Unofficial E2guardian package for pfSense
-
If I could find a way to say to the E2g to use MITM by default on most sites and not use it for some specific sites then those strict sites or Apps will not break.
Did you tried to add this site on exceptionsitelist?
-
I'm asking because FredB, over at GitHub recons that the blacklist categories not showing maybe due to not having the following :
# List categorisation #listcategory: "Banned Sites"
Check it here: https://github.com/e2guardian/e2guardian/issues/244
try pkg 0.4.1.2
https://github.com/marcelloc/Unofficial-pfSense-packages/commit/113159cbac10e68568b77b8a0a22c65fdf4607ec
-
pkg 0.4.2 is almost done too with realtime tab.
-
If I could find a way to say to the E2g to use MITM by default on most sites and not use it for some specific sites then those strict sites or Apps will not break.
Did you tried to add this site on exceptionsitelist?
Yes I tried on v3 but still did not work.
-
pkg 0.4.2 is almost done too with realtime tab.
The squidanalyser, provide the information like that?
SARG could do it except the reason.
-
pkg 0.4.2 is almost done too with realtime tab.
The log is showing the data from access.log?
In what format? Dans format os squid format or squid extended format or other? -
The log is showing the data from access.log?
yes. original e2guardian format. If you want to see or grep the log, it's in /var/log/e2guardian/access.log
-
-
The log is showing the data from access.log?
yes. original e2guardian format. If you want to see or grep the log, it's in /var/log/e2guardian/access.log
This can represent a problem. If the access.log file has to be in e2g format, then squidanalyser and SARG can not use it.
So using the real time gui will bring conflict with permanent reports.
-
We actually need a page that can save the data in real time, and can be filtered down based on user, IP address, banned category, or time.
An actual page in list view with a search function is what I had in mind… :P Not a realtime tab like Squid.
EDIT: I tried adding HOST, FilterGroup back into my block page. And it caused my pfSense to crash again, and E2Guardian did not start up again, even with the watchguard script.
-
The squidanalyser, provide the information like that?
Not in realtime.
Real time is nice and is needed but permanent reports are also needed. Every time the access.log is recycled the data is lost and for business use you need to have long periods of data retantion.
-
By the way, how is the access.log and dst something log being recycled. If its not then we have a huge problem. It will grow until Disc is full.
-
The squidanalyser, provide the information like that?
Not in realtime.
Real time is nice and is needed but permanent reports are also needed. Every time the access.log is recycled the data is lost and for business use you need to have long periods of data retantion.
Now we're getting somewhere. This is why I suggested having a page where all the data would be logged in real time, and we can filter and search based on user, blocked category, and see what site was blocked, why, banned phrase detected etc.
@Marcelloc, now I'm unable to turn off SSL certificate forging for certain groups. What's going on? Before I was able to easily turn it on or off in group settings, now whether SSL forging is on or off for a group. It still intercepts.
-
@Marcelloc, now I'm unable to turn off SSL certificate forging for certain groups. What's going on? Before I was able to easily turn it on or off in group settings, now whether SSL forging is on or off for a group. It still intercepts.
Did you closed the browser after changing it? Mozilla keeps "certificate cache" until you close the app.
-
@Marcelloc, now I'm unable to turn off SSL certificate forging for certain groups. What's going on? Before I was able to easily turn it on or off in group settings, now whether SSL forging is on or off for a group. It still intercepts.
Did you closed the browser after changing it? Mozilla keeps "certificate cache" until you close the app.
I'm on chrome, tried closing it, tried clearing history, cache etc. I tried another browser, and tried my mobile too. They're all being SSL intercepted, when they shouldn't be.
Any changes I make to the block page also don't seem to take effect… I tried saving and restarting, turning off e2guardian by unchecking. And still having problems.
EDIT: Tried uninstalling E2Guardian for a reinstall, while uninstalled somehow E2Guardian is still running. HOW? XD
-
I'm asking because FredB, over at GitHub recons that the blacklist categories not showing maybe due to not having the following :
# List categorisation #listcategory: "Banned Sites"
Check it here: https://github.com/e2guardian/e2guardian/issues/244
try pkg 0.4.1.2
https://github.com/marcelloc/Unofficial-pfSense-packages/commit/113159cbac10e68568b77b8a0a22c65fdf4607ec
Have you pushed it out? Can't upgrade to it
-
EDIT: Tried uninstalling E2Guardian for a reinstall, while uninstalled somehow E2Guardian is still running. HOW? XD
It's running on memory. It's missing a stop services on uninstall script call.
-
-
We actually need a page that can save the data in real time, and can be filtered down based on user, IP address, banned category, or time.
An actual page in list view with a search function is what I had in mind… :P Not a realtime tab like Squid.
EDIT: I tried adding HOST, FilterGroup back into my block page. And it caused my pfSense to crash again, and E2Guardian did not start up again, even with the watchguard script.
You can tail -f the /var/log/e2guardian/ access.log to filter realtime logs.
Fully php report shows all the info you need on report page, including host. try it with wpad package.
-
With fully report, I can create a deny log with full info.
This way you keep report logs in squid mode and full info will have what you want, both on realtime tab.