Unofficial E2guardian package for pfSense
-
@pfsensation thanks! and yes i'm gonna ditch squidguard after seeing e2guard was able to properly display an error message on a blocked https website while squidguard just display some kind of ssl error omegelul.
-
@sei-pine said in Unofficial E2guardian package for pfSense:
@pfsensation thanks! and yes i'm gonna ditch squidguard after seeing e2guard was able to properly display an error message on a blocked https website while squidguard just display some kind of ssl error omegelul.
E2 Guardian properly displays an error page for HTTP traffic, for HTTPS traffic you must install the certificate and enable MITM. Then the page will display correctly.
This is just how the security process works for HTTPS, E2 Guardian cannot see any content inside the HTTPS stream without MITM. It can only see the domain name, but only reset the connection.
I've got my Guest Wireless filtered without MITM because I can't install the certificate everywhere. But for all the other networks I've installed the certificate and the block page works perfectly.
Although the default template is alright (I made it a while back) I use a customised version of it. Let me know if you want a copy.
-
@pfsensation yeah im using a certificate from pfsense. installed it on my sample client but squidguard just shows an ssl error. weird
-
@sei-pine said in Unofficial E2guardian package for pfSense:
@pfsensation yeah im using a certificate from pfsense. installed it on my sample client but squidguard just shows an ssl error. weird
Squid Guard does that, select the cert on E2 Guardian. Remove Squid Guard then give it a shot!
-
@pfsensation i'll try it and give a feed back
-
Latest version 5.2 looks more stable then previous 5.1.If you are on pfSense 2.4.4, try the new version.
-
@marcelloc said in Unofficial E2guardian package for pfSense:
Latest version 5.2 looks more stable then previous 5.1.If you are on pfSense 2.4.4, try the new version.
I'm on 5.2, everything running all good for me. Very stable now too! V5 in general has been really good.
-
hi how can i update to 5.2 ? i installed 5.1 but it doesn't show up on my installed packages hahaha weird
also i can't seem to block any website. i followed a youtube video that was provided here. and also viewed a blog by @ucribrahim
im using mitm, transparent proxy. should i also configure squid or leave it as is? i use my squid with squidguard last time so i already got it configured, also lightsquid.
edit: ok wait i did manage to block facebook, but i can still access youtube.com any tips ?
edit: ok nvm i get it now . i manage to properly display a blocked https website like fb and yt.
thanks to e2guardian and you guys for the help!
more power!
-
@sei-pine said in Unofficial E2guardian package for pfSense:
hi how can i update to 5.2 ? i installed 5.1 but it doesn't show up on my installed packages hahaha weird
also i can't seem to block any website. i followed a youtube video that was provided here. and also viewed a blog by @ucribrahim
im using mitm, transparent proxy. should i also configure squid or leave it as is? i use my squid with squidguard last time so i already got it configured, also lightsquid.
edit: ok wait i did manage to block facebook, but i can still access youtube.com any tips ?
edit: ok nvm i get it now . i manage to properly display a blocked https website like fb and yt.
thanks to e2guardian and you guys for the help!
more power!
One thing I'd like to do in a new version is improve the acknowledge button. It's meant to be a bypass for admins which means it doesn't need to be shown for non admin groups.
I also recommend using a better Blacklist, I used to support Shallalist however they don't remove dead or parked domains. Which means it's become less efficient.
Here's one I've come to prefer (out of the free ones): ftp://ftp.ut-capitole.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
-
do you have time to fix the content scanner that was broken after they have fix for the rotate log ?
-
@ravegen said in Unofficial E2guardian package for pfSense:
do you have time to fix the content scanner that was broken after they have fix for the rotate log ?
I think Marcello was talking to you earlier on his last post. He said to try the latest version, which I think you're already on?
Have you tried a reinstall?
-
@pfsensation gonna try this blacklist now
-
Is anybody using the content lists under ACLs in e2guardian?
I have been experimenting with it and when I put in a more complex regex, e2guardian crashes when I go to certain web sites such as google. -
Hello forum
I also have problem with 2.4.4 broken content filter. I tried almost everything ( uninstall, new install...) and nothing works.
Content filter doesn't work, can someone give me any advice.
Regard
Bogdan -
@kenrutt said in Unofficial E2guardian package for pfSense:
Is anybody using the content lists under ACLs in e2guardian?
I have been experimenting with it and when I put in a more complex regex, e2guardian crashes when I go to certain web sites such as google.Regex requires a lot of cpu power, if you do it incorrectly its possible you're running out of resources.
-
@binkec said in Unofficial E2guardian package for pfSense:
Hello forum
I also have problem with 2.4.4 broken content filter. I tried almost everything ( uninstall, new install...) and nothing works.
Content filter doesn't work, can someone give me any advice.
Regard
BogdanWhat do you mean? Content filter was never broken. You most likely haven't set it up correctly. Go to ACLs and block any categories you don't want users accessing.
-
Thank you pfsensation for fast response.My mistake, content filtering is working ( sitelist, urllist ) problem is weighted list filter which doesn't work. I have few systems active hardware and virtual on 2.4.3 and they work OK. Try search in yahoo "f***ing" and 2.4.3 weighted filter block search, 2.4.4 with same settings doesn't.
-
@binkec said in Unofficial E2guardian package for pfSense:
Thank you pfsensation for fast response.My mistake, content filtering is working ( sitelist, urllist ) problem is weighted list filter which doesn't work. I have few systems active hardware and virtual on 2.4.3 and they work OK. Try search in yahoo "f***ing" and 2.4.3 weighted filter block search, 2.4.4 with same settings doesn't.
For encrypted sites like Yahoo, you need to make sure you have MITM enabled to phrase filter. You will need to generate a CA certificate and set it up within E2 Guardian and also deploy it to your clients.
-
I have done all that, like I said I have few working systems on 2.4.3, same configuration doesn't work on 2.4.4.
Here is a picture from 2.4.3 search -
@binkec said in Unofficial E2guardian package for pfSense:
I have done all that, like I said I have few working systems on 2.4.3, same configuration doesn't work on 2.4.4.
Here is a picture from 2.4.3 searchWorks perfectly fine for me and all the others. First time I'm hearing about this. The only issue we had on 2.4.4 was log rotation although that's already been fixed with an update. What authentication method are you using? I am 100% sure you have some configuration error, as the code itself is fine and I've used it on a few 2.4.4 system and also have it running at home without issues.