/alcasar.sh |
---|
1379,6 → 1379,7 |
$SED "s?^# SERVERNUMBER.*?SERVERNUMBER 10?g" /etc/havp/havp.config # 10 daemons are started simultaneously |
$SED "s?^# SCANIMAGES.*?SCANIMAGES false?g" /etc/havp/havp.config # doesn't scan image files |
$SED "s?^# SKIPMIME.*?SKIPMIME image\/\* video\/\* audio\/\*?g" /etc/havp/havp.config # doesn't scan some multimedia files |
$SED "s?^# SCANTEMPFILE.*?SCANTEMPFILE /var/tmp/havp/havp-XXXXXX?g" /etc/havp/havp.config # Use our special tmp FS (memfs) |
# skip checking of youtube flow (too heavy load / risk too low) |
[ -e /etc/havp/whitelist.default ] || cp /etc/havp/whitelist /etc/havp/whitelist.default |
echo "# Whitelist youtube flow" >> /etc/havp/whitelist |
1386,10 → 1387,8 |
# adapt init script and systemd unit |
[ -e /etc/init.d/havp.default ] || cp /etc/init.d/havp /etc/init.d/havp.default |
cp -f $DIR_CONF/havp-init /etc/init.d/havp |
[ -e /lib/systemd/system/havp.service.default ] || cp /lib/systemd/system/havp.service /lib/systemd/system/havp.service.default |
$SED "/^PIDFile/i ExecStartPre=/bin/mkdir -p /var/run/havp" /lib/systemd/system/havp.service |
$SED "/^PIDFile/i ExecStartPre=/bin/chown -R havp:havp /var/run/havp /var/log/havp" /lib/systemd/system/havp.service |
# replace of the intercept page (template) |
cp -f $DIR_CONF/havp.service /lib/systemd/system/ |
# replace of the intercept page (template) |
cp -f $DIR_CONF/virus-fr.html /etc/havp/templates/fr/virus.html |
cp -f $DIR_CONF/virus-en.html /etc/havp/templates/en/virus.html |
# update virus database every 4 hours (24h/6) |
/conf/havp.service |
---|
0,0 → 1,25 |
# This file is part of systemd. |
# |
# systemd is free software; you can redistribute it and/or modify it |
# under the terms of the GNU General Public License as published by |
# the Free Software Foundation; either version 2 of the License, or |
# (at your option) any later version. |
# This unit launches HAVP |
[Unit] |
Description=HAVP |
After=network.target |
[Service] |
RemainAfterExit=yes |
ExecStartPre=/bin/mkdir -p /var/run/havp |
ExecStartPre=/bin/chown -R havp:havp /var/run/havp /var/log/havp |
ExecStartPre=/bin/mkdir -p /var/run/havp |
ExecStartPre=/bin/chown -R havp:havp /var/run/havp /var/log/havp |
PIDFile=/var/run/havp/havp.pid |
ExecStart=/etc/init.d/havp start |
ExecStop=/etc/init.d/havp stop |
ExecReload=/etc/init.d/havp restart |
[Install] |
WantedBy=multi-user.target |
/rpms/ipt-netflow-master-11-2019.tar.gz |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Deleted: svn:mime-type |
-application/octet-stream |
\ No newline at end of property |
/rpms/coova-chilli-1.4.tar.gz |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Deleted: svn:mime-type |
-application/octet-stream |
\ No newline at end of property |
/rpms/havp-0.93-1.0.spec |
---|
0,0 → 1,115 |
Summary: HTTP anti-virus proxy filter |
Name: havp |
Version: 0.93 |
Release: 1%{?dist} |
License: GPLv2 |
Group: Security |
URL: https://sourceforge.net/projects/havp/ |
Source: %{name}-%{version}.tar.gz |
Patch1: havp-init.diff |
Packager: Richard REY (Rexy) |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot |
