Unofficial E2guardian package for pfSense

kenrutt

@pfsensation
You got me on the right track. I need to test things further but for now e2guardian is running in transparent mode. I am using PFBlocker and it seems the outgoing rules were interfering. Also it seems I need to select both LAN and Loopback on the first listen interface box.

Thanks for steering me in the right direction.

pfsensation

@kenrutt No problem! Glad I could help, I'm using pfblocker too :)

I came across issues before with this setup as E2 Guardian and pfblocker both redirect port 80/443. Managed to solve the issues adding a bypass for the pfblocker DNSBL IP. This means that transparent proxy won't touch traffic going to that IP, and it should work as normal.

And yes, makes sure the loopback interface has the proxy enabled as the transparent rule needs it.

eneiasmg

Hi!
I´m trying configure "Download rate limit", but, unsucessull. I configured the limiter, applyed the mask and nothing. I checked de option Allow Users on Interface, but there is an alert below "This options must be selected to use bandwidth limit options under Groups tab", but I not find nothing about limits in Groups tab. Can someone help me?!

marcelloc

@eneiasmg , the per group limit is not implemented yet. I'll remove this info from this field on next update.

Are you trying the limiters with direct proxy or transparent?

eneiasmg

Hi, @marcelloc
I'm using direct proxy.

ravegen

my e2guardian -version shows '--enable-sslmitm' and not '--enable-sslmitm=yes'.

does it mean I cannot do ssl mitm ?

kenrutt

Does anyone know the situation with the "Content List" option under the "ACLs" tab? I can't seem to get any response from this option. Is this option not supported in v5? It had been working in v4.

ravegen

@kenrutt

Is latest version of e2guardian 0.5.0.4 works on you like the http and https filtering ?

kenrutt

@ravegen Not quite sure what you are asking.
I have latest version of e2guardian installed and http and https filtering is working great. And I am using transparent mode with MITM enabled.

ravegen

@kenrutt

really? http and https filtering is working on your setup ?

I too have installed the same setup. I checked the transparent mode and ssl mitm.
Previouly I used version 0.5.0.3_1 and it works on that version but on the latest version it does not work anymore.

How did you install your e2guardian package? is it thru pfsense package manager on webgui ? Is you also installed squid package or not anymore ?

My pfsense version is

2.4.3-RELEASE (amd64)
built on Mon Mar 26 18:02:04 CDT 2018
FreeBSD 11.1-RELEASE-p7
Version 2.4.3_1 is available.
Version information updated at Fri Jul 6 10:49:08 PHT 2018

pfsensation

@ravegen I've got it setup and working really well too!

You just need to tweak the settings to tweak your needs, other than that v5 is looking very solid and comes with a lot of fixes.

PS: installed from the unofficial repo via Package manager.

ravegen

@pfsensation

ok, I will try once more from clean install

kenrutt

@ravegen
I am using version 0.5.0.4
I am not using Squid package. I installed using the pfsense Package Manager.
I have transparent proxy enabled and I also enabled SSL support. So yes https filtering is working for me. Everything that I need to use works without a hitch. I had some trouble at first with nat redirection which had to to with pfblocker. But that has been resolved and all working great. I have not tried every possible feature available but everything that I have tried works good except I couldn't get the content list to work.

ravegen

@kenrutt

what is the use of pfblocker for you ?

kenrutt

@ravegen
I use it for ad blocking, anti malware and various other ip lists.

ravegen

what is the change in 0.5.0.4_1 before I proceed upgrading ?

ravegen

good day,

I enabled the e2guardian antivirus, selected clamdscan and icapscan from General Tab and checked extension, mime, site, url from the ACL Antivirus Tab but this causes e2guardian to stop.

does anybody knows how to solve this ?

ravegen

Is there nobody else now in this thread that can answer ?

pfsensation

@ravegen I don't think anyone uses the AV module yet and it probably hasn't been tested. I found that the signatures themselves weren't very good anyways with ClamAV. You're better off using anti virus on your endpoints for now until something that's efficient and includes a lot of signatures comes out.

ravegen

I wonder what is the reply of Marcelloc about this since he included this AV module on his E2Guardian package.