Unofficial E2guardian package for pfSense

rogercwb

@Albertopfsense Same problem here.

@Albertopfsense I found how to revert to show official packages again.

Just execute the command below with SSH access or by Diagnostic | Command Prompt.

rm /usr/local/etc/pkg/repos/Unofficial.conf

plusbil

@Albertopfsense Before Patch, after fetch apply. Later pfsense pc restart.

plusbil

@kenpachizaraki E2guardian not work multiwan, unfortunately. Only failover working.

Morlac

Hello all,

Hope all are safe and healthy

Can anyone provide a binary release of e2g 5.3.4? @marcelloc ?

Thanks.

yogeesh

@marcelloc Hi,
I am getting below error when I am opening the social media websites in my network.
Once I switch to my home network I can easily access social media website
PFA of an error message .

pfsensation

@yogeesh said in Unofficial E2guardian package for pfSense:

@marcelloc Hi,
I am getting below error when I am opening the social media websites in my network.
Once I switch to my home network I can easily access social media website
PFA of an error message .

If you have MITM enabled, you need to install the CA certificate on the client machine. As E2 Guardian essentially breaks the HTTPS encryption.

ravegen

Is there a way to download the E2Guardian package and install it offline ?

La6er

Hi everyone, I am having an issue maybe some of you guys have faced this same behavior,
my e2g just randomy stopped listening to the config, if I change an IP on a group the change does not take effect, If I add a new site to an ACL it does not take effect, anyone with this kind of issue?

pfsensation

@la6er said in Unofficial E2guardian package for pfSense:

Hi everyone, I am having an issue maybe some of you guys have faced this same behavior,
my e2g just randomy stopped listening to the config, if I change an IP on a group the change does not take effect, If I add a new site to an ACL it does not take effect, anyone with this kind of issue?

Enable the soft restart option, press apply and see if that helps.

kenrutt

@la6er
It seems when making changes to an IP in a group. I need to stop E2G and restart under Status\Services. I have very little trouble with E2G stopping on me. In fact I do not even enable the watchdog feature. It just runs. It does take some tweeking when first setting up E2G. Make sure to go through the various lists and turn off or delete entries that reference any file that does not exist. I found it very helpful to SSH into router with WinSCP and modify some config files directly.

drmwndr

Hi all,
I'm using E2Guardian 5 from Unofficial Repository, not as transparent proxy and I'm getting some "The site requested does not exist" for simple local websites.
All filters were disabled, for tests.
Log error shows "2021.07.05 08:21:04 192.168.0.2 http://portal.mydomain.local 403 192.168.0.2 Default NETERROR Exceção do sítio confere. (Site on Exception list)"

The local site is working when accessed by Squid, or directly, does someone here have some idea of how to fix it? I was wondering if the problem is something DNS related but I can't find a way of how to force DNS servers on E2Guardian and taking a look at DNS logs, everything appears to be Ok.

Can someone help?

Thanks in advance.

pfsensation

@drmwndr said in Unofficial E2guardian package for pfSense:

Hi all,
I'm using E2Guardian 5 from Unofficial Repository, not as transparent proxy and I'm getting some "The site requested does not exist" for simple local websites.
All filters were disabled, for tests.
Log error shows "2021.07.05 08:21:04 192.168.0.2 http://portal.mydomain.local 403 192.168.0.2 Default NETERROR Exceção do sítio confere. (Site on Exception list)"

The local site is working when accessed by Squid, or directly, does someone here have some idea of how to fix it? I was wondering if the problem is something DNS related but I can't find a way of how to force DNS servers on E2Guardian and taking a look at DNS logs, everything appears to be Ok.

Can someone help?

Thanks in advance.

Definitely something to do with your DNS setup, are you using DNS resolver? I've got internal sites too and haven't run into any issues although I'm no longer using squid.

drmwndr

@pfsensation said in Unofficial E2guardian package for pfSense:

Definitely something to do with your DNS setup, are you using DNS resolver? I've got internal sites too and haven't run into any issues although I'm no longer using squid.

Hi @pfsensation. I have Bind installed on my pfsense box as DNS Server. I also have a NAT and a Firewall Rule redirecting all LAN1 Interface Traffic to port 53 to my pfSense box.
Is it necessary to enable and set pfSense DNS Resolver? Looks like e2guardian is bypassing this rule and looking directly on outside DNSs.

pfsensation

@drmwndr said in Unofficial E2guardian package for pfSense:

@pfsensation said in Unofficial E2guardian package for pfSense:

Definitely something to do with your DNS setup, are you using DNS resolver? I've got internal sites too and haven't run into any issues although I'm no longer using squid.

Hi @pfsensation. I have Bind installed on my pfsense box as DNS Server. I also have a NAT and a Firewall Rule redirecting all LAN1 Interface Traffic to port 53 to my pfSense box.
Is it necessary to enable and set pfSense DNS Resolver? Looks like e2guardian is bypassing this rule and looking directly on outside DNSs.

Unfortunately I don't use BIND either, but when you run nslookup on the client device, can it resolve your internal domains? Another gotcha is DNS over HTTPS/TLS, make sure that's disabled in the browser and lock down port 853 from LAN1.

drmwndr

@pfsensation said in Unofficial E2guardian package for pfSense:

@drmwndr said in Unofficial E2guardian package for pfSense:

@pfsensation said in Unofficial E2guardian package for pfSense:

Definitely something to do with your DNS setup, are you using DNS resolver? I've got internal sites too and haven't run into any issues although I'm no longer using squid.

Hi @pfsensation. I have Bind installed on my pfsense box as DNS Server. I also have a NAT and a Firewall Rule redirecting all LAN1 Interface Traffic to port 53 to my pfSense box.
Is it necessary to enable and set pfSense DNS Resolver? Looks like e2guardian is bypassing this rule and looking directly on outside DNSs.

Unfortunately I don't use BIND either, but when you run nslookup on the client device, can it resolve your internal domains? Another gotcha is DNS over HTTPS/TLS, make sure that's disabled in the browser and lock down port 853 from LAN1.

Yep, at client device it look up locally, but on pfSense box, it goes directly to External DNS.
Will take a better look at DNS Setup.

Thank you so much!

aGeekhere

With 2.5.2-RELEASE the 25_unofficial_packages_list.patch has issues
See
https://github.com/marcelloc/Unofficial-pfSense-packages/issues/94

aGeekhere

Update, even though the System Patches test shows a warning you can still apply it.

LilMonkey305

cant install on 2.5.2 ce. repo file wont load new packages with patch applied.

periko

Hello.

This is new for me, does e2guardian can work alone or need squid to work?

I had read that is a excellent replacement for SG.

But what is the advantage or disadvantage alone or with in conjunction with squid?

Thanks for your help.

kenrutt

Yes it can work alone. Does not need squid.