E2guardian Versions Save

E2guardian is a web content filter that can work in proxy, transparent or icap server modes

v5.6.0pre

3 weeks ago

This is the pre-release version for v5.6 (v5.6.0pre)

New features

Per filter group language support (user messages in language
different to language defined in e2guardian.conf).  Logging is
always performed in main language.

Per category block templates.
See data/languages/ukenglish/category_block_templates.d/README

New storyboard functions destipin and responsecodein added for
Geolocation filtering and testing of results codes.
See notes/GeoLocation and notes/V5_Storyboard.pdf

Logic changed so that destination IP DNS lookup can be made earlier when
required for Geolocation lookup.

Logformat files replace hard-coded logformat numbers.  Provides for
flexible reporting including reporting on request and response headers.
See notes/LogFormatFiles

New RequestID (consisting of TreadID + StartUtime) can be used in logs to
 uniquely identify a request.

Amend dnsauth to accept fg group names as well as fg group numbers.

A large number of outstanding feature requests are actioned  in this version.

See ChangeLog for details of bug fixes

Many thanks to everyone who has contributed to this version.

Please can developers test and feedback so that we can release as stable shortly?

Note: Some configuration files in this version are not fully backward compatible with v5.5 configuration files.

Please read notes/NEWIN_v5 before installing.

If upgrading from an version earlier then v5.4 please read notes/Upgrading_to_V5.4

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu/

v5.4.7r

8 months ago

This is the stable release for version v5.4 (v5.4.7r)

It is likely to be the final v5.4 release as v5.5 is now stable

Fixes in v5.4.7r

Fix possible XSS in bypass url - issue #782

If use are using v5.4 and using the bypass feature, upgrade urgently as this fixes a vulnerability in this feature.

Fixes in v5.4.6r Amended Spanish tranlations reduce artifact ttl: new gitlab limit of 5GB Fix odd memory issue with some lists - replace std::sort with std::stable_sort Update README.md Remove specific link to v5.4 Add packages links

Fixes in v5.4.5r

Fix #713 max value for maxheaderlines increased to 2500

Fixes in v5.4.4r Fix bug https://github.com/e2guardian/e2guardian/issues/727 - some lists not being sorted correctly Fix https://github.com/e2guardian/e2guardian/issues/725 - Local grey match not overriding main exception match Fix https://github.com/e2guardian/e2guardian/issues/720 - Upper case search terms not blocked Update spelling in message 160 Fix bug https://github.com/e2guardian/e2guardian/issues/712 - Upstream connect failure message wrong Fix https://github.com/e2guardian/e2guardian/issues/695 and fix https://github.com/e2guardian/e2guardian/issues/711 - connecttimeout being ignored Fix https://github.com/e2guardian/e2guardian/issues/695 bannediplist missing Fix bug https://github.com/e2guardian/e2guardian/issues/707 cert hostnames not being checked - only happens when openssl v1.1 is used Fix spelling of 'implement' (and derived words). configure.ac: Don't expand AM_INIT_AUTOMAKE multiple times. Fix default size of maxcontentramcachescansize option in configs/e2guardian.conf.in Make sure values of maxcontentfiltersize and maxcontentramcachesize obey to the requirements in the (inline) documentation. Fix default non-initialized default for max_content_ramcache_scan_size. Update gitlab-ci: Remove unused makefile file in docker images Update gitlab-ci: test for finding data path Fix typo in comments of e2guardianf1.conf.in Fix c string conversion compiler error Correct miss spelling in conf file https://github.com/e2guardian/e2guardian/issues/691 Fix https://github.com/e2guardian/e2guardian/issues/686 icap default filtergroup is not set. Fix https://github.com/e2guardian/e2guardian/issues/685 - uppercase domain in user never matches Fix pid error at start Fix bug https://github.com/e2guardian/e2guardian/issues/684 - crash when only one entry in a maplist Fix c string conversion compiler error Fix https://github.com/e2guardian/e2guardian/issues/677 exceptionfile not checked when checking request before checking file extension Fix https://github.com/e2guardian/e2guardian/issues/679 SQUID+ICAP protocol error / timeout/no response: out_res_body_flag was not reset Add official docker hub image Possible fix for https://github.com/e2guardian/e2guardian/issues/676 - Added conditional pid check Fix https://github.com/e2guardian/e2guardian/issues/678 -N reloading instead of quitting with e2guardian -q Fix https://github.com/e2guardian/e2guardian/issues/675 Logs user, url being anonymized at random, messages in storyboard no longer being honored Fix https://github.com/e2guardian/e2guardian/issues/674 messages and categories set in pre-auth.story are blanked.

