summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJamie Lenehan <lenehan@twibble.org>2006-10-06 08:07:54 +0000
committerJamie Lenehan <lenehan@twibble.org>2006-10-06 08:07:54 +0000
commite56b975bb45bbbc4f0b99b502b3288737eb02e45 (patch)
tree01d71dd87db8d5f11cefde6e76dd06ed34f50906
parent1fee1949586215f9019770dd889d3631cdf1bf07 (diff)
havp 0.82: Add HAVP, a HTTP antivirus proxy which uses clamav to scan
http traffic passing through the proxy. It can act as either a transparent proxy or as a manual proxy.
-rw-r--r--packages/havp/.mtn2git_empty0
-rw-r--r--packages/havp/files/.mtn2git_empty0
-rw-r--r--packages/havp/files/doc.configure.txt21
-rw-r--r--packages/havp/files/havp.init33
-rw-r--r--packages/havp/files/sysconfdir-is-etc.patch26
-rw-r--r--packages/havp/files/volatiles.05_havp5
-rw-r--r--packages/havp/havp_0.82.bb89
7 files changed, 174 insertions, 0 deletions
diff --git a/packages/havp/.mtn2git_empty b/packages/havp/.mtn2git_empty
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/packages/havp/.mtn2git_empty
diff --git a/packages/havp/files/.mtn2git_empty b/packages/havp/files/.mtn2git_empty
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/packages/havp/files/.mtn2git_empty
diff --git a/packages/havp/files/doc.configure.txt b/packages/havp/files/doc.configure.txt
new file mode 100644
index 0000000000..f88fb405ec
--- /dev/null
+++ b/packages/havp/files/doc.configure.txt
@@ -0,0 +1,21 @@
+The following items needs to be considered when using havp:
+
+1. Madatory locking
+
+ The filesystem on which SCANTEMPFILE lives must have madatory
+ locking enabled (mand option to mount). Note that nfs does not
+ support madatory locking.
+
+2. Scanning directory size
+
+ If you have limited space on the SCANTEMPFILE then you will need
+ to set MAXSCANSIZE.
+
+3. Transparent proxy
+
+ For transparent proxying you need an IP tables rule such as:
+
+ iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
+
+ where eth0 is the incomming port, and 8080 is the port that havp
+ is running on.
diff --git a/packages/havp/files/havp.init b/packages/havp/files/havp.init
new file mode 100644
index 0000000000..245a28e7bc
--- /dev/null
+++ b/packages/havp/files/havp.init
@@ -0,0 +1,33 @@
+#!/bin/sh
+DAEMON=/usr/sbin/havp
+HAVP_CONFIG=/etc/havp/havp.config
+PIDFILE=/var/run/havp/havp.pid
+NAME="havp"
+DESC="HAVP"
+
+test -r /etc/default/havp && . /etc/default/havp
+test -x "$DAEMON" || exit 0
+test ! -r "$HAVP_CONFIG" && exit 0
+
+case "$1" in
+ start)
+ echo "Starting $DESC: "
+ start-stop-daemon --oknodo -S -x $DAEMON -- -c $HAVP_CONFIG
+ echo "$NAME."
+ ;;
+
+ stop)
+ echo "Stopping $DESC:"
+ start-stop-daemon -K -p $PIDFILE
+ ;;
+
+ restart)
+ $0 stop >/dev/null 2>&1
+ $0 start
+ ;;
+
+ *)
+ echo "Usage: $0 {start|stop|restart}"
+ exit 0
+ ;;
+esac
diff --git a/packages/havp/files/sysconfdir-is-etc.patch b/packages/havp/files/sysconfdir-is-etc.patch
new file mode 100644
index 0000000000..518a56f440
--- /dev/null
+++ b/packages/havp/files/sysconfdir-is-etc.patch
@@ -0,0 +1,26 @@
+--- havp-0.82/havp/default.h.in 2006/10/05 09:05:18 1.1
++++ havp-0.82/havp/default.h.in 2006/10/05 09:05:31
+@@ -51,7 +51,7 @@
+ "ENABLEAVAST","AVASTSOCKET","AVASTSERVER","AVASTPORT"
+ //SCANNERS
+
+-#define CONFIGFILE "/usr/local/etc/havp/havp.config"
++#define CONFIGFILE "/etc/havp/havp.config"
+
+
+ //##############################################################
+--- havp-0.82/havp/params.cpp 2006/10/05 09:04:45 1.1
++++ havp-0.82/havp/params.cpp 2006/10/05 09:05:06
+@@ -58,9 +58,9 @@
+ SetConfig("KEEPBACKTIME", "5");
+ SetConfig("TRICKLING", "30");
+ SetConfig("WHITELISTFIRST", "true");
+- SetConfig("WHITELIST", "/usr/local/etc/havp/whitelist");
+- SetConfig("BLACKLIST", "/usr/local/etc/havp/blacklist");
+- SetConfig("TEMPLATEPATH", "/usr/local/etc/havp/templates/en");
++ SetConfig("WHITELIST", "/etc/havp/whitelist");
++ SetConfig("BLACKLIST", "/etc/havp/blacklist");
++ SetConfig("TEMPLATEPATH", "/etc/havp/templates/en");
+ SetConfig("TEMPDIR", "/var/tmp");
+ SetConfig("SCANTEMPFILE", "/var/tmp/havp/havp-XXXXXX");
+ SetConfig("PIDFILE", "/var/run/havp/havp.pid");
diff --git a/packages/havp/files/volatiles.05_havp b/packages/havp/files/volatiles.05_havp
new file mode 100644
index 0000000000..3a9551fc1f
--- /dev/null
+++ b/packages/havp/files/volatiles.05_havp
@@ -0,0 +1,5 @@
+# <type> <owner> <group> <mode> <path> <linksource>
+d havp havp 0775 /var/log/havp none
+d havp havp 0755 /var/lib/havp none
+d havp havp 0755 /var/run/havp none
+d havp havp 0755 /var/tmp/havp none
diff --git a/packages/havp/havp_0.82.bb b/packages/havp/havp_0.82.bb
new file mode 100644
index 0000000000..a0e1a00d64
--- /dev/null
+++ b/packages/havp/havp_0.82.bb
@@ -0,0 +1,89 @@
+DESCRIPTION = "HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV \
+anti-virus scanner. The main aims are continuous, non-blocking \
+downloads and smooth scanning of dynamic and password protected HTTP \
+traffic. Havp antivirus proxy has a parent and transparent proxy \
+mode. It can be used with squid or standalone."
