Unofficial E2guardian package for pfSense
-
whatchdog script for e2guardian
#!/bin/sh for a in 5 10 15 20 25 30 35 40 45 50 55 do if [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fi fi sleep 5
Run it every minute via cron. /var/log/e2guardian/start.log will log the crashes.
Just tried setting this up now. When I copy and paste your code into Cron, it becomes all jumbled. Here's an example of what happened :
#!/bin/sh for a in 5 10 15 20 25 30 35 40 45 50 55 do if [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fi fi sleep 5
Went from the above code, to the below code
#!/bin/shfor a in 5 10 15 20 25 30 35 40 45 50 55doif [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fifisleep 5
Will this cause any problems?
And also, since this cron job is running every minute. What if the case is that E2Guardian crashes just after the cron job is run, then you have to wait an entire minute before E2Guardian is put back up. It could be incredibly annoying in a production environment.
-
I have a watchdog script. I'll share here when I get home.
Let say the e2g has the watchdog script working.
From the perspective of the clients, is e2g as of now, doing all the features OK and they will not notice the crashes?
I want to know because if the features are not working OK then I will have to wait for the fixes to be able to use it in production. Also if the crashes can be noticed by the clients then I have to wait for the fixes to be able to use it in production. Maybe the crashes can be tolerated if they are noticed but in sporadic instances.
Pretty sure at some point it will be noticed, and it will become annoying. If the cause is actually an empty header, and someone is accessing a site which is causing the empty headers, you may end up with more crashes at once. And then you have to wait a minute for it to come back etc etc… I use this at home, and I can say that 4.1 is extremely fast, and nice to use in general. But the crashes for now are making it more hassle than it's worth. I'm stuck in between for now, 3.5.1 gave me redirect issues, and sometimes some slowness (not a huge deal) but redirect issue was annoying. But 4.1 is very very quick, fixes the redirect issues and sudden lag but is prone to crashes. And I guess it has some sort of memory leak? I hope the watchdog script at least takes some frustration out. D:
@Marcelloc, I have a NAT rule to redirect port 80 to my pfsense box IP and port 8080. Should I do the same for 443? Or will that completely break it? I don't mind being having to install the certificate, but is there a way to just force all the traffic through E2Guardian. In some cases, such as Android, it seems other methods such as WPAD etc, don't work.
-
Pfsensation:
You have to add spaces where they stick together.
Example
55doif -> 55 do ifIt seems you lost carriege returns. But whats important is spaces between commands and parameters.
-
Pfsensation:
You have to add spaces where they stick together.
Example
55doif -> 55 do ifIt seems you lost carriege returns. But whats important is spaces between commands and parameters.
Thanks for that. I will go edit the cron now
-
Create a file on filesystem with the script and then call the file on cron.
-
@Marcelloc, I have a NAT rule to redirect port 80 to my pfsense box IP and port 8080. Should I do the same for 443? Or will that completely break it? I don't mind being having to install the certificate, but is there a way to just force all the traffic through E2Guardian. In some cases, such as Android, it seems other methods such as WPAD etc, don't work.
That rule will brake wpad retrival. Did you add that before testing Androids?
-
@Marcelloc, I have a NAT rule to redirect port 80 to my pfsense box IP and port 8080. Should I do the same for 443? Or will that completely break it? I don't mind being having to install the certificate, but is there a way to just force all the traffic through E2Guardian. In some cases, such as Android, it seems other methods such as WPAD etc, don't work.
That rule will brake wpad retrival. Did you add that before testing Androids?
Hmm how can I get that setup with WPAD still working? Somehow WPAD seems to be working. My pc is set to automatically detect proxy settings and it does, however it didn't work on IOS maybe this is it.
I tested with this rule on android, works for http traffic. It'll successfully go to the block page if the website isn't allowed.
-
Create the rule and try to fetch the wpad file. If it fetches, the is no conflict.
-
Create the rule and try to fetch the wpad file. If it fetches, the is no conflict.
Able to fetch it no problems, as long as I type http, since web config is on https.
-
Create a file on filesystem with the script and then call the file on cron.
Didn't work at first, but added "Done" at the end of the script. Now it seems to be working fine.
