Unofficial E2guardian package for pfSense
-
Take a look on report options. You can redirect to a external url or chance current template.
Thanks marcelloc for the reply.
But how can I redirect to the report page when I try to access to an https site?
It seems to work only for http sites.Intercepting SSL. You can setup it on group settings but you need to install certificate authority on clients.
-
Take a look on report options. You can redirect to a external url or chance current template.
Thanks marcelloc for the reply.
But how can I redirect to the report page when I try to access to an https site?
It seems to work only for http sites.Intercepting SSL. You can setup it on group settings but you need to install certificate authority on clients.
Thanks Marcello, it works like a charm now. I've tried with a self signed CA.
Thanks again!
-
Hi Marcello,
I'm still getting crashes, can you please investigate this as there's no where else that will provide support for this setup… I'm currently on pfsense 2.4 with the latest version of E2 Guardian.
-
Hello dear users of this forum. I have a question about this package. As much as I'm not trying to set up "Phrase Lists", it allways skips to sites with these words. Perhaps this is due to the fact that I use phrases from my language (Russian, I have not tried English words). I set up the mitm, it blocks everything well, "serach engines" works also only on English words, but it's not surprising. Simply Russian characters are encoded in some% as% dc% 5g … and so on. The only way for me to block using "Phrase lists", as I read on a Russian-language forum that the predecessor of Dansguardian knew how to do it, but there were difficulties with encodings. In general, it may be necessary to include some parameter in the configuration about which I do not know.
Sorry for my english, I used an interpreter. -
Thanks to some brilliant help from the Pfsense community, I think my crashes are finally resolved with some bootloader.conf.local addons.
It'll be nice to see this package kept up to date, especially as V5 is coming out soon!
-
Hello dear users of this forum. I have a question about this package. As much as I'm not trying to set up "Phrase Lists", it allways skips to sites with these words. Perhaps this is due to the fact that I use phrases from my language (Russian, I have not tried English words). I set up the mitm, it blocks everything well, "serach engines" works also only on English words, but it's not surprising. Simply Russian characters are encoded in some% as% dc% 5g … and so on. The only way for me to block using "Phrase lists", as I read on a Russian-language forum that the predecessor of Dansguardian knew how to do it, but there were difficulties with encodings. In general, it may be necessary to include some parameter in the configuration about which I do not know.
Sorry for my english, I used an interpreter.For this matter you may be better off bringing it up in the E2 Guardian GitHub page. I believe there was an issue raised for Russian character encoding.
-
Thanks to some brilliant help from the Pfsense community, I think my crashes are finally resolved with some bootloader.conf.local addons.
Think you could share please?
-
Thanks to some brilliant help from the Pfsense community, I think my crashes are finally resolved with some bootloader.conf.local addons.
Think you could share please?
Are you having crashes too? If so do let us know more in terms of your specs.
Here's the lines I'm using currently.
kern.cam.boot_delay=10000
kern.ipc.nmbclusters=1000000
legal.intel_ipw.license_ack=1
legal.intel_iwi.license_ack=1
hw.re.enable_msix=0
hw.em.enable_msix=0
hw.pci.enable_msix=0
net.inet.tcp.tso=0
hw.em.fc_setting=0
hw.re.fc_setting=0Do keep us informed so we can get these issues ironed out!
-
Those lines made the system more stable, but the system still seems to crash after about 7 days or so. I have fully confirmed that it's related to E2Guardian. As without E2 Guardian on a system with the same setup with all my other plugins, it's all good. The crash dump also shows E2 Guardian threads going a bit haywire. @Marcelloc please have a look into this, especially as new updates have been released by the E2 Guardian team.
-
On a fresh install:
When I navigate to ACLs>Site Lists and click edit on the default list the Save button is partially blocked by the lower banner.
Thank you for your work on this package.
-
My E2guardian won't start after a reboot, and the only way to get it working again is to reinstall the package. Anyone else getting the same problem?
-
My E2guardian won't start after a reboot, and the only way to get it working again is to reinstall the package. Anyone else getting the same problem?
I have the same issue from time to time, after pfsense upgrades a reinstall is pretty much a must. I still seem to get crashes… I wish this would get updated.
-
Hi guys!
Version 0.4.2 is ready for download.
whats new:
-
Included sample logic rotine to html report page, so you can back to original file at any time if you want
-
Improved e2gerror logic and added a denied only log feature to the package
-
Added e2guradian real time tab, processing e2guardian default logs, e2g squid format logs and logs form e2gerror.php page
My real time logs don't show up like this. All the ip's are the same '127.0.0.1' on mine and it doesn't show me the 'detailed denied logs'
-
-
I've managed get the ip's showing by using these settings :
forwardedfor = on usexforwardedfor = onBut how how get it to show the 'Default Denied Log' ?
-
I've started migrating e2guardian package to version 5
according to developer, E2guardian 5 has
-
Direct access mode
-
ICAP mode to work as a 'helper' for squid
-
transparent ssl
It requires a lot of tests and config file changes, so it may take some time.
-
-
I've started migrating e2guardian package to version 5
As v4.1 crashes without squid parent with ssl interception enabled, i decided to remove it from Unofficial 2.4 repo package list
What is working on 0.5.0.5 version
- Direct access mode
I'm using with direct mode access and ssl interception. Until now, no crashes. I'll start including ssl transparent rules code and fix xmlrpc sync.
-
package Version 0.5.0_9
-
Fixed xmlrpc code to sync between master and slave boxes
-
transparent proxy rules
Missing/ Need testing
- ICAP mode to work as a squid helper
I Did a lot of tests with E2guardian as the only proxy installed on pfSense and until now no crashes
A lot of lists and config has changed since v4.1, so testing and feedbacks are always welcome.
-
-
Hi Marcello, i have make tests now with de new version in transparent mode and is working as expected. Only issue is in the log, https is not showing in te real time only http.
Thanks for your work, very nice!
-
Hi Marcello, i have make tests now with de new version in transparent mode and is working as expected. Only issue is in the log, https is not showing in te real time only http.
Thanks for your work, very nice!
https://github.com/e2guardian/e2guardian/issues/359
https://github.com/e2guardian/e2guardian/issues/360These guys work really fast!
Log issues fixed and Unofficial repository updated. 8)
-
Hi Marcello,
you are great! I love V5.
Found a little mistake:
I change logfile format to "squid style". Because I want to you lightsquid to parse logfiles.
In the squid format there is a bug: internal ip of requestor is missing. :-(
Seems this was a bug on V4 who was already fixed, but is in V5 here again.
Another question:
Can someone give me a hint how to send e2guardian access.log to remote server?
I have graylog up and running. The Pfsense Logfiles could be sending to graylog sever, but I have no idea how to send e2guardians log.
Best Regards,
Kai