BuildRequires: clamav-devel |
%description |
HAVP (HTTP AntiVirus proxy) is a proxy with an anti-virus filter. |
It does not cache or filter content. At the moment the complete |
traffic is scanned. The reason for this is the chance of malicious |
code in nearly every filetype e.g. HTML (JavaScript) or Jpeg. |
I aim to stop especially dialer or browser exploits. But writing |
a http Anti Virus Proxy is a real dilemma! Huge downloads are |
a problem for virus scanning proxies. A Client should not receive |
data which is unchecked by the virus scanner, but big downloads |
should not timeout. |
%prep |
%setup |
%patch1 -p0 |
%build |
%configure |
%make |
%install |
rm -rf %{buildroot} |
install -d %{buildroot}%{_initrddir} |
cp /etc/init.d/havp %{buildroot}%{_initrddir}/havp |
install -d %{buildroot}%{_localstatedir}/run/havp/ |
install -d %{buildroot}%{_localstatedir}/log/havp/ |
%makeinstall |
%pre |
if ! /usr/bin/id havp &>/dev/null; then |
/usr/sbin/useradd -r -d %{_localstatedir}/log/havp -s /bin/sh -c "havp" havp || \ |
%logmsg "Unexpected error adding user \"havp\". Aborting installation." |
fi |
%post |
/usr/bin/systemctl -q enable havp.service |
%preun |
if [ $1 -eq 0 ]; then |
/usr/bin/systemctl stop havp.service |
/usr/bin/systemctl -q disable havp.service |
fi |
%postun |
if [ $1 -eq 0 ]; then |
/usr/sbin/userdel havp || %logmsg "User \"havp\" could not be deleted." |
fi |
%files |
%defattr(-, root, root, 0755) |
%doc ChangeLog COPYING INSTALL update-conf |
%config %{_sysconfdir}/havp/ |
%config %{_initrddir}/havp |
%{_sbindir}/havp |
%defattr(-, havp, havp, 0755) |
%{_localstatedir}/log/havp/ |
%{_localstatedir}/run/havp/ |
%changelog |
* Sat Nov 23 2019 Rexy for ALCASAR project |
- Rebuild 0.93 for MGA7 |
* Sun Apr 3 2016 Rexy for ALCASAR project |
- Rebuild 0.92a.1 for Mga5 |
* Thu Jul 07 2014 jb <jeanbaptiste.couprit@gmail.com> - 0.92-1.1 |
- Created .spec file to build rpms for Mageia4 (x86_64 & i586). |
- Created two rpms : havp-0.92a-1-1.mga4.x86_64.rpm & havp-0.92a-1-1.mga4.i586.rpm with Libclamav patch (OpenSSL) |
* Tue Apr 30 2013 Crox <ptitois@gmail.com> - 0.92-1.1 |
- Created .spec file to build rpms for Mageia2 (x86_64 & i586). |
* Sun Nov 21 2010 Rexy <richard@rexy.fr> - 0.92-1 |
- Updated to release 0.92a. |
* Sun May 9 2010 Rexy <richard@irexy.fr> - 0.91-1 |
- Updated to release 0.91. |
* Tue Apr 7 2009 Dries Verachtert <dries@ulyssis.org> - 0.90-1 |
- Updated to release 0.90. |
* Wed Aug 13 2008 Dries Verachtert <dries@ulyssis.org> - 0.89-1 |
- Updated to release 0.89. |
* Sun Apr 20 2008 Dries Verachtert <dries@ulyssis.org> - 0.88-1 |
- Updated to release 0.88. |
* Mon Jul 23 2007 Dries Verachtert <dries@ulyssis.org> - 0.86-1 |
- Updated to release 0.86. |
* Tue Aug 22 2006 Dag Wieers <dag@wieers.com> - 0.7.9-1 |
- Cosmetic changes. |
* Wed May 31 2006 Bernard 'Tux' Lheureux <tux at portalinux dot org> 0.7.9-2 |
- Corrected the specfile to make it installable on CentOS 4.x |
- Created and applied some patches to make it chkconfig compatible |
- Created and applied a patch to make config reflect the correct location of the files |
