havp 0.82: Add HAVP, a HTTP antivirus proxy which uses clamav to scan

http traffic passing through the proxy. It can act as either a
transparent proxy or as a manual proxy.

7 files changed, 174 insertions, 0 deletions

diff --git a/packages/havp/.mtn2git_empty b/packages/havp/.mtn2git_empty
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/packages/havp/.mtn2git_empty
diff --git a/packages/havp/files/.mtn2git_empty b/packages/havp/files/.mtn2git_empty
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/packages/havp/files/.mtn2git_empty
diff --git a/packages/havp/files/doc.configure.txt b/packages/havp/files/doc.configure.txt
new file mode 100644
index 0000000000..f88fb405ec
--- /dev/null
+++ b/packages/havp/files/doc.configure.txt
@@ -0,0 +1,21 @@
+The following items needs to be considered when using havp:
+
+1. Madatory locking
+
+   The filesystem on which SCANTEMPFILE lives must have madatory
+   locking enabled (mand option to mount). Note that nfs does not
+   support madatory locking.
+
+2. Scanning directory size
+
+   If you have limited space on the SCANTEMPFILE then you will need
+   to set MAXSCANSIZE.
+
+3. Transparent proxy
+
+   For transparent proxying you need an IP tables rule such as:
+
+     iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
+
+   where eth0 is the incomming port, and 8080 is the port that havp
+   is running on.
diff --git a/packages/havp/files/havp.init b/packages/havp/files/havp.init
new file mode 100644
index 0000000000..245a28e7bc
--- /dev/null
+++ b/packages/havp/files/havp.init
@@ -0,0 +1,33 @@
+#!/bin/sh
+DAEMON=/usr/sbin/havp
+HAVP_CONFIG=/etc/havp/havp.config
+PIDFILE=/var/run/havp/havp.pid
+NAME="havp"
+DESC="HAVP"
+
+test -r /etc/default/havp && . /etc/default/havp
+test -x "$DAEMON" || exit 0
+test ! -r "$HAVP_CONFIG" && exit 0
+        
+case "$1" in
+  start)
+    echo "Starting $DESC: "
+    start-stop-daemon --oknodo -S -x $DAEMON -- -c $HAVP_CONFIG
+    echo "$NAME."
+    ;;
+
+  stop)
+    echo "Stopping $DESC:"
+    start-stop-daemon -K -p $PIDFILE
+    ;;
+
+  restart)
+    $0 stop >/dev/null 2>&1
+    $0 start
+    ;;
+
+  *)
+    echo "Usage: $0 {start|stop|restart}"
+    exit 0
+    ;;
+esac
diff --git a/packages/havp/files/sysconfdir-is-etc.patch b/packages/havp/files/sysconfdir-is-etc.patch
new file mode 100644
index 0000000000..518a56f440
--- /dev/null
+++ b/packages/havp/files/sysconfdir-is-etc.patch
@@ -0,0 +1,26 @@
+--- havp-0.82/havp/default.h.in	2006/10/05 09:05:18	1.1
++++ havp-0.82/havp/default.h.in	2006/10/05 09:05:31
+@@ -51,7 +51,7 @@
+  "ENABLEAVAST","AVASTSOCKET","AVASTSERVER","AVASTPORT"
+ //SCANNERS
+ 
+-#define CONFIGFILE "/usr/local/etc/havp/havp.config"
++#define CONFIGFILE "/etc/havp/havp.config"
+ 
+ 
+ //##############################################################
+--- havp-0.82/havp/params.cpp	2006/10/05 09:04:45	1.1
++++ havp-0.82/havp/params.cpp	2006/10/05 09:05:06
+@@ -58,9 +58,9 @@
+     SetConfig("KEEPBACKTIME",	"5");
+     SetConfig("TRICKLING",	"30");
+     SetConfig("WHITELISTFIRST",	"true");
+-    SetConfig("WHITELIST",	"/usr/local/etc/havp/whitelist");
+-    SetConfig("BLACKLIST",	"/usr/local/etc/havp/blacklist");
+-    SetConfig("TEMPLATEPATH",	"/usr/local/etc/havp/templates/en");
++    SetConfig("WHITELIST",	"/etc/havp/whitelist");
++    SetConfig("BLACKLIST",	"/etc/havp/blacklist");
++    SetConfig("TEMPLATEPATH",	"/etc/havp/templates/en");
+     SetConfig("TEMPDIR",	"/var/tmp");
+     SetConfig("SCANTEMPFILE",	"/var/tmp/havp/havp-XXXXXX");
+     SetConfig("PIDFILE",	"/var/run/havp/havp.pid");
diff --git a/packages/havp/files/volatiles.05_havp b/packages/havp/files/volatiles.05_havp
new file mode 100644
index 0000000000..3a9551fc1f
--- /dev/null
+++ b/packages/havp/files/volatiles.05_havp
@@ -0,0 +1,5 @@
+# <type> <owner> <group> <mode> <path> <linksource>
+d havp havp 0775 /var/log/havp none
+d havp havp 0755 /var/lib/havp none
+d havp havp 0755 /var/run/havp none
+d havp havp 0755 /var/tmp/havp none
diff --git a/packages/havp/havp_0.82.bb b/packages/havp/havp_0.82.bb
new file mode 100644
index 0000000000..a0e1a00d64
