Unofficial E2guardian package for pfSense
-
With last verison, I'm getting a crash report since /usr/local/etc/e2guardian/lists/bannedsitewithbypasslist doesn't exist.
I did a clean install but I"m not getting crashes. The sample file is empty but it's there.
Did you saved config again and then applied just to be sure package is not trying to run with default conf files?
I'm editing e2guardian.inc to fix the empty sample file and will push soon to the repo.
-
thank you marcelloc! I did an update, and no more crash reports for the missing files.
-
I've pushed version 0.4 of the gui package to the Unofficial repo.
what's new:
- time based acls using pfSense schedules
Note: acls now have a schedule field. check if they are not going to assume the first system schedule you have on your pfSense.
The update process when schedule expires send a soft HUP to the process, so active sessions will keep current ACLs. a CTRL+F5 may force a new session on browser.
You can create specific acls and apply them under groups.
For example, create a site acl with only banned checkbox selected and social network blacklist applied to working hours. then select both default and this new site acl under groups.
This way, you will have default acl all the day + social media blocked during work hours.
-
I've pushed version 0.4 of the gui package to the Unofficial repo.
what's new:
- time based acls using pfSense schedules
Note: acls now have a schedule field. check if they are not going to assume the first system schedule you have on your pfSense.
The update process when schedule expires send a soft HUP to the process, so active sessions will keep current ACLs. a CTRL+F5 may force a new session on browser.
You can create specific acls and apply them under groups.
For example, create a site acl with only banned checkbox selected and social network blacklist applied to working hours. then select both default and this new site acl under groups.
This way, you will have default acl all the day + social media blocked during work hours.Sweet updated!!
Could you make some slight modifications so that by default it's set to "always" rather than any other schedule you have within pfsense.
Also, regarding the block page. I will submit it soon via pull.
-
Could you make some slight modifications so that by default it's set to "always" rather than any other schedule you have within pfsense.
A clean install create all default acls with 'always active'. But the code accepts blank field as always active to do not break things.
-
Could you make some slight modifications so that by default it's set to "always" rather than any other schedule you have within pfsense.
A clean install create all default acls with 'always active'. But the code accepts blank field as always active to do not break things.
I tried a clean install for a friend and it automatically set the ACL's to one of the schedules he had on his pfSense box.
Just a heads up, I have already sent a pull request to E2Guardian with the new block page. Hopefully it'll be implemented! :)
-
It's official! My block page code was merged into E2 Guardian official sources! Now everyone should be able to enjoy the new modernised block page by default. 8) 8) 8)
-
Great !!!!
-
I've pushed to e2guardian repo a php version of the new template and updated the perl version of the report.
With new php report, fully report works on pfSense together with wpad package.
https://github.com/e2guardian/e2guardian/pull/236
To use report fully option before it get on e2guardian and on e2guardian pfSense package, you can download the file directly from git.
e2gerror.php
https://raw.githubusercontent.com/marcelloc/e2guardian/25d06e7416c5f77c859a96988b102e76a4f09bae/data/e2gerror.phpDo not forget to add the webhost with e2gerror.php on exception site list.
-
I've pushed to e2guardian repo a php version of the new template and updated the perl version of the report.
With new php report, fully report works on pfSense together with wpad package.
https://github.com/e2guardian/e2guardian/pull/236
To use report fully option before it get on e2guardian and on e2guardian pfSense package, you can download the file directly from git.
e2gerror.php
https://raw.githubusercontent.com/marcelloc/e2guardian/25d06e7416c5f77c859a96988b102e76a4f09bae/data/e2gerror.phpDo not forget to add the webhost with e2gerror.php on exception site list.
Won't the php version increase the load on the server? Or is it about the same as html as the place holders are still being changed?
Also report fully allows you to see the banned words right?
Furthermore, why was WPAD package conflicting with this? They're on different ports?
Sorry about the questions, still learning a lot. :p
So far I'm really enjoying E2 Guardian and am loving the team work and where it's going. However I feel the one thing that's missing is a way to quickly see what websites are being blocked.
For example in the pfsense GUI you created, it would be really nice to have a page where you can see what content is blocked, why it's blocked. What user is trying to access what content, and being able to apply filters such as "user with most blocked sites" or be able to type in the name of a category such as gambling. And being able to see who was trying to access gambling sites, from what internal IP, host name and what time they did to access it, and of course the URL.Let me know if this can be done, I know some log files can be created. But this is a much simpler overall better way, and I'm sure other commercial products have this. I am also trying to help a friend move to E2 Guardian for their school network, in that scenario some sort of reporting with a page to quickly filter and find data is necessary. I really don't want to start suggesting bad methods of doing this such as using GREP.
