Sarg package for pfsense

marcelloc

It's not implemented yet.

Mail option will need a mailer daemon running on pfsense like postfix forwarder.

Donny

It's not implemented yet.

Mail option will need a mailer daemon running on pfsense like postfix forwarder.

I have tested SARG many time with Squid-reverse. This is my step
1. I have installed Squid-reverse.
2. I have installed SARG and after that I got some error: Sarg config error:log file () does not exits. I want to know what is wrong?.
3. I tried to change the "userid" or the "ip address" to be a real user name on the reports like this: "172.31.21.22 Donny Van Cooper" but in the "View report and realtime"tab it does not show a real user name. Where can I resolve any ip address on pfSense or I have to resolve any ip address on Domain Controller (Windows Server 2008)
4. I use Firefox web browser also Google Chrome for config SARG and at the "view report" tab dat you said to do is "This frame > reload frame" but some time it does not work I have to do again and again or I have to wait a few second and then report appear.
5. Do I have only to select interface "LAN" or I have to select both "LAN and loopback on Squid-reverse.

Thank u very much

SargError1.png_thumb

RealName.png_thumb

ViewReport.png_thumb

marcelloc

@Donny:

2. I have installed SARG and after that I got some error: Sarg config error:log file () does not exits. I want to know what is wrong?.

This maybe a first install bug, I'll check it.

@Donny:

3. I tries to change the "userid" or the "ip address" to be a real user name on the reports like this: "172.31.21.22 Donny Van Cooper" but in the "View report and realtime"tab it does not show a real user name. Where can I resolve any ip address on pfSense or I have to resolve any ip address on Domain Controller (Windows Server 2008)
4. I use Firefox web browser also Google Chrome for config SARG and at the "view report" tab dat you said to do is "This frame > reload frame" but some time it does not work I have to do again and again or I have to wait a few second and then report appear.

did you created any schedule on sarg to create reports?

@Donny:

5. Do I have only to select interface "LAN" or I have to select both "LAN and loopback on Squid-reverse.

Just lan for normal use.

Donny

@marcelloc:

@Donny:

2. I have installed SARG and after that I got some error: Sarg config error:log file () does not exits. I want to know what is wrong?.

This maybe a first install bug, I'll check it.

@Donny:

3. I tries to change the "userid" or the "ip address" to be a real user name on the reports like this: "172.31.21.22 Donny Van Cooper" but in the "View report and realtime"tab it does not show a real user name. Where can I resolve any ip address on pfSense or I have to resolve any ip address on Domain Controller (Windows Server 2008)
4. I use Firefox web browser also Google Chrome for config SARG and at the "view report" tab dat you said to do is "This frame > reload frame" but some time it does not work I have to do again and again or I have to wait a few second and then report appear.

did you created any schedule on sarg to create reports?

@Donny:

5. Do I have only to select interface "LAN" or I have to select both "LAN and loopback on Squid-reverse.

Just lan for normal use.

Yes, Marcelloc. I have created schedule on sarg to create reports. you can see my screenshot pictures that I post its here but a real user name is still not work.
Thank a lot for your help

ScheduleSarg.png_thumb

SargSettings.png_thumb

marcelloc

check create index tree by file too onsarg config and force a report update.

Donny

@marcelloc:

check create index tree by file too on sarg config and force a report update.

Hello Marcelloc, I have done what you say but a real user name still not work. as the screenshot below.

Thank u very much. I am tired, I go to bed now.

Users.png_thumb

marcelloc

Donny,

Thanks for your feedback.

I found an error on field check that was preventing user file to be created.

I'm fixing it and including some other options before publishing.

marcelloc

Version 0.4 is out with

usertab fix
charset option field
few more report config options

As users has its own tab, you may need to backup your sarg user configuration before update(just in case ;))

Donny

@marcelloc:

Version 0.4 is out with

usertab fix

charset option field

few more report config options

As users has its own tab, you may need to backup your sarg user configuration before update(just in case ;))

Hello Marcelloc, today is a wonderful world, I have tested SARG with a real user name for a new SARG v.04. Now it is working. see some screenshot. I will waiting for the next e-mail option to use for system log sending. The next step I will testing with Windows Server 2008 R2 Active Directory ( LDAP ). You are really really working hard. If I find something error more I will posting here as soon as possible.

Thank u so much to help me a lot

RealNameUserID.png_thumb
Sites&Users.png
Sites&Users.png_thumb

elemay

Hi,

i updated today and now have:

sarg [Sarg] config error: dansguardian logfile () does not exist

marcelloc

@elemay:

Hi,

i updated today and now have:

sarg [Sarg] config error: dansguardian logfile () does not exist

It happens just after reinstall or on every Sargent configuration save?

elemay

reinstalling only.

