Dansguardian package for 2.0
-
Can you re-check and see if the rules are being committed after a save?
what auth plugins did you selected?
what you have on dansguardian logs?
My acls are working fine here. I've removed and re included some sites and it reflected on config files.
I'm also seeing log files registering users and groups as well.
-
Something I've noticed is that multiple plugins selected have different behavior depending on how dansguardian is configured (dansguardian-> squid or squid-> dansguardian->squid).
Try to select only one plugin before including others.
-
Tried selecting each of them. I can only select one as I have multiple interfaces.
Thinking of going back to SquidGuard as this is turning out to be a headache.
Was wondering if the older version of Dansguardian be resurrected with the pcre fix.
-
Was wondering if the older version of Dansguardian be resurrected with the pcre fix.
I'ts basically the same gui version. Most work was on pfsense 2.1 dir checks. Pcre and other fixes were done on freebsd ports.
What you have on dansguardian log files?
Did you tried to listen it on only one interface and then nat it to other?
-
whats the path for the log files?
I know the service is running and I get that Web Upload banned page.. so I know its working to some degree. Also some pics (not all) are being blocked on porn sites.. so that is kinda working to some degree as well.
It's working on very few little things that might go unnoticed. Site/URL blocking, weighted phrases..etc is not working. After 3 clean installs and configuration I can confirm this.
-
Log file is /var/log/dansguardian/access.log
Choose dansguarian report type to see more detailed log.
-
Checked the logs. As reported earlier.. logs are all filled with .jpg being blocked from bad sites. No bad sites being blocked.
-
Checked the logs. As reported earlier.. logs are all filled with .jpg being blocked from bad sites. No bad sites being blocked.
I have bad sites blocked in my log files, filter group identification, users as well and exception sites too.
How can I help you????
-
Darn. Dunno what to do. Never faced this issue before.
Are you on a 2.1 amd64 snapshot? How did u install Dans? All I did was install squid3 .. configure all the interfaces for squid (as each interface services a separate subnet) and then install dans and select the usual options that worked on first try.. always.
One thing which I have done differently is I have Squid3 rather than the Squid2. Could that be the issue? Will try to do a clean install again and use Squid2 instead and see if that helps.
BTW, any major difference between Squid 2 & 3 versions?
EDIT:
Confirmed extensions being blocked as well. So there is a definite issue (at least in my cofiguration) that is not blocking bad sites and URLS. -
So, I had a backup config of 2.0 saved which had working settings for Squid2 and Dans. I applied that to a clean new install of 2.1. Upon reboot Dans worked but the response to bad sites was like 5 to 8 secs. So I knew its working on the Phrase weight. I checked in Dans and found no change in what I was doing earlier. But to test I clicked save and boom it killed dans again with the exact same behavior.
For now I am moving back to SquidGuard as I need IPv6 for some RND and Dans is taking too much of my time. Will check on this package in a few months.
Adios!
-
as I need IPv6 for some RND
Dansguardian 2.12 does not have ivp6 support yet.
I have no idea how to reproduce your config, all I can tell is that my config is still running.
BTW, I'll keep doing testes to see if I find/reproduce same limitations/issues you found. -
What I have noticed is that for Sites and URLs .. the "DEFAULT" config does not stick to the "Group" (there is only one group in the list). In the categories list I selected specific categories to ban ..for example costtraps, porn..etc. The selection list is there but the moment you click save it does not apply the settings to the "Group". File extensions download ban works and even Pics ban are working.
You might wanna check and compare the code from the previous working dans version for Site and URL and more importantly the directory paths for the categories list downloaded that need to be applied on the Site and URL tabs.
-
I was tied up in some other stuff but just noticed this got released ;D. I am still early in my testing but I did notice that my code for the /usr/local/www/dansguardian_ldap.php wasn't added. Was that intentional?
marcelloc - I figured out the code for this and was able to get it to synchronize completely (even when the AD group is empty) by just adding a little bit of code to /usr/local/www/dansguardian_ldap.php. Here is the section (towards the end), my addition is in bold:
if (!empty($members)){
$import_users = explode("\n", $members);
asort($import_users);
$members=base64_encode(implode("\n", $import_users));
if($config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] != $members){
$config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = $members;
$apply_config++;
}
}
else {
$config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = NULL;
$apply_config++;
}
}
$id++;
}Is that a fix you'd be willing to add to the package? Also I noticed that there is a typo when configuring a group in the Values section. It says "Naughtiness limite" and should be "Naughtiness limit" without the 'e'. Really minor but thought I'd let you know.
Other than that I haven't seen any problems but I am still early in my testing.
-
I did notice that my code for the /usr/local/www/dansguardian_ldap.php wasn't added. Was that intentional?
Sorry, It was not intentinal, I've received some fixes on forum, other in private messages, and most by myself. I just missed yours.
I'll include it ASAP.
-
No worries, I can always copy/paste it in but is more for the benefit of others. Other than that though it looks good so far, great work!
-
No worries, I can always copy/paste it in but is more for the benefit of others. Other than that though it looks good so far, great work!
I've commited on my code, it will be there next time I push the code to github.
Thanks again for your contribution. :)
-
Installs fine now..
For some reason it takes a while before filtering kicks in.
Some issues. Banned sites/urls are not getting filtered. Reboot hasnt helped.
Also how do I fix this.. cant find categories anywhere
Web upload is banned.
Categories:
Web upload
I am having similar issues. I am running pfsense 2.0.2 and just recently updated to Dansguardian 2.12.0.3. There is a particular external website that we maintain. Every time we attempt to save the information we get are denied access because 'Web upload is banned'. At the time that we are updating the information, I can see in the access log that we are attempting a POST. I have verified that I was not limiting the max upload size. I even specified -1 for the value. I verified that the dansguardian.conf file was updating the maxuploadsize value correctly and do not see any issues with the config being applied. I have put the domain name in the URL exception list as a work around, but am looking for a permanent fix to my upload issue. Any help would be appreciated.
-
Maybe it's related to this new feature:
What's new in DansGuardian 2.12.0.3:
October 2nd, 2012· Fixed memory leaks reported by analysis from coverity
· Improved persistent connection for a better RFC compliant implementation, but not yet fully HTTP 1.1
· Minor improvement for debug output
· Applied patch #11 (Maxuploadsize per filtergroup) by fredbmail35I've pushed a fix including web upload check on group as well ldap empty group check.
-
Apologize that I missed this thread - I started a new one on the maxuploadsize topic. See http://forum.pfsense.org/index.php/topic,58442.0.html
As far as I can see, the only fix is to use the 2.12.0.2 executable. The other alternative is that someone with a devel environment could remove "patch 11" and recompile dans 2.12.0.3. The diff for patch 11 is here… http://sourceforge.net/p/dansguardian/patches/11/
Maybe it's related to this new feature:
What's new in DansGuardian 2.12.0.3:
October 2nd, 2012· Fixed memory leaks reported by analysis from coverity
· Improved persistent connection for a better RFC compliant implementation, but not yet fully HTTP 1.1
· Minor improvement for debug output
· Applied patch #11 (Maxuploadsize per filtergroup) by fredbmail35I've pushed a fix including web upload check on group as well ldap empty group check.
-
Did you tried with latest package GUI version? I've included max upload size to group options.