Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unofficial E2guardian package for pfSense

    Scheduled Pinned Locked Moved Cache/Proxy
    1.2k Posts 70 Posters 1.4m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM
      marcelloc
      last edited by

      @jetberrocal:

      Thank you for your efforts.

      Except for the clamav integration and coexistence with squid setup(I did not had time to test yet), I'm running e2Guardian with ssl interception(facebook, youtube videos), authentication and non-sandwich mode.

      E2guardian 3.5.1 with 4.1 backport cert fix is working really nice.  8)

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • J
        jetberrocal
        last edited by

        @marcelloc:

        @jetberrocal:

        Thank you for your efforts.

        Except for the clamav integration and coexistence with squid setup(I did not had time to test yet), I'm running e2Guardian with ssl interception(facebook, youtube videos), authentication and non-sandwich mode.

        E2guardian 3.5.1 with 4.1 backport cert fix is working really nice.  8)

        In my opinion is ready for a version 1.0 in the pfsense repo.  In my case I feel already have the features I need for production.

        1 Reply Last reply Reply Quote 0
        • marcellocM
          marcelloc
          last edited by

          If you need wpad or planning to test, I've finished a package for it on my repo.

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          • J
            jetberrocal
            last edited by

            @marcelloc:

            If you need wpad or planning to test, I've finished a package for it on my repo.

            I use wpad but do not use it for "Auto detect" proxy, because Windows OS machines have a bug that fail to auto detect successfully.  They do download the wpad file but they do not update the file correctly.  They have a registry key/value that is set the first time with the wpad file if any found, but latter if the wpad changes or is found, the registry key fails to be updated.  It is easier to create a Domain gpo setting the wpad.

            It would be nice to be able to download directly from pfsense box instead to have other web server to serve it.

            1 Reply Last reply Reply Quote 0
            • marcellocM
              marcelloc
              last edited by

              @jetberrocal:

              It would be nice to be able to download directly from pfsense box instead to have other web server to serve it.

              Take a look when you have time.

              https://forum.pfsense.org/index.php?topic=131169.0

              Treinamentos de Elite: http://sys-squad.com

              Help a community developer! ;D

              1 Reply Last reply Reply Quote 0
              • M
                Mr. Jingles
                last edited by

                Cron was already installed. I installed Aquid next to it.

                I did the complete reinstall as per my previous post of yesterday, now no errors during install, yet same errors in status/system logs after enabling e2guardian,  and e2guardian nor tiny start in Status/Services.

                May 26 16:16:52

                |
                | root |
                |

                /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian [/q][/t][/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error parsing the e2guardian.conf file or other e2guardian configuration files [/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error reading filter group conf file(s). [/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf [/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error opening bannedsitelist [/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error reading file: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default [/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains [/t]

                | May 26 16:16:52 | e2guardian | 69964 |

                Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory [/t]

                | May 26 16:16:34 | php-fpm | 58737 |

                /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian' [/t]

                | May 26 16:16:34 | root |
                |

                /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error parsing the e2guardian.conf file or other e2guardian configuration files [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error reading filter group conf file(s). [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error opening bannedsitelist [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error reading file: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains [/t]

                | May 26 16:16:34 | e2guardian | 61336 |

                Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory [/t]

                | May 26 16:16:34 | php-fpm | 58737 |

                /pkg_edit.php: Starting E2guardian [/t]

                | May 26 16:16:29 | php-fpm | 89842 |

                /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'

                [/t]

                6 and a half billion people know that they are stupid, agressive, lower life forms.

                1 Reply Last reply Reply Quote 0
                • marcellocM
                  marcelloc
                  last edited by

                  @Mr.:

                  yet same errors in status/system logs after enabling e2guardian

                  Looks like you did not configured all the tabs or did not installed any blacklist(shallalist for example).

                  Treinamentos de Elite: http://sys-squad.com

                  Help a community developer! ;D

                  1 Reply Last reply Reply Quote 0
                  • P
                    pfsensation
                    last edited by

                    OMG!! Now everything is working perfectly! Certificates are forged and have the required SAN (Subject Alternative Name) for Google Chrome, Firefox etc to work.
                    Here's my sexy page at home :P – 'KorTeX' is just what I call my network.