[SOLVED] i also experience if i set up a schedule, and do a 'Force Update Now' i get no report, telling me:

Error: Could not find report index file.
Check sarg settings and try to force sarg schedule.

in system logs i see:

Apr 10 15:55:45	php: /pkg_edit.php: The command '/usr/local/bin/sarg ' returned exit code '1', the output was 'SARG: Records in file: 174067, reading: 0.00%^MSARG: Maybe you have a broken date in your /var/log/dansguardian/access.log file SARG: getword_atoll loop detected after 2 bytes. SARG: Line="xx.xx.xx.xx http" SARG: Record="xx.xx.xx.xx http" SARG: searching for 'x2f''

i deleted access.log and restarted dansguradian, everythings fine again. :)

marcelloc

sarg reads dansguardian logs only in squid format.

A log rotate(or remove like you did :)) should fix it after changing format.

Donny

Hi,
I just wonder, how can I map users name with dynamic IP address if my pfSense act as DHCP Server? Is it possible? In this case I do not use Windows Server.
example: I have 75 users desktop Windows XP or Windows 7 and get dynamic ip address from pfSense DHCP server or I have to map a real user name with ip address one by one at the option "Users association" like this:
172.31.21.22 Don Van Cooper
172.31.21.23 Teun Van Laarhoven
172.31.21.24 Marijon Kooijstra > until 75 users.

pfSense:
1. pfSense is DNS Server
2. pfSense is DNS Forwarder
3. pfSense is DHCP Server

at option "Ntlm User Format" When I have changed from "domainname+username(default)" to "Username" and Realtime report is not working. what is differences between "domainname+username" and "Username" to use?

marcelloc

@Donny:

Hi,
I just wonder, how can I map users name with dynamic IP address if my pfSense act as DHCP Server? Is it possible? In this case I do not use Windows Server.
example: I have 75 users desktop Windows XP or Windows 7 and get dynamic ip address from pfSense DHCP server or I have to map a real user name with ip address one by one at the option "Use association" like this:
172.31.21.22 Don Van Cooper
172.31.21.23 Teun Van Laarhoven
172.31.21.24 Marijon Kooijstra > until 75 users.

Try to enable squid basic authentication with local users.

@Donny:

at option "Ntlm User Format" When I have changed from "domainname+username(default)" to "Username" and Realtime report is not working. what is differences between "domainname+username" and "Username" to use?

This option is usefull only when you have ntlm authentication using samba and active directory.

Donny

@marcelloc:

@Donny:

Hi,
I just wonder, how can I map users name with dynamic IP address if my pfSense act as DHCP Server? Is it possible? In this case I do not use Windows Server.
example: I have 75 users desktop Windows XP or Windows 7 and get dynamic ip address from pfSense DHCP server or I have to map a real user name with ip address one by one at the option "Use association" like this:
172.31.21.22 Don Van Cooper
172.31.21.23 Teun Van Laarhoven
172.31.21.24 Marijon Kooijstra > until 75 users.

Try to enable squid basic authentication with local users.

@Donny:

at option "Ntlm User Format" When I have changed from "domainname+username(default)" to "Username" and Realtime report is not working. what is differences between "domainname+username" and "Username" to use?

This option is usefull only when you have ntlm authentication using samba and active directory.

Thank u Marcelloc, One more question. When I have changed from "domainname+username(default)" to "Username" and why a realtime report is not working?

marcelloc

@Donny:

Thank u Marcelloc, One more question. When I have changed from "domainname+username(default)" to "Username" and why a realtime report is not working?

this is a config bug in sarg

config file says:

TAG: ntlm_user_format username|domainname+username

NTLM users format.

#ntlm_user_format domainname+username
ntlm_user_format username

but sarg returns with:
SARG: Unknown value "username" for parameter "ntlm_user_format"

if I change this option to 'user' it works.

I'm publishing a patch right now, whait 15 minutes and reinstall sarg

Donny

@marcelloc:

@Donny:

Thank u Marcelloc, One more question. When I have changed from "domainname+username(default)" to "Username" and why a realtime report is not working?

this is a config bug in sarg

config file says:

TAG: ntlm_user_format username|domainname+username

NTLM users format.

#ntlm_user_format domainname+username
ntlm_user_format username

but sarg returns with:
SARG: Unknown value "username" for parameter "ntlm_user_format"

if I change this option to 'user' it works.

I'm publishing a patch right now, whait 15 minutes and reinstall sarg

Now I do a basic to authenticate and create local user on Squid-reverse. At authentication settings, they say that I have to turn off "Transparent proxy" and I have done it.
at shedule tab I try to "force Update now" but at realtime report tab when I click "Show log", it does not show any report. It does not work when I use local user and authetication:local.

LocalUsers.png_thumb

AuthenticatLocal.png_thumb

RealTimeReportNotwork.png_thumb

marcelloc

After disabling transparente proxy, you are able to filter ssl but you need first to configure proxy settings on client browsers.

Donny

@marcelloc:

After disabling transparente proxy, you are able to filter ssl but you need first to configure proxy settings on client browsers.

at the web browsers client I have configured proxy setting and I tried to log in with local user name and password that I created from Squid proxy. after log in success I try to check at realtime report on SARG but the report only show ip address and it is not show user name that I used log in.