havp 0.82: Add HAVP, a HTTP antivirus proxy which uses clamav to scan

http traffic passing through the proxy. It can act as either a
transparent proxy or as a manual proxy.

diff --git a/packages/havp/.mtn2git_empty b/packages/havp/.mtn2git_empty
new file mode 100644 (file)
index 0000000..e69de29

diff --git a/packages/havp/files/.mtn2git_empty b/packages/havp/files/.mtn2git_empty
new file mode 100644 (file)
index 0000000..e69de29

diff --git a/packages/havp/files/doc.configure.txt b/packages/havp/files/doc.configure.txt
new file mode 100644 (file)
index 0000000..f88fb40
--- /dev/null
+++ b/packages/havp/files/doc.configure.txt
@@ -0,0 +1,21 @@
+The following items needs to be considered when using havp:
+
+1. Madatory locking
+
+   The filesystem on which SCANTEMPFILE lives must have madatory
+   locking enabled (mand option to mount). Note that nfs does not
+   support madatory locking.
+
+2. Scanning directory size
+
+   If you have limited space on the SCANTEMPFILE then you will need
+   to set MAXSCANSIZE.
+
+3. Transparent proxy
+
+   For transparent proxying you need an IP tables rule such as:
+
+     iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
+
+   where eth0 is the incomming port, and 8080 is the port that havp
+   is running on.

diff --git a/packages/havp/files/havp.init b/packages/havp/files/havp.init
new file mode 100644 (file)
index 0000000..245a28e
--- /dev/null
+++ b/packages/havp/files/havp.init
@@ -0,0 +1,33 @@
+#!/bin/sh
+DAEMON=/usr/sbin/havp
+HAVP_CONFIG=/etc/havp/havp.config
+PIDFILE=/var/run/havp/havp.pid
+NAME="havp"
+DESC="HAVP"
+
+test -r /etc/default/havp && . /etc/default/havp
+test -x "$DAEMON" || exit 0
+test ! -r "$HAVP_CONFIG" && exit 0
+        
+case "$1" in
+  start)
+    echo "Starting $DESC: "
+    start-stop-daemon --oknodo -S -x $DAEMON -- -c $HAVP_CONFIG
+    echo "$NAME."
+    ;;
+
+  stop)
+    echo "Stopping $DESC:"
+    start-stop-daemon -K -p $PIDFILE
+    ;;
+
+  restart)
+    $0 stop >/dev/null 2>&1
+    $0 start
+    ;;
+
+  *)
+    echo "Usage: $0 {start|stop|restart}"
+    exit 0
+    ;;
+esac

diff --git a/packages/havp/files/sysconfdir-is-etc.patch b/packages/havp/files/sysconfdir-is-etc.patch
new file mode 100644 (file)
index 0000000..518a56f
--- /dev/null
+++ b/packages/havp/files/sysconfdir-is-etc.patch
@@ -0,0 +1,26 @@
+--- havp-0.82/havp/default.h.in        2006/10/05 09:05:18     1.1
++++ havp-0.82/havp/default.h.in        2006/10/05 09:05:31
+@@ -51,7 +51,7 @@
+  "ENABLEAVAST","AVASTSOCKET","AVASTSERVER","AVASTPORT"
+ //SCANNERS
+ 
+-#define CONFIGFILE "/usr/local/etc/havp/havp.config"
++#define CONFIGFILE "/etc/havp/havp.config"
+ 
+ 
+ //##############################################################
+--- havp-0.82/havp/params.cpp  2006/10/05 09:04:45     1.1
++++ havp-0.82/havp/params.cpp  2006/10/05 09:05:06
+@@ -58,9 +58,9 @@
+     SetConfig("KEEPBACKTIME", "5");
+     SetConfig("TRICKLING",    "30");
+     SetConfig("WHITELISTFIRST",       "true");
+-    SetConfig("WHITELIST",    "/usr/local/etc/havp/whitelist");
+-    SetConfig("BLACKLIST",    "/usr/local/etc/havp/blacklist");
+-    SetConfig("TEMPLATEPATH", "/usr/local/etc/havp/templates/en");
++    SetConfig("WHITELIST",    "/etc/havp/whitelist");
++    SetConfig("BLACKLIST",    "/etc/havp/blacklist");
++    SetConfig("TEMPLATEPATH", "/etc/havp/templates/en");
+     SetConfig("TEMPDIR",      "/var/tmp");
+     SetConfig("SCANTEMPFILE", "/var/tmp/havp/havp-XXXXXX");
+     SetConfig("PIDFILE",      "/var/run/havp/havp.pid");

diff --git a/packages/havp/files/volatiles.05_havp b/packages/havp/files/volatiles.05_havp
new file mode 100644 (file)
index 0000000..3a9551f
--- /dev/null
+++ b/packages/havp/files/volatiles.05_havp
@@ -0,0 +1,5 @@
+# <type> <owner> <group> <mode> <path> <linksource>
+d havp havp 0775 /var/log/havp none
+d havp havp 0755 /var/lib/havp none
+d havp havp 0755 /var/run/havp none
+d havp havp 0755 /var/tmp/havp none

