Unofficial E2guardian package for pfSense
-
Thank you for your efforts.
Except for the clamav integration and coexistence with squid setup(I did not had time to test yet), I'm running e2Guardian with ssl interception(facebook, youtube videos), authentication and non-sandwich mode.
E2guardian 3.5.1 with 4.1 backport cert fix is working really nice. 8)
-
Thank you for your efforts.
Except for the clamav integration and coexistence with squid setup(I did not had time to test yet), I'm running e2Guardian with ssl interception(facebook, youtube videos), authentication and non-sandwich mode.
E2guardian 3.5.1 with 4.1 backport cert fix is working really nice. 8)
In my opinion is ready for a version 1.0 in the pfsense repo. In my case I feel already have the features I need for production.
-
If you need wpad or planning to test, I've finished a package for it on my repo.
-
If you need wpad or planning to test, I've finished a package for it on my repo.
I use wpad but do not use it for "Auto detect" proxy, because Windows OS machines have a bug that fail to auto detect successfully. They do download the wpad file but they do not update the file correctly. They have a registry key/value that is set the first time with the wpad file if any found, but latter if the wpad changes or is found, the registry key fails to be updated. It is easier to create a Domain gpo setting the wpad.
It would be nice to be able to download directly from pfsense box instead to have other web server to serve it.
-
It would be nice to be able to download directly from pfsense box instead to have other web server to serve it.
Take a look when you have time.
https://forum.pfsense.org/index.php?topic=131169.0
-
Cron was already installed. I installed Aquid next to it.
I did the complete reinstall as per my previous post of yesterday, now no errors during install, yet same errors in status/system logs after enabling e2guardian, and e2guardian nor tiny start in Status/Services.
May 26 16:16:52
|
| root |
|/usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian [/q][/t][/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error parsing the e2guardian.conf file or other e2guardian configuration files [/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error reading filter group conf file(s). [/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf [/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error opening bannedsitelist [/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error reading file: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default [/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains [/t]
| May 26 16:16:52 | e2guardian | 69964 |
Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory [/t]
| May 26 16:16:34 | php-fpm | 58737 |
/pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian' [/t]
| May 26 16:16:34 | root |
|/usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error parsing the e2guardian.conf file or other e2guardian configuration files [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error reading filter group conf file(s). [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error opening bannedsitelist [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error reading file: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains [/t]
| May 26 16:16:34 | e2guardian | 61336 |
Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory [/t]
| May 26 16:16:34 | php-fpm | 58737 |
/pkg_edit.php: Starting E2guardian [/t]
| May 26 16:16:29 | php-fpm | 89842 |
/pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'
[/t]
-
@Mr.:
yet same errors in status/system logs after enabling e2guardian
Looks like you did not configured all the tabs or did not installed any blacklist(shallalist for example).
-
OMG!! Now everything is working perfectly! Certificates are forged and have the required SAN (Subject Alternative Name) for Google Chrome, Firefox etc to work.
Here's my sexy page at home :P – 'KorTeX' is just what I call my network.
I only have one issue still. When a page is blocked by ShallaList, or by banned expressions / phraselists. On the report page (block page) it does not correctly tell you what the page was categorised as (it says N/A as you can see on my screenshot) . For example, using the Smoothwall I have at my College, if you try to go to a blocked site, it will tell you why it was blocked and the correct category. When using E2G, currently it just says "Blocked site : whatever.com". If that was fixed it would be even more AMAZING!
Another issue is FALSE POSITIVES. I guess it's my configuration related but why is Yandex images, or Bing Images link being classified as portugese pornography? Without anything being typed in or searched? Are the phraselists up to date?
Also… On Smoothwall blocking... I realised, when you block advertises using their Guardian Proxy, it doesn't show the block page. Instead it says "advert blocked". Which makes sense, because say for example you're on a website and it's trying to load an ad in a DIV, the block page will show in a small tiny box and be useless. If possible, I'd much rather have it become a white box, or just say advert blocked. Let me know if you want a screenshot or an example of what I mean. But essentially, advertises on websites get replaced by the block page, but because the ads are small, it doesn't display the block page properly and it won't make sense. Since the text would be too small anyways.
Once again, thanks for your fantastic work Marcello! Absolutely love the amazing work you do for the community! <3
-
Pfsensation
Maybe the category problem is a e2g v 3.5.1 bug.
Perhaps you can post a question on the e2g forum how to work this problem.
I also have the problem here with this e2g.
-
So I hate to be the guy who probably missed a step somewhere and has no idea what he did wrong, but here's my issue. I installed e2Guardian, installed the shallalist and got URL blocking working, but I cannot get the phrase list working at all. Zero. Nada. I've tried going to keywords that are listed in the files for the categories I selected. No blocking. I even edited the config section under ACLs > Phrase List > Banned List > Config file and added the following to it: <jonathan> Then I tried to pull up a website with the name Jonathan on it - no blocking whatsoever.
