Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Dansguardian issues on 2.1 (service status and others)

    2.1 Snapshot Feedback and Problems - RETIRED
    6
    27
    12310
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rcfa last edited by

      Dansguardian installs, but it keeps complaining about a missing AV database, and that it's going to run freshclam due to that. Of course, that doesn't seem to succeed, otherwise, I wouldn't get that message over and over, and instead would get it once, then the database would get downloaded, and that would be that.

      Not sure if this is a 2.1 issue, or a general problem with the Dansguardian package.

      Also, even though enabled, it never shows as active in the Dashboard's Services Status section, but obviously it must be doing something, otherwise it wouldn't complain about the lack of the AV database…

      So something is certainly still funky with that package.

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        OK, I think there is already a thread for Dansguardian on 2.1 out there, if not, start a fresh one for that, that'll need the maintainer to fix it.

        1 Reply Last reply Reply Quote 0
        • R
          rcfa last edited by

          ~~I entered a fake user/system on the configuration page, and selected the interface to listen on.

          There's no other "enable/disable" checkmark, so I assume that should activate things.
          On the dashboard, it shows up as inactive.
          Manually starting the service from the Dashboard doesn't change anything.~~

          Not sure how this got into this thread, this section is about widentd, not Dansguardian.

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            I split this off into its own thread, hopefully the maintainer will spot it and find a fix for you.

            1 Reply Last reply Reply Quote 0
            • C
              Cino last edited by

              @rcfa:

              I entered a fake user/system on the configuration page, and selected the interface to listen on.

              There's no other "enable/disable" checkmark, so I assume that should activate things.
              On the dashboard, it shows up as inactive.
              Manually starting the service from the Dashboard doesn't change anything.

              what do you mean by user/system? I dont have AV enabled, but Dansguardian is enabled and running. My dashboard and services show that they are running.. What happens if you disable AV?

              1 Reply Last reply Reply Quote 0
              • R
                rcfa last edited by

                Note: that one paragraph wasn't about Dansguardian, no idea how it got into this thread, it's about widentd.

                Still, the rest applies. Also with AV disabled, Dansguardian won't start. The syslog shows these:

                Jun 25 17:26:38 dansguardian[12003]: Error parsing the dansguardian.conf file or other DansGuardian configuration files
                Jun 25 17:26:23 dansguardian[29500]: Error parsing the dansguardian.conf file or other DansGuardian configuration files
                Jun 25 17:26:22 php: /pkg_edit.php: Starting Dansguardian

                Does this ring a bell?

                1 Reply Last reply Reply Quote 0
                • marcelloc
                  marcelloc last edited by

                  Try to start it on console or run dansguardian in foreground.

                  1 Reply Last reply Reply Quote 0
                  • R
                    rcfa last edited by

                    @marcelloc:

                    Try to start it on console or run dansguardian in foreground.

                    This is all I get:

                    root(2): dansguardian
                    std::bad_alloc
                    Error parsing the dansguardian.conf file or other DansGuardian configuration files
                    root(3):

                    1 Reply Last reply Reply Quote 0
                    • R
                      rcfa last edited by

                      Someone might have hit the reason of this problem:

                      http://forum.pfsense.org/index.php/topic,50688.msg271304.html#msg271304

                      Incompatible pcre versions required by snort vs. dansguardian.

                      1 Reply Last reply Reply Quote 0
                      • C
                        Cino last edited by

                        @rcfa:

                        Someone might have hit the reason of this problem:

                        http://forum.pfsense.org/index.php/topic,50688.msg271304.html#msg271304

                        Incompatible pcre versions required by snort vs. dansguardian.

                        I have them both running on my 2.1 box.. Snort was re-installed last

                        found the issue with clamav…
                        directories and permissions are not setup when the package is install

                        when manually running freshclam

                        
                        ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
                        ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
                        ERROR: Can't change dir to /var/db/clamav
                        
                        

                        I manually added the folders and started dansguardian.. its in the process of running freshclam right now.. For now I gave the folders 777 permission root/wheel.. Think it needs to be user/group clamav but figured you can't go wrong with 777.

