Netgate SG-1000 microFirewall

Author Topic: Dansguardian and Shutterfly  (Read 1088 times)

0 Members and 1 Guest are viewing this topic.

Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4995
  • Karma: +199/-43
  • Debugging...
    • View Profile
Dansguardian and Shutterfly
« on: August 17, 2013, 12:35:51 am »
I should say Dansguardian and lots of things...

So, someone on the network was trying to upload files to shutterfly photo site and after 2 days of chronic failure I decided to shut down dansguardian and see what would happen.  The problem was immediately corrected.

So, I've decided rather than wondering if every anomalous failure is dansguardian related I'd just uninstall it and save myself the hassle.
I don't really need the blocking features that much.  Maybe others do.

I could have just entered a URL bypass for that one site, but I already have a bunch of them and adding bypasses gets old.

Offline rjcrowder

  • Hero Member
  • *****
  • Posts: 648
  • Karma: +25/-0
    • View Profile
Re: Dansguardian and Shutterfly
« Reply #1 on: August 17, 2013, 08:16:53 pm »
That seems a little draconian... especially when you can search the forums and find the problem - and solution. See this thread. http://forum.pfsense.org/index.php/topic,58442.0.html

Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4995
  • Karma: +199/-43
  • Debugging...
    • View Profile
Re: Dansguardian and Shutterfly
« Reply #2 on: August 17, 2013, 08:22:10 pm »
Nah - I'm sure its quite easy to fix that one problem.  Like I said, the real problem is that it will be hard for me to know when I have a real problem and when its a dansguardian thing, so for someone like me who doesn't really NEED the filtering, just not having the additional complexity is easier.

P.S.  It broke squid when I un-installed it.  It just required a reinstall of the squid package to fix it. 

Offline rjcrowder

  • Hero Member
  • *****
  • Posts: 648
  • Karma: +25/-0
    • View Profile
Re: Dansguardian and Shutterfly
« Reply #3 on: August 18, 2013, 07:00:51 am »
Like I said, the real problem is that it will be hard for me to know when I have a real problem and when its a dansguardian thing
Understood. There are a few situations where DG can cause problems even when properly setup and configured. In order to solve that issue, I implemented a bypass page. I know DG has it's own bypass capability, but I wanted to make sure DG would be completely out of the flow if I chose to bypass it.

Here's how it works... When you get blocked, DG presents a web page prompting your for an ID and password. If you enter the correct credentials (currently just check against a text file of user/password), it adds the IP address to a list of "unfiltered" IP's that do not get redirected to DG (via the firewall rules). It then manually force the rules to be reloaded. There is a little cron job that removes the IP from the list 15 minutes later.