Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 906
» Latest member: Glildjer
» Forum threads: 26
» Forum posts: 82

Full Statistics

Online Users
There are currently 10 online users.
» 0 Member(s) | 10 Guest(s)

Latest Threads
Tor
Forum: Profiles
Last Post: Komi
03-02-2021, 08:17 PM
» Replies: 2
» Views: 24
DNS Settings
Forum: Network
Last Post: Komi
03-02-2021, 08:14 PM
» Replies: 2
» Views: 37
Captive/Self-signed
Forum: SSL Certificate
Last Post: benoit
02-26-2021, 01:56 AM
» Replies: 1
» Views: 23
Weird behaviour on Profil...
Forum: Profiles
Last Post: benoit
02-18-2021, 06:26 PM
» Replies: 7
» Views: 432
installation on raspberry...
Forum: Installation
Last Post: corkball
02-14-2021, 08:31 PM
» Replies: 0
» Views: 62
One user with multiple pr...
Forum: Profiles
Last Post: kmrdeva
02-12-2021, 01:32 PM
» Replies: 2
» Views: 74
mysql-python won't instal...
Forum: Installation
Last Post: paul
01-27-2021, 10:29 AM
» Replies: 1
» Views: 103
Docker Install
Forum: Installation
Last Post: paul
01-21-2021, 05:28 AM
» Replies: 1
» Views: 157
Time allocation
Forum: Users and devices connection management
Last Post: benoit
01-14-2021, 12:56 PM
» Replies: 1
» Views: 150
Connection schedules not ...
Forum: Users and devices connection management
Last Post: benoit
01-14-2021, 12:37 PM
» Replies: 4
» Views: 227

  Tor
Posted by: Komi - 02-26-2021, 05:27 PM - Forum: Profiles - Replies (2)

I am having difficulty getting the Tor connection to work.

I have ensured the Tor service is active and started and that the exit node country has been set. However, whenever I activate a profile using the Tor network via "Connection type" I loose connectivity.


I have also tried to send DNS queries over Tor using a "Direct connection" but that also fails with a DNS resolution error which leads me to believe the Tor network is not active or has stalled.

Thank you for any assistance.

Print this item

  DNS Settings
Posted by: Komi - 02-26-2021, 05:14 PM - Forum: Network - Replies (2)

Thank you for the great project.

According to the documentation, when unchecking "the box Use defined DNS as redirectors" on the Miscellaneous settings, the settings used in DNS 1 & 2 are ignored and DNS queries are not relayed. Further KB documentation says "DNS queries will be directly redirected to the root DNS servers on the Internet."

For clarification, is this essentially the same as "Unbound DNS"?

Also, in the DNS and Gateway settings page, under DNS 1 I have an entry 127.0.0.1 which I believe does in fact indicate Unbound DNS is active.

However, I am confused whether or not this entry is active or ignored due to the unchecked box mentioned above in Miscellaneous settings. Can I please have some clarification on these settings? Thank you

Print this item

  Captive/Self-signed
Posted by: chrislarsen - 02-23-2021, 12:12 AM - Forum: SSL Certificate - Replies (1)

Hi, is there anything you've observed around switching from existing router network  over to keexy, on the same wifi SSID? On my iOS devices, the first time switching over to captive join of that SSID, it doesn't work well, and I had to disconnect and reconnect a couple times to get it to work, and at one point it complained about a "privacy" warning on the connection, alluded to self-signed. After forgetting connection and re-entering it, it went fine. It seems like a caching issue. I'm going to have many people reconnecting through Captive process to use our wifi, who will be on iOS devices, so I'm hoping there are some tips to make the process go more smoothly.  

Would a CA signed cert work much better?

Print this item

  installation on raspberry pi i386
Posted by: corkball - 02-14-2021, 08:31 PM - Forum: Installation - No Replies

Hopefully this will help somebody.  I had an old mini-pc, but no ARM-based pi device, so I recompiled for i386, and it SEEMS to work for the most part, although it was a giant pain.  Lack of a unified structure presents a lot of potential support issues, although I suppose it might give a nerd tons of opportunity for code customization.