New feature https://github.com/e2guardian/e2guardian/issues/692 - add extracheckports option to allow loop checking when squid in front

New features in v5.4.3r :-

Auth list files moved into storyboard system - fixes https://github.com/e2guardian/e2guardian/issues/458 Improve auth plugin logic - add per-plugin default group options On single list reading failure do not abort but check rest of config Tidy up request log output New usedashforblank option for logs Extended logs added (type 7 & 8) and -EXTFLAGS- added to block page params Add searchterms field to log types 7,8 - new logclientnameandip config flag Make consistent punctuation removal in NaughtyFilter Time based list and storyboard functions added - https://github.com/e2guardian/e2guardian/issues/529 SB: Add timed blanket block SB: Add support for log-only function (logcategory flag) SB: Response HTTP header modification added & listenportin state added SB: Add https://github.com/e2guardian/e2guardian/issues/568 feature - give warning when defined list is not used New useoriginalip option - solves issues with some apps who use non-stqndard SNI. nomitm lists added for sites which refuse to be mitm. nolog lists added and actioned via new SB entry point - for clearer logs searchexception list added to override searchregexplist Re-organized phrase lists and lists directory - see lists/README Re-organized e2guardian.conf and e2guardianf1.conf - easier to follow and more guidance notes New pf-basic auth plugin - for use with squid used for auth in front of e2g.

See ChangeLog for full details.

Configs are compatible with v5.4.3r and v5.4.4r.

The configs are not fully compatible with v5.3 - see notes/Upgrading_to_v5.4

Please report any issues prefixed with v5.4.

Many thanks to all who have contributed and raised issues and suggestions.

Philip

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu/v5.4/ Official Images on Docker Hub: https://hub.docker.com/r/fredbcode/e2guardian

v5.5.4r

8 months ago

This is the stable version v5.5.4r

Fix possible XSS vulnerability in bypass url - issue #782 Correct INSTALL file - issue #781 Fix bug #780 - e2g crashes if invalid group name is provided via BearerBasic auth plugin Update of Italian messages

Users should upgrade NOW, if they are using the bypass feature or the BearerBasic authentication plugin as this fixes vulnerabilities in these features.

Bug fixes (From v5.5.3)

Some fairly major changes to list handling and search code in order to fix possible 'hanging' pointer issue on list search returns (see issue #768)

Also, a number of bug-fixes applied (see ChangeLog for details.)

New features (From v5.5.2)

UDP logging option added (based on code/idea by KDG)
Add SEMI-TRUSTED flag to logs
Add kiddle search terms extractor #739 refers
Add storyboarding, list definitions, message for TLD allowed as suggested by Dalacor #733. Note I have used allowedtldlist rather than exceptiontld. Exceptions generally override everything but this list is used in blanketblock and so will be overridden by exception site urls etc.
Log rotation (see https://github.com/e2guardian/e2guardian/blob/v5.5.dev/notes/rotating_logs)
New Logger/Debug integrated from coding by KDGundermann (see https://github.com/e2guardian/e2guardian/blob/v5.5/notes/HOWTO_Logger.md)
IO (normal and MITM ssl) rewritten
- timeouts now honored when in MITM mode
- faster throughput - less io system calls
- double-buffered duplex tunneling
Removal of support for pre v1.1 OpenSSL versions
Secure TLS proxy option added
Semi-exception lists and logic added - allows reverse logic for selected sites - i.e. Trust a site - but block some urls within site.
Alert log option - can be used to email alerts/reports etc
Response log option which logs all responses
New storyboard flag ( alert ) and states added ( categoryin )
New list type categorylist added
Much code tidying

Many thanks to everyone who has contributed to this version, especially to Kurt for the new Logger code - it makes debugging and testing so much easier!

Note: Some configuration files in this version are not fully backward compatible with v5.4 configuration files.

Please read notes/NEWIN_v5 before installing.