But anyways, keep up the amazing work Marcello!
-
Won't the php version increase the load on the server? Or is it about the same as html as the place holders are still being changed?
Also report fully allows you to see the banned words right?
Yes, the dynamic page says it shows more details of what was blocked and allow more control and tests. For example, you can show Bypass only for groups that has a bypass.
Furthermore, why was WPAD package conflicting with this? They're on different ports?
Wpad is the best place to host a php file as it will be in HTTP and will never shows certificate erros or ssl error page cannot be displayed on http sites. These are some problems that occurs with squidguar for example. So I'm trying to implement all features we know as good practices for proxy, wpad, ssl, etc..
Sorry about the questions, still learning a lot. :p
NO problem. :)
So far I'm really enjoying E2 Guardian and am loving the team work and where it's going. However I feel the one thing that's missing is a way to quickly see what websites are being blocked.
If you want a report tool with historical stats, try squidanalyzer package on my repo. The only pre requisite is change logs to squid format.
For example in the pfsense GUI you created, it would be really nice to have a page where you can see what content is blocked, why it's blocked. What user is trying to access what content, and being able to apply filters such as "user with most blocked sites" or be able to type in the name of a category such as gambling. And being able to see who was trying to access gambling sites, from what internal IP, host name and what time they did to access it, and of course the URL.
Let me know if this can be done, I know some log files can be created. But this is a much simpler overall better way, and I'm sure other commercial products have this. I am also trying to help a friend move to E2 Guardian for their school network, in that scenario some sort of reporting with a page to quickly filter and find data is necessary. I really don't want to start suggesting bad methods of doing this such as using GREP.
Sure, I'll import the real time tab when I have time. But with the upcoming changes to use squid transparent proxy and ssl splice all, you will be abe to see most of these information (blocked but not reason given) on squid Real Time tab. On 3.5 version, there was 3 more report type, one included squid log format with extra field containing block reason.
But anyways, keep up the amazing work Marcello!
Thanks! I want to improve this package as much as I can, so nobody will need squidguard anymore. And when e2guardian 4.x code get's stable, I'll push it to freebsd ports and then submit a pull request for this package to get merged on main repo.
-
Marcelloc
How different is your squidanalyser from SARG?
Can you add a thread for this with examples? -
How different is your squidanalyser from SARG?
Can you add a thread for this with examples?You mean a new topic?
There is a topic on forum with manual install. I've joined all contributions and added a php protection file to use pfSense authentication, just like I did with sarg.
The squidanalyzer has a modern gui and some graphs
-
How different is your squidanalyser from SARG?
Can you add a thread for this with examples?You mean a new topic?
There is a topic on forum with manual install. I've joined all contributions and added a php protection file to use pfSense authentication, just like I did with sarg.
The squidanalyzer has a modern gui and some graphs
Can you provide me the search term or the direct link?
I tried squidanalyser but did not return results. -
Can you provide me the search term or the direct link?
I tried squidanalyser but did not return results.Sure. I've update it right now to include some images
Re: Want package for squidanalyzer. INSTRUCTIONS AND FILES TO INSTALL
-
Can you provide me the search term or the direct link?
I tried squidanalyser but did not return results.Sure. I've update it right now to include some images
Re: Want package for squidanalyzer. INSTRUCTIONS AND FILES TO INSTALL
Is there a way to have two squidanalyzer instances running side by side?
One for e2guardian and the other for squid.I do not like Lightsquid (I do not know why pfsense decided to favor that instead of SARG), this does not report the blocked/denied sites only the permitted sites.
Maybe manually install SARG from Freebsd for Squid, and use your Squidanalyser for e2guardian.
-
Is there a way to have two squidanalyzer instances running side by side?
One for e2guardian and the other for squid.By command line yes. Using the package not on current version.
-
Is there a way to have two squidanalyzer instances running side by side?
One for e2guardian and the other for squid.By command line yes. Using the package not on current version.
Is it posible to install SARG in pfsense?
-
Is it posible to install SARG in pfsense?
Yes. Basically, enable freebsd repo and install using pkg add
did you tried squidanalyzer package with all features enables? I have user reports working
-
Is it posible to install SARG in pfsense?
ne
Yes. Basically, enable freebsd repo and install using pkg adddid you tried squidanalyzer package with all features enables? I have user reports working
I think it might be easyer to have only one instance of everything. SARG for Squid and SquidA for E2g.
The problem with SARG is that prefer apache. I dont know how to make it work in gnix. Do you know of a wiki or tutorial to doit?