I don't THINK I will use keexybox, even though it is a great idea, because it lacks more robust support for iptables like control over NAT, and I would also like to be able to enable and disable my filtering (for example: block child X until child X completes his homework, then unblock *roblox.com).  But otherwise, the interface is totally sweet.


--------------------------------------------
KEEXYBOX 20.10.2 install notes on i386 linux VM in VirtualBox 6.1:
----------------------------------------------------------

1) install i386 raspbios https://downloads.raspberrypi.org/rpd_x86/images/ - at the time I used
a recent version rpd_x86-2020-02-14.  Download and install ISO in virtualbox 6.1

2) make some OS changes:
a) disable IPv6 (https://www.techrepublic.com/article/how...-on-linux/)
you can disable in /etc/sysctl.conf:
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
b) screen resolution, allow SSH
c) pi defaults to user 'pi', password is whatever you set, and you can 'sudo su' to root

3) in this version of the OS, PHP7.3 will install.  That is fine, but it creates issues for 2
packages, php-mcrypt (obsolete), and php-tcpdf (obsolete, but has backport)
a) to install php-tcpdf, edit /etc/apt/sources.list.  Add a source:
deb http://ftp.debian.org/debian/ buster-backports main
  then install the package:
apt install php-tcpdf
b) to install mcrypt, this is a bit harder, since there is no backport.
1. apt-get install php-dev libmcrypt-dev php-pear
2. pecl channel-update pecl.php.net
3. pecl install channel://pecl.php.net/mcrypt-1.0.2
4. edit /etc/php/7.3/cli/php.ini and add line 'extension=mcrypt.so'.
5. 'php -m | grep mcrypt' should return 'mcrypt'
6. ok, now, we need to tell keexybox to ignore the missing mcrypt package:
7. in install package (do this later, we havent created this yet), go in to
/keexybox-20.10.2/util/required_packages.conf and comment out
'php-mcrypt'

keexybox is for pi devices which use ARM architecture, not i386, so you cant use default packages. 
you must follow manual build process to create i386 binaries:
https://wiki.keexybox.org/doku.php/manual_installation

random problems I encountered:
---------------------------------------------------------
had to modify apache2.conf to keep apache from crashing:
Mutex posixsem

locked myself out, had to reset admin password (there seems to be a lack of documented support for CLI administration):
/opt/keexybox/keexyapp/bin/cake users UpdateAdminPassword <password>

booting hung with 'you are in emergency mode' - i screwed up my cdrom mount.  comment that line /dev/sr0
out of /etc/fstab

Print this item

  One user with multiple profiles. Possible?
Posted by: kmrdeva - 02-08-2021, 12:26 PM - Forum: Profiles - Replies (2)

Hello everyone, I'm a new KeexyBox user (first day) and actually also a first time user of a Raspberry Pi.

Let me elaborate on my use case / requirements.

I have created a user for my son, and 2 profiles.

class-time profile is from the morning to evening with a blacklist to block him from youtube etc.

free-time profile is from the evening to night with no blacklist i.e. nothing blocked.

How can I apply both profiles to the same user? It seems that we're only allowed one profile per user.

   

   

   

Print this item

  mysql-python won't install. Keeps throwing up errors
Posted by: [email protected] - 01-23-2021, 03:29 AM - Forum: Installation - Replies (1)

Hi,

I am trying to install via terminal as opposed to the image.

Upon searching around it seems as though mysql-python is not supported in python3 and throws up various issues like

Code:
ImportError: No module named 'ConfigParser'

trying to use 
Code:
pip2 install mysql-python
 does not help either as mysql-python fails to build and throws errors such as 
Code:
error: duplicate member ‘reconnect’

Is there any way that support could be added for newer mysql packages such as mysqlclient?
BTW: This is for the installation from script. This is a great project and I would love to give it a spin but this issue keeps popping up.
Thanks in advance for any help!

Print this item

  Docker Install
Posted by: pablogy - 01-15-2021, 04:06 PM - Forum: Installation - Replies (1)

Hello,

I started using your product on a raspberry pi 4, it is working great.

1. What is the minimum Raspberry pi requirement? (Raspberry model, Ram, cpu)

2. Is there a docker image for the installation?  If not, what is required to create it?

Thanks.

