Unofficial E2guardian package for pfSense
-
Weird, I haven't got it yet. What authentication method are you using?
IP address
Strange, no issues like the one you're describing on my end yet… Only issue I have is that when using it with Squid, from time to time E2Guardian crashes. And somehow... It doesn't crash when debug is enabled.
I'm also hoping you can help me out with the pfBlocker issue, am I doing something wrong?
-
Hi Marcello,
I just managed to re-produce the Mac Alert you've been getting by enabling SSL re-write and header re-write. I wonder if it is related to this: https://github.com/e2guardian/e2guardian/commit/c389e53b189e0d38108aca210dc217cb940bfec7
-
Hi Marcello,
I just managed to re-produce the Mac Alert you've been getting by enabling SSL re-write and header re-write. I wonder if it is related to this: https://github.com/e2guardian/e2guardian/commit/c389e53b189e0d38108aca210dc217cb940bfec7
I have this enabled too. Thanks for the test and report .
If you have time, do the same test with version 5.0.2_3
-
Hi Marcello,
I just managed to re-produce the Mac Alert you've been getting by enabling SSL re-write and header re-write. I wonder if it is related to this: https://github.com/e2guardian/e2guardian/commit/c389e53b189e0d38108aca210dc217cb940bfec7
I have this enabled too. Thanks for the test and report .
If you have time, do the same test with version 5.0.2_3
Have you got a compiled binary for it? I'll give it a shot for you, by the way I tested in both Chrome and Firefox. Both had the Mac error, where as IE complained about TLS. It does sound like a OpenSSL issue maybe but I am by no means an expert on E2Guardian's inner workings.
-
Yes, that debug version
pkg add -f https://e-sac.websiteseguro.com/e2g/e2guardian-5.0.2_3.txz -
Yes, that debug version
pkg add -f https://e-sac.websiteseguro.com/e2g/e2guardian-5.0.2_3.txzOn 5.0.2_3 SSL Re-write works and no Mac Alert issue. I think it might be that dependency, causing issues.
-
I've pushed a comiled package with code until commit bc7890a.
Seems to be working without latest patches for ssl on http1.1
version on repo:
e2guardian-5.0.2_7.txz -
I've pushed a comiled package with code until commit bc7890a.
Seems to be working without latest patches for ssl on http1.1
version on repo:
e2guardian-5.0.2_7.txzI knew that would be the issue!!! Great work! Now to find out why the new OpenSSL is giving this rather odd problem.
-
hi
do we need more time in our actual use of this package
-
Hi
with which program the reports are displayedLighsquid?
Squidanlyzer?how to config?
-
hi
do we need more time in our actual use of this package
What do you mean? It's working now, I've had to learn how the configs work etc. But it seems to be working fine.
-
Hi
with which program the reports are displayedLighsquid?
Squidanlyzer?how to config?
Lightsquid
If you are using e2guardian without squid, Apply this patch after lightsquid install.
fetch -o /usr/local/pkg/lightsquid.inc http://e-sac.siteseguro.ws/lightsquid/inc.txt
-
Hi
i made an error ı get an error
press save button
-
Apply the patch on lightsquid first.
-
Hi marcello
I think I'm doing something wrong
step-by-step screenshot
-
Hi marcello
I think I'm doing something wrong
step-by-step screenshot
Change the E2 Guardian reporting to Squid format and enable second denied log.
-
Hi my friend
pfsensation thank you so much lighsquid is Okey
I have one last problem
E2guardian how firewall rules should be PFSense does not work properly when restarting the machine
-
Hi my friend
pfsensation thank you so much lighsquid is Okey
I have one last problem
E2guardian how firewall rules should be PFSense does not work properly when restarting the machine
Try changing that to source "Lan net" and destination to the IP of the firewall. Make sure you have services such as DNS resolver correctly configured.
Also I wouldn't recommend removing the anti lockout rule or the default rules, it could help you a lot of you're new to networking… If you really want to force all traffic through the proxy, just make a rule on top of the rest. Remember the order of the rule goes from top to bottom.
-
Hi
is not the correct rule rule2 picture? I'm asking because some sources are different
for example, the expression here is in the form of rules everywhere for Lan nethttps://www.youtube.com/channel/UCMjE1d9qiuLr7ldeIUM7AvA?spfreload=5
I really want to do how are your rules? you share
-
If you select the transparent mode, rules will be loaded by the package on pf automatically.
If you want to know what rules you need to allow e2guardian in non transparent mode, then it's easy. Just allow your lan net to e2guardian port. Default port on package is 8080.
In transparent mode it uses a second port for SSL interception 8081.The video you post is based on e2guardian v4 and has a lot of config errors. On pfSense 2.4, you do not need squid package to get e2guardian up and running.