                        another issue is the linking of files between /usr/local/etc/dansguardian and /usr/pbi/dansguardian-i386/etc/dansguardian

                        Also have to create folder /var/run/clamav but the package isn't starting clamd. I am able to manually start it via command line tho

                        1 Reply Last reply Reply Quote 0
                        • jimp
                          jimp Rebel Alliance Developer Netgate last edited by

                          for the service status, what does this show:

                          ps uxawww | grep -i dansguardian

                          1 Reply Last reply Reply Quote 0
                          • R
                            rcfa last edited by

                            @jimp:

                            for the service status, what does this show:

                            ps uxawww | grep -i dansguardian

                            At this point, here, nothing, because it's not running…
                            ...I guess something must try to launch it once or multiple times after a reboot or settings change => the messages
                            ...but then I guess it dies and/or gives up, because there's no running process later on.

                            1 Reply Last reply Reply Quote 0
                            • C
                              Cino last edited by

                              @rcfa:

                              @jimp:

                              for the service status, what does this show:

                              ps uxawww | grep -i dansguardian

                              At this point, here, nothing, because it's not running…
                              ...I guess something must try to launch it once or multiple times after a reboot or settings change => the messages
                              ...but then I guess it dies and/or gives up, because there's no running process later on.

                              anything in your log? A while back on 2.0.1, it would die because squid wasn't running or was slow to start.. But that was corrected

                              1 Reply Last reply Reply Quote 0
                              • R
                                rcfa last edited by

                                @Cino:

                                anything in your log? A while back on 2.0.1, it would die because squid wasn't running or was slow to start.. But that was corrected

                                Nothing beyond what I had posted before below:
                                @rcfa:

                                The syslog shows these:

                                Jun 25 17:26:38 dansguardian[12003]: Error parsing the dansguardian.conf file or other DansGuardian configuration files
                                Jun 25 17:26:23 dansguardian[29500]: Error parsing the dansguardian.conf file or other DansGuardian configuration files
                                Jun 25 17:26:22 php: /pkg_edit.php: Starting Dansguardian

                                Does this ring a bell?

                                1 Reply Last reply Reply Quote 0
                                • M
                                  Macom2007 last edited by

                                  Dansguardian does not start because a problem with the log file path (dansguardian missing in that path name). See console output :

                                  Error opening/creating log file. (check ownership and access rights).
                                  I am running as nobody and I am trying to open /var/log//access.log

                                  Any ideas ?

                                  1 Reply Last reply Reply Quote 0
                                  • marcelloc
                                    marcelloc last edited by

                                    @Macom2007:

                                    I am running as nobody and I am trying to open /var/log//access.log

                                    check and save all package gui tabs, this error shows a missing dansguardian dir on log file

                                    /var/log//access.log should be /var/log/dansguardian/access.log

                                    1 Reply Last reply Reply Quote 0
                                    • M
                                      Macom2007 last edited by

                                      Thx for your reply.

                                      I saved every gui tab. No luck so var. Why is DG trying to write to /var/log//access.log. I my dansguardian.conf the log path is /var/log/dansguardian/ ?

                                      1 Reply Last reply Reply Quote 0
                                      • marcelloc
                                        marcelloc last edited by

                                        @Macom2007:

                                        Why is DG trying to write to /var/log//access.log?

                                        Not sure. I have dansguardian working on 2.1 but I'll check it this week (If I have time  :))

                                        1 Reply Last reply Reply Quote 0
                                        • M
                                          Macom2007 last edited by

                                          @Macom2007:

                                          Dansguardian does not start because a problem with the log file path (dansguardian missing in that path name). See console output :

                                          Error opening/creating log file. (check ownership and access rights).
                                          I am running as nobody and I am trying to open /var/log//access.log

                                          Any ideas ?

                                          Any news on this ?

                                          1 Reply Last reply Reply Quote 0
                                          • marcelloc
                                            marcelloc last edited by

                                            Current package version has 2.1 folder check but pbi package was built with pcre8.3.

                                            This pcre version breaks dansguardian.

                                            You can try on your install, but I'm not sure if it  will work.

