Pacote não oficial E2guardian para software pfsense® - Adeus squidguard :D
-
Jul 4 11:56:14 php-cgi rc.bootup: NTPD is starting up. Jul 4 11:56:14 kernel done. Jul 4 11:56:14 kernel done. Jul 4 11:56:14 check_reload_status Updating all dyndns Jul 4 11:56:14 php-cgi rc.bootup: [squid] Installed but not started. Not installing 'nat' rules. Jul 4 11:56:15 php-cgi rc.bootup: [squid] Installed but not started. Not installing 'pfearly' rules. Jul 4 11:56:15 kernel . Jul 4 11:56:15 php-cgi rc.bootup: [squid] Installed but not started. Not installing 'filter' rules. Jul 4 11:56:15 kernel .. Jul 4 11:56:16 kernel .done. Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/wan-traffic.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/wan-traffic.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/wan-packets.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/wan-packets.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/lan-traffic.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/lan-traffic.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/lan-packets.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/lan-packets.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/ipsec-traffic.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/ipsec-traffic.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/ipsec-packets.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/ipsec-packets.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/system-states.rrd N:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/system-states.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190649 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/system-processor.rrd N:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/system-processor.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190650 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/system-memory.rrd N:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/system-memory.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190650 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/system-mbuf.rrd N:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/system-mbuf.rrd: illegal attempt to update using time 1499180180 when last update time is 1499190650 (minimum one second step)' Jul 4 11:56:20 php-cgi rc.bootup: Creating rrd update script Jul 4 11:56:20 kernel done. Jul 4 11:56:21 syslogd exiting on signal 15 Jul 4 11:56:21 syslogd kernel boot file is /boot/kernel/kernel Jul 4 11:56:21 kernel done. Jul 4 11:56:21 php-fpm 286 /rc.start_packages: Restarting/Starting all packages. Jul 4 11:56:21 php-fpm 286 /rc.start_packages: [squid] - squid_resync function call pr: bp: rpc:no Jul 4 11:56:24 php-fpm 286 /rc.start_packages: [squid] Adding cronjobs ... Jul 4 11:56:24 php-fpm 286 /rc.start_packages: Checked cron job for /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf, no change needed Jul 4 11:56:24 php-fpm 286 /rc.start_packages: Checked cron job for /usr/local/pkg/swapstate_check.php, no change needed Jul 4 11:56:24 php-fpm 286 /rc.start_packages: [squid] Antivirus features disabled. Jul 4 11:56:24 php-fpm 286 /rc.start_packages: [squid] Removing freshclam cronjob. Jul 4 11:56:25 php-fpm 286 /rc.start_packages: [squid] Starting service... Jul 4 11:56:27 php-fpm 286 /rc.start_packages: [squid] Starting a proxy monitor script Jul 4 11:56:28 check_reload_status Reloading filter Jul 4 11:56:28 php-fpm 286 /rc.start_packages: [E2guardian] - Save settings package call pr: bp:1 rpc:no Jul 4 11:56:29 check_reload_status Syncing firewall Jul 4 11:56:29 check_reload_status Syncing firewall Jul 4 11:56:31 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 4 11:56:33 login login on ttyv0 as root Jul 4 11:56:33 sshlockout 92379 sshlockout/webConfigurator v3.0 starting up Jul 4 14:57:23 php-fpm 72745 /index.php: webConfigurator authentication error for 'admn' from 10.106.15.10 Jul 4 14:57:27 php-fpm 72745 /index.php: Successful login for user 'admin' from: 10.106.15.10 Jul 4 14:57:44 php-fpm 31864 /pkg_edit.php: Starting E2guardian Jul 4 14:57:44 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 4 14:57:44 php-fpm 31864 /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 20480 -> 20480 Starting e2guardian. Shared object "libssl.so.9" not found, required by "e2guardian" /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian' Jul 4 14:57:45 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 4 14:57:51 php-fpm 42404 /pkg_edit.php: Starting E2guardian Jul 4 14:57:51 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 4 14:57:51 php-fpm 42404 /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 20480 -> 20480 Starting e2guardian. Shared object "libssl.so.9" not found, required by "e2guardian" /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'
SEGUE O LOG
-
Olhe os logs do sistema para ver porque o seu e2g não está subindo. Ou execute na console
/use/local/etc/rc d/e2guardian.sh start
A execução do comando retornou o seguinte:
/use/local/etc/rc: not fund
porem quando uso
/usr/local/etc/rc.d/e2guardian.sh start
então retorna
WARNING: failed to start e2guardian
-
faltou o . no que digitei.
tenta isso na console:
killall e2guardian; /usr/local/sbin/e2guardian -N
Esse comando vai rodar o e2guardian em foreground.