--- /dev/null
+++ b/packages/havp/havp_0.82.bb
@@ -0,0 +1,89 @@
+DESCRIPTION = "HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV \
+anti-virus scanner. The main aims are continuous, non-blocking \
+downloads and smooth scanning of dynamic and password protected HTTP \
+traffic. Havp antivirus proxy has a parent and transparent proxy \
+mode. It can be used with squid or standalone."
+HOMEPAGE = "http://www.server-side.de"
+SECTION = "network"
+LICENSE = "GPLv2"
+DEPENDS = "clamav"
+RDEPENDS_${PN} += "${PN}-templates-css2 ${PN}-templates-en"
+PR = "r0"
+
+SRC_URI = "http://www.server-side.de/download/havp-${PV}.tar.gz \
+           file://sysconfdir-is-etc.patch;patch=1 \
+           file://havp.init \
+           file://doc.configure.txt \
+           file://volatiles.05_havp"
+
+inherit autotools
+
+EXTRA_OECONF = "--with-scanner=libclamav"
+
+do_configure_append () {
+        # Change the paths for /usr/local/etc (patch was applied to change them)
+        # And enable clamav as the scanner that is to be used.
+        sed -e 's:ENABLECLAMLIB false:ENABLECLAMLIB true:' \
+            -e 's:/usr/local/etc:/etc:' \
+            etc/havp/havp.config > etc/havp/havp.config.oe
+}	
+do_install () {
+        install -m 0755 -d ${D}${sbindir} ${D}${sysconfdir}/havp \
+                ${D}${sysconfdir}/init.d ${D}${docdir}/havp \
+                ${D}${sysconfdir}/default/volatiles
+        install -m 755 havp/havp ${D}${sbindir}
+        install -m 755 ${WORKDIR}/havp.init ${D}${sysconfdir}/init.d/havp
+        install -m 755 INSTALL ${D}${docdir}/havp
+        install -m 755 ${WORKDIR}/doc.configure.txt ${D}${docdir}/havp/configure.txt
+        install -m 644 etc/havp/havp.config.oe ${D}${sysconfdir}/havp/havp.config
+        install -m 644 etc/havp/havp.config.oe ${D}${docdir}/havp/havp.config.default
+
+        for i in whitelist blacklist; do
+          install -m 644 etc/havp/$i ${D}${sysconfdir}/havp/$i
+        done
+        cp -r etc/havp/templates ${D}${sysconfdir}/havp
+        chmod -R a+rX ${D}${sysconfdir}/havp/templates
+
+        # We need some /var directories
+        for i in 05_havp; do
+          install -m 0644 ${WORKDIR}/volatiles.$i ${D}${sysconfdir}/default/volatiles/$i
+        done
+}
+
+PACKAGES = "${PN}-dbg ${PN}-doc \
+            ${PN}-templates-br ${PN}-templates-css2 ${PN}-templates-de \
+            ${PN}-templates-en ${PN}-templates-es ${PN}-templates-fr \
+            ${PN}-templates-it ${PN}-templates-nl ${PN}-templates-pf \
+            ${PN}-templates-pl ${PN}-templates-ru ${PN}-templates-sv \
+            ${PN}"
+
+FILES_${PN} = "${sysconfdir}/havp/blacklist ${sysconfdir}/havp/whitelist \
+               ${sysconfdir}/havp/havp.config* \
+               ${sysconfdir}/init.d ${sysconfdir}/default ${sbindir}"
+FILES_${PN}-templates-br = "${sysconfdir}/havp/templates/br"
+FILES_${PN}-templates-css2 = "${sysconfdir}/havp/templates/css2"
+FILES_${PN}-templates-de = "${sysconfdir}/havp/templates/de"
+FILES_${PN}-templates-en = "${sysconfdir}/havp/templates/en"
+FILES_${PN}-templates-es = "${sysconfdir}/havp/templates/es"
+FILES_${PN}-templates-fr = "${sysconfdir}/havp/templates/fr"
+FILES_${PN}-templates-it = "${sysconfdir}/havp/templates/it"
+FILES_${PN}-templates-nl = "${sysconfdir}/havp/templates/nl"
+FILES_${PN}-templates-pf = "${sysconfdir}/havp/templates/pf"
+FILES_${PN}-templates-pl = "${sysconfdir}/havp/templates/pl"
+FILES_${PN}-templates-ru = "${sysconfdir}/havp/templates/ru"
+FILES_${PN}-templates-sv = "${sysconfdir}/havp/templates/sv"
+
+# Add havp's user and groups
+pkg_postinst_${PN} () {
+        grep -q havp: /etc/group || addgroup havp
+        grep -q havp: /etc/passwd || \
+            adduser --disabled-password --home=${localstatedir}/lib/havp/ --system \
+                    --ingroup havp --no-create-home -g "HAVP" havp
+        /etc/init.d/populate-volatile.sh
+}
+
+CONFFILES_${PN} = "${sysconfdir}/havp/havp.config \
+                   ${sysconfdir}/havp/blacklist ${sysconfdir}/havp/whitelist"
+
+INITSCRIPT_NAME_${PN} = "havp"
+INITSCRIPT_PARAMS_${PN} = "defaults 55 45"