Unofficial E2guardian package for pfSense
-
Tiny Proxy that pesky thing seems to keep coming back even through I installed it from the repo again and uninstalled it. D:
Any news on the tests Marcello? Did you manage to reproduce the crashes using those filter group, and hostname place holders/tags ?
-
To remove tinyproxy, install it from Unofficial repo and then uninstall. The same with e2guardian.
The c-icap is a package from squid
Sorry to ask, Marcello, but how do install from unofficial repo? pkg install and then…?
Pfsensation above this reply says uninstalling isn't going to work(?)
-
@Mr.:
To remove tinyproxy, install it from Unofficial repo and then uninstall. The same with e2guardian.
The c-icap is a package from squid
Sorry to ask, Marcello, but how do install from unofficial repo? pkg install and then…?
Pfsensation above this reply says uninstalling isn't going to work(?)
Well the method described above stops Tiny Proxy from starting but it still appears in service status / dash board.
-
The error is happening to me.
I checked the config files and it is being generated correctly.
I also disable Exceptions box in case the word falls in the exceptions.So it seems to be an e2g 3.5.1 problem.
I guess this has to be checked on the e2g forum.
By the way I used the word <jet>. Search on Google and selected the link
https://www.google.com.pr/url?sa=t&rct=j&q=&esrc=s&source=web&cd=13&cad=rja&uact=8&ved=0ahUKEwjq5qXotpbUAhUE6yYKHTncD78QFghvMAw&url=https%3A%2F%2Fjetprogramusa.org%2F&usg=AFQjCNGFZZgNdXX2OXYga7BOLHmLFjdZ_g</jet>Thanks for helping to check this! At least I know I'm not the only one now.
I've logged the issue on the E2Guardian Google Groups: https://groups.google.com/forum/#!topic/e2guardian/NfBZ1Ux_lEY
If no one replies within a day or so, I'm going to log it as an issue on GitHub.
Thanks again!
Jonathan
Marcelloc, would you please weigh in on this? I need to know, is this a bug I should log with E2G? I've taken this as far as I possibly know how.
https://groups.google.com/forum/#!topic/e2guardian/NfBZ1Ux_lEY
Thanks,
Jonathan
-
Found another issue with 4.1…
I use the unofficial WPAD package, using the E2 Guardian proxy I'm unable to obtain the proxy.pac file via the pfsense machines IP address. However using the host name seems to work fine. When trying to download that pac file via IP when on the E2 Guardian proxy. I get "e2guardian 504 gateway time out. Unable to connect to upstream proxy".
I don't it's an issue with squid as I haven't changed its configuration and I don't remember having this problem on 3.5.1.
-
Found another issue with 4.1…
I use the unofficial WPAD package, using the E2 Guardian proxy I'm unable to obtain the proxy.pac file via the pfsense machines IP address. However using the host name seems to work fine. When trying to download that pac file via IP when on the E2 Guardian proxy. I get "e2guardian 504 gateway time out. Unable to connect to upstream proxy".
I don't it's an issue with squid as I haven't changed its configuration and I don't remember having this problem on 3.5.1.
Why are you retrieving the wpad file through the proxy? The wpad or proxy.pac are downloaded through the http port 80. I think your "Internet Options" if in Windows should tell to connect to the pfsense bypassing the proxy. I do not recall how is done in Linux or MAC. Your wpad file should also have a rule to go DIRECT when connecting to local network IPs.
-
Found another issue with 4.1…
I use the unofficial WPAD package, using the E2 Guardian proxy I'm unable to obtain the proxy.pac file via the pfsense machines IP address. However using the host name seems to work fine. When trying to download that pac file via IP when on the E2 Guardian proxy. I get "e2guardian 504 gateway time out. Unable to connect to upstream proxy".
I don't it's an issue with squid as I haven't changed its configuration and I don't remember having this problem on 3.5.1.
Why are you retrieving the wpad file through the proxy? The wpad or proxy.pac are downloaded through the http port 80. I think your "Internet Options" if in Windows should tell to connect to the pfsense bypassing the proxy. I do not recall how is done in Linux or MAC. Your wpad file should also have a rule to go DIRECT when connecting to local network IPs.
