Unofficial E2guardian package for pfSense
-
pfsense wiki has a setup/how to guide for squid and wpad. although not that extensive but it tackled setting up wpad. and in youtube, you can see guide for squid/squidguard and wpad. however, e2guardian do not have public documentation aside from github wiki link you shown.
so it is really hard for novices to follow. yes, setup options are there from left to right but it doesnt say how to really setup this e2guardian with https and http filtering with wpad. it just shows you options to click.
you say e2guardian is a daemon which may work alone without squid or may work also with squid.
its like selling a sophisticated television but no exacting manual how to go with it and your on your own to figure out how to go with it.
-
its like you sell a sophisticated television but no exacting manual how to go with it.
The gui package helps a lot with e2guardian configuration but you need to know how content filter works, network, proxy and tcp-ip base.
You have the option to install only the e2guardian binaries from freebsd and configure all under console following wiki or any e2guardian step by step configuration for linux. Maybe this way you get more comfortable with the content filtering solution implemented by e2guardian.
This topic is also full of information about the package and configuration scenarios with e2guardian + tinyproxy, e2guardian+ squid, squid + e2guardian + squid, e2guardian + user authentication, e2guardian + ip authentication, config trouble shooting, etc…
-
this topic ? so you mean, to know all those information, we need to read this whole topic thread of 36 pages and running and connect the dots by ourselves.
-
You must be kidding me.
-
the e2guardian gui is learn-able but what were just asking, how do you configure, setup the http and https filter with wpad, firewall, etc. to get the ball running and that's it.
-
E2guardian is not an official package of pfsense that is why there is no wiki for it. This thread it does have some configuration samples is not about how to use e2guardian is about how to install it.
To learn how to use e2guardian you have to go to the e2guardian forums and dansguardian wiki/forums.
-
the e2guardian gui is learn-able but what were just asking, how do you configure, setup the http and https filter with wpad, firewall, etc. to get the ball running and that's it.
Wow man, you make it seem like absolute rocket science…
With E2 Guardian the main steps are simple:
-
Generate a CA certificate via pfSense certificate manager
-
Select that certificate on E2 Guardian
-
Figure out how you want to identify clients, identification is needed to know who is who and to assign people to groups. One of the simplest is IP based identification.
-
Setup your ACL's
-
Create groups, input who's in that group and what ACL's to apply and that's all for E2 Guardian setup.
After you have finished E2 Guardian setup, just setup your clients to use E2 Guardian as a proxy. Either manually or via GPO if you are in an organisation. And the same with the CA certificate if you go with HTTPS filtering via MITM.
For WPAD it isn't hard either, there are many guides, since Marcello made a WPAD package. It's even simpler to configure. Just go to the WPAD settings after installing the package, paste your script in there. Configure DHCP to send out your WPAD info (find details easily by Googling).
Everything here is doable. I've managed to do it myself, and I'm quite new to this too. E2 Guardian as a whole is amazing, but understand that the package is still unofficial and not everything is fool proof. And here and there you will have hiccups, but report it and after pestering Marcello a bit (:p) he can fix it. Or pass it onto the E2 Guardian team.
My personal thoughts on E2 Guardian is, it works. However there's much room for improvement but I'm happy with it as it is for now, it's really advanced and powerful. It is able to block based on content checking rather than just rely on black lists and it's very configurable on a who, what, when, where, why basis.
PS: Techbee, you need to first develop an understanding on how everything works it seems. You are trying to use something which you seem to have no knowledge on. It's very simple to Google things like WPAD and find out how it works and what it does. Anyways, I hope my little list helps you, or at least makes it clear that it isn't rocket science.
-
-
pfsensation,
not all could be as knowledgeable like you guys. see, anyone can play with pfsense as it is downloable. for instance, house or personal use.
so a manual for telling this device is 110 volts and not 220 volts is definitely valuable.
-
pfsensation,
not all could be as knowledgeable like you guys. see, anyone can play with pfsense as it is downloable. for instance, house or personal use.
so a manual for telling this device is 110 volts and not 220 volts is definitely valuable.
That's my point, I learnt it myself. The concept of E2 Guardian and getting it up and running is simple. If you need any fine detail just ask. Also as mentioned by others, most of DansGuardian documentation are still valid and apply, if you really need a manual read that. I used the manual only to better understand authentication types. If you are planning to run E2 Guardian from home, I suggest using IP addresses, it's quick and simple to setup.
The main problems you'll probably run into it in some cases overblocking, I've pushed out fixes for it to the official source code. It should help a lot against those.For a while I was having a lot of issues with E2 Guardian on my box, I reinstalled pfSense and now everything seems to work fine. So I have got everything working to a very good degree now. So it is actually usable, however if you have money and just want something that works go with Smoothwall Guardian.
