Unofficial E2guardian package for pfSense
-
Did you saw e2g binaries being updated during reinstall process? Pkg info should show e2guardian-4.1.1_1 pkg
-
I figured I would give E2guardian4 a spin and anytime something is blocked (word phase or blocked domain is what i tested so far), the daemon would crash. I think I've figure what is causing it, the block page.
When I used the block page provided by pfsensation, it crashes after it's display
pid 70160 (e2guardian), uid 65534: exited on signal 11
When I erase the block page, it doesn't put the default one back in there. So I graded the template from e2guardian github but that one doesn't want to load (haven't troubleshooting it yet)
[2.3.5-DEVELOPMENT][root@pfsense.home.lan]/root: /usr/local/etc/rc.d/e2guardian.sh restart kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 e2guardian not running? (check /var/run/e2guardian.pid). Starting e2guardian. Syntax error at first: -REASONGIVEN- Error reading default HTML Template file: /usr/local/share/e2guardian/languages/ukenglish/template.html Error opening filter group config: /usr/local/etc/e2guardian/e2guardianf1.conf Error in reading filter group files Error reading filter group conf file(s). Error parsing the e2guardian.conf file or other e2guardian configuration files /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian
https://github.com/e2guardian/e2guardian/blob/v4.1/contrib/template.html
<title>E2Guardian - Access Denied</title> | Access Denied! | | -USER- | Your Organization | Access to the page: [-URL-](-URL-) ... has been denied for the following reason: -REASONGIVEN- You are seeing this error because what you attempted to access appears to contain, or is labeled as containing, material that has been deemed inappropriate. If you have any questions contact your [Network Administrator](mailto:-ADMIN-?subject=access%20denied&body=-URL-%20--%20-REASON-). Powered by [E2Guardian](http://www.e2guardian.org) [![Valid HTML 4.01 Transitional](http://www.w3.org/Icons/valid-html401)](http://validator.w3.org/check?uri=referer) [![Valid CSS!](http://jigsaw.w3.org/css-validator/images/vcss)](http://jigsaw.w3.org/css-validator/) |
Since that wouldn't load, I took the spanish template and used google to translate it for me. No more crashing when pages are blocked.
/usr/local/share/e2guardian/languages/spanish/template.html<title>E2guardian Access Denied</title> <center> **Access denied!** | **-USER- ** | YOUR COMPANY | Access to the website [-URL-](-URL-) Has been denied for the following reason: **-REASONGIVEN-** You are seeing this error message because the page you are attempts to access contains, or is classified as containing, material that is considered inappropriate. If you have questions, please contact with the System Administrator or the Network Administrator. Powered by [e2guardian](http://www.e2guardian.org?block) | </center>
-
Ok. Try to add on pfsensation error page the html tags at the beginning and at the end. This is the way I'm using here.
-
Still crashes for me using the attached file. I took out the image too, and that didn't help. I'll have to revisit it later today or tomorrow.
-
Still crashes for me using the attached file. I took out the image too, and that didn't help. I'll have to revisit it later today or tomorrow.
I've been very busy today so I didn't get a chance to play around anymore. But if it really is to do with my block page causing the crash. Look at what is different from the official, namely, my block page shows client Group and Host name. Remove those and see if it crashes, if it doesn't that could be it. Something wrong with "-Filtergroup-" or "-Host-".
Edit: My page has a bypass link too. So it may be any of those tbh, bypass link creates a code. Judging by what Marcelloc was facing with illegal chars etc. That could somehow be related.
-
Not able to go on my pc right now but from my phone. I removed the code below.
#### Your details are below: _-USER- -HOST-_ _-FILTERGROUP-_ _-IP-_ [Acknowledge](-BYPASS-)
It doesn't seem to be crashing anymore. I'll test a little more when possible. Not sure exactly which place holder is causing the issue, but it most likely maybe the filter group. Since the filter group doesn't show.
-
Not able to go on my pc right now but from my phone. I removed the code below.
#### Your details are below: _-USER- -HOST-_ _-FILTERGROUP-_ _-IP-_ [Acknowledge](-BYPASS-)
It doesn't seem to be crashing anymore. I'll test a little more when possible. Not sure exactly which place holder is causing the issue, but it most likely maybe the filter group. Since the filter group doesn't show.
As I don't use bypass key, try just removing it from page. Maybe this is the difference from our config.
-
Also I identified why the apply button was not reloading completely the daemon. E2guardian has 3 ways to reload it without killing the process and the option I was using was the lightest one. Next gui version will have this fix.
