Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Exibir sgerror em https no pfsense 2.4.x

    Scheduled Pinned Locked Moved Portuguese
    10 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Marcos Adriano
      last edited by

      Olá, já faz um tempo que estou procurando e tentando tudo q encontro pra tentar solucionar esse problema. Editei o sgerror e ao bloquear sites http ele funciona normalmente porém nos sites https o site é bloqueado mais o sgerror não carrega. eu uso o squid 0.4.42 com filtro SSL e squidGuard 1.16.4. A grande maioria dos posts que encontro são antigos e acredito que não funcionam na versão q possuo (2.4.2). Será que alguém sabe como resolver isso ?

      Obrigado.

      1 Reply Last reply Reply Quote 0
      • danilosv.03D
        danilosv.03
        last edited by

        quando você vai no caminho: /usr/local/www você editou o sgerror default e colocou o seu script como a mesma nomenclatura do default? E você está trabalhando com interceptação ssl?


        :)
        |E-mail: danilosv.03@gmail.com
        |Skype: danilosv.03


        1 Reply Last reply Reply Quote 0
        • M
          Marcos Adriano
          last edited by

          Sim, o arquivo está com o nome sgerror.php  igual o anterior. Estou usando interceptação SSL sim. e mesmo com o arquivo default acontece o mesmo em http aparece a  mensagem de bloqueio e em https bloqueia mais não carrega a mensagem de bloqueio.

          1 Reply Last reply Reply Quote 0
          • danilosv.03D
            danilosv.03
            last edited by

            Me encaminha o teu script, deixa eu analisar.


            :)
            |E-mail: danilosv.03@gmail.com
            |Skype: danilosv.03


            1 Reply Last reply Reply Quote 0
            • M
              Marcos Adriano
              last edited by

              include "globals.inc";
              include "config.inc";
              $page_info = <<<eod<br># –--------------------------------------------------------------------------------------------------------------------

              SquidGuard error page generator

              (C)2006-2007 Serg Dvoriancev

              ----------------------------------------------------------------------------------------------------------------------

              This programm processed redirection to specified URL or generated error page for standart HTTP error code.

              Redirection supported http and https protocols.

              ----------------------------------------------------------------------------------------------------------------------

              Format:

              #        sgerror.php?url=[http://myurl]or[https://myurl]or[error_code[space_code]output-message][incoming SquidGuard variables]

              Incoming SquidGuard variables:

              #        a=client_address
              #        n=client_name
              #        i=client_user
              #        s=client_group
              #        t=target_group
              #        u=client_url

              Example:

              #        sgerror.php?url=http://myurl.com&a=..&n=..&i=..&s=..&t=..&u=..
              #        sgerror.php?url=https://myurl.com&a=..&n=..&i=..&s=..&t=..&u=..
              #        sgerror.php?url=404%20output-message&a=..&n=..&i=..&s=..&t=..&u=..

              –--------------------------------------------------------------------------------------------------------------------

              Tags:

              #        myurl and output messages can include Tags
              #                [a] - client address
              #                [n] - client name
              #                _- client user
              #                ~~- client group
              #                [t] - target group
              #                - client url

              Example:

              #        sgerror.php?url=401 Unauthorized access to URL for client [n]
              #      sgerror.php?url=http://my_error_page.php?cladr=%5Ba%5D&clname=%5Bn%5D // %5b=[ %d=]

              –--------------------------------------------------------------------------------------------------------------------

              Special Tags:

              #      blank    - get blank page
              #        blank_img - get one-pixel transparent image (for replace banners and etc.)

              Example:

              #        sgerror.php?url=blank
              #        sgerror.php?url=blank_img

              ----------------------------------------------------------------------------------------------------------------------

              EOD;

              define('ACTION_URL', 'url');
              define('ACTION_RES', 'res');
              define('ACTION_MSG', 'msg');

              define('TAG_BLANK',    'blank');
              define('TAG_BLANK_IMG', 'blank_img');

              ----------------------------------------------------------------------------------------------------------------------

              ?url=EMPTY_IMG

              #      Use this options for replace baners/ads to transparent picture. Thisbetter for viewing.

              ----------------------------------------------------------------------------------------------------------------------

              NULL GIF file

              HEX: 47 49 46 38 39 61 - - -

              SYM: G  I  F  8  9  a  01 00 | 01 00 80 00 00 FF FF FF | 00 00 00 2C 00 00 00 00 | 01 00 01 00 00 02 02 44 | 01 00 3B

              ----------------------------------------------------------------------------------------------------------------------

              define(GIF_BODY, "GIF89a\x01\x00\x01\x00\x80\x00\x00\xFF\xFF\xFF\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B");

