Please note:
ATTENTION!
And, as said before…:
Missing log file rotation after Copfilter installation.
The Copfilter setup program 'setup_util' modifies the file '/etc/logrotate' during installation, and adds an option for Spamassassin log file rotation:
... yearly ...
The 'logrotate' version 3.7 (logrotate 3.7 - Copyright (C) 1995-2001 Red Hat, Inc.) enclosed in IPCop doesn't know this option already - so if you run…
/usr/sbin/logrotate /etc/logrotate.conf
…you only get an error:
error: /etc/logrotate.conf:132 unknown option 'yearly' -- ignoring line
Edit file '/etc/logrotate.conf' and replace 'yearly' with 'monthly'.
After the installation firewall logs are not written any more.
The kernel logging server (klogd) is not running - it must be manually restarted.
Enter the following commands on the console:
kill -9 `pidof klogd`
sleep 3
/usr/sbin/klogd -u klogd -j /var/empty
Language-String 'CP_starting' is given twice in *.sh-Language-Files in the directories '/var/log/copfilter/default/langs/' and '/var/log/copfilter/default/langs/translations/'.
German:
Once as CP_starting=“Starte Copfilter” and secondly as CP_starting=“Starte”.
English:
Once as CP_starting=“Starting Copfilter” and secondly as CP_starting=“Starting”.
There are no further problems or malfunctions resulting from this!
Delete each CP_starting=“Starte Copfilter/Starting Copfilter”-entry, the other entry must be maintained.
Despite working fine, running '/usr/local/bin/copfilter_cron' is logged in '/var/log/messages' with:
Job /usr/local/bin/copfilter_cron >> /var/log/copfilter/default/opt/tools/var/log/copfilter_cron.log 2>&1 terminated (exit status: 1)
This can be viewed through the menu item Logs / System Logs, Section Cron.
There are no further problems or malfunctions resulting from this!
Missing “0” in 'p3scan'-section in '/usr/local/bin/copfilter_cron' after an 'exit' command.
Edit:
'/usr/local/bin/copfilter_cron'
Replace: (Line ~111)
... else exit fi ...
With:
... else exit 0 fi ...
After this change, future calls will be correctly logged:
Job /usr/local/bin/copfilter_cron >> /var/log/copfilter/default/opt/tools/var/log/copfilter_cron.log 2>&1 completed
See: http://www.copfilter.org/forum/viewtopic.php?p=2770#p2770 (german):
After I enabled renattach, ALL files will be renamed. It doesn't matter if its *jpg, *.doc or *.pdf, they are all renamed to _xxx.bad.
Typo in '/var/log/copfilter/default/opt/tools/bin/mailscanner.sh'.
There are no further problems or malfunctions resulting from this!
1. Manually
Edit:
'/var/log/copfilter/default/opt/tools/bin/mailscanner.sh'
Replace: (Line ~812)
$RENATTACH -a -c $BASEDIR/opt/tools/etc/renattach.conf -e < $EMAIL > $EMAIL.out
With:
$RENATTACH -e -c $BASEDIR/opt/tools/etc/renattach.conf < $EMAIL > $EMAIL.out
2. Automatic:
Install Fix.
mailscanner-v1-fix.tgz | 12 KB |
MD5SUM: | 1ACDF10C23B983DF8CEA825AB14B23E3 |
See: http://www.copfilter.org/forum/viewtopic.php?p=2695#p2695 (german):
The counter for ClamAV + F-Prot jumps from 0 to 120 minutes - despite being set to 4 hours = 240 minutes.
Incorrect multiplier value in '/home/httpd/cgi-bin/copfilter_antivirus.cgi'.
Edit:
'/home/httpd/cgi-bin/copfilter_antivirus.cgi'
Replace: (Line ~628 and line ~651)
$clamd_updateperiod = $copfiltersettings{'CLAMD_UPDATE_VALUE'} * 30; }
With:
$clamd_updateperiod = $copfiltersettings{'CLAMD_UPDATE_VALUE'} * 60; }
Afterwards, settings of the antivirus Copfilter page must be saved once through WebGUI - no restart required.
Initiated by: http://www.copfilter.org/forum/viewtopic.php?p=2928#p2928
and
http://www.copfilter.org/forum/viewtopic.php?p=4405#p4405
No F-PROT Updates are performed - counter is always at the same time, although all fixes were applied.