-
faltou o . no que digitei.
tenta isso na console:
killall e2guardian; /usr/local/sbin/e2guardian -N
Esse comando vai rodar o e2guardian em foreground.
coloquei o comando e retornou
Shared object "libssl.so.9" not found, required by "e2guardian"
-
Shared object "libssl.so.9" not found, required by "e2guardian"
Certo, está faltando a openssl. você pode instalar ela manualmente com o comando abaixo
pkg install openssl
ou desinstale o e2guardian e instale novamente. Ele é dependência do e2guardian e deveria ter sido instalado durante o processo via interface web.
-
olá tentei instalar o openssl e olha o que retornou
Updating Unofficial repository catalogue…
Fetching meta.txz: . done
Fetching packagesite.txz: . done
Processing entries: . done
Unofficial repository update completed. 9 packages processed.
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'openssl' have been found in the repositories
Tentei também reinstalar o pacote e2guardian, e mesmo assim fala que falta instalar o openssl
seria o caso se pegar o repositorio do mesmo? parece que ele não acha repositorio.
aguardo e obrigado pela ajuda
-
pkg: No packages available to install matching 'openssl' have been found in the repositories
Estava faltando o openssl para o pfSense 2.3.x 32 bits, já estou compilando e subindo para o repositório.
-
Deus do céu, vocês estão a todo vapor, parabéns Marcelloc !!! Colocarei em produção em alguns dias.
-
Eu estou doido para utilizar o pacote, porém eu queria algum pop ou tutorial ensinando como se faz bloqueio, liberação. Um passo a passo de como a ferramenta trabalha.
-
Eu estou doido para utilizar o pacote, porém eu queria algum pop ou tutorial ensinando como se faz bloqueio, liberação. Um passo a passo de como a ferramenta trabalha.
Somos dois então, ansioso! :D
-
Eu estou doido para utilizar o pacote, porém eu queria algum pop ou tutorial ensinando como se faz bloqueio, liberação. Um passo a passo de como a ferramenta trabalha.
Somos dois então, ansioso! :D
Eu estou doido para utilizar o pacote, porém eu queria algum pop ou tutorial ensinando como se faz bloqueio, liberação. Um passo a passo de como a ferramenta trabalha.
Bom, se querem um passo a passo de como configura o basico para bloqueio tem no tuto abaixo. O restante o marcelloc deve estar fazendo aquele video que ele prometeu. Também acredito que ele vá fazer um curso mais avançado sobre e colocar no sysquad. :D
https://eliasmoraispereira.wordpress.com/2017/06/21/pfsense-proxy-transparente-mitm-no-modo-splice-all-com-squid-e2guardian/ -
Tem muita coisa incompleta nesse seu tutorial. Eu mesmo já vi e segui ele. Porém para quem quer o básico ele serve perfeitamente.
-
pkg: No packages available to install matching 'openssl' have been found in the repositories
Estava faltando o openssl para o pfSense 2.3.x 32 bits, já estou compilando e subindo para o repositório.
Conseguiu subir o pacote openssl para a versão 32 bits?
-
Conseguiu subir o pacote openssl para a versão 32 bits?
Ontem mesmo
https://github.com/marcelloc/Unofficial-pfSense-packages/tree/master/repo-i386
-
obrigado, fui tentar reinstalar o pacote e deu um erro, vou tentar instalar novamente do zero.obrigado, logo posto os resultados
-
Marcello Bom dia,
Meu caro é o seguinte, depois da ultima atualização que teve no pacote o seguinte erro começou a ocorrer (imagem anexa):
Esse erro começou a ocorrer depois da ultima atualização que houve, fiz os procedimentos como vc havia indicado, até então tudo estava funcionando muito bem, depois que atualizei o e2guardian ficou parado e não funcionou, derrepente funcionou mas parou de novo, fui verificar nos logs e deu a seguinte menssagem:
Jul 7 12:01:10 e2guardian 98736 Error opening/creating log file. (check ownership and access rights). Jul 7 12:01:10 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:01:20 e2guardian 1615 Error opening/creating log file. (check ownership and access rights). Jul 7 12:01:20 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:01:30 e2guardian 3955 Error opening/creating log file. (check ownership and access rights). Jul 7 12:01:30 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 15:01:33 php-fpm 90230 /pkg_edit.php: [E2guardian] - Save settings package call pr: bp: rpc:no Jul 7 15:01:33 check_reload_status Syncing firewall Jul 7 15:01:33 check_reload_status Syncing firewall Jul 7 12:01:44 e2guardian 13985 Error opening/creating log file. (check ownership and access rights). Jul 7 12:01:44 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 15:01:57 php-fpm 10699 /pkg_edit.php: [E2guardian] - Save settings package call pr:1 bp: rpc:no Jul 7 15:01:57 check_reload_status Syncing firewall Jul 7 15:01:57 check_reload_status Syncing firewall Jul 7 15:01:58 check_reload_status Syncing firewall Jul 7 12:02:00 e2guardian 35022 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:00 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:02:04 