Unofficial E2guardian package for pfSense
-
@pfsensation I turned off logging completely and checked under Cron jobs and the log rotation script was removed onces I disabled logging. So far so good. 2 days with no issues.
Speaking for logging, is there a way to show the logs in graphs.. like which ip/subnet made what requests which were denied .. especially the denied ones.
-
hey guys, i'm using pfsense 2.4.4 + e2guardian-v5 but every day at midnight a crash system is reported:
PHP ERROR: Type: 1, File: /etc/inc/service-utils.inc, Line: 668, Message: Uncaught ArgumentCountError: Too few arguments to function service_control_stop(), 1 passed in /usr/local/www/e2guardian_logrotate.php on line 42 and exactly 2 expected in /etc/inc/service-utils.inc:668
Stack trace:
#0 /usr/local/www/e2guardian_logrotate.php(42): service_control_stop('e2guardian')
#1 {main}I've seen some people with the same problems, has anyone managed to solve it?
thank you -
@mococanet said in Unofficial E2guardian package for pfSense:
hey guys, i'm using pfsense 2.4.4 + e2guardian-v5 but every day at midnight a crash system is reported:
PHP ERROR: Type: 1, File: /etc/inc/service-utils.inc, Line: 668, Message: Uncaught ArgumentCountError: Too few arguments to function service_control_stop(), 1 passed in /usr/local/www/e2guardian_logrotate.php on line 42 and exactly 2 expected in /etc/inc/service-utils.inc:668
Stack trace:
#0 /usr/local/www/e2guardian_logrotate.php(42): service_control_stop('e2guardian')
#1 {main}I've seen some people with the same problems, has anyone managed to solve it?
thank youFor the time being, just turn off log rotation under reporting. The script has issues on 2.4.4.
-
@pfsensation said in Unofficial E2guardian package for pfSense:
For the time being, just turn off log rotation under reporting. The script has issues on 2.4.4.
thank you @pfsensation i'll do that. cheers!
-
Hi,
As you might know, e2guardian "Log Rotation" feature doesn't work and it makes service crash if this feature enabled. I just wrote a shell script to solve this problem for now.
This shell script backup the e2guardian "access.log" file with tar command and then clean up inside of the file. Log rotation simply doing kind of this thing. Until the "log rotation" feature gets fixed, this option can be used.
Instructions
1. step : Disable "Log Rotation" feature under "Report and Log" menu and then Save it.
2. step : SSH to your pfsense and then go to /root directory and create necessary file. Also give executable permission.
Commands:
cd /root/ touch logrotate.sh chmod u+x logrotate.sh
3. step : Edit the file and copy/paste the code. Do not forget to Save and exit.
#!/bin/sh # Get current date. date=$(date "+%Y%m%d-%H:%M") # Where are the log files in? (directory) directory="/var/log/e2guardian" # Log files name file1name="access.log" # The directory where the log files (tar.gz) are going to be keep in. backup_directory="/var/log/e2guardian/backups" # If backup directory doesn't exists, then create. If already created then go on. if [ ! -d $backup_directory ]; then mkdir $backup_directory echo "----------------------------------------------" echo "$backup_directory has been created!" echo "----------------------------------------------" fi # Log rotate process(1). cd $directory PWD=$(pwd) if [ $PWD/ = $directory/ ]; then [ ! -f $file1name ] && { echo "Opps! The file $file1name could not found! Check $directory directory!"; exit 1; } tar cvfz ${backup_directory}/${file1name}.${date}.tar.gz $file1name 2> /tmp/error.log if [ $? -ne 0 ] then echo "An error occurred while making a backup, see /tmp/error.log file." exit 3 fi cat /dev/null > $file1name echo "$file1name has been cleaned! Date: $date. You can find backed up files in $backup_directory" rm /tmp/error.log fi exit 0
4. step : Try to run the shell script and see the result. If you get error, let me know.
sh /root/logrotate.sh Output: ---------------------------------------------- /var/log/e2guardian/backups has been created! ---------------------------------------------- access.log has been cleaned! Date: 20181028-22:20. You can find backed up files in /var/log/e2guardian/backups
Add Crontab
You also need to write crontab on pfsense to make this script works end of the day everyday. Or you can configure the date and time as you wish.
Install "cron" package first.
Example crontab.
Minute: 30
Hour: 23
Day of the Month : *
Month of the Year : *
Day of the Week : *
User : root
Command : sh /root/logrotate.shDo not forget to restart cron service.
service cron onerestart
That's all for now.)