Yes it costs money, but you never need to worry about blacklists or tinkering. Everything is done for you.
E2 Guardian although extremely powerful, it's still a work in progress and with the next version it'll improve massively (V5) as a lot of the code is being rewritten. -
My suggestion (if you are new) is get squid proxy filtering (transparent, mitm and wpad ) working for squidguard first then once it is all working try switching squidguard over to E2guardian.
I am sure once the package goes stable there will be more documentation.
-
its hard playing something that gets broken and you need to start from scratch again. everytime, it does not work and seems broken, you need to reformat and reinstall pfsense and such waste of time while the maker most probably knows the right way putting into clear and exacting documentation.
-
its hard playing something that gets broken and you need to start from scratch again. everytime, it does not work and seems broken, you need to reformat and reinstall pfsense and such waste of time while the maker most probably knows the right way putting into clear and exacting documentation.
If you don't know what you're doing, then it's probably what you will need to do with everything you try to play without a minimum knowledge.
Hope you improve your IT skills and spend more energy helping collaborative opensource projects than complaining, blaming, depreciating or whatever you're trying to do here.
-
its hard playing something that gets broken and you need to start from scratch again. everytime, it does not work and seems broken, you need to reformat and reinstall pfsense and such waste of time while the maker most probably knows the right way putting into clear and exacting documentation.
If you don't know what you're doing, then it's probably what you will need to do with everything you try to play without a minimum knowledge.
Hope you improve your IT skills and spend more energy helping collaborative opensource projects than complaining, blaming, depreciating or whatever you're trying to do here.
Marcello dropped the fire xD
Techbee, even I get frustrated and complain sometimes. However I contribute to the project as much as possible and the source code, even if it's small things I discover or big overhauls like the more modernised friendly block page. If you have issues at least post some logs or something so we can understand the problem better. But first of all I recommend you do a clean fresh pfsense install, this helped me massively even though it's annoying. Backup your settings and restore only rules, don't restore packages. And clean install E2 Guardian.
PS: @Marcello A certain closed source inferior alternative to E2 Guardian on pfSense is taking a hit due to E2 Guardian being free and open source and not requiring a subscription being charged at ultra stupid levels (not gonna name and shame). You should be happy lol xD
-
Is it just me or after around 2 days E2 Guardian goes haywire with RAM usage. This problem is certainly new, usage for E2 Guardian becomes really high and RAM gets swapped. This is the second time it's happened to me, reinstall fixes it for another two days.
Weird… Especially since now there's only one user, there should be nothing really using up that much RAM. Seems like there could be a memory leak somewhere.
-
Report it on e2guardian git issues. I'm using in the package the latest code from 4.1.2
Does a restart om the service is enough to free some memory?
-
Report it on e2guardian git issues. I'm using in the package the latest code from 4.1.2
Does a restart om the service is enough to free some memory?
Yep a restart pretty much instantly clears the RAM. So I guess it's a source issue? E2 Guardian ever only used 300mb ish RAM now it's going past 2gb and using swap lol. However restarting doesn't completely clean the swap. It's gone from 7% swap to 3%. If I leave the problem to develop it'll end up eating all the swap.
-
Squis was doing same thing. There is a contribution script that restarts it on 95% memory usage. With minor changes, it can be applied to e2guardian.
https://forum.pfsense.org/index.php?topic=126309.msg727239#msg727239
-
Squis was doing same thing. There is a contribution script that restarts it on 95% memory usage. With minor changes, it can be applied to e2guardian.
Shouldn't the issue be fixed instead? Especially if there is a memory leak, instead of finding workarounds?
Could you report it on Github instead? I'm currently on my phone. XD
Thanks Bud
-
I'm currently on my phone. XD
Me too.
I'll check my boxes. I have one stable at 2g on previous binaries. Will how it goes with 4.1.2
-
I'm currently on my phone. XD
Me too.
I'll check my boxes. I have one stable at 2g on previous binaries. Will how it goes with 4.1.2
Don't update for now, I guess until this is solved. Eventually I guess it'll cause the system to crash.
How many users does it have with 2gb RAM usage? With 15 or so devices at home usually I have around 300mb usage, now it's going well over 4gb. If you can't report it then I'll have to tomorrow, I have to edit my pull request anyways to get some fixes added to V5. I've been slightly busy recently.
By the way, what kind of organisation are you running your E2 Guardian box in? Is it a school? Have you realised over blocking? I pushed out some commits to disable alpha stage phrase lists.
