• The main purpose of this part is to collect and describe several Bugfixes regarding the Copfilter-Addon for IPCop 1.4.2x (abbreviated: V1).
• The respective currently affected Copfilter release is given in brackets.
  
• If there are problems regarding this Bugfixes, please open a new thread in the Copfilter-Forum, write a report on Copfilter-Bugtracker or send us (karesmakro, severus, fischerm) a PM (Private Message) via Copfilter Forum.
  Any requests for changes or extensions will be taken in account.

Please note:

• These problems were found unfortunately only after the publication of the respective version.
• The line informations on code changes may not necessarily be *absolutely*, so always use search functions for text or code-passages.

• This comes with absolutely no functional guarantees!

ATTENTION!

• Extensive knowledge about the working(s) of the IPCop-Firewall and Copfilter in general, plus extensive Linux experiences are an absolute must for the Bugfixes that are described!

• This is not for novices to experiment, you need to know what you are doing and what the consequences may be…

• A full backup, a functioning restore, and the willingness to reinstall a defective IPCop-system are prerequisites!

And, as said before…:

• It is an absolutely must to use a Linux-compatible text editor - on a Linux OS - for all changes to be made!

Missing log file rotation after Copfilter installation.

The Copfilter setup program 'setup_util' modifies the file '/etc/logrotate' during installation, and adds an option for Spamassassin log file rotation:

...
yearly
...

The 'logrotate' version 3.7 (logrotate 3.7 - Copyright (C) 1995-2001 Red Hat, Inc.) enclosed in IPCop doesn't know this option already - so if you run…

/usr/sbin/logrotate /etc/logrotate.conf

…you only get an error:

error: /etc/logrotate.conf:132 unknown option 'yearly' -- ignoring line

Edit file '/etc/logrotate.conf' and replace 'yearly' with 'monthly'.

After the installation firewall logs are not written any more.

The kernel logging server (klogd) is not running - it must be manually restarted.

Enter the following commands on the console:

kill -9 `pidof klogd`

sleep 3

/usr/sbin/klogd -u klogd -j /var/empty

Language-String 'CP_starting' is given twice in *.sh-Language-Files in the directories '/var/log/copfilter/default/langs/' and '/var/log/copfilter/default/langs/translations/'.

German:
Once as CP_starting=“Starte Copfilter” and secondly as CP_starting=“Starte”.

English:
Once as CP_starting=“Starting Copfilter” and secondly as CP_starting=“Starting”.

There are no further problems or malfunctions resulting from this!

Delete each CP_starting=“Starte Copfilter/Starting Copfilter”-entry, the other entry must be maintained.

Despite working fine, running '/usr/local/bin/copfilter_cron' is logged in '/var/log/messages' with:

Job /usr/local/bin/copfilter_cron >> /var/log/copfilter/default/opt/tools/var/log/copfilter_cron.log 2>&1 terminated (exit status: 1)

This can be viewed through the menu item Logs / System Logs, Section Cron.

There are no further problems or malfunctions resulting from this!

Missing “0” in 'p3scan'-section in '/usr/local/bin/copfilter_cron' after an 'exit' command.

Edit:
'/usr/local/bin/copfilter_cron'

Replace: (Line ~111)

...
else
   exit
fi
...

With:

...
else
   exit 0
fi
...

After this change, future calls will be correctly logged:

Job /usr/local/bin/copfilter_cron >> /var/log/copfilter/default/opt/tools/var/log/copfilter_cron.log 2>&1 completed

See: http://www.copfilter.org/forum/viewtopic.php?p=2770#p2770 (german):

After I enabled renattach, ALL files will be renamed. It doesn't matter if its *jpg, *.doc or *.pdf, they are all renamed to _xxx.bad.

Typo in '/var/log/copfilter/default/opt/tools/bin/mailscanner.sh'.

There are no further problems or malfunctions resulting from this!

1. Manually

Edit:
'/var/log/copfilter/default/opt/tools/bin/mailscanner.sh'

Replace: (Line ~812)

$RENATTACH -a -c $BASEDIR/opt/tools/etc/renattach.conf -e < $EMAIL >  $EMAIL.out

With:

$RENATTACH -e -c $BASEDIR/opt/tools/etc/renattach.conf < $EMAIL >  $EMAIL.out

2. Automatic:

Install Fix.

Installation proceeds as described in The installation of the software archives:

1. Login
2. Download
3. Check MD5 sum
4. Extract the installation archive
5. Change to installation directory
6. Starting the installation
7. Installation ok?
8. Deleting the installation directories (optional)

See: http://www.copfilter.org/forum/viewtopic.php?p=2695#p2695 (german):

The counter for ClamAV + F-Prot jumps from 0 to 120 minutes - despite being set to 4 hours = 240 minutes.

Incorrect multiplier value in '/home/httpd/cgi-bin/copfilter_antivirus.cgi'.

