User Tools

Site Tools


en:bugfixes


Part 5 - Bugfixes

For all that follows the same rules apply as written in the Introduction:

  • The main purpose of this part is to collect and describe Bugfixes regarding the Copfilter-Addon for IPCop 1.4.2x (abbreviated: V1) and 1.9.x/2.x (abbreviated: V2).
  • If there are problems regarding this Bugfixes, please open a new thread in the Copfilter-Forum, write a report on Copfilter-Bugtracker or send us (karesmakro, severus, fischerm) a PM (Private Message) via Copfilter Forum.
    Any requests for changes or extensions will be taken in account.

Please note:

  • Some of the updates described are already included since Copfilter version 0.84beta5. Please read the Changelogs.
  • The line informations regarding code changes may not necessarily be *absolutely*, so always use search functions for text or code-passages.
  • This comes with absolutely no functional guarantees!

ATTENTION!

  • Extensive knowledge about the working(s) of the IPCop-Firewall and Copfilter in general, plus extensive Linux experiences are an absolute must for the updates and modifications that are described!
  • This is not for novices to experiment, you need to know what you are doing and what the consequences may be…
  • A full backup, a functioning restore, and the willingness to reinstall a defective IPCop-system are prerequisites!


And, as said before…:

  • It is an absolutely must to use a Linux-compatible text editor - on a Linux OS - for all changes to be made!

1. sendEmail-Problems

Italic quotes are from the original posting - it's unfortunately no longer available.

Problem

Hi,
It seems there is a problem with SMTP Auth with the new version of sendEmail. If I test it manually, I get the following message:

root@castor:/tmp # cat /tmp/settings | $SENDEMAIL -xu $SMTP_AUTH_USER
-xp $SMTP_AUTH_PASS -f $SENDER_ADR -t $EMAIL_ADR -s "${SMTP_HOST}" -u
"[Copfilter] AntiVirus Update: ClamAV"

Reading message body from STDIN because the '-m' option was not used.

If you are manually typing in a message:

- First line must be received within 60 seconds.

- End manual input with a CTRL-D on its own line.

Nov 14 14:28:15 castor sendEmail[17276]: Message input complete.

Nov 14 14:28:19 castor sendEmail[17276]: ERROR => Received: 535 auth
failure

Version 1.53 doesn't have this problem.

Solution

Enter the following commands on the console:

cd /var/log/copfilter/default/opt/tools/bin
mv sendEmail sendEmail-1.55
mv sendEmail-1.53 sendEmail

After this is should be ok. Regards,

Jens

Note

In section "Tips & Tricks" you can find a guide, which can be used to test the basic functionality of 'sendEmail' on PuTTY-command line.

Its a rather rare problem, but comes up from time to time.
It seems to depend on the respective ISP and the mail server configuration being used.

2. P3Scan-Crash: "child with pid xyz died with abnormal termsignal"

Italic quotes are from the original posting - it's unfortunately no longer available.

Edit:
'/var/log/copfilter/default/opt/p3scan/etc/p3scan.conf'

Sometimes it helps to raise the 'timeout'-value in 'p3scan.conf':

#
# Timeout
#
#   Change the default timeout for sending characters/lines to the
#   client while processing a message.
#
#   default: 30 seconds
timeout = 60


3. E-Mail-Problems

Italic quotes are from the original posting - it's unfortunately no longer available.

Problem #1

1. “corrupted”:

Solution

Edit:
'/var/log/copfilter/default/etc2/copfilter_functions'

Replace:

mv $TMPFILE $MAIL_FILTERINFO

with:

cat $TMPFILE | grep -v "^$" > $MAIL_FILTERINFO
rm $TMPFILE

Note

Fix is included since Copfilter 0.84beta4!

Problem #2

2. Mails come as source code with no subject:

Solution

Download

mail_update.tar.gz 12 KB
MD5SUM:B87D04BA88FF913D8B262AE09DB57796

Installation

4. 'monit' won't start - error in language-File 'es.sh'

Italic quotes are from the original posting - it's unfortunately no longer available.

Problem

'monit' doesn't start automatic, only via GUI

Attention: This error occurs only when you have selected spanish as default language!