I was troubleshooting some issues with IOS devices on my network then manually tried typing it in to test. In dhcp I am advertising it using the IP, but it gave that error through it proxy. I changed the dhcp to use the host name to connect and download the pac file, but this still seems like a bug nevertheless.
-
I was troubleshooting some issues with IOS devices on my network then manually tried typing it in to test. In dhcp I am advertising it using the IP, but it gave that error through it proxy. I changed the dhcp to use the host name to connect and download the pac file, but this still seems like a bug nevertheless.
E2g and squid has a setting to block urls with IPs. Verify that is turn off. If on the pfsense IP should be explicitly allowed, I think.
-
but now we know those particular place holders are causing the crashes. This is just a heads up if you have trouble re-creating the crashes Marcello. Also try to use my exact same block page source code, with everything intact, including -bypass-.
Even without report, just "access denied" the daemon crashes. I've started a watchdog script to keep e2guardian running but I'll need to run a debug version to try to identify where it's still getting segmentation fault errors. :(
also getting high values on e2guardian processes but low cpu load
last pid: 83609; load averages: 1.51, 8.54, 8.55 up 1+20:43:27 11:35:36 192 processes: 2 running, 189 sleeping, 1 zombie CPU: 1.5% user, 0.0% nice, 0.2% system, 0.6% interrupt, 97.6% idle Mem: 470M Active, 463M Inact, 863M Wired, 1060M Buf, 14G Free Swap: PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 81597 root 259 21 0 392M 127M accept 6 0:02 2795.70% e2guardian
-
also getting high values on e2guardian processes but low cpu load
last pid: 83609; load averages: 1.51, 8.54, 8.55 up 1+20:43:27 11:35:36 192 processes: 2 running, 189 sleeping, 1 zombie CPU: 1.5% user, 0.0% nice, 0.2% system, 0.6% interrupt, 97.6% idle Mem: 470M Active, 463M Inact, 863M Wired, 1060M Buf, 14G Free Swap: PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 81597 root 259 21 0 392M 127M accept 6 0:02 2795.70% e2guardian
I've noticed the same
-
I've opened a new issue on e2g git
Client: START------------------------------- Line: 1011 Function: dbshowheader Line: 1018 Function: dbshowheadereader bool: POST http://1xx.1yy.zz3.4/dout.aspx?s=16434986&p=10000003&client=DynGate HTTP/1.0 Line: 1018 Function: dbshowheadereader bool: Cache-Control: no-cache Line: 1018 Function: dbshowheadereader bool: Pragma: no-cache Line: 1018 Function: dbshowheadereader bool: Content-Type: application/octet-stream Line: 1018 Function: dbshowheadereader bool: Accept: */* Line: 1018 Function: dbshowheadereader bool: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; DynGate) Line: 1018 Function: dbshowheadereader bool: Content-Transfer-Encoding: binary Line: 1018 Function: dbshowheadereader bool: Connection: keep-alive Line: 1018 Function: dbshowheadereader bool: Content-Length: 68 Line: 1018 Function: dbshowheadereader bool: Host: 1xx.1yy.zz3.4 Client: END------------------------------- Line: 1023 Function: dbshowheader 54837 got past line 2350 proxy header out Line: 2561 Function: handleConnection 54837 exchange_timeout is 20000 Line: 2562 Function: handleConnection tunnel tw poll returned ok:1 Start of tunnel loop: throughput:4942 target:-1 getLine !SSL read into buffer; bufflen: 0 getLine terminate string !SSL: 0 firstime: header:in after getLine Line: 2098 Function: in firstime: header:in after getLine: rc: 0 truncated: 1 Line: 2103 Function: in 6982468823791959581Call : from HTTPHeader.cpp to dbshowheader but header is empty Line: 1028 Function: dbshowheader Segmentation fault
At least here with e2g compiled with debug, it crashes when empty header happens
If you want to try the same debug version to see if it crashes on the same place, follow this:
fetch https://github.com/marcelloc/Unofficial-pfSense-packages/raw/master/repo/e2guardian-4.1.1_debug.txz fetch https://github.com/marcelloc/Unofficial-pfSense-packages/raw/master/repo/e2guardian-4.1.1_1.txz
To force debug install, run
pkg add -f e2guardian-4.1.1_debug.txz killall e2guardian && /usr/local/sbin/e2guardian -N
This must be done using console to see debug output
To back to non debug binaries:
pkg add -f e2guardian-4.1.1_1.txz killall e2guardian && /usr/local/sbin/e2guardian
-
I realised the sudden memory spikes too. I had 350MB, didn't worry too much as I assumed it was for cache + I have 2GB total.
