Imspector-dev - new gui options and msn2011 support



  • Hi all,

    I'm working in some updates to imspector package. Help testing these changes if you need/like/usr this tool.
    some options has changed / moved, backup your config before update.

    Thanks,
    Marcello Coutinho











  • Hi Marcello,

    I know it is an old post but I wanted to leave some feedback

    I installed IMspector-dev 20111108 pkg v 0.3.1
    Because the normal IMspector package is not working.

    Let me start by saying that the new layout is a big improvement
    It Looks good and I can confirm that yahoo and MSN logging (to a file) works. For some reason ICQ/AIM and IRC do not seem to be logged
    IRC is most likely because I use a server with SSL enabled
    these are the protocols I use myself and could test, I did not try any of the other options

    Second I tried playing around with the ACLS but it does not seem to be functioning at all.
    I can fill in what I want here but it does not seem to do anything
    even a direct Deny All does not work

    I checked the config file in /usr/local/etc/imspector
    which has

    more imspector.conf
    plugin_dir=/usr/local/lib/imspector
    msn_protocol=on
    icq_protocol=on
    yahoo_protocol=on
    irc_protocol=on
    jabber_protocol=on
    gadu-gadu_protocol=on
    file_logging_dir=/var/imspector
    acl_filename=/usr/local/etc/imspector/acls.txt
    ssl=on
    ssl_ca_key=/usr/local/etc/imspector/ssl/ssl_ca_key.pem
    ssl_ca_cert=/usr/local/etc/imspector/ssl/ssl_ca_cert.pem
    ssl_key=/usr/local/etc/imspector/ssl/ssl_server_key.pem
    ssl_cert_dir=/usr/local/etc/imspector/ssl

    So the config file has acl_filename=/usr/local/etc/imspector/acls.txt set which gets updated if you input something via the GUI
    But even with a deny all all Set. Messages come trough. It seems that this file is ignored for some reason?

    Next things to test are the notifications and the bad word lists.

    Edit: forgot to mention that I use 2.0.1-RELEASE (i386)



  • did you enabled the list on gui?

    what you have on acls.txt file?



  • Yes in the Gui I enabled each and every Access List entry that i have tried

    For example right now i have a deny all all activated

    so if I list the file contents of acls.txt
    more /usr/local/etc/imspector/acls.txt
    deny all all

    I can see the deny all alll. But it is not doing anything, messages are still going trough and are being logged.

    Did a check if IMspector is reloading after each and every edit. It is, I can see it in the system log and I can see the messaging client(s) disconnect and then reconnect.



  • Ok I have figured it out and all of this has to do how IMspector interprets the acls.txt file

    deny all
    deny all all
    does not work

    deny all
    works

    yahoo
    deny localname remotename
    works no @domain.xx needed

    msn
    deny localname remotename
    does not work

    deny local@domain.xx remote@domain.xx
    works

    Order
    If you have allow all all set as the first rule, every deny rules after it will work
    If you have deny all set as a rule, every allow rule that follows it will not work

    I was initially confused by the deny all all not working so i think this covers that part.

    What I also found is: when you add, modify or enable/disable a rule in the access list part of the GUI (or better said every time you click the save button) IMspector is automatically restarted. (good and easy but see my comments below)
    However when I Delete a rule IMspector is not automatically restarted. which leaves the rule deleted in the GUI active in acls.txt/imspector until you restart IMspector manually.

    as a comment on the auto restart:
    The restart of IMspector disconnects all the clients (MSN,Yahoo and so on) that are connected trough it.
    I see the advantage of the auto restart but if you are adding many rules or have to edit regularly I can imagine it can become quite tedious for the users.
    One possible solution would be to add a restart button to the page. With the notice that you need to restart IMspector once you are done editing.



  • Thank's for the feedback,

    I'll try to include it on next package release…



  • I am still experiencing errors "ICQ-AIM: Error: Unable to parse snac packet, icq.20234.31" and the communication is not showing up in the log. Is there anything that can be done about that?

    The IM client is trillian.



  • Current pfsense package has the latest snapshot code from imspector.

    If it still need some fixes, we have to wait a next imspector release (http://www.imspector.org)



  • Can the imspector-dev be compiled on a pfsense box? I would like to dump more information about why it can't parse. Maybe we can add the code ourselves.



  • @justinlc:

    Can the imspector-dev be compiled on a pfsense box? I would like to dump more information about why it can't parse. Maybe we can add the code ourselves.

    just compile the package on a freebsd 8.1 using ports

    If you find what is going on, please help imspector project and send it o it's maintainer.
    Will be really helpfull  :)



  • That is the problem. I am a windows programmer and have only very little knowledge about FreeBSD. I'd basically need some kind of (virtual) image that is ready for programming because I don't know how to install a full FreeBSD image from scratch and installing all the necessary components to end up with a box that is ready to test imspector.




Log in to reply