Solution

Edit:
'/var/log/copfilter/default/langs/es.sh'

in /var/log/copfilter/default/langs/es.sh
line 6 + 7:

CPerr_not_exist= "copfilter no está instalado o el archivo global_settings no se encuentra"
CP_warning= "CUIDADO:\n\

must be:

CPerr_not_exist="copfilter no está instalado o el archivo global_settings no se encuentra"
CP_warning="CUIDADO:\n\

There are two spaces too much!

30.08.2008: Status solved!

5. P3Scan start-service fix for orange network

Description

If you want to enable p3scan for orange network, the packets are dropped by IPCop firewall, because of a missing iptable entry in service copfilter_p3scan. This fix replaces your p3scan start service and make a backup of old one.

Download

p3scan_orange_fix.tar.gz 3 KB
MD5SUM:2D8EAD114F19076FC41D8CDC1501902A

Installation

6. Mailscanner modification

Description

Quote:
If you have problems in skipping spam tests, although they have a black- or whitelist entry, install this mailscanner-modification!
Description: some mails are sent with multiple sender addresses, which leads to problems on recognizing black- or whitelist entries and skipping spam tests.

Changelog

Update 11.04.2010:
Added fix from severus for working f-prot correctly and add information about all virus-scanners in quarantine.

Update 20.04.2010:
Added fix from karesmakro and severus - export LC_ALL=en_US.UTF8, because in some cases the environment variable is ignored!

Download

mailscanner_modified.tar.gz 12 KB
MD5SUM:C4A3E42D3D9F857444AB1650C36293F1

Installation

7. Bugfix Copfilter Language

Description

This is the language patch for the new copfilter release copfilter-0.84beta4.

Without this fix, ipaddress and hostname are missing in the IPCop status page!

Download

copfilter_lang_patch.tar.gz 348 KB
MD5SUM:571C41BB3E569A451066127B0195E61F

Installation

8. Privoxy inactive after clearing squid cache

Problem

Privoxy no longer checks traffic if squid cache is cleared by GUI
and squid, havp and monit are restarted by this job.
Must be restarted manually to work again.

This mod allows to restart havp and privoxy on
clearing squid cache
restart squid
by GUI.
There will only be replaced the files proxy.cgi and, if installed, advproxy.cgi. No further mods are done
besides the integrating of the restart commands for havp and privoxy.
Running the install file with parameter u will restore your current files.

Solution

Install the following patch.

Download

(2010-04-18 21:40 v0.01.0)

Note

  • This patch replaces the existing 'proxy.cgi' or - if installed - the existing 'advproxy.cgi'.
  • It creates backups of old files, the 'install' script offers a “replace” - and a “restore” function.
  • User-specific changes are lost during the installation!
  • After updating 'advproxy', you have to reinstall this patch.

9. Frox and AVG - everything is detected as a virus

Italic quotes are from the original posting - it's unfortunately no longer available.

Problem

I've taken the time tonight to install a brand new IPCop
and found that the bug is still present.

If AVG is installed, 'Frox' is marking everything as a virus - incoming and outgoing.

Solution

Edit:
'/var/log/copfilter/default/opt/frox/etc/frox.conf'

So I edited 'frox.conf', changed the order of a few lines and restarted all proxy services.
Original order:

# COPFILTER START - clamav - do not modify
VirusScanner '"/var/log/copfilter/default/opt/clamav/default/bin/clamdscan" "%s"'
# COPFILTER END - clamav - do not modify

# COPFILTER START - avg - do not modify
VirusScanner '"LD_LIBRARY_PATH=/var/log/copfilter/default/opt/avg/lib /var/log/copfilter/default/opt/avg/default/bin/avgscan -scan" "%s"'
# COPFILTER END - avg - do not modify

# COPFILTER START - f-prot - do not modify
# VirusScanner
# COPFILTER END - f-prot - do not modify

I moved ClamAV a few lines down and now it looks like this and is working.

frox_conf_mod
# COPFILTER START - f-prot - do not modify
# VirusScanner
# COPFILTER END - f-prot - do not modify

# COPFILTER START - avg - do not modify
VirusScanner '"LD_LIBRARY_PATH=/var/log/copfilter/default/opt/avg/lib /var/log/copfilter/default/opt/avg/default/bin/avgscan -scan" "%s"'
# COPFILTER END - avg - do not modify

# COPFILTER START - clamav - do not modify
VirusScanner '"/var/log/copfilter/default/opt/clamav/default/bin/clamdscan" "%s"'
# COPFILTER END - clamav - do not modify


10. Bugfix - send_q_mail.sh #1

Description

There is a problem in send_q_mail.sh in new copfilter-0.84beta4 version!