e2guardian 41875 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:04 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 15:02:09 php-fpm 38528 /pkg_edit.php: [E2guardian] - Save settings package call pr: bp: rpc:no Jul 7 15:02:09 check_reload_status Syncing firewall Jul 7 15:02:09 check_reload_status Syncing firewall Jul 7 12:02:18 e2guardian 53556 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:18 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 15:02:22 php-fpm 50441 /pkg_edit.php: Starting E2guardian Jul 7 12:02:26 e2guardian 56299 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:26 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 15:02:26 php-fpm 50441 /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 20480 -> 20480 Starting e2guardian. Error opening/creating log file. (check ownership and access rights). I am running as clamav and I am trying to open /var/log/e2guardian/access.log /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian' Jul 7 12:02:32 e2guardian 58342 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:33 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:02:44 e2guardian 63116 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:44 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:02:47 e2guardian 65606 Error opening/creating log file. (check ownership and access rights). Jul 7 12:02:47 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:03:07 e2guardian 92037 Error opening/creating log file. (check ownership and access rights). Jul 7 12:03:07 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:03:07 e2guardian 7907 Error opening/creating log file. (check ownership and access rights). Jul 7 12:03:08 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:03:27 e2guardian 1969 Error opening/creating log file. (check ownership and access rights). Jul 7 12:03:27 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:03:27 e2guardian 3172 Error opening/creating log file. (check ownership and access rights). Jul 7 12:03:27 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:03:41 e2guardian 80932 Error opening/creating log file. (check ownership and access rights). Jul 7 12:03:41 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:03:55 e2guardian 3548 Error opening/creating log file. (check ownership and access rights). Jul 7 12:03:55 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:04:04 e2guardian 22469 Error opening/creating log file. (check ownership and access rights). Jul 7 12:04:04 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jul 7 12:04:10 e2guardian 36036 Error opening/creating log file. (check ownership and access rights). Jul 7 12:04:10 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian
imaginei que fosse algum coisa que eu havia feito de errado, então instalei uma copia do pfsense do zero configurei o squid e instalei o pacote do e2guardian, quando termino as configurações e aplico, continua parado…! vou nos logs e a mesma menssagem aparece.
É como se ele não tivesse criando os arquivos de log ou não tivesse permissão para isso.qualquer ajuda, fico no aguardo.
-
Marcello seguinte:
comecei a procurar onde estava o problema e descobri que não esta sendo gerado o arquivo de log "access.log" imagino que por isso estava gerando todos os erros que mencionei no post anterior.
Fui no arquivo de configuração do E2guardian "/usr/local/etc/e2guardian/e2guardian.conf" procurei linhas relacionadas com os logs vi que a linha abaixo esta normal:
Defines the log directory and filename.
loglocation = '/var/log/e2guardian/access.log'
Indo mais a baixo encontrei a linha "#logsyslog = off" que é referente ao syslog do pacote. Por curiosidade e tambem não sei se isso tem haver, coloquei como "logsyslog = on", dai reiniciei o o serviço do e2guardian que para minha surpresa funcionou normalmente sem problema inclusive navegando em todos os sites e com as ACL'S funcionando.
Dai quando faço alguma alteração e salvo essa linha volta a ficar "#logsyslog = off" dai o e2guardian volta a dar problema e não funciona e a navegação também para obviamente! Volto a colocar como "logsyslog = on" reinicio o serviço e volta a funcionar, so que o arquivo "access.log" que fica em "/var/log/e2guardian/" não é gerado, ou seja, não existe e na aba "Real Time" nada é garado, mas tudo esta funcionando.
- Pode ter havido algum problema em relação aos logs na instalação? (para efeito de informação, não apresentou erro algum)
grato, fico no aguardo.
-
tenta isso aqui:
mkdir -p /var/squid/logs chown squid:proxy /var/squid/logs
-
tenta isso aqui:
mkdir -p /var/squid/logs chown squid:proxy /var/squid/logs
mkdir -p /var/squid/logs
A pasta ja existe, estou usando o pacote do squid dai ele ja criouchown squid:proxy /var/squid/logs
Ja esta setado como squid:proxy -
Vou subir uma vm do zero para ver qual permissão está faltando.
quais as permissoes que aparecem na sua pasta /var/log/e2guardian?