If upgrading from an version earlier then v5.4 please read notes/Upgrading_to_V5.4

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu

v5.5.3r

10 months ago

This is the stable version v5.5.3r

This release is identical (apart from version suffix) to release v5.5.3pre which has now been load tested. No issues have been reported with v5.5.3pre and we now consider it stable.

Some fairly major changes to list handling and search code in order to fix possible 'hanging' pointer issue on list search returns (see issue #768)

Also, a number of bug-fixes applied (see ChangeLog for details.)

New features (From v5.5.2)

UDP logging option added (based on code/idea by KDG)
Add SEMI-TRUSTED flag to logs
Add kiddle search terms extractor #739 refers
Add storyboarding, list definitions, message for TLD allowed as suggested by Dalacor #733. Note I have used allowedtldlist rather than exceptiontld. Exceptions generally override everything but this list is used in blanketblock and so will be overridden by exception site urls etc.
Log rotation (see https://github.com/e2guardian/e2guardian/blob/v5.5.dev/notes/rotating_logs)
New Logger/Debug integrated from coding by KDGundermann (see https://github.com/e2guardian/e2guardian/blob/v5.5/notes/HOWTO_Logger.md)
IO (normal and MITM ssl) rewritten
- timeouts now honored when in MITM mode
- faster throughput - less io system calls
- double-buffered duplex tunneling
Removal of support for pre v1.1 OpenSSL versions
Secure TLS proxy option added
Semi-exception lists and logic added - allows reverse logic for selected sites - i.e. Trust a site - but block some urls within site.
Alert log option - can be used to email alerts/reports etc
Response log option which logs all responses
New storyboard flag ( alert ) and states added ( categoryin )
New list type categorylist added
Much code tidying

Many thanks to everyone who has contributed to this version, especially to Kurt for the new Logger code - it makes debugging and testing so much easier!

Note: Some configuration files in this version are not fully backward compatible with v5.4 configuration files.

Please read notes/NEWIN_v5 before installing.

If upgrading from an version earlier then v5.4 please read notes/Upgrading_to_V5.4

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu

What's Changed

fixing error with uint32_t by @Arjow in https://github.com/e2guardian/e2guardian/pull/772

New Contributors

@Arjow made their first contribution in https://github.com/e2guardian/e2guardian/pull/772

Full Changelog: https://github.com/e2guardian/e2guardian/compare/v5.5.2r...v5.5.3r

v5.5.3pre

1 year ago

This is the pre-release version v5.5.3pre

Why revert to pre-release? This is due to some fairly major changes to list handling and search code in order to fix possible 'hanging' pointer issue on list search returns (see issue #768)

Also, a number of bug-fixes applied (see ChangeLog for details.)

Please test and report any issues. Once any issues are resolved will issue as stable

New features (From v5.5.2)

UDP logging option added (based on code/idea by KDG)
Add SEMI-TRUSTED flag to logs
Add kiddle search terms extractor #739 refers
Add storyboarding, list definitions, message for TLD allowed as suggested by Dalacor #733. Note I have used allowedtldlist rather than exceptiontld. Exceptions generally override everything but this list is used in blanketblock and so will be overridden by exception site urls etc.
Log rotation (see https://github.com/e2guardian/e2guardian/blob/v5.5.dev/notes/rotating_logs)
New Logger/Debug integrated from coding by KDGundermann (see https://github.com/e2guardian/e2guardian/blob/v5.5/notes/HOWTO_Logger.md)
IO (normal and MITM ssl) rewritten
- timeouts now honored when in MITM mode
- faster throughput - less io system calls
- double-buffered duplex tunneling
Removal of support for pre v1.1 OpenSSL versions
Secure TLS proxy option added
Semi-exception lists and logic added - allows reverse logic for selected sites - i.e. Trust a site - but block some urls within site.
Alert log option - can be used to email alerts/reports etc
Response log option which logs all responses
New storyboard flag ( alert ) and states added ( categoryin )
New list type categorylist added
Much code tidying

Many thanks to everyone who has contributed to this version, especially to Kurt for the new Logger code - it makes debugging and testing so much easier!

Note: Some configuration files in this version are not fully backward compatible with v5.4 configuration files.

Please read notes/NEWIN_v5 before installing.

