Howto: install Dansguardian on pfSense 2.0
-
UPDATE:
So, after a month or so of using this I've found out some things:
Dansguardian definitely works without squid caching.
Which is good for me, since it was filling up my little 2GB CF card very quickly.The log file (access.log) can also get rather large over time. About 100 Mb in a month.
I turned down the "naughtiness level" and I still get "Japanese pornography" every once in a while.
Generally reloading the page once is all that's necessary to get rid of it. Or you could turn it down farther.–----------------------
I looked into making this into a package, and it looked rather complicated and time consuming.
If someone wants to do it I'll be glad to help all I can, and if not, maybe one of these day's I'll do it myself. -
Congratulations for you work with this guide.
We, the brazilian portuguese forum, we made sure to draw attention to him: http://forum.pfsense.org/index.php/topic,42641.msg226605.html#msg226605
The guide also worked with one thread in our mailing list: http://lists.pfsense.org/pipermail/pfsense-pt/2011-December/000407.html
[] 's
Jack -
I can help in dansguardian package since i finish mailscanner package.
Do you have 32 and 64 bits version or compilation args you used?
-
The files I posted are from a 32-bit version. I didn't use any compilation arguments. Keep in mind, however, that I didn't compile it in pfSense. I compiled it in FreeBSD and copied the resulting files to pfSense.
–-------------------
If you're interested in working on this, we should probably open a thread in the Packages section of the forum.
-
package topic for dansguardian
http://forum.pfsense.org/index.php/topic,43786.msg226796.html#msg226796
-
First I need to thank whoever ported Dansguardian to pfSense. I had been using Dansguardian on IPCop for years and pfSense is such a superior firewall that I was hoping someday that Dansguardian would get ported.
I have created the three NAT rules as mentioned in this post, but it would appear that the https rule is not working. It blocks all https traffic when I try to go through the firewall transparently without configuring my browser to use a proxy. If I configure my browser to use a proxy, https filtering seems to work. My preference is of course to run transparently. Any ideas?
-
Did you installed dansguardian package for pfsense?
This guide is to install it by hand with no gui.
I'm not sure if https can be used in transparente mode.
proxy WPAD/PAC/auto configuration using dns+dhcp is the best way to configure browsers in a "transparent" way
-
Yes I did install the package. Even with installing through the package I had to add the HTTP and 3128 NAT rules for it to work though.
Okay I'll try forcing browsers to autoconfig using dns+dhcp as you recommend. Thank you!!
-
Okay I'll try forcing browsers to autoconfig using dns+dhcp as you recommend. Thank you!!
Hi gadams65, any news about https and transparent mode?
REgards, Valle
-
Thanks for this howto I now have a working filtering. I have a question where is exception IP list located? I tried looking the menu I don't find any. Does it mean I need to configure it manually?
Thanks
Rocel -
Thanks for this howto I now have a working filtering. I have a question where is exception IP list located? I tried looking the menu I don't find any. Does it mean I need to configure it manually?
Thanks
Rocel -
Thanks for this howto I now have a working filtering. I have a question where is exception IP list located? I tried looking the menu I don't find any. Does it mean I need to configure it manually?
Thanks
Rocel -
Where is exception IP list located?
The file location is /usr/local/etc/dansguardian/lists/exceptioniplist.
I've checked and it's really missing on gui, I'll include it.
att,
Marcello Coutinho -
version 0.1.5.4 of dansguardian package includes exceptioniplist missing field.
-
Hi, I had DG and Squid running perfectly till….... I changed the reporting to "full reporting" then everything went down. I wasn't able to restart DG from the service manager and reboot, so i tried to reinstall the pkg. and Squid went down so reinstalled it as well, So now somehow both don't restart. any help would be appreciated.
TIAP.S. in general DG doesn't start from the pkg menu.
-
Services tab on 2.0.1 needs a Fix.
Are you using squid3? If so, reinstall it after dansguadian.
Try to start dansguardian on console to check if it's returning errors.
-
Thanks, I have installed version 2. I looked into the system logs and ..
root: /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian
php: /pkg_edit.php: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting dansguardian. Error reading file /usr/local/etc/dansguardian/lists/blacklists/artnudes/urls: No such file or directory Error reading file /usr/local/etc/dansguardian/lists/blacklists/artnudes/urls: No such file or directory Error opening file: /usr/local/etc/dansguardian/lists/blacklists/artnudes/urls Error opening bannedurllist Error opening filter group config: /usr/local/etc/dansguardian/dansguardianf1.conf Error reading filter group conf file(s). Error parsing the dansguardian.conf file or other DansGuardian configuration files /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian'
-
check all config tabs, startup script is looking for files that was not created by package config.
-
Thanks, so far, so good
-
It's on IP tab ;)