I had another crash today after 2 days, it's better than the nearly instant crash every 30 minites - 2 hours I was getting before.
Jun 7 02:56:44 check_reload_status Syncing firewall Jun 7 02:56:46 php-fpm 18746 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 02:56:46 php-fpm 19894 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 02:56:48 php-fpm 20300 /status_services.php: The command '/usr/local/etc/rc.d/e2guardian.sh stop' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 e2guardian not running? (check /var/run/e2guardian.pid).' Jun 7 02:56:54 e2guardian 20294 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 02:56:54 e2guardian 19797 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 02:56:55 e2guardian 23430 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 02:56:55 e2guardian 19797 I seem to be running already! Jun 7 02:56:55 e2guardian 23430 I seem to be running already! Jun 7 02:56:55 root /usr/local/etc/rc.d/e2guardian.sh: WARNING: failed to start e2guardian Jun 7 02:57:52 check_reload_status Syncing firewall Jun 7 02:57:52 php-fpm 56014 /pkg_edit.php: [E2guardian] - Save settings package call pr:1 bp: rpc:no Jun 7 02:57:52 check_reload_status Syncing firewall Jun 7 02:57:55 php-fpm 78906 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 02:57:55 php-fpm 80648 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 02:58:00 e2guardian 81133 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 02:58:00 e2guardian 80510 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 02:58:01 e2guardian 80510 I seem to be running already! Jun 7 03:01:00 root rc.update_bogons.sh is starting up. Jun 7 03:01:00 root rc.update_bogons.sh is sleeping for 31584 Jun 7 03:14:47 check_reload_status Syncing firewall Jun 7 03:14:47 php-fpm 9104 /pkg_edit.php: [E2guardian] - Save settings package call pr:1 bp: rpc:no Jun 7 03:14:47 check_reload_status Syncing firewall Jun 7 03:14:49 php-fpm 19850 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 03:14:55 e2guardian 23043 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 03:24:23 check_reload_status Syncing firewall Jun 7 03:24:23 php-fpm 60117 /pkg_edit.php: [E2guardian] - Save settings package call pr:1 bp: rpc:no Jun 7 03:24:23 check_reload_status Syncing firewall Jun 7 03:24:25 php-fpm 11356 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 03:24:25 php-fpm 15238 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 03:24:30 e2guardian 15501 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 03:24:31 e2guardian 15228 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 03:24:31 e2guardian 15228 I seem to be running already! Jun 7 03:24:39 e2guardian 21488 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 03:31:24 check_reload_status Syncing firewall Jun 7 03:31:24 php-fpm 64424 /pkg_edit.php: [E2guardian] - Save settings package call pr:1 bp: rpc:no Jun 7 03:31:24 check_reload_status Syncing firewall Jun 7 03:31:26 php-fpm 41060 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 03:31:32 e2guardian 44437 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 03:31:46 e2guardian 49314 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 03:31:46 php-fpm 46997 /pkg.php: Restarting e2g by sending -Q action to e2g binaries Jun 7 03:31:52 e2guardian 49618 Reporting_level is : 0 file /usr/local/etc/e2guardian/e2guardianf3.conf Jun 7 11:47:24 root rc.update_bogons.sh is beginning the update cycle. Jun 7 11:47:26 root Bogons V4 file downloaded: 15 addresses added. Jun 7 11:47:26 root Bogons V4 file downloaded: 16 addresses deleted. Jun 7 11:47:27 root Bogons V6 file downloaded: 302 addresses added. Jun 7 11:47:27 root Bogons V6 file downloaded: 69 addresses deleted. Jun 7 11:47:27 root rc.update_bogons.sh is ending the update cycle. Jun 7 20:39:37 kernel pid 49681 (e2guardian), uid 106: exited on signal 11
-
Any updates on this? Is there anyway I can downgrade for now?
