Re: E2guardian is working fine but few urls from bannedurllist are not being blocked.

[Shubham Pandey]

Hi, I am new toE2guardian and am trying to get this to work. I appreciate theeffort put in by the developers in creating this sw.  I am havinga few issues, for which I would appreciate some help. My clientpoints to a squid proxy which redirects the URLs for filtering toE2g. Following is my system config:

Ubuntu Server 20.04LTS

Squid - Version4.10

E2guardian -Version5.4.3

The blacklist I am using is Shalla Blacklist.

For testing I haveenabled only the gambling sites to be blocked.

The issue I am facing is that some URLs that are there in theblacklist are not being blocked. They are getting blocked only whenSSL-MITM is enabled and CA certs are generated and installed on theclient. I have over 500 clients and it is not an option to installSSL certs on all of them.

Is there any way toblock all sites in the banned URL lists without enabling SSL-MITM?

Also, what is thelocation of the e2g log file and how do I enable verbose logging?

Thanks in adv.

[Philip Pearce]

Hi,

It is not possible to examine the requested url for https sites without MITM because that information is encrypted.   So e2g can only check the bannedsitelist in this case.  

If you want to block all whole sites in a banned url list then you will need to extract the sites from the url list, stripping away the url part, and then add these sites to a banned site list.     However this is likely to over block.

If you want to use the full benefits of e2guardian (search filtering, content filtering, url filtering etc) then now that the web has almost entirely moved to https, MITM is the only way to do this.   If you have any form of central control over the devices (windows group policies, chromebook policies etc) then the cert can be automatically installed. 

The log file can be anywhere that can be written by the user e2guardian is running as.   See the ACCESS_LOG section of e2guardian.conf for details of setting location of access.log and various settings which determine what is logged.   And the MONITORING section for statistics logging.

Philip

---

--
E2guardian:
https://groups.google.com/d/forum/e2guardian
Github:
https://github.com/e2guardian/e2guardian
Follow us on twitter:
https://twitter.com/e2guardian
---
You received this message because you are subscribed to the Google Groups "e2guardian" group.
To unsubscribe from this group and stop receiving emails from it, send an email to e2guardian+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/e2guardian/CAJTY3c9xpDhH5BfXx9mbr7uzZpY53TRxabVj9Qgt503LDQ9y1Q%40mail.gmail.com.

[Shubham Pandey]

Thank you, Philip!

For the certs to be installed automatically, Can it be done through a proxy server? 

And there are systems with different OS, like Windows, Ubuntu etc. so windows group policy won't apply on Linux systems, I guess. And for LInux, I think there is no group policy client. So, Can I use LDAP for Linux, Will that solve the problem?

Thanks and regards,

Shubham 

[Philip Pearce]

Hi,

I'm not an expert on the details of this,  but there are some helpful notes on how to install a root cert in various platforms on the Protex (the company I work for) site http://protex.e2bn.org/cms/help/sslcerts.html.

The easiest way would be to put your root CA  xx.crt and xx.der on a web server.   Then follow tips at above url substituting your url for your RootCA for the Protex ones.

Philip

---

To view this discussion on the web, visit https://groups.google.com/d/msgid/e2guardian/6c8df1d4-37c5-4b5c-959b-d03c7e07acf5n%40googlegroups.com.

[Shubham Pandey]

Hi Philip!

I will check them out.

Thanks for your help :)