1. Edit:
'/home/httpd/cgi-bin/copfilter_antivirus.cgi' (Line ~681)
Replace:
if ( -e "${copfilter_swroot}/opt/f-prot/default/fpscand" ) {
With:
if ( -e "${copfilter_swroot}/opt/f-prot/default/fpscan" || -e "${copfilter_swroot}/opt/f-prot/default/fpscand" ) {
Afterwards, settings of the antivirus Copfilter page must be saved once through WebGUI - no restart required.
2. Edit:
'/usr/local/bin/copfilter_cron' (Line ~54)
Replace:
if [ -e /var/log/copfilter/default/opt/f-prot/default/fpscand ]; then
With:
if [ -e "$BASEDIR/opt/f-prot/default/fpscan" -o -e "$BASEDIR/opt/f-prot/default/fpupdate" ]; then
If 3rd Party Signaturen have been installed, the following fix should be applied:
copfilter_antivirus.cgi-v1.tgz | 13 KB | |
MD5SUM: | 441EBAD676A5BB3C822A1A0BBB628FC9 |
Installation:
tar xzf copfilter_antivirus.cgi-v1.tgz -C /home/httpd/cgi-bin
After installing the free F-PROT-Home-User-Version the following messages appear in '/var/log/copfilter/default/opt/monit/var/log/monit.log':
Execution failed Service fpscand Date: Tue, 25 Oct 2011 20:26:56 Action: alert Host: coprouter.localdomain Description: failed to start
Timeout Service fpscand Date: Tue, 25 Oct 2011 20:33:57 Action: unmonitor Host: coprouter.localdomain Description: service restarted 5 times within 5 cycles(s) - unmonitor
After installing F-PROT, the switch FPROTD_ENABLE in '/var/log/copfilter/default/etc/''global_settings*' is set to ON.
Triggered by '/var/log/copfilter/default/opt/monit/etc/monit.rc', 'monit' will therefore seek to monitor the licensed version of F-PROT ('fpscand').
This file is not available in the free version ('fpscan'), only in the licensed ('fpscand').
Edit:
'/var/log/copfilter/default/opt/monit/etc/init.d/copfilter_monit' (Line ~112)
Replace:
if [ -f $BASEDIR/etc/fprotd_enable ]; then
With:
if [ -f $BASEDIR/etc/fprotd_enable ] && [ -f "${copfilter_swroot}/opt/f-prot/default/fpscand" ] ; then
Initiated by: http://www.copfilter.org/forum/viewtopic.php?p=2966#p2966 (german)
See also: http://www.copfilter.org/forum/viewtopic.php?p=2973#p2973 (english)
While opening a HTTPS-Site, user receives error message: “Proxy server refused the connection”
Edit:
'/var/log/copfilter/default/opt/havp/etc/init.d/copfilter_havp'
Replace:
# COPFILTER START - havp - do not modify acl copfilter_all src 0.0.0.0/0.0.0.0 acl Scan_HTTP proto HTTP acl Scan_FTP proto FTP cache_peer 127.0.0.1 parent 10080 0 no-query no-digest no-netdb-exchange default cache_peer_access 127.0.0.1 allow copfilter_all always_direct allow Scan_FTP never_direct allow Scan_HTTP # COPFILTER END - havp - do not modify
With:
# COPFILTER START - havp - do not modify acl copfilter_all src 0.0.0.0/0.0.0.0 acl Scan_HTTP proto HTTP acl HTTPS proto HTTPS <-- insert this line acl Scan_FTP proto FTP cache_peer 127.0.0.1 parent 10080 0 no-query no-digest no-netdb-exchange default cache_peer_access 127.0.0.1 allow copfilter_all always_direct allow Scan_FTP always_direct allow HTTPS <-- insert this line never_direct allow Scan_HTTP # COPFILTER END - havp - do not modify
Afterwards restart HAVP service.
After installing F-PROT, the download progress of each signature update is logged in '/var/log/copfilter/default/opt/tools/var/log/copfilter_cron.log' and '/var/log/messages':
Downloading update (%1) Downloading update (%3) Downloading update (%6) Downloading update (%8) Downloading update (%11) Downloading update (%13) Downloading update (%15) ...
Edit:
'/var/log/copfilter/default/opt/tools/bin/check-updates_f-prot.sh' (Line ~29)
Replace:
$BASEDIR/opt/f-prot/default/fpupdate
With:
$BASEDIR/opt/f-prot/default/fpupdate >/dev/null 2>&1