E2guardian package for pfsense - $??
-
I looked into the script and see that it will install e2guardian from freebsd ports as is, with defaults.
If anyone wants to use mitm with e2g the defaults wont work.
I do not know if pfsense will let you run "make config" and then "make install" to activate the ssl support option.
I think it wont because "make" requires to have compilation packages in the system.
-
I looked into the script and see that it will install e2guardian from freebsd ports as is, with defaults.
If anyone wants to use mitm with e2g the defaults wont work.
I do not know if pfsense will let you run "make config" and then "make install" to activate the ssl support option.
I think it wont because "make" requires to have compilation packages in the system.
If it's compiling fine on freebsd, I'll do soon a ssl compile to update the GUI to accept it and also test the upcoming v4
-
In freebsd I run "make config" and then "make install" to activate the ssl support option. It worked successfully.
-
In freebsd I run "make config" and then "make install" to activate the ssl support option. It worked successfully.
I've just create a 3.5.1 pkg on freebsd and installed on pfSense
e2guardian 3.5.1 Built with: '--localstatedir=/var' '--with-logdir=/var/log' '--with-piddir=/var/run' '--enable-fancydm' '--disable-clamd' '--disable-commandline' '--disable-dnsauth' '--disable-email' '--disable-icap' '--disable-kavd' '--enable-ntlm' '--enable-trickledm' '--with-filedescriptors=4096' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd10.2' 'build_alias=amd64-portbld-freebsd10.2' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -I/usr/local/include -D__SSLMITM -D__SSLCERT -DLIBICONV_PLUG -fstack-protector -fno-strict-aliasing -DLIBICONV_PLUG' 'LDFLAGS= -lssl -lcrypto -fstack-protector' 'LIBS=' 'CPPFLAGS=-I/usr/local/include -DLIBICONV_PLUG' 'CC=cc' 'CFLAGS=-O2 -pipe -I/usr/local/include -D__SSLMITM -D__SSLCERT -DLIBICONV_PLUG -fstack-protector -fno-strict-aliasing' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
and v4 beta too…
I'll see what will need to change on config files...
-
Thank you marcelloc. I think that most of the guys waiting for e2g are expecting it with ssl support.
When do you expect for the package to be accepted in the freebsd ports?
-
Thank you marcelloc. I think that most of the guys waiting for e2g are expecting it with ssl support.
When do you expect for the package to be accepted in the freebsd ports?
I did a first lookup on confi file changes. It will need some work to include all new features. But I could get ssl support working. ;D
I'll update the install process soonOn the todo list I'll include on help tab a way to see what package gui you are using and if there is an update.
If anybody wants to help the migration process, just look the TODO texts on e2gardian.conf.template and e2guardianfx.conf.template files on mu github repo.
-
Package install now includes 3.5.1 version with ssl support.
-
In freebsd I run "make config" and then "make install" to activate the ssl support option. It worked successfully.
I've just create a 3.5.1 pkg on freebsd and installed on pfSense
e2guardian 3.5.1 Built with: '--localstatedir=/var' '--with-logdir=/var/log' '--with-piddir=/var/run' '--enable-fancydm' '--disable-clamd' '--disable-commandline' '--disable-dnsauth' '--disable-email' '--disable-icap' '--disable-kavd' '--enable-ntlm' '--enable-trickledm' '--with-filedescriptors=4096' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd10.2' 'build_alias=amd64-portbld-freebsd10.2' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -I/usr/local/include -D__SSLMITM -D__SSLCERT -DLIBICONV_PLUG -fstack-protector -fno-strict-aliasing -DLIBICONV_PLUG' 'LDFLAGS= -lssl -lcrypto -fstack-protector' 'LIBS=' 'CPPFLAGS=-I/usr/local/include -DLIBICONV_PLUG' 'CC=cc' 'CFLAGS=-O2 -pipe -I/usr/local/include -D__SSLMITM -D__SSLCERT -DLIBICONV_PLUG -fstack-protector -fno-strict-aliasing' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
and v4 beta too…
I'll see what will need to change on config files...
Marcelloc.
Just received noticed there is a critical error with Google Chrome that was fixed on e2g 4.1
Please provide some partial package using this version as soon as posible, as previous versions are unusable due to the Chrome error.
It says to be backward compatible. -
It's already updated. Just rerun the installation script.
https://github.com/marcelloc/Unofficial-pfSense-packages/commit/36678fe4cb3868065f5f84d90796c76fe515045c
-
It's already updated. Just rerun the installation script.
https://github.com/marcelloc/Unofficial-pfSense-packages/commit/36678fe4cb3868065f5f84d90796c76fe515045c
Thank you for your excellent work.
-
Hello guys,
first of all, thanks for all the work done due to implement this features!! Expecially Marcello!I am trying to enable the clamav in the e2guardian program, but alas, I get an error that is shown on my monitor:
Aug 17 20:56:44 e2guardian[86361]: Unable to load plugin config /usr/local/etc/e2guardian/contentscanners/clamdscan.conf
I'm guessing this is still in a working progress? However, I'm glad that the squid3 comes with the clamav, but I like the e2guardian (formally Dansguardian) access denied error when it finds a virus on a site, like eicar's test antivirus.
I'll post back if I found a solution (temporarily speaking).
I have the same issue, I've tried to comment it on the conf file, but it's been recreated on every modify.
How can I fix this?Thanks for any help!
-
I've tried to comment it on the conf file, but it's been recreated on every modify.
How can I fix this?Select none on antivirus integration instead of auto.
-
Is this going to become an official pfSense package at any point in the foreseeable future?
-
I'll send a pull request for the official repo probably when v5 gets stable
-
Hello guys,
here I am again :) .
After setting all up, and get E2guardian working correctly, I would love to redirect to the courtesy page also for https pages.
I've read a lot of posts without finding something clear.
I'm using explicit proxy setting, so i don't need the MITSSL, or at least I think so.
There is a way to redirect the https pages to the courtesy page visualized on blocked http traffic or should i lose my hopes?Thanks marcelloc for all the work, I'll repay the efforts with a lot of coffes :)
-
I know e2guardian uses squidguard. Should squidguard on the Status/Services page be showing as running? Or does e2guardian manage its own private copy?
I ask because e2guardian is installed, but doesn't seem to be working. The service is enabled, and nothing is being filtered.
I noticed squidguard service is showing a red sign. Pressing play results in no change.
squidguard used to be installed a long time ago. Hasn't been for a while.
P.S. I'm using pfSense x86, version 2.3.3.
-
E2guardian doesn't need squidguard to work.
You can remove squid and squidguard as well and install only e2guardian. After that, configure clients to use proxy.
If you need transparent proxy, then you will need a more elaborated setup with squid + e2guardian package.
-
Thank you marcelloc.
My e2guardian package showed a squidguard dependency and installed a squidguard packaged… even though I don't see it in the Services or Firewall menus.
Transparent proxy is what I want. I will Internet search how to set it up. Do you have any pointers or references on doing this with e2guardian & squid?