If upgrading from an version earlier then v5.4 please read notes/Upgrading_to_V5.4

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu

What's Changed

fixing error with uint32_t by @Arjow in https://github.com/e2guardian/e2guardian/pull/772

New Contributors

@Arjow made their first contribution in https://github.com/e2guardian/e2guardian/pull/772

Full Changelog: https://github.com/e2guardian/e2guardian/compare/v5.5.2r...v5.5.3pre

v5.5.2r

1 year ago

This is the first stable version for v5.5 (v5.5.2r)

New features

UDP logging option added (based on code/idea by KDG)
Add SEMI-TRUSTED flag to logs
Add kiddle search terms extractor #739 refers
Add storyboarding, list definitions, message for TLD allowed as suggested by Dalacor #733. Note I have used allowedtldlist rather than exceptiontld. Exceptions generally override everything but this list is used in blanketblock and so will be overridden by exception site urls etc.
Log rotation (see https://github.com/e2guardian/e2guardian/blob/v5.5.dev/notes/rotating_logs)
New Logger/Debug integrated from coding by KDGundermann (see https://github.com/e2guardian/e2guardian/blob/v5.5/notes/HOWTO_Logger.md)
IO (normal and MITM ssl) rewritten
- timeouts now honored when in MITM mode
- faster throughput - less io system calls
- double-buffered duplex tunneling
Removal of support for pre v1.1 OpenSSL versions
Secure TLS proxy option added
Semi-exception lists and logic added - allows reverse logic for selected sites - i.e. Trust a site - but block some urls within site.
Alert log option - can be used to email alerts/reports etc
Response log option which logs all responses
New storyboard flag ( alert ) and states added ( categoryin )
New list type categorylist added
Much code tidying

Many thanks to everyone who has contributed to this version, especially to Kurt for the new Logger code - it makes debugging and testing so much easier!

Note: Some configuration files in this version are not fully backward compatible with v5.4 configuration files.

Please read notes/NEWIN_v5 before installing.

If upgrading from an version earlier then v5.4 please read notes/Upgrading_to_V5.4

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu

What's Changed

Add OPENSSL_CFLAGS/_LIBS for openssl11 support by @opoplawski in https://github.com/e2guardian/e2guardian/pull/728
Fix build error AM_INIT_AUTOMAKE expanded multiple times v5.5 by @meyertime in https://github.com/e2guardian/e2guardian/pull/748

Full Changelog: https://github.com/e2guardian/e2guardian/compare/v5.5.1pre...v5.5.2r

v5.4.6r

1 year ago

This is the stable release for version v5.4 (v5.4.6r)

It is likely to be the final v5.4 release as v5.5 is now stable

Fixes in v5.4.5r

Fix #713 max value for maxheaderlines increased to 2500

New feature https://github.com/e2guardian/e2guardian/issues/692 - add extracheckports option to allow loop checking when squid in front

New features in v5.4.3r :-

See ChangeLog for full details.

Configs are compatible with v5.4.3r and v5.4.4r.

The configs are not fully compatible with v5.3 - see notes/Upgrading_to_v5.4

Please report any issues prefixed with v5.4.

Many thanks to all who have contributed and raised issues and suggestions.

Philip

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu/v5.4/ Official Images on Docker Hub: https://hub.docker.com/r/fredbcode/e2guardian

v5.5.1pre

1 year ago

This is the near-stable pre-release version for v5.5 (v5.5.1pre)

New features

Log rotation (see https://github.com/e2guardian/e2guardian/blob/v5.5.dev/notes/rotating_logs)
New Logger/Debug integrated from coding by KDGundermann (see https://github.com/e2guardian/e2guardian/blob/v5.5/notes/HOWTO_Logger.md)
IO (normal and MITM ssl) rewritten
- timeouts now honored when in MITM mode
- faster throughput - less io system calls
- double-buffered duplex tunneling
Removal of support for pre v1.1 OpenSSL versions
Secure TLS proxy option added
Semi-exception lists and logic added - allows reverse logic for selected sites - i.e. Trust a site - but block some urls within site.
Alert log option - can be used to email alerts/reports etc
Response log option which logs all responses
New storyboard flag ( alert ) and states added ( categoryin )
New list type categorylist added
Much code tidying

Many thanks to everyone who has contributed to this version, especially to Kurt for the new Logger code - it makes debugging and testing so much easier!

There are big changes so please can developers test and feedback so that we can release as stable shortly?

Note: Some configuration files in this version are not fully backward compatible with v5.4 configuration files.