Print this item

  Example network setup/topologies
Posted by: mrwhite2020 - 01-12-2021, 01:07 AM - Forum: Network - No Replies

Hi everyone,



A bit of a setup guides for newbies like me.

It took me a while to setup Keexybox mainly because I made it hard for myself.  I wanted to replicate:

[Image: keexybox_net_topology_as_gateway_v2.png?...tok=ef853b]



with my router changed to:

 - IP address: 192.168.1.200/24;

 - I moved the DNS across to OpenDNS DNS entries:

  - 208.67.222.222 and 208.67.220.220

 until I setup a cron job to update the Blacklists.

I wanted the internal network to be: 10.0.0.0/24
and the output network to be: 192.168.1.0/24.



I thought it might be worthwhile showing what setups worked where you have two separate networks.



So Keexybox is:

 - eth0: 192.168.1.254;

 - etho:0: 10.0.0.1/24 for the input network, looks like (attachment: keexybox network screen 1.png)

and then your DHCP looks like attachments: keexybox dhcp screen 1.png and keexybox dhcp screen 2.png

I performed an update of the Raspberry Pi as well via bash shell:

Code:
$ ssh [email protected]
password: <default>
# change your <default> password with:
$ passwd
# update the raspberry pi
$ sudo apt-get update
$ sudo apt-get upgrade
which introduced a new DHCP client dhcpcd.service which breaks the existing one.  Disable it:
$ sudo systemctl disable dhcpcd.service

and check that none of the interfaces are set to DHCP, they should be static:
Code:
$ cd /etc/network
$ less interfaces

This is generated by KeexyBox so make sure your entries are correct according to the screen shots, mine looks like:
Code:
# GENERATED BY KEEXYBOX WEBUI
# DO NOT EDIT THIS FILE

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# Auto load interfaces
auto lo eth0 eth0:0
iface lo inet loopback

# Hotplug interfaces
allow-hotplug eth0 eth0:0


# Output network configuration
iface eth0 inet static
    address 192.168.1.254
    netmask 255.255.255.0
    gateway 192.168.1.200
    dns-nameservers 192.168.1.200 208.67.222.222

# Internal network configuration
iface eth0:0 inet static
    address 10.0.0.1
    netmask 255.255.255.0

Then disable DHCP on the router (192.168.1.200) and let Keexybox restart:
Code:
$ sudo systemctl reboot



Attached Files Thumbnail(s)
           
Print this item

  Connection schedules not working
Posted by: michaelanburaj - 01-11-2021, 06:31 PM - Forum: Users and devices connection management - Replies (4)

Hello,



I am new to keexybox. I have set it in Use KeexyBox for website filtering only mode. The Wifi AP works fine and DHCP as well. I see my devices setup with DNS pointing to the keexybox-Raspi4. All devices but a few have been setup under a new profile 'kid' and I tried to limit the internet access time using the 'Connection schedules' attribute. I tried several different time constraints and none is stopping the internet traffic.

Even the Stop, pause internet buttons on the Devices Tab does not seem to do anything. The stats although is enabled is blank.

Internet traffic metering feature(s) have any dependency on TOR or captive portal?



I want to have simple time-limit per device/profile and sit block. please let me know what I am missing. I tried reading through the documents to understand how it is supposed to work, and I am not getting the answers for this.


2. One more thing, the keeyxybox web interface after login in as admin does show as offline "Disconnected from the internet" not sure why.

Thanks,

-Michael.

Print this item

Lightbulb Time allocation
Posted by: mrwhite2020 - 01-10-2021, 11:22 PM - Forum: Users and devices connection management - Replies (1)

Hi everyone,

I'm not sure if this is a feature request or whether other users have found a solution.  Keexybox does most of what I am looking for and I'm a new raspberry pi user, so this may be a really easy request.

In addition to users/profiles/devices we can allocate time schedules from Monday to Sunday 00:00 to 23:59 each day, which is awesome.

What I'd like to also do is to be able to allocate to a user:
 - time alocation;
in addition to the time schedule above.

So I can allocated to:
 - a user;
 - a maximum of 4hrs internet / time allocation (day/week)

So I would allocate to a user:
 - a profile;
 - a time schedule;
 - a time allocation (4hrs/day total)

Looking forward to what people have to suggest.

Cheers,

Karl Angel.

Print this item