              $url  = '';
              $msg  = '';
              $cl  = Array(); // squidGuard variables: %a %n %i %s %t %u
              $err_code = array();

              $err_code[301] = "301 Moved Permanently";
              $err_code[302] = "302 Found";
              $err_code[303] = "303 See Other";
              $err_code[305] = "305 Use Proxy";

              $err_code[400] = "400 Bad Request";
              $err_code[401] = "401 Unauthorized";
              $err_code[402] = "402 Payment Required";
              $err_code[403] = "Acesso Indevido";
              $err_code[404] = "404 Not Found";
              $err_code[405] = "405 Method Not Allowed";
              $err_code[406] = "406 Not Acceptable";
              $err_code[407] = "407 Proxy Authentication Required";
              $err_code[408] = "408 Request Time-out";
              $err_code[409] = "409 Conflict";
              $err_code[410] = "410 Gone";
              $err_code[411] = "411 Length Required";
              $err_code[412] = "412 Precondition Failed";
              $err_code[413] = "413 Request Entity Too Large";
              $err_code[414] = "414 Request-URI Too Large";
              $err_code[415] = "415 Unsupported Media Type";
              $err_code[416] = "416 Requested range not satisfiable";
              $err_code[417] = "417 Expectation Failed";

              $err_code[500] = "500 Internal Server Error";
              $err_code[501] = "501 Not Implemented";
              $err_code[502] = "502 Bad Gateway";
              $err_code[503] = "503 Service Unavailable";
              $err_code[504] = "504 Gateway Time-out";
              $err_code[505] = "505 HTTP Version not supported";

              –--------------------------------------------------------------------------------------------------------------------

              check arg's

              ----------------------------------------------------------------------------------------------------------------------

              if (count($_POST)) {
                  $url  = trim($_POST['url']);
                  $msg  = $_POST['msg'];
                  $cl['a'] = $_POST['a'];
                  $cl['n'] = $_POST['n'];
                  $cl['i'] = $_POST['i'];
                  $cl['s'] = $_POST['s'];
                  $cl['t'] = $_POST['t'];
                  $cl['u'] = $_POST['u'];
              }
              elseif (count($_GET)) {
                  $url  = trim($_GET['url']);
                  $msg  = $_GET['msg'];
                  $cl['a'] = $_GET['a'];
                  $cl['n'] = $_GET['n'];
                  $cl['i'] = $_GET['i'];
                  $cl['s'] = $_GET['s'];
                  $cl['t'] = $_GET['t'];
                  $cl['u'] = $_GET['u'];
              }
              else {
                    # Show 'About page'
                      echo get_page(get_about());
                      exit();
              }

              ----------------------------------------------------------------------------------------------------------------------

              url's

              ----------------------------------------------------------------------------------------------------------------------

              if ($url) {
                  $err_id = 0;

              // check error code
                  foreach ($err_code as $key => $val) {
                          if (strpos(strtolower($url), strval($key)) === 0) {
                            $err_id = $key;
                            break;
                          }
                  }

              # blank page
                  if ($url === TAG_BLANK) {
                          echo get_page('');
                  }
                  # blank image
                  elseif ($url === TAG_BLANK_IMG) {
                        $msg = trim($msg);
                        if(strpos($msg, "maxlen_") !== false) {
                            $maxlen = intval(trim(str_replace("maxlen_", "", $url)));
                            filter_by_image_size($cl['u'], $maxlen);
                            exit();
                        }
                        else {
                            # --------------------------------------------------------------
                            # return blank image
                            # --------------------------------------------------------------
                            header("Content-Type: image/gif;"); //  charset=windows-1251");
                            echo GIF_BODY;
                        }
                  }
                  # error code
                  elseif ($err_id !== 0) {
                          $er_msg = strstr($_GET['url'], ' ');
                          echo get_error_page($err_id, $er_msg);
                  }
                  # redirect url
                  elseif ((strpos(strtolower($url), "http://") === 0) or (strpos(strtolower($url), "https://") === 0)) {
                          # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          # redirect to specified url
                          # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          header("HTTP/1.0");
                          header("Location: $url", '', 302);
                  }
                  // error arguments
                  else {
                      echo get_page("sgerror: error arguments $url");
                  }
              }
              else {
                      echo get_page($_SERVER['QUERY_STRING']); //$url . implode(" ", $_GET));
              #        echo get_error_page(500);
              }

              ~~~~~~~~~~

              Exit

              ~~~~~~~~~~

              exit();