Please read notes/NEWIN_v5 before installing.

If upgrading from an version earlier then v5.4 please read notes/Upgrading_to_V5.4

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu

v5.4.5r

1 year ago

This is the stable release for version v5.4 (v5.4.5r)

It contains a single update to v5.4.4r

Fix #713 max value for maxheaderlines increased to 2500

New feature https://github.com/e2guardian/e2guardian/issues/692 - add extracheckports option to allow loop checking when squid in front

New features in v5.4.3r :-

See ChangeLog for full details.

Configs are compatible with v5.4.3r and v5.4.4r.

The configs are not fully compatible with v5.3 - see notes/Upgrading_to_v5.4

Please report any issues prefixed with v5.4.

Many thanks to all who have contributed and raised issues and suggestions.

Philip

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu/v5.4/ Official Images on Docker Hub: https://hub.docker.com/r/fredbcode/e2guardian

v5.4.4r

1 year ago

This is the stable release for version v5.4 (v5.4.4r)

It contains a number of bug fixes and updates to v5.4.3r

Fixes Fix bug #727 - some lists not being sorted correctly Fix #725 - Local grey match not overriding main exception match Fix #720 - Upper case search terms not blocked Update spelling in message 160 Fix bug #712 - Upstream connect failure message wrong Fix #695 and fix #711 - connecttimeout being ignored Fix #695 bannediplist missing Fix bug #707 cert hostnames not being checked - only happens when openssl v1.1 is used Fix spelling of 'implement' (and derived words). configure.ac: Don't expand AM_INIT_AUTOMAKE multiple times. Fix default size of maxcontentramcachescansize option in configs/e2guardian.conf.in Make sure values of maxcontentfiltersize and maxcontentramcachesize obey to the requirements in the (inline) documentation. Fix default non-initialized default for max_content_ramcache_scan_size. Update gitlab-ci: Remove unused makefile file in docker images Update gitlab-ci: test for finding data path Fix typo in comments of e2guardianf1.conf.in Fix c string conversion compiler error Correct miss spelling in conf file #691 Fix #686 icap default filtergroup is not set. Fix #685 - uppercase domain in user never matches Fix pid error at start Fix bug #684 - crash when only one entry in a maplist Fix c string conversion compiler error Fix #677 exceptionfile not checked when checking request before checking file extension Fix #679 SQUID+ICAP protocol error / timeout/no response: out_res_body_flag was not reset Add official docker hub image Possible fix for #676 - Added conditional pid check Fix #678 -N reloading instead of quitting with e2guardian -q Fix #675 Logs user, url being anonymized at random, messages in storyboard no longer being honored Fix #674 messages and categories set in pre-auth.story are blanked.

New feature #692 - add extracheckports option to allow loop checking when squid in front

New features in v5.4.3r :-

Auth list files moved into storyboard system - fixes #458 Improve auth plugin logic - add per-plugin default group options On single list reading failure do not abort but check rest of config Tidy up request log output New usedashforblank option for logs Extended logs added (type 7 & 8) and -EXTFLAGS- added to block page params Add searchterms field to log types 7,8 - new logclientnameandip config flag Make consistent punctuation removal in NaughtyFilter Time based list and storyboard functions added - #529 SB: Add timed blanket block SB: Add support for log-only function (logcategory flag) SB: Response HTTP header modification added & listenportin state added SB: Add #568 feature - give warning when defined list is not used New useoriginalip option - solves issues with some apps who use non-stqndard SNI. nomitm lists added for sites which refuse to be mitm. nolog lists added and actioned via new SB entry point - for clearer logs searchexception list added to override searchregexplist Re-organized phrase lists and lists directory - see lists/README Re-organized e2guardian.conf and e2guardianf1.conf - easier to follow and more guidance notes New pf-basic auth plugin - for use with squid used for auth in front of e2g.

See ChangeLog for full details.

Configs are compatible with v5.4.3r.

The configs are not fully compatible with v5.3 - see notes/Upgrading_to_v5.4

Please report any issues prefixed with v5.4.

Many thanks to all who have contributed and raised issues and suggestions.

Philip

Packages for Debian/Ubuntu: https://e2guardian.numsys.eu/v5.4/ Official Images on Docker Hub: https://hub.docker.com/r/fredbcode/e2guardian