* Tue May 30 2006 Jim Perrin <jperrin at gmail dot com> 0.7.9-1 |
- Initial build for CentOS, |
- Specfile generation... still some work to do... |
/rpms/havp-init.diff |
---|
8,7 → 8,7 |
+# description: starts HAVP the High Availability Antivirus Proxy |
+# |
-HAVP_BIN=/usr/local/bin/havp |
-HAVP_BIN=/usr/local/sbin/havp |
-HAVP_CONFIG=/usr/local/etc/havp/havp.config |
+HAVP_BIN=/usr/sbin/havp |
+HAVP_CONFIG=/etc/havp/havp.config |
/rpms/x86_64/havp-0.92a-1.mga5.x86_64.rpm |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Deleted: svn:mime-type |
-application/octet-stream |
\ No newline at end of property |
/rpms/x86_64/gammu-1.41.0-1.mga7.x86_64.rpm |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/rpms/x86_64/havp-0.93-1.mga7.x86_64.rpm |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/rpms/x86_64/lib64gammu8-1.41.0-1.mga7.x86_64.rpm |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/scripts/alcasar-uninstall.sh |
---|
124,7 → 124,7 |
[ -e /etc/havp/havp.config.default ] && mv /etc/havp/havp.config.default /etc/havp/havp.config && echo -n "1, " |
userdel -r havp 2>/dev/null && echo -n "2, " |
[ -e /etc/init.d/havp.default ] && mv /etc/init.d/havp.default /etc/init.d/havp && echo -n "3, " |
[ -e /lib/systemd/system/havp.service.default ] && mv /lib/systemd/system/havp.service.default /lib/systemd/system/havp.service && echo -n "4, " |
[ -e /lib/systemd/system/havp.service ] && rm /lib/systemd/system/havp.service && echo -n "4, " |
[ -e /etc/freshclam.conf.default ] && mv /etc/freshclam.conf.default /etc/freshclam.conf && echo -n "5" |
else echo -n "already uninstalled" |
fi |
/scripts/alcasar-urpmi.sh |
---|
223,13 → 223,16 |
# Save chilli launch script (erase with new rpm one) |
[ -e /etc/chilli.conf ] && cp /etc/chilli.conf /tmp/ |
# Install home made RPMs |
urpmi --no-verify --auto rpms/$ARCH/*.rpm |
for pkg in `ls rpms/$ARCH/*.rpm` |
do |
urpmi --no-verify --auto $pkg |
done |
# restore chilli launch script |
[ -e /tmp/chilli.conf ] && mv /tmp/chilli.conf /etc/ |
# Clean the RPM cache |
urpmi --clean |
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated) |
/sbin/depmod -a |
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated). "2>/dev/null" in order not to display a error (the running kernel is not the ALCASAR one during the installation process) |
/sbin/depmod -a 2>/dev/null |
# test if all needed rpms are correctly installed |
count_pkg=0; nb_pkg=0; |
for pkg in $PACKAGES |
246,19 → 249,18 |
exit 1 |
fi |
# test if all custom rpms are correctly installed |
#count_pkg=0; nb_pkg=0; |
#for pkg in `ls rpms/$ARCH/|tr -d .rpm` |
#do |
# nb_pkg=`expr $nb_pkg + 1` |
# if rpm -q --quiet $pkg ; then |
# count_pkg=`expr $count_pkg + 1` |
# else |
# echo "error installing $pkg" |
# fi |
#done |
#if [ $count_pkg -ne $nb_pkg ] |
#then |
# exit 1 |
#fi |
count_pkg=0; nb_pkg=0; |
for pkg in `ls rpms/$ARCH/|sed 's/.x86_64.rpm//'` |
do |
nb_pkg=`expr $nb_pkg + 1` |
if rpm -q --quiet $pkg ; then |
count_pkg=`expr $count_pkg + 1` |
else |
echo "error installing $pkg" |
fi |
done |
if [ $count_pkg -ne $nb_pkg ] |
then |
exit 1 |
fi |
exit 0 |