I'm pulling my hair out on this. Can anyone tell me what step I might have missed that is causing the phrase blocking to not work? Again, I'm really sorry to be the guy who is probably asking a really dumb question.
Thanks in advance,
Jonathan</jonathan>
-
The site you're testing has Jonathan on the url or on page content?
-
The site you're testing has Jonathan on the url or on page content?
Thanks for the reply. It had the word in the page content. Am I misunderstanding something? Is there a way to block a site based on phrases in the page content?
-
The site you're testing has Jonathan on the url or on page content?
Thanks for the reply. It had the word in the page content. Am I misunderstanding something? Is there a way to block a site based on phrases in the page content?
Sure. This is what e2guardian does. Check if your request are getting logged and set log to dansguardian style. this way you can check more details.
-
@Mr.:
yet same errors in status/system logs after enabling e2guardian
Looks like you did not configured all the tabs or did not installed any blacklist(shallalist for example).
Thank you, also for testing it yourself in a clean install.
As far as I know, I have been through every tab, every field. I uncommented some default categories, added ports 8080 and 8888 (as I don't use Squid), but still, it doesn't work.
May 28 18:08:59 php-fpm 62161 /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Unable read plugin config plugname variable: /usr/local/etc/e2guardian/authplugins/proxy-header.conf auth_plugin_load() returned NULL pointer with config file: /usr/local/etc/e2guardian/authplugins/proxy-header.conf Error loading auth plugins Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'
May 28 18:08:59 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian
May 28 18:08:59 e2guardian 65089 Error parsing the e2guardian.conf file or other e2guardian configuration files
May 28 18:08:59 e2guardian 65089 Error loading auth plugins
May 28 18:08:59 e2guardian 65089 auth_plugin_load() returned NULL pointer with config file: /usr/local/etc/e2guardian/authplugins/proxy-header.conf
May 28 18:08:59 e2guardian 65089 Unable read plugin config plugname variable /usr/local/etc/e2guardian/authplugins/proxy-header.conf
May 28 18:08:59 php-fpm 62161 /pkg_edit.php: Starting E2guardian
May 28 18:08:54 php-fpm 59553 /pkg_edit.php: [E2guardian] - Save settings package call pr: bp: rpc:noIs there any way we can find out what is going on?
-
Disable authentication plugins. Test e2guardianitself before testing authentication integration
-
Is there anyway to get some useful logging? For example being able to see which user tried to access blocked content etc?
I know there's some logging options but it's confusing. And I have no idea where it's actually saving the logs.
Also, I've added a bypass button to my block page. However, how do I make it appear for only certain groups? Currently it appears for everyone but only someone from a group with bypass access can use it.
-
Disable authentication plugins. Test e2guardianitself before testing authentication integration
Thank you.
I actually enabled them all because of your suggestion I hadn't configured everything. It didn't work when non were activated, it didn't work when I actived them, and now I disabled it and it still doesn't work.
May 28 22:21:42 php-fpm 10115 /pkg_edit.php: The command '/usr/local/etc/rc.d/e2guardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting e2guardian. Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian'
May 28 22:21:42 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian
May 28 22:21:42 e2guardian 15628 Error parsing the e2guardian.conf file or other e2guardian configuration files
May 28 22:21:42 e2guardian 15628 Error reading filter group conf file(s).
May 28 22:21:42 e2guardian 15628 Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf
May 28 22:21:42 e2guardian 15628 Error opening bannedsitelist
May 28 22:21:42 e2guardian 15628 Error reading file: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default
May 28 22:21:42 e2guardian 15628 Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains
May 28 22:21:42 e2guardian 15628 Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory
May 28 22:21:42 php-fpm 10115 /pkg_edit.php: Starting E2guardian -
@Mr.:
Error reading file /usr/local/etc/e2guardian/lists/blacklists/adult/domains: No such file or directory Error opening file: /usr/local/etc/e2guardian/lists/blacklists/adult/domains Error reading: /usr/local/etc/e2guardian/lists/bannedsitelist.g_Default Error opening bannedsitelist Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf
Still looks like you did not applied a blacklist yet. :(
What blacklist are you using? I'll test with the same here to see if I get same results. -
Is there anyway to get some useful logging? For example being able to see which user tried to access blocked content etc?
I can add the realtime tab from squid package
I know there's some logging options but it's confusing. And I have no idea where it's actually saving the logs.
Also, I've added a bypass button to my block page. However, how do I make it appear for only certain groups? Currently it appears for everyone but only someone from a group with bypass access can use it.
At least on gui, the report file is set for everyone. I'll take a look if there is a way to set a html report per group when I have time.
-
E2g logs are suposedto be in var/logs/e2guardian/access.log by default. But can be configured in the confs files.