4.1 is giving me a lot of hassle with crashing. Maybe you could make a script to automatically restart it if it crashes Marcello?
-
I have a watchdog script. I'll share here when I get home.
-
I have a watchdog script. I'll share here when I get home.
Let say the e2g has the watchdog script working.
From the perspective of the clients, is e2g as of now, doing all the features OK and they will not notice the crashes?
I want to know because if the features are not working OK then I will have to wait for the fixes to be able to use it in production. Also if the crashes can be noticed by the clients then I have to wait for the fixes to be able to use it in production. Maybe the crashes can be tolerated if they are noticed but in sporadic instances.
-
I guess the current crashes are related to a old exit status 11 that happens for a Long Time since dansguandian but with current thread version, the main process dies too. The issue is related with empty headers and connection that doesn't answer.
-
whatchdog script for e2guardian
#!/bin/sh for a in 5 10 15 20 25 30 35 40 45 50 55 do if [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fi fi sleep 5 done
Run it every minute via cron. /var/log/e2guardian/start.log will log the crashes.
-
whatchdog script for e2guardian
#!/bin/sh for a in 5 10 15 20 25 30 35 40 45 50 55 do if [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fi fi sleep 5
Run it every minute via cron. /var/log/e2guardian/start.log will log the crashes.
Just tried setting this up now. When I copy and paste your code into Cron, it becomes all jumbled. Here's an example of what happened :
#!/bin/sh for a in 5 10 15 20 25 30 35 40 45 50 55 do if [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fi fi sleep 5
Went from the above code, to the below code
#!/bin/shfor a in 5 10 15 20 25 30 35 40 45 50 55doif [ -f /var/run/e2guardian.pid ];then cat /var/run/e2guardian.pid | xargs ps if [ $? -ne 0 ]; then /usr/local/etc/rc.d/e2guardian.sh start tail -50 /var/log/e2guardian/access.log >> /var/log/e2guardian/last.log echo "`date` start" >> /var/log/e2guardian/start.log fifisleep 5
Will this cause any problems?
And also, since this cron job is running every minute. What if the case is that E2Guardian crashes just after the cron job is run, then you have to wait an entire minute before E2Guardian is put back up. It could be incredibly annoying in a production environment.
-
I have a watchdog script. I'll share here when I get home.
Let say the e2g has the watchdog script working.
From the perspective of the clients, is e2g as of now, doing all the features OK and they will not notice the crashes?
I want to know because if the features are not working OK then I will have to wait for the fixes to be able to use it in production. Also if the crashes can be noticed by the clients then I have to wait for the fixes to be able to use it in production. Maybe the crashes can be tolerated if they are noticed but in sporadic instances.
Pretty sure at some point it will be noticed, and it will become annoying. If the cause is actually an empty header, and someone is accessing a site which is causing the empty headers, you may end up with more crashes at once. And then you have to wait a minute for it to come back etc etc… I use this at home, and I can say that 4.1 is extremely fast, and nice to use in general. But the crashes for now are making it more hassle than it's worth. I'm stuck in between for now, 3.5.1 gave me redirect issues, and sometimes some slowness (not a huge deal) but redirect issue was annoying. But 4.1 is very very quick, fixes the redirect issues and sudden lag but is prone to crashes. And I guess it has some sort of memory leak? I hope the watchdog script at least takes some frustration out. D:
@Marcelloc, I have a NAT rule to redirect port 80 to my pfsense box IP and port 8080. Should I do the same for 443? Or will that completely break it? I don't mind being having to install the certificate, but is there a way to just force all the traffic through E2Guardian. In some cases, such as Android, it seems other methods such as WPAD etc, don't work.
-
Pfsensation:
You have to add spaces where they stick together.
Example
55doif -> 55 do ifIt seems you lost carriege returns. But whats important is spaces between commands and parameters.