If you want to resend more then one spam mails contained in quarantine folder, you get an error like:

/var/log/copfilter/default/opt/tools/bin/send_q_mail.sh: line 62: [: too many arguments


The error comes from grepping an entry in an if-routine with more then one matches.

Here is the download to fix this problem.

Download

send_q_mail_fix.tar.gz 3 KB
MD5SUM:F4D522FD7ACB389EAEB195F663825D8A

Installation

11. Bugfix - send_q_mail.sh #2

Description

Another problems were detected in send_q_mail.sh!

Problem 1: virus mails can't be resend

Problem 2: on deleting virus mails, the tmp files wasn't deleted (but was removed by cron)

This fix includes the send_q_mail bugfix from Mar 15, 2009

Download

send_q_mail_virus_fix.tar.gz 3 KB
MD5SUM:4ABEB6DCFB8AEC4E72ABA45B10E8252A

Installation

12. Patch for 'copfilter_monit' - changing SMTP-Port

See: http://www.copfilter.org/bugtracker/view.php?id=23

Please note:

Description

monit with smtp port different to 25
The notation smtp.abd.de:26 used by the GUI and other CF core programs is no longer supported by the latest monit version.
It needs a entry set mailserver smtp-abc.de port xy (…) and additional entries for smtp_auth and smtp_aut_secure.
A little change in the copfilter_monit file will set the needed entries though the settings by GUI are done in the current way…

Download

monit_port_mod.tar.gz 3 KB
MD5SUM:9C8E246E723A7F1DD8D01AEB7188D0E6


Please note:
'copfilter_monit'-Fix for Copfilter Version 0.85.2:

copfilter_monit.tgz 2 KB
MD5SUM:F09083D7E43B64682A253950EAB13D05

Contains an alternative 'copfilter_monit' file, in case that an alternative SMTP port must be used, but 'monit' won't start.

Installation:
Create backup:

cp /root/copfilter/opt/monit/etc/init.d/copfilter_monit /root/copfilter/opt/monit/etc/init.d/copfilter_monit.orig

Extract:

tar xzf copfilter_monit.tgz -C /root/copfilter/opt/monit/etc/init.d

Subsequently, save email settings and restart 'monit'.

Installation

Installation proceeds as described in The installation of the software archives:

  1. Starting the installation
    Answer query with “i”.

Please note:

  • Installation routine in 'install'-script creates a backup file from the previous 'copfilter_monit' ('copfilter_monit.sev')!
  • By answering the query with “u”, the backup copy is restored.

13. Fix for Quarantine Error: Unknown encoding 'gb2312'

Problem

Hi all,

this morning when I tried to have a look at the Quarantine list I got this error:

Software error:
Unknown encoding 'gb2312' at /home/httpd/cgi-bin/copfilter_status.cgi line 93


Solution

Install fix for 'copfilter_status.cgi'.

Download

copfilter_status_cgi_fix.tar.gz 9 KB
MD5SUM:B1049B818D1E3584A04A948F8ED8A64E

Installation

14. Year-2010-Problem - Spamassassin

Problem

Heise Newsticker, 01.01.2010:
http://www.heise.de/newsticker/meldung/Jahr-2010-Problem-im-Spam-Filter-von-GMX-Update-894258.html

Quote:
Anyone who has an e-mail account at GMX should also look into today's spam folder.
The spam filter has apparently a Year 2010 problem
and many e-mails are marked as spam. You can see this by a header like this:

X-GMX-Antispam: 5 (Score=6.300;BAD_ENC_HEADER,FH_DATE_PAST_20XX);

The text FH_DATE_PAST_20XX indicates the problem: The filter should apparently sort out mail which is “suspiciously in the future”.
Now future has caught up with this filter rule.