                                            /usr/local/etc/rc.d/dansguardian.sh start

                                            kern.ipc.somaxconn: 16384 -> 16384
                                            kern.maxfiles: 131072 -> 131072
                                            kern.maxfilesperproc: 104856 -> 104856
                                            kern.threads.max_threads_per_proc: 4096 -> 4096
                                            Starting dansguardian.
                                            std::bad_alloc <= Pcre issue
                                            Error parsing the dansguardian.conf file or other DansGuardian configuration files

                                            1 Reply Last reply Reply Quote 0
                                            • M
                                              Macom2007 last edited by

                                              Thx for your response. Your suggestion does not work. See output :

                                              /usr/local/etc/rc.d/dansguardian.sh start

                                              kern.ipc.somaxconn: 16384 -> 16384
                                              kern.maxfiles: 131072 -> 131072
                                              kern.maxfilesperproc: 104856 -> 104856
                                              kern.threads.max_threads_per_proc: 4096 -> 4096
                                              Starting dansguardian.
                                              Error opening/creating log file. (check ownership and access rights).
                                              I am running as nobody and I am trying to open /var/log/dansguardian/access.log

                                              1 Reply Last reply Reply Quote 0
                                              • marcelloc
                                                marcelloc last edited by

                                                did you saved dansguardian config on gui after package reinstall?

                                                1 Reply Last reply Reply Quote 0
                                                • M
                                                  Macom2007 last edited by

                                                  @marcelloc:

                                                  did you saved dansguardian config on gui after package reinstall?

                                                  Yes, I did. The error stays :-(

                                                  1 Reply Last reply Reply Quote 0
                                                  • marcelloc
                                                    marcelloc last edited by

                                                    Uninstall and reinstall too? my setup went fine(except for pcre) with 2.1 package install.

                                                    1 Reply Last reply Reply Quote 0
                                                    • M
                                                      Macom2007 last edited by

                                                      @marcelloc:

                                                      Uninstall and reinstall too? my setup went fine(except for pcre) with 2.1 package install.

                                                      I uninstalled, installed dansguardian and than i did this :

                                                      chown nobody:nobody /var/log

                                                      Now it is running, but i am not sure if this affects other packages ?

                                                      1 Reply Last reply Reply Quote 0
                                                      • L
                                                        Legion last edited by

                                                        I have a similar issue. I just installed Dansguardian today to try and get it up and running. The service won't start. E.g.:

                                                        @marcelloc:

                                                        check and save all package gui tabs, this error shows a missing dansguardian dir on log file

                                                        /var/log//access.log should be /var/log/dansguardian/access.log

                                                        I checked and saved all package gui tabs and get this:

                                                        and similar directory path errors when pfSense is booting up.

                                                        On the Dansguardian General tab, the SSL section looks like this:

                                                        I set up certs for when I opened OpenVPN access to my box, so I can remotely admin it using a tablet. But nothing is set on Dansguardian. I'm pretty much trying default settings. E.g., here is my Groups setting:

                                                        Nothing about SSL filtering. Or am I looking in the wrong spot?

                                                        Also, as I save each Dansguardian tab starting from the left, the system log looks like this:

                                                        Until I get to the Access Control List and get the error in the second image that made me investigate further and prompted me to post this thread reply.

                                                        BTW, I have Dansguardian's built-in antivirus setting disabled since I already had Havp installed and running.

                                                        Any advice on how to get this working? It's not a showstopper for me - I can go back to SquidGuard/Squid/Havp but I wanted to try Squid/Dansguardian to see how it compared.

                                                        1 Reply Last reply Reply Quote 0
                                                        • marcelloc
                                                          marcelloc last edited by

                                                          try to force file permissions alerted in logs and see if cert dir exists.

                                                          1 Reply Last reply Reply Quote 0
                                                          • First post
                                                            Last post

                                                          Products

                                                          • Platform Overview
                                                          • TNSR
                                                          • pfSense
                                                          • Appliances

                                                          Services

                                                          • Training
                                                          • Professional Services

                                                          Support

                                                          • Subscription Plans
                                                          • Contact Support
                                                          • Product Lifecycle
                                                          • Documentation

                                                          News

                                                          • Media Coverage
                                                          • Press
                                                          • Events

                                                          Resources

                                                          • Blog
                                                          • FAQ
                                                          • Find a Partner
                                                          • Resource Library
                                                          • Security Information

                                                          Company

                                                          • About Us
                                                          • Careers
                                                          • Partners
                                                          • Contact Us
                                                          • Legal
                                                          Our Mission

                                                          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                                          Subscribe to our Newsletter

                                                          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                                          © 2021 Rubicon Communications, LLC | Privacy Policy