                    I only have one issue still. When a page is blocked by ShallaList, or by banned expressions / phraselists. On the report page (block page) it does not correctly tell you what the page was categorised as (it says N/A as you can see on my screenshot) . For example, using the Smoothwall I have at my College, if you try to go to a blocked site, it will tell you why it was blocked and the correct category. When using E2G, currently it just says "Blocked site : whatever.com". If that was fixed it would be even more AMAZING!

                    Another issue is FALSE POSITIVES. I guess it's my configuration related but why is Yandex images, or Bing Images link being classified as portugese pornography? Without anything being typed in or searched? Are the phraselists up to date?

                    Also… On Smoothwall blocking... I realised, when you block advertises using their Guardian Proxy, it doesn't show the block page. Instead it says "advert blocked". Which makes sense, because say for example you're on a website and it's trying to load an ad in a DIV, the block page will show in a small tiny box and be useless. If possible, I'd much rather have it become a white box, or just say advert blocked. Let me know if you want a screenshot or an example of what I mean. But essentially, advertises on websites get replaced by the block page, but because the ads are small, it doesn't display the block page properly and it won't make sense. Since the text would be too small anyways.

                    Once again, thanks for your fantastic work Marcello! Absolutely love the amazing work you do for the community! <3

                    1 Reply Last reply Reply Quote 0
                    • J
                      jetberrocal
                      last edited by

                      Pfsensation

                      Maybe the category problem is a e2g v 3.5.1 bug.

                      Perhaps you can post a question on the e2g forum how to work this problem.

                      I also have the problem here with this e2g.

                      1 Reply Last reply Reply Quote 0
                      • J
                        jkrueger2020
                        last edited by

                        So I hate to be the guy who probably missed a step somewhere and has no idea what he did wrong, but here's my issue. I installed e2Guardian, installed the shallalist and got URL blocking working, but I cannot get the phrase list working at all. Zero. Nada. I've tried going to keywords that are listed in the files for the categories I selected. No blocking. I even edited the config section under ACLs > Phrase List > Banned List > Config file and added the following to it: <jonathan>    Then I tried to pull up a website with the name Jonathan on it - no blocking whatsoever.

                        I'm pulling my hair out on this. Can anyone tell me what step I might have missed that is causing the phrase blocking to not work? Again, I'm really sorry to be the guy who is probably asking a really dumb question.

                        Thanks in advance,

                        Jonathan</jonathan>

                        1 Reply Last reply Reply Quote 0
                        • marcellocM
                          marcelloc
                          last edited by

                          The site you're testing has Jonathan on the url or on page content?

                          Treinamentos de Elite: http://sys-squad.com

                          Help a community developer! ;D

                          1 Reply Last reply Reply Quote 0
                          • J
                            jkrueger2020
                            last edited by

                            @marcelloc:

                            The site you're testing has Jonathan on the url or on page content?

                            Thanks for the reply. It had the word in the page content. Am I misunderstanding something? Is there a way to block a site based on phrases in the page content?

                            1 Reply Last reply Reply Quote 0
                            • marcellocM
                              marcelloc
                              last edited by

                              @jkrueger2020:

                              @marcelloc:

                              The site you're testing has Jonathan on the url or on page content?

                              Thanks for the reply. It had the word in the page content. Am I misunderstanding something? Is there a way to block a site based on phrases in the page content?

                              Sure. This is what e2guardian does. Check if your request are getting logged and set log to dansguardian style. this way you can check more details.

                              Treinamentos de Elite: http://sys-squad.com

                              Help a community developer! ;D

                              1 Reply Last reply Reply Quote 0
                              • M
                                Mr. Jingles
                                last edited by

                                @marcelloc:

                                @Mr.:

                                yet same errors in status/system logs after enabling e2guardian

                                Looks like you did not configured all the tabs or did not installed any blacklist(shallalist for example).

                                Thank you, also for testing it yourself in a clean install.

                                As far as I know, I have been through every tab, every field. I uncommented some default categories, added ports 8080 and 8888 (as I don't use Squid), but still, it doesn't work.