If we can confirm that the -BYPASS- is crashing the daemon, I can open another ticket on e2guardian repo.
-
Its not -BYPASS- (it's working pretty good). So far I've found -FILTERGROUP- and -REASONLOGGED- will crash the daemon. And possibly the combo of using -USER- -HOST- -IP-.
-REASONGIVEN-, -CATEGORIES-, -USER- so far seem to working for me using the attach page with -BYPASS-.
I am using IP Address as my only Auth plugin if makes a difference.
-
Its not -BYPASS- (it's working pretty good). So far I've found -FILTERGROUP- and -REASONLOGGED- will crash the daemon. And possibly the combo of using -USER- -HOST- -IP-.
-REASONGIVEN-, -CATEGORIES-, -USER- so far seem to working for me using the attach page with -BYPASS-.
I am using IP Address as my only Auth plugin if makes a difference.
Confirmed! I can get -bypass- working fine without crashes, adding any of those place holders above causes E2Guardian to quit. xD
I am also using IP address as my only auth, just to confirm. This is a weird bug, because it did work for couple authenticated users, if they had certain IP's it seemed. But I really don't know for sure why it was behaving so weird before, but now we know those particular place holders are causing the crashes. This is just a heads up if you have trouble re-creating the crashes Marcello. Also try to use my exact same block page source code, with everything intact, including -bypass-.
-
Also try to use my exact same block page source code, with everything intact, including -bypass-.
That's the way I use, just included htl tags before and after.
I'll start testing the 720 hosts network tomorrow. I'll use your template changing the image and will test it with and without those problematic fields.
-
Also try to use my exact same block page source code, with everything intact, including -bypass-.
That's the way I use, just included htl tags before and after.
I'll start testing the 720 hosts network tomorrow. I'll use your template changing the image and will test it with and without those problematic fields.
Alrighty, let us know how it goes. Where will you test this by the way? In a business?
-
Alrighty, let us know how it goes. Where will you test this by the way? In a business?
Yes, on a network I'll help to migrate.
I've also pushed to 2.3 and 2.4 repo a 0.2 pkg version without tinyproxy(it has it's own pkg on Unofficial repo now) and with an apply action to daemon. This fixes the save apply restart issue.
About the http workers. With more then 4000 it aborts. It should accept 20k. I'll build a debug version to see if it's a big or a limitation with current 4.1.1 code and BSD.
-
Alrighty, let us know how it goes. Where will you test this by the way? In a business?
Yes, on a network I'll help to migrate.
I've also pushed to 2.3 and 2.4 repo a 0.2 pkg version without tinyproxy(it has it's own pkg on Unofficial repo now) and with an apply action to daemon. This fixes the save apply restart issue.
About the http workers. With more then 4000 it aborts. It should accept 20k. I'll build a debug version to see if it's a big or a limitation with current 4.1.1 code and BSD.
Just a heads up. Updating didn't remove Tiny Proxy automatically. I had to install Tiny Proxy from the repository and then uninstall to get it off my box.
Hmm the http workers issue could be a big issue in bigger environments. I'm lucky I'm not noticing any degradation at home yet.
-
Hmm the http workers issue could be a big issue in bigger environments. I'm lucky I'm not noticing any degradation at home yet.
yes. I'll have a chance to test it this week and try to identify what needs a fix.
-
I'll have a change to test it this week and try to identify what needs a fix.
'change' I've come to really dislike that word (and RFC, MOP, CAB) the past few months. Our entire Change/RFC process has changed at work and not for the better
-
I'll have a change to test it this week and try to identify what needs a fix.
'change' I've come to really dislike that word (and RFC, MOP, CAB) the past few months. Our entire Change/RFC process has changed at work and not for the better
Sorry, typo :) I'll have a chance test
-
;D I figured, I was just being funny
-
Hi Marcello,
I pkg delete c-icap, and that removed some other files.
I also deleted everything e2guardian and tinyproxy in /usr/local/pkg
However, in Status/Services, I still have both tinyproxy and e2guardian, as stopped. They are not listed in pkg info, they seem not to exist there.
As you wrote on page 3:
@Mr.:
tinyproxy and e2guardian both refuse to start.
As the pkg process failed on your box, there is no e2guardian or tinyproxy binaires installed.
That is probably the cause, so how can I now remove these 2 orphans from Status/Services?
Thank you :)
-
To remove tinyproxy, install it from Unofficial repo and then uninstall. The same with e2guardian.
The c-icap is a package from squid