              ----------------------------------------------------------------------------------------------------------------------

              functions

              ----------------------------------------------------------------------------------------------------------------------

              function get_page($body) {
                      $str = Array();
                      $str[] = '';
                      $str[] = "\n$body\n";
                      $str[] = '';
                      return implode("\n", $str);
              }

              #########################################################
              #                                                      #
              #  Página de Erro do SquidGuard customizada  - Inicio  #
              #                                                      #
              #########################################################

              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

              IE displayed self-page, if them size > 1024

              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

              function get_error_page($er_code_id, $err_msg='') {
                      global $err_code;
                      global $cl;
                      global $g;
                      global $config;
                      $str = Array();

              $str[] = '';
                      $str[] = '';
                  $str[] = '';
                      $str[] = '';
                  $str[] = '__';
                  $str[] = '';
                  $str[] = '';
                  $str[] = 'logo';
                  $str[] = '

              O endereço requisitado não pôde ser aberto:
              <a style="font-size:80%; font-family:Helvetica; color:#7f7f7f;"></a>';
                  $str[] = '

              ';
                          if ($cl['u'])        $str[] = "{$cl['u']}";
                  $str[] = '';
                  $str[] = "

              Motivo:  {$err_code[$er_code_id]}

              ";
                  $str[] = '
              O controle de acessos identificou este site como inadequado de acordo com nossa organização.
              Todo ou qualquer acesso à internet é registrado em nosso sistema de relatórios.';
                  $str[] = '

              ';
                  $str[] = 'Informações do Bloqueio:';
                  $str[] = '';
                          if ($cl['n'])        $str[] = "Nome do Cliente: {$cl['n']} | ";
                          if ($cl['a'])        $str[] = "IP do Cliente: {$cl['a']} | ";
                          if ($cl['i'])        $str[] = "Usuário: {$cl['i']} | ";
                          if ($cl['s'])        $str[] = "Grupo: {$cl['s']} | ";
                          if ($cl['t'])        $str[] = "Categoria: {$cl['t']} ";
                  $str[] = '';

              $str[] = "";
                      $str[] = "";

              return implode("\n", $str);
              }

              #########################################################
              #                                                      #
              #  Página de Erro do SquidGuard customizada  - Fim    #
              #                                                      #
              #########################################################

              function filter_by_image_size($url, $val_size) {

              # load url header
                        $ch = curl_init();
                        curl_setopt($ch, CURLOPT_URL, $url);
                        curl_setopt($ch, CURLOPT_HEADER, 1);
                        curl_setopt($ch, CURLOPT_NOBODY, 1);
                        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
                        $hd = curl_exec($ch);
                        curl_close($ch);

              $size = 0;
                      $SKEY = "content-length:";
                      $s_tmp = strtolower($hd);
                      $s_tmp = str_replace("\n", " ", $s_tmp); # replace all "\n"
                      if (strpos($s_tmp, $SKEY) !== false) {
                          $s_tmp = trim(substr($s_tmp, strpos($s_tmp, $SKEY) + strlen($SKEY)));
                          $s_tmp = trim(substr($s_tmp, 0, strpos($s_tmp, " ")));
                          if (is_numeric($s_tmp))
                                $size = intval($s_tmp);
                          else $size = 0;
                      }

              # === check url type and content size ===
                      # redirect to specified url
                      if (($size !== 0) && ($size < $val_size)) {
                            header("HTTP/1.0");
                            header("Location: $url", '', 302);
                      }
                      # return blank image
                      else {
                            header("Content-Type: image/gif;");
                            echo GIF_BODY;
                      }
              }
              ?>~~_</eod<br>

              1 Reply Last reply Reply Quote 0
              • danilosv.03D
                danilosv.03
                last edited by

                Na linha:  **  $str[] = 'logo';**; você está dizendo que a página personalizada só irá aparecer pela a http e não pela a https. Coloque o https e reveja.


                :)
                |E-mail: danilosv.03@gmail.com
                |Skype: danilosv.03


                1 Reply Last reply Reply Quote 0
                • M
                  Marcos Adriano
                  last edited by

                  Fiz e não deu certo. Foi redirecionado pro https mais continua carregando somente em  bloqueios dos sites em http

                  1 Reply Last reply Reply Quote 0
                  • danilosv.03D
                    danilosv.03
                    last edited by

                    Você deu o apply no guard?


                    :)
                    |E-mail: danilosv.03@gmail.com
                    |Skype: danilosv.03


                    1 Reply Last reply Reply Quote 0
                    • M
                      Marcos Adriano
                      last edited by

                      Sim

                      1 Reply Last reply Reply Quote 0
                      • maxwelberM
                        maxwelber
                        last edited by

                        Meu cenário muito parecido com seu e tenho o mesmo problema, alguma novidade?

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.