Solution

Download

ruleset-update.tar.gz 1 KB
MD5SUM:67A961D9DEB0A4A075D8CF72CC40BBCB

Installation

Installation proceeds as described in The installation of the software archives - with a small modification:

  1. Change to installation directory
    Enter following command here:
    ./ruleset-update

    [ENTER]

15. 'privoxy' won't start

Initiated by: http://www.copfilter.org/forum/viewtopic.php?p=699#p699 (already included since Copfilter-Version 0.85.2).

Problem

The 'privoxy' service starts without errors, but when you call the' privoxy' configuration page, it still seems to point out that 'privoxy' is not running.

Solution

Adjustments needed in 'privoxy'-config-file.

Edit:
'/var/log/copfilter/default/opt/privoxy/etc/config'

Replace:

listen-address :8118

With:

listen-address  127.0.0.1:8118

Replace:

forward / :10080

With:

forward / 127.0.0.1:10080

In addition, Bugfix for 'privoxy'-Start should be installed!

16. 'no such file or directory'-errors in 'copfilter_cron.log'

Problem

Situation:

1. Neither F-PROT nor AVG are installed as additional virus scanners.

Nevertheless, with each update process, error messages are written to '/var/log/copfilter/0.84beta4/opt/tools/var/log/copfilter_cron.log' regarding nonexistent files and directories:

/var/log/copfilter/default/opt/tools/bin/check-updates_avg.sh: line 25: /var/log/copfilter/default/opt/avg/default/bin/avgscan: No such file or directory
/var/log/copfilter/default/opt/tools/bin/check-updates_avg.sh: line 27: /var/log/copfilter/default/opt/avg/default/bin/avgupdate: No such file or directory
/var/log/copfilter/default/opt/tools/bin/check-updates_avg.sh: line 29: /var/log/copfilter/default/opt/avg/default/bin/avgscan: No such file or directory
/var/log/copfilter/default/opt/tools/bin/check-updates_f-prot.sh: line 26: /var/log/copfilter/default/opt/f-prot/default/fpscan: No such file or directory
/var/log/copfilter/default/opt/tools/bin/check-updates_f-prot.sh: line 28: /var/log/copfilter/default/opt/f-prot/default/fpupdate: No such file or directory
/var/log/copfilter/default/opt/tools/bin/check-updates_f-prot.sh: line 30: /var/log/copfilter/default/opt/f-prot/default/fpscan: No such file or directory
/var/log/copfilter/default/opt/tools/bin/check-updates_f-prot.sh: line 31: /var/log/copfilter/default/opt/f-prot/default/fpscan: No such file or directory

2. Periodic error messages in '/var/log/copfilter/0.84beta4/opt/tools/var/log/copfilter_cron.log':

find: /var/log/copfilter/default/opt/p3scan/default/var/spool/p3scan/: No such file or directory

That's true - this directory doesn't exist…

Solution

To avoid these harmless, but unnecessary error messages, the file '/usr/local/bin/copfilter_cron' has to be adjusted:

1. - Adjust AVG-Update-Routine (Line ~39):

Change:

if [ -e /var/ipcop/red/active ]; then
		$BASEDIR/opt/tools/bin/check-updates_avg.sh
		# reset counter variable
		rm -f $BASEDIR/etc/avg_counter
		cp -p $BASEDIR/etc/avg_counter.conf $BASEDIR/etc/avg_counter
	else
	echo "No internet connection available, so no Updates will be downloaded."
fi

to:

copfilter_cron_avg_mod
if [ -e /var/ipcop/red/active ] && [ -e $BASEDIR/etc/avg_enable ]; then
		$BASEDIR/opt/tools/bin/check-updates_avg.sh
		# reset counter variable
		rm -f $BASEDIR/etc/avg_counter
		cp -p $BASEDIR/etc/avg_counter.conf $BASEDIR/etc/avg_counter
	else
		if [ -e $BASEDIR/etc/avg_enable ]; then
		echo "No internet connection available, so no Updates will be downloaded."
		fi
fi