+HOMEPAGE = "http://www.server-side.de"
+SECTION = "network"
+LICENSE = "GPLv2"
+DEPENDS = "clamav"
+RDEPENDS_${PN} += "${PN}-templates-css2 ${PN}-templates-en"
+PR = "r0"
+
+SRC_URI = "http://www.server-side.de/download/havp-${PV}.tar.gz \
+ file://sysconfdir-is-etc.patch;patch=1 \
+ file://havp.init \
+ file://doc.configure.txt \
+ file://volatiles.05_havp"
+
+inherit autotools
+
+EXTRA_OECONF = "--with-scanner=libclamav"
+
+do_configure_append () {
+ # Change the paths for /usr/local/etc (patch was applied to change them)
+ # And enable clamav as the scanner that is to be used.
+ sed -e 's:ENABLECLAMLIB false:ENABLECLAMLIB true:' \
+ -e 's:/usr/local/etc:/etc:' \
+ etc/havp/havp.config > etc/havp/havp.config.oe
+}
+do_install () {
+ install -m 0755 -d ${D}${sbindir} ${D}${sysconfdir}/havp \
+ ${D}${sysconfdir}/init.d ${D}${docdir}/havp \
+ ${D}${sysconfdir}/default/volatiles
+ install -m 755 havp/havp ${D}${sbindir}
+ install -m 755 ${WORKDIR}/havp.init ${D}${sysconfdir}/init.d/havp
+ install -m 755 INSTALL ${D}${docdir}/havp
+ install -m 755 ${WORKDIR}/doc.configure.txt ${D}${docdir}/havp/configure.txt
+ install -m 644 etc/havp/havp.config.oe ${D}${sysconfdir}/havp/havp.config
+ install -m 644 etc/havp/havp.config.oe ${D}${docdir}/havp/havp.config.default
+
+ for i in whitelist blacklist; do
+ install -m 644 etc/havp/$i ${D}${sysconfdir}/havp/$i
+ done
+ cp -r etc/havp/templates ${D}${sysconfdir}/havp
+ chmod -R a+rX ${D}${sysconfdir}/havp/templates
+
+ # We need some /var directories
+ for i in 05_havp; do
+ install -m 0644 ${WORKDIR}/volatiles.$i ${D}${sysconfdir}/default/volatiles/$i
+ done
+}
+
+PACKAGES = "${PN}-dbg ${PN}-doc \
+ ${PN}-templates-br ${PN}-templates-css2 ${PN}-templates-de \
+ ${PN}-templates-en ${PN}-templates-es ${PN}-templates-fr \
+ ${PN}-templates-it ${PN}-templates-nl ${PN}-templates-pf \
+ ${PN}-templates-pl ${PN}-templates-ru ${PN}-templates-sv \
+ ${PN}"
+
+FILES_${PN} = "${sysconfdir}/havp/blacklist ${sysconfdir}/havp/whitelist \
+ ${sysconfdir}/havp/havp.config* \
+ ${sysconfdir}/init.d ${sysconfdir}/default ${sbindir}"
+FILES_${PN}-templates-br = "${sysconfdir}/havp/templates/br"
+FILES_${PN}-templates-css2 = "${sysconfdir}/havp/templates/css2"
+FILES_${PN}-templates-de = "${sysconfdir}/havp/templates/de"
+FILES_${PN}-templates-en = "${sysconfdir}/havp/templates/en"
+FILES_${PN}-templates-es = "${sysconfdir}/havp/templates/es"
+FILES_${PN}-templates-fr = "${sysconfdir}/havp/templates/fr"
+FILES_${PN}-templates-it = "${sysconfdir}/havp/templates/it"
+FILES_${PN}-templates-nl = "${sysconfdir}/havp/templates/nl"
+FILES_${PN}-templates-pf = "${sysconfdir}/havp/templates/pf"
+FILES_${PN}-templates-pl = "${sysconfdir}/havp/templates/pl"
+FILES_${PN}-templates-ru = "${sysconfdir}/havp/templates/ru"
+FILES_${PN}-templates-sv = "${sysconfdir}/havp/templates/sv"
+
+# Add havp's user and groups
+pkg_postinst_${PN} () {
+ grep -q havp: /etc/group || addgroup havp
+ grep -q havp: /etc/passwd || \
+ adduser --disabled-password --home=${localstatedir}/lib/havp/ --system \
+ --ingroup havp --no-create-home -g "HAVP" havp
+ /etc/init.d/populate-volatile.sh
+}
+
+CONFFILES_${PN} = "${sysconfdir}/havp/havp.config \
+ ${sysconfdir}/havp/blacklist ${sysconfdir}/havp/whitelist"
+
+INITSCRIPT_NAME_${PN} = "havp"
+INITSCRIPT_PARAMS_${PN} = "defaults 55 45"