My github account: https://github.com/lifeoverlinux -
New update for E2 Guardian is pushed out to repo:
- Binaries updated to latest
- Log rotation error fix
- I also pushed out some fixes for Neterror (missing files)
** You may need to manually download the black list through the blacklist tab after updating if you get a dir error.
-
after updating the e2guardian package, I am having issues on the system logs that says on the screenshot.
I am using Content Scanner clamdscan. I have already up to date freshclam. But if my clamdscan content scanner is selected, e2guardian wont start but if not selected, e2guardian starts.
How do you solve that error ?
-
Hello, i followed the instructions on the first post on how to make e2guardian pop out on system > packages but it seems it doesn't work. am i doing something wrong ?
i also did try patching System > Patches provided by the thread owner, still no e2guardian on packages.
-
@ravegen said in Unofficial E2guardian package for pfSense:
after updating the e2guardian package, I am having issues on the system logs that says on the screenshot.
I am using Content Scanner clamdscan. I have already up to date freshclam. But if my clamdscan content scanner is selected, e2guardian wont start but if not selected, e2guardian starts.
How do you solve that error ?
The AV isn't something I have tested or used yet as I find Clam's signatures not very good. Did you attempt a reinstall? According to the errors there are some configs missing.
-
@sei-pine said in Unofficial E2guardian package for pfSense:
Hello, i followed the instructions on the first post on how to make e2guardian pop out on system > packages but it seems it doesn't work. am i doing something wrong ?
i also did try patching System > Patches provided by the thread owner, still no e2guardian on packages.
You've most likely not applied the patch correctly. From 2.4.4 pfSense by default hides any packages that aren't official.
-
@pfsensation i did applied the patch provided on github. can you pls help me on how to patch it correctly ?
-
@sei-pine Well, let me help you. @pfsensation helped me how to do that, when I was trying to do this patch thing. Now I help you then you'll help someone else.)
- Install "patch" package from package manager.
- System > Patches > click "Add New Patch" button.
Description: e2guardian patch
URL/Commit ID: Leave empty
Patch Contents: Copy/Paste all codes from here
Path Strip Count: 1
Base Directory: /
Ignore Whitespace: Clicked
Auto Apply: Clicked - Save and then click "Apply" button.
That's all for now. Now go to shell and add repo of e2guardian by following command.
fetch -q -o /usr/local/etc/pkg/repos/Unofficial.conf https://raw.githubusercontent.com/marcelloc/Unofficial-pfSense-packages/master/Unofficial.24.conf
Go to Package Manager and try to search e2guardian. If you don't see any package reboot system.
It's working!
-
@ucribrahim hello! thanks for the reply, but the patch just doesn't work on me. i manually applied the given patch code ($repo_param = "";) in pkg-util.inc on line 388, saved then e2guardian popped out on System > Packages.
gonna try it out on my test lab when i got time, thanks again.
-
@ucribrahim Thanks for helping a fellow user! I am actually at work, therefore couldn't reply earlier.
@Sei-Pine Sometimes when the unofficial repo is added, you need to install any package such as Cron for E2Guardian to show up. It's just how the GUI works on pfSense. I found that installing a package or uninstalling one forces the GUI to refresh. That may have been it, other than that the patch works perfectly. I've applied it to many virtual pfSense installs and all went fine.
-
@pfsensation hi! thanks for the info. i'll try that next time on my other vm
-
@pfsensation said in Unofficial E2guardian package for pfSense:
@ravegen said in Unofficial E2guardian package for pfSense:
after updating the e2guardian package, I am having issues on the system logs that says on the screenshot.
I am using Content Scanner clamdscan. I have already up to date freshclam. But if my clamdscan content scanner is selected, e2guardian wont start but if not selected, e2guardian starts.
How do you solve that error ?
The AV isn't something I have tested or used yet as I find Clam's signatures not very good. Did you attempt a reinstall? According to the errors there are some configs missing.
clamav content scanner was made working by Marcelloc around 3 or 4 months ago when I requested it from him but after this rotate log fix, it is not working now.
Regardless where the clam's signatures are very good or not but it somehow works its purpose thus somewhat useful. I hope you could fix it or we could ask Marcelloc to fix it back again. -
The clamav content scanner is not working again after there was a fix update for the rotate log.
Can you kindly fix this error again or can you tell us what to do to fix this error if we can do it ourselves.
Thanks
-
hi guys! im trying out to configure e2guardian, but first, i wanna know do's and don't's
is it ok to run along side squid + squidguard ?
is it ok to run with pfblockerNG? -
-
@ucribrahim thanks! i'll try to visit your blog post later.