Squid + DansGuardian
-
Dansguardian installs, but it keeps complaining about a missing AV database, and that it's going to run freshclam due to that. Of course, that doesn't seem to succeed, otherwise, I wouldn't get that message over and over, and instead would get it once, then the database would get downloaded, and that would be that.
Not sure if this is a 2.1 issue, or a general problem with the Dansguardian package.
Also, even though enabled, it never shows as active in the Dashboard's Services Status section, but obviously it must be doing something, otherwise it wouldn't complain about the lack of the AV database…
So something is certainly still funky with that package.
Unrelated question: I have such low traffic here, that the value of using squid is questionable. Can dansguardian also used by itself, or does it require to be paired with squid to work properly?
-
Dansguardian installs, but it keeps complaining about a missing AV database, and that it's going to run freshclam due to that. Of course, that doesn't seem to succeed, otherwise, I wouldn't get that message over and over, and instead would get it once, then the database would get downloaded, and that would be that.
Not sure if this is a 2.1 issue, or a general problem with the Dansguardian package.
Also, even though enabled, it never shows as active in the Dashboard's Services Status section, but obviously it must be doing something, otherwise it wouldn't complain about the lack of the AV database…
So something is certainly still funky with that package.
Unrelated question: I have such low traffic here, that the value of using squid is questionable. Can dansguardian also used by itself, or does it require to be paired with squid to work properly?
Do you have snort installed?
Here is what I have found. Snort installs pcre-8.30_2
Dansguardian uses pcre-8.20_1 and will not work or at least I can not get it to work with pcre-8.30_2However if you install snort after you install danguardian it will work as long as you do not reboot your box.
If you have rebooted your box dansguardian will appear to work sometimes but if you go into it and click save on any of the buttons then go into the sys log you will see the errors.
If you do a pkg_delete -f pcre-8.30_2
Then go into dansguardian click save check the system logs no errors reboot no errors howerver snort will not start.
If you do a pkg_add -f -r http://files.pfsense.org/packages/8/All/pcre-8.30_2.tbz *for i386 only or
http://files.pfsense.org/packages/amd64/8/All/pcre-8.30_2.tbz amd64 onlyThen snort will start but do not reboot your box if you do you will have to do this all over again.
-
Ah, yes, snort is installed. Of course, the box also needs to be rebooted semi-regularly, particularly now during the 2.1 beta..
That's of course a bummer that snort and dansguardian are as it stands incompatible.
Was looking forward for a postfix-mailscanner, squid3-dansguardian and snort setup.
Looks like snort has issues, dansguardian has issues, and the mail server may have more CPU and memory available to be burdened with the spam/virus filtering business in e-mail…
Hope the dansguardian - snort incompatibility can be sorted out; I thought one of the reasons for the pbi packaging was to prevent these sort of things?
-
Hope the dansguardian - snort incompatibility can be sorted out; I thought one of the reasons for the pbi packaging was to prevent these sort of things?
I dont have this issue. Now Snort was install after dansguardian many times yesterday..
[2.1-BETA0][]/root(21): ps -aux | grep dans nobody 11094 0.0 0.2 9612 6476 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11263 0.0 0.2 9612 6476 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11305 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11636 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11657 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11909 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12216 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12382 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12474 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12726 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 45077 0.0 0.4 17804 12996 ?? Is 9:24PM 0:00.85 /usr/pbi/dansguardian-i386/sbin/dansguardian root 54354 0.0 0.0 3536 1264 0 S+ 9:32PM 0:00.01 grep dans [2.1-BETA0][]/root(22): ps -aux | grep snort root 49923 2.4 5.5 424384 170376 ?? Ss 4:34PM 7:41.82 /usr/pbi/snort-i386/bin/snort -R 39737 -D -q -l /var/log/snort/39737_ root 2424 0.0 0.0 3536 1264 0 S+ 9:33PM 0:00.00 grep snort -
Hope the dansguardian - snort incompatibility can be sorted out; I thought one of the reasons for the pbi packaging was to prevent these sort of things?
I dont have this issue. Now Snort was install after dansguardian many times yesterday..
[2.1-BETA0][]/root(21): ps -aux | grep dans nobody 11094 0.0 0.2 9612 6476 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11263 0.0 0.2 9612 6476 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11305 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11636 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11657 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 11909 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12216 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12382 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12474 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 12726 0.0 0.4 17804 12996 ?? I 9:28PM 0:00.00 /usr/pbi/dansguardian-i386/sbin/dansguardian nobody 45077 0.0 0.4 17804 12996 ?? Is 9:24PM 0:00.85 /usr/pbi/dansguardian-i386/sbin/dansguardian root 54354 0.0 0.0 3536 1264 0 S+ 9:32PM 0:00.01 grep dans [2.1-BETA0][]/root(22): ps -aux | grep snort root 49923 2.4 5.5 424384 170376 ?? Ss 4:34PM 7:41.82 /usr/pbi/snort-i386/bin/snort -R 39737 -D -q -l /var/log/snort/39737_ root 2424 0.0 0.0 3536 1264 0 S+ 9:33PM 0:00.00 grep snortThe problem definetly exists on 2.0.1-RELEASE (amd64) I have multiple boxes each one has the same problem.
Have you rebooted since you installed snort?
If you have what happens when go into the gui and click save on any of the tabs?Mayber the new beta does not have this problem?
Here are two posts on the subjecthttps://bugs.archlinux.org/task/28459
https://bbs.archlinux.org/viewtopic.php?pid=1114701 -
Hi,
white list this site or increase Naughtiness limit field on group tab.
Ok, I fixed Naughtiness on 160 (young adult as it's called).
did you enabled the banned list on access lists -> sites -> banned ?
Yes, I think I have done well.
Check this screenshot, I enabled both sites and URL and added "facebook.com", in the file, it is said to don't bother with "www" and "http://".
I tried myself to do routing to make dansGuardian transparent and to don't have to configure client browser but I didn't succes.
I saw System -> routing but I don't tink it will do what I want ? (make all packets go on 8080port)
If I add a server before pfSense,is there a way to do this ?Airy
-
The problem definetly exists on 2.0.1-RELEASE (amd64) I have multiple boxes each one has the same problem.
Have you rebooted since you installed snort?
If you have what happens when go into the gui and click save on any of the tabs?I had it running fine on 2.0.1 i386 a couple of weeks ago.. but with all the package changes recently, i dont know without starting up a vm to test
I've reboot a few times since
-
Hi,
I think my NAT rules work because the content of my web page is filtered.
However I can still go on facebook site and I want to bannish. My configuration didn't change in the Accsess list, does anyone know why I can still browse on this website ?Airy
-
Hi,
I think my NAT rules work because the content of my web page is filtered.
However I can still go on facebook site and I want to bannish. My configuration didn't change in the Accsess list, does anyone know why I can still browse on this website ?Airy
Your screenshot shows virusscanner description, are you sure you have configured it on right place?
ps: to attach screenshots on post, use additional Options.
-
Hi,
Thank you, it works fine.
Your screenshot shows virusscanner description, are you sure you have configured it on right place?
I configured the virusscanner and not url and sites, I must be blind …
Airy