                                May 28 18:08:59    php-fpm    62161    /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Unable read plugin config plugname variable: /usr/local/etc/e2guardian/authplugins/proxy-header.conf auth_plugin_load() returned NULL pointer with config file: /usr/local/etc/e2guardian/authplugins/proxy-header.conf Error loading auth plugins Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'
                                May 28 18:08:59    root        /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian
                                May 28 18:08:59    e2guardian    65089    Error parsing the e2guardian.conf file or other e2guardian configuration files
                                May 28 18:08:59    e2guardian    65089    Error loading auth plugins
                                May 28 18:08:59    e2guardian    65089    auth_plugin_load() returned NULL pointer with config file: /usr/local/etc/e2guardian/authplugins/proxy-header.conf
                                May 28 18:08:59    e2guardian    65089    Unable read plugin config plugname variable /usr/local/etc/e2guardian/authplugins/proxy-header.conf
                                May 28 18:08:59    php-fpm    62161    /pkg_edit.php: Starting E2guardian
                                May 28 18:08:54    php-fpm    59553    /pkg_edit.php: [E2guardian] - Save settings package call pr: bp: rpc:no

                                Is there any way we can find out what is going on?

                                6 and a half billion people know that they are stupid, agressive, lower life forms.

                                1 Reply Last reply Reply Quote 0
                                • marcellocM
                                  marcelloc
                                  last edited by

                                  Disable authentication plugins. Test e2guardian​itself before testing authentication integration

                                  Treinamentos de Elite: http://sys-squad.com

                                  Help a community developer! ;D

                                  1 Reply Last reply Reply Quote 0
                                  • P
                                    pfsensation
                                    last edited by

                                    Is there anyway to get some useful logging? For example being able to see which user tried to access blocked content etc?

                                    I know there's some logging options but it's confusing. And I have no idea where it's actually saving the logs.

                                    Also, I've added a bypass button to my block page. However, how do I make it appear for only certain groups? Currently it appears for everyone but only someone from a group with bypass access can use it.

                                    1 Reply Last reply Reply Quote 0
                                    • M
                                      Mr. Jingles
                                      last edited by

                                      @marcelloc:

                                      Disable authentication plugins. Test e2guardian​itself before testing authentication integration

                                      Thank you.

                                      I actually enabled them all because of your suggestion I hadn't configured everything. It didn't work when non were activated, it didn't work when I actived them, and now I disabled it and it still doesn't work.

                                      May 28 22:21:42    php-fpm    10115    /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'
                                      May 28 22:21:42    root        /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian
                                      May 28 22:21:42    e2guardian    15628    Error parsing the e2guardian.conf file or other e2guardian configuration files
                                      May 28 22:21:42    e2guardian    15628    Error reading filter group conf file(s).
                                      May 28 22:21:42    e2guardian    15628    Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf
                                      May 28 22:21:42    e2guardian    15628    Error opening bannedsitelist
                                      May 28 22:21:42    e2guardian    15628    Error reading file: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default
                                      May 28 22:21:42    e2guardian    15628    Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains
                                      May 28 22:21:42    e2guardian    15628    Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory
                                      May 28 22:21:42    php-fpm    10115    /pkg_edit.php: Starting E2guardian

                                      6 and a half billion people know that they are stupid, agressive, lower life forms.

                                      1 Reply Last reply Reply Quote 0
                                      • marcellocM
                                        marcelloc
                                        last edited by

                                        @Mr.:

                                        
                                        Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory
                                        Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains
                                        Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default
                                        Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf
                                        
                                        

                                        Still looks like you did not applied a blacklist yet. :(
                                        What blacklist are you using? I'll test with the same here to see if I get same results.

                                        Treinamentos de Elite: http://sys-squad.com

                                        Help a community developer! ;D

                                        1 Reply Last reply Reply Quote 0
                                        • marcellocM
                                          marcelloc
                                          last edited by

                                          @pfsensation:

                                          Is there anyway to get some useful logging? For example being able to see which user tried to access blocked content etc?

                                          I can add the realtime tab from squid package

                                          I know there's some logging options but it's confusing. And I have no idea where it's actually saving the logs.

                                          @pfsensation:

                                          Also, I've added a bypass button to my block page. However, how do I make it appear for only certain groups? Currently it appears for everyone but only someone from a group with bypass access can use it.

                                          At least on gui, the report file is set for everyone.  I'll take a look if there is a way to set a html report per group when I have time.

                                          Treinamentos de Elite: http://sys-squad.com

                                          Help a community developer! ;D

                                          1 Reply Last reply Reply Quote 0
                                          • J
                                            jetberrocal
                                            last edited by

                                            E2g logs are suposedto be in var/logs/e2guardian/access.log by default. But can be configured in the confs files.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.