Edit:
'/home/httpd/cgi-bin/copfilter_antivirus.cgi'

Replace: (Line ~628 and line ~651)

$clamd_updateperiod = $copfiltersettings{'CLAMD_UPDATE_VALUE'} * 30; }

With:

$clamd_updateperiod = $copfiltersettings{'CLAMD_UPDATE_VALUE'} * 60; }

Afterwards, settings of the antivirus Copfilter page must be saved once through WebGUI - no restart required.

Initiated by: http://www.copfilter.org/forum/viewtopic.php?p=2928#p2928
and
http://www.copfilter.org/forum/viewtopic.php?p=4405#p4405

No F-PROT Updates are performed - counter is always at the same time, although all fixes were applied.

1. File '/var/log/copfilter/default/etc/fprotd_enable' is missing.
2. An entry in 'usr/local/bin/copfilter_cron' must be corrected.

1. Edit:
'/home/httpd/cgi-bin/copfilter_antivirus.cgi' (Line ~681)

Replace:

if ( -e "${copfilter_swroot}/opt/f-prot/default/fpscand" ) {

With:

if ( -e "${copfilter_swroot}/opt/f-prot/default/fpscan" || -e "${copfilter_swroot}/opt/f-prot/default/fpscand" ) {

Afterwards, settings of the antivirus Copfilter page must be saved once through WebGUI - no restart required.

2. Edit:
'/usr/local/bin/copfilter_cron' (Line ~54)

Replace:

if [ -e /var/log/copfilter/default/opt/f-prot/default/fpscand ]; then

With:

if [ -e "$BASEDIR/opt/f-prot/default/fpscan" -o -e "$BASEDIR/opt/f-prot/default/fpupdate" ]; then

If 3rd Party Signaturen have been installed, the following fix should be applied:

Installation:

tar xzf copfilter_antivirus.cgi-v1.tgz -C /home/httpd/cgi-bin

After installing the free F-PROT-Home-User-Version the following messages appear in '/var/log/copfilter/default/opt/monit/var/log/monit.log':

Execution failed Service fpscand 

	Date:        Tue, 25 Oct 2011 20:26:56
	Action:      alert
	Host:        coprouter.localdomain
	Description: failed to start

Timeout Service fpscand

	Date:        Tue, 25 Oct 2011 20:33:57
	Action:      unmonitor
	Host:        coprouter.localdomain
	Description: service restarted 5 times within 5 cycles(s) - unmonitor

After installing F-PROT, the switch FPROTD_ENABLE in '/var/log/copfilter/default/etc/''global_settings*' is set to ON.

Triggered by '/var/log/copfilter/default/opt/monit/etc/monit.rc', 'monit' will therefore seek to monitor the licensed version of F-PROT ('fpscand').

This file is not available in the free version ('fpscan'), only in the licensed ('fpscand').

Edit:
'/var/log/copfilter/default/opt/monit/etc/init.d/copfilter_monit' (Line ~112)

Replace:

if [ -f $BASEDIR/etc/fprotd_enable ]; then

With:

if [ -f $BASEDIR/etc/fprotd_enable ] && [ -f "${copfilter_swroot}/opt/f-prot/default/fpscand" ] ; then

Initiated by: http://www.copfilter.org/forum/viewtopic.php?p=2966#p2966 (german)

See also: http://www.copfilter.org/forum/viewtopic.php?p=2973#p2973 (english)

While opening a HTTPS-Site, user receives error message: “Proxy server refused the connection”

Edit:
'/var/log/copfilter/default/opt/havp/etc/init.d/copfilter_havp'

Replace:

# COPFILTER START - havp - do not modify
acl copfilter_all src 0.0.0.0/0.0.0.0
acl Scan_HTTP proto HTTP
acl Scan_FTP proto FTP

cache_peer 127.0.0.1 parent 10080 0 no-query no-digest no-netdb-exchange default
cache_peer_access 127.0.0.1 allow copfilter_all

always_direct allow Scan_FTP
never_direct allow Scan_HTTP
# COPFILTER END - havp - do not modify

With:

# COPFILTER START - havp - do not modify
acl copfilter_all src 0.0.0.0/0.0.0.0
acl Scan_HTTP proto HTTP
acl HTTPS proto HTTPS          <-- insert this line
acl Scan_FTP proto FTP

cache_peer 127.0.0.1 parent 10080 0 no-query no-digest no-netdb-exchange default
cache_peer_access 127.0.0.1 allow copfilter_all

always_direct allow Scan_FTP
always_direct allow HTTPS      <-- insert this line
never_direct allow Scan_HTTP
# COPFILTER END - havp - do not modify

Afterwards restart HAVP service.

After installing F-PROT, the download progress of each signature update is logged in '/var/log/copfilter/default/opt/tools/var/log/copfilter_cron.log' and '/var/log/messages':

Downloading update (%1)
Downloading update (%3)
Downloading update (%6)
Downloading update (%8)
Downloading update (%11)
Downloading update (%13)
Downloading update (%15)
...

Edit:
'/var/log/copfilter/default/opt/tools/bin/check-updates_f-prot.sh' (Line ~29)

Replace:

$BASEDIR/opt/f-prot/default/fpupdate

With:

$BASEDIR/opt/f-prot/default/fpupdate  >/dev/null 2>&1