-
Create a file on filesystem with the script and then call the file on cron.
Didn't work at first, but added "Done" at the end of the script. Now it seems to be working fine.
Bad copy and paste. Sorry. I've fixed the post
-
Can you test if a full MITM e2guardian setup with no exceptions crashes? current binaries from package are not on the latest version but it's close to it. If you can confirm a crash, I'LL build with current latest code.
-
I found an workaround util 4.1.1 gets fixed 8)
-
Configure squid to intercept SSL connections with splice all mode (this checks only remote certificate)
-
Configure e2guardian Parent proxy Settings with your squid ssl interface configured.
Testing with steps I know that crashes the daemon but it's still alive with and without MITM.
-
-
I found an workaround util 4.1.1 gets fixed 8)
-
Configure squid to intercept SSL connections with splice all mode (this checks only remote certificate)
-
Configure e2guardian Parent proxy Settings with your squid ssl interface configured.
Testing with steps I know that crashes the daemon but it's still alive with and without MITM.
Won't squid and E2Guardian conflict with each other if I configure squid to intercept traffic? Since it creates a NAT rule and I already have a NAT rule for port 80 > 8080 for E2guardian.
Remember squid is completely unrestricted in terms of allowing Web access without E2 Guardian. I also realised you updated the package, what's new in the newer version?Got the error below on the latest version available in the repo.
PHP ERROR: Type: 1, File: /etc/inc/util.inc, Line: 1731, Message: Allowed memory size of 262144000 bytes exhausted (tried to allocate 47625514 bytes) @ 2017-06-11 11:16:25
Then got this crash report…
Crash report begins. Anonymous machine information: amd64 10.3-RELEASE-p19 FreeBSD 10.3-RELEASE-p19 #0 bbfdb9a1d(RELENG_2_3_4): Wed May 3 16:09:14 CDT 2017 root@ce23-amd64-builder:/builder/pfsense-234/tmp/obj/builder/pfsense-234/tmp/FreeBSD-src/sys/pfSense Crash report details: PHP Errors: [11-Jun-2017 11:16:25 Europe/London] PHP Fatal error: Allowed memory size of 262144000 bytes exhausted (tried to allocate 47625514 bytes) in /etc/inc/util.inc on line 1731 [11-Jun-2017 11:16:25 Europe/London] PHP Stack trace: [11-Jun-2017 11:16:25 Europe/London] PHP 1\. {main}() /usr/local/www/pkg_edit.php:0 [11-Jun-2017 11:16:25 Europe/London] PHP 2\. eval() /usr/local/www/pkg_edit.php:141 [11-Jun-2017 11:16:25 Europe/London] PHP 3\. e2guardian_check_config() /usr/local/www/pkg_edit.php(141) : eval()'d code:1 [11-Jun-2017 11:16:25 Europe/London] PHP 4\. e2guardian_start() /usr/local/pkg/e2guardian.inc:1309 [11-Jun-2017 11:16:25 Europe/London] PHP 5\. mwexec() /usr/local/pkg/e2guardian.inc:1357 [11-Jun-2017 11:16:25 Europe/London] PHP 6\. sprintf() /etc/inc/util.inc:1731 No FreeBSD crash data found.
-
-
Did you tried the debug version package I've posted before?
There is a new config option (banner site with bypass key) on new binaries, you need to save config and apply in order to get correct config files.
-
Did you tried the debug version package I've posted before?
There is a new config option (banner site with bypass key) on new binaries, you need to save config and apply in order to get correct config files.
I updated via the console, and it might have automatically gone to the debug version. Where is that option? :o
-
No, debug version needs a manual intervention.
To be sure you're not on a debug version, just try to run run /usr/local/sbin/e2guardian on console -
No, debug version needs a manual intervention.
To be sure you're not on a debug version, just try to run run /usr/local/sbin/e2guardian on consoleWhen I run the command I am getting an output. Does that mean I'm on the debug version? I'm confused.
-
When I run the command I am getting an output. Does that mean I'm on the debug version? I'm confused.
big output with a lot of information means debug mode, if it backs to console then you're on normal version.
-
Try to delete the crash alert and see if it happens again. I have no alerts or crashes on gui here.