you need to enable AllowSupplementaryGroups in clamd.conf,
and add clamav user to havp group.
== NOTICE: ==
You must check your antivirus license before using HAVP with commercial
scanners. Usage might not be allowed. We do not give any warranty!
Kaspersky
---------
Tested with aveserver daemon found in Linux File Server and Linux Mail
Server package.
You should set ReportLevel=1 at [aveserver.report] section, so log will not
fill disk.
Trend Micro (Trophie)
---------------------
/etc/iscan must point to the directory where libvsapi.so and
virus patterns are located. Create link if necessary.
Trend library is used directly, so daemon is not required to be running.
You should naturally run some pattern update script, if Trend itself is
not running.
AVG
---
Recommended changes to avg.conf:
[AvgCommon]
heuristicAnalysis = 1
processesArchives = 1
[AvgDaemon]
# Raise number of daemons atleast equal to SERVERNUMBER/MAXSERVERS
numOfDaemons = xx
F-Prot
------
Supported.
NOD32
-----
Tested with Linux Mail Server and Linux File Server packages.
File Server version can not display virus names.
Sophos (Sophie)
---------------
You need to make sure Sophie is working first, you can get it from:
http://www.clanfield.info/sophie/
Change user or group to havp user in sophie.cfg, so it can read tempfiles.
Also change maxproc value to atleast SERVERNUMBER/MAXSERVERS value!
Avast!
------
Linux/Unix Servers version is required.
Recommended changes to avastd.conf:
# Raise number to atleast equal of SERVERNUMBER
daemoncount = XX
# Raise number to atleast equal of MAXSERVERS
maxdaemoncount = XX
archivetype = A
testall = 1
testfull = 0
Arcavir
-------
Start arcavird with enough processes, like "arcavird 16".
DrWeb
-----
Recommended changes to drweb32.ini:
; Raise number to atleast equal of SERVERNUMBER
MaxChildren = xx
PreFork = Yes
|