1. - Adjust F-PROT-Update-Routine (Line ~62):

Change:

if [ -e /var/ipcop/red/active ]; then
		$BASEDIR/opt/tools/bin/check-updates_f-prot.sh
		# reset counter variable
		rm -f $BASEDIR/etc/fprot_counter
		cp -p $BASEDIR/etc/fprot_counter.conf $BASEDIR/etc/fprot_counter
	else
	echo "No internet connection available, so no Updates will be downloaded."
fi

to:

copfilter_cron_fprot_mod
if [ -e /var/ipcop/red/active ] && [ -e $BASEDIR/etc/fprotd_enable ]; then
		$BASEDIR/opt/tools/bin/check-updates_f-prot.sh
		# reset counter variable
		rm -f $BASEDIR/etc/fprot_counter
		cp -p $BASEDIR/etc/fprot_counter.conf $BASEDIR/etc/fprot_counter
	else
		if [ -e $BASEDIR/etc/fprotd_enable ]; then
		echo "No internet connection available, so no Updates will be downloaded."
		fi
fi

Thus, the scripts 'check updates_avg.sh' and 'check-updates_f prot.sh' are only started if the corresponding scanners are installed.

2. - Adjust P3Scan-Routine (Line ~98):

Change:

if [ $(cat $BASEDIR/etc/p3scan_rm_counter) -gt 0 ]; then
	echo $(($(cat $BASEDIR/etc/p3scan_rm_counter)-5)) > $BASEDIR/etc/p3scan_rm_counter
else
         find /var/log/copfilter/default/opt/p3scan/default/var/spool/p3scan/ -mtime +21 -type f -exec rm -f {} \;
        rm -f $BASEDIR/etc/p3scan_rm_counter
        # reset counter variable
	rm -f $BASEDIR/etc/p3scan_rm_counter
        cp -p $BASEDIR/etc/p3scan_rm_counter.conf $BASEDIR/etc/p3scan_rm_counter
fi

to:

copfilter_cron_p3scan_mod
if [ $(cat $BASEDIR/etc/p3scan_rm_counter) -gt 0 ]; then
	echo $(($(cat $BASEDIR/etc/p3scan_rm_counter)-5)) > $BASEDIR/etc/p3scan_rm_counter
else
    if [ `ls -1a /var/log/copfilter/default/opt/p3scan/quarantine | wc -l` -gt 5 ]; then
         #find /var/log/copfilter/default/opt/p3scan/default/var/spool/p3scan/ -mtime +21 -type f -exec rm -f {} \;
         find /var/log/copfilter/default/opt/p3scan/quarantine/ -mtime +21 -type f -exec rm -f {} \;
        rm -f $BASEDIR/etc/p3scan_rm_counter
        # reset counter variable
	rm -f $BASEDIR/etc/p3scan_rm_counter
        cp -p $BASEDIR/etc/p3scan_rm_counter.conf $BASEDIR/etc/p3scan_rm_counter
    else
        exit
    fi
fi

17. Security-Update for HAVP

Problem

A lack of a “dot” the supplied white list can be exploited to sneak malware on antivirus proxy HAVP.

'/var/log/copfilter/default/opt/havp/etc/whitelist contains the entry *sourceforge.net/*clamav-*.

Because of a missing dot in front of sourceforge, HAVP unfortunately doesn't check any content coming from domains which end on sourceforge.net, for example www.malwarefromsourceforge.net.

Solution

Add a preceding dot: *.sourceforge.net/*clamav-*.

V2-Logo

18. IPTables-Fix for P3Scan

Problem

There was declared the wrong iptable rules for removing the entries, if service is stopped and found some writing errors in orange network rules!

Solution

Install the following patch.

Download

IPCop 1.9.x ONLY: V2-Logo

V2:copfilter_p3scan.patch 5 KB
MD5SUM:F2E2E2D498877AC5971B5E9FFE34DFE5

Installation

Copy 'copfilter_p3scan_patch' to an arbitrary directory (eg. to '/tmp') and enter the following command on the console::

patch -p0 < copfilter_p3scan.patch

en/bugfixes.txt · Last modified: 2016/12/04 13:00 by fischerm