diff --git a/packages/havp/havp_0.82.bb b/packages/havp/havp_0.82.bb
new file mode 100644 (file)
index 0000000..a0e1a00
--- /dev/null
+++ b/packages/havp/havp_0.82.bb
@@ -0,0 +1,89 @@
+DESCRIPTION = "HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV \
+anti-virus scanner. The main aims are continuous, non-blocking \
+downloads and smooth scanning of dynamic and password protected HTTP \
+traffic. Havp antivirus proxy has a parent and transparent proxy \
+mode. It can be used with squid or standalone."
+HOMEPAGE = "http://www.server-side.de"
+SECTION = "network"
+LICENSE = "GPLv2"
+DEPENDS = "clamav"
+RDEPENDS_${PN} += "${PN}-templates-css2 ${PN}-templates-en"
+PR = "r0"
+
+SRC_URI = "http://www.server-side.de/download/havp-${PV}.tar.gz \
+           file://sysconfdir-is-etc.patch;patch=1 \
+           file://havp.init \
+           file://doc.configure.txt \
+           file://volatiles.05_havp"
+
+inherit autotools
+
+EXTRA_OECONF = "--with-scanner=libclamav"
+
+do_configure_append () {
+        # Change the paths for /usr/local/etc (patch was applied to change them)
+        # And enable clamav as the scanner that is to be used.
+        sed -e 's:ENABLECLAMLIB false:ENABLECLAMLIB true:' \
+            -e 's:/usr/local/etc:/etc:' \
+            etc/havp/havp.config > etc/havp/havp.config.oe
+}      
+do_install () {
+        install -m 0755 -d ${D}${sbindir} ${D}${sysconfdir}/havp \
+                ${D}${sysconfdir}/init.d ${D}${docdir}/havp \
+                ${D}${sysconfdir}/default/volatiles
+        install -m 755 havp/havp ${D}${sbindir}
+        install -m 755 ${WORKDIR}/havp.init ${D}${sysconfdir}/init.d/havp
+        install -m 755 INSTALL ${D}${docdir}/havp
+        install -m 755 ${WORKDIR}/doc.configure.txt ${D}${docdir}/havp/configure.txt
+        install -m 644 etc/havp/havp.config.oe ${D}${sysconfdir}/havp/havp.config
+        install -m 644 etc/havp/havp.config.oe ${D}${docdir}/havp/havp.config.default
+
+        for i in whitelist blacklist; do
+          install -m 644 etc/havp/$i ${D}${sysconfdir}/havp/$i
+        done
+        cp -r etc/havp/templates ${D}${sysconfdir}/havp
+        chmod -R a+rX ${D}${sysconfdir}/havp/templates
+
+        # We need some /var directories
+        for i in 05_havp; do
+          install -m 0644 ${WORKDIR}/volatiles.$i ${D}${sysconfdir}/default/volatiles/$i
+        done
+}
+
+PACKAGES = "${PN}-dbg ${PN}-doc \
+            ${PN}-templates-br ${PN}-templates-css2 ${PN}-templates-de \
+            ${PN}-templates-en ${PN}-templates-es ${PN}-templates-fr \
+            ${PN}-templates-it ${PN}-templates-nl ${PN}-templates-pf \
+            ${PN}-templates-pl ${PN}-templates-ru ${PN}-templates-sv \
+            ${PN}"
+
+FILES_${PN} = "${sysconfdir}/havp/blacklist ${sysconfdir}/havp/whitelist \
+               ${sysconfdir}/havp/havp.config* \
+               ${sysconfdir}/init.d ${sysconfdir}/default ${sbindir}"
+FILES_${PN}-templates-br = "${sysconfdir}/havp/templates/br"
+FILES_${PN}-templates-css2 = "${sysconfdir}/havp/templates/css2"
+FILES_${PN}-templates-de = "${sysconfdir}/havp/templates/de"
+FILES_${PN}-templates-en = "${sysconfdir}/havp/templates/en"
+FILES_${PN}-templates-es = "${sysconfdir}/havp/templates/es"
+FILES_${PN}-templates-fr = "${sysconfdir}/havp/templates/fr"
+FILES_${PN}-templates-it = "${sysconfdir}/havp/templates/it"
+FILES_${PN}-templates-nl = "${sysconfdir}/havp/templates/nl"
+FILES_${PN}-templates-pf = "${sysconfdir}/havp/templates/pf"
+FILES_${PN}-templates-pl = "${sysconfdir}/havp/templates/pl"
+FILES_${PN}-templates-ru = "${sysconfdir}/havp/templates/ru"
+FILES_${PN}-templates-sv = "${sysconfdir}/havp/templates/sv"
+
+# Add havp's user and groups
+pkg_postinst_${PN} () {
+        grep -q havp: /etc/group || addgroup havp
+        grep -q havp: /etc/passwd || \
+            adduser --disabled-password --home=${localstatedir}/lib/havp/ --system \
+                    --ingroup havp --no-create-home -g "HAVP" havp
+        /etc/init.d/populate-volatile.sh
+}
+
+CONFFILES_${PN} = "${sysconfdir}/havp/havp.config \
+                   ${sysconfdir}/havp/blacklist ${sysconfdir}/havp/whitelist"
+
+INITSCRIPT_NAME_${PN} = "havp"
+INITSCRIPT_PARAMS_${PN} = "defaults 55 45"