SquidGuard - I want to redirect only on dest blk_BL_porn

  • squidGuard is working well for us. I wish to make one change however. I've spend all day on it so far and searched this site without finding a solution.

    What I want is when a user is blocked by the dest blk_BL_porn rule that they get redirected to a custom warning page: http://ourinternalsite/index.php/pornography-warning.html but for all the other dest blk_BL_?? rules I just want the standard error page.
    I figure I can edit /usr/local/etc/squidGuard/squidGuard.conf to include

    dest blk_BL_porn {
    domainlist blk_BL_porn/domains
    urllist blk_BL_porn/urls
    redirect http://ourinternalsite/index.php/pornography-warning.html
    log block.log

    and restart the proxy server but if I hit the update button in pfsense squidGuard then my rule will be wiped out.

    Can anyone help me with how to get a redirect statement into the dest blk_BL_porn rule from the pfsense interface?


  • You can't do this via web iface.
    One way - /usr/locxal/pkg/squidguard.inc, /usr/locxal/pkg/squidguard_configurator.inc

  • dvserg thanks for your response. That is a pretty comprehensive file. Not being a programmer or script bunny I have had a look through it and I can't see the mod I'd have to make to get it do do what I want. Are you able to give me a code example and tell me where I might put it in the file.

  • OK so I'm picking it's in the file squidguard_configurator.inc
    probably around the section:

        # --- Destinations ---
        if ($squidguard_config[F_DESTINATIONS]) {
            $temp_str = '';
            foreach($squidguard_config[F_DESTINATIONS][F_ITEM] as $dst) {
                $dstname = $dst[F_NAME];
                $sg_tag->set("dest", $dst[F_NAME], "", $dst[F_DESCRIPTION]);
                if ($dst[F_DOMAINS])
                    $sg_tag->items[] = "domainlist $dstname/domains";
                if ($dst[F_EXPRESSIONS])
                    $sg_tag->items[] = "expressionlist $dstname/expressions";
                if ($dst[F_URLS])
                    $sg_tag->items[] = "urllist $dstname/urls";
                if ($dst[F_RMOD] != RMOD_NONE)
                    $sg_tag->items[] = "redirect " . sg_redirector_base_url($dst[F_REDIRECT], $dst[F_RMOD]);
                if ($dst[F_LOG])
                    $sg_tag->items[] = "log " . SQUIDGUARD_ACCESSBLOCK_FILE;
                $sgconf[] = "";
                $sgconf[] = $sg_tag->tag_text();
                # log
                $temp_str .= " $dstname;";
            # log
            $temp_str = !empty($temp_str) ? $temp_str : "Nothing.";
            sg_addlog("sg_create_config: add destinations: \n $temp_str", 1);

    I'm guessing I'll need an if statement somewhere there saying if  $dstname = "blk_BL_porn" then insert a line "redirect http://etc_etc…"
    but how to do that I'm not really sure...

  • OK so I don't know how to do this and if I did I would have a non-standard installation - should I be putting in a feature request?

        # --- Blacklist ---
        # Note! Blacklist must be added to config permanently. It's need for rebuild DB now
        $db_entries = sg_entries_blacklist();
        if (($squidguard_config[F_BLACKLISTENABLED] === 'on') and $db_entries) {
            $log_entr_added = '';
            $log_entr_ignored = '';
            sg_addlog("sg_create_config: add blacklist entries", 1);
            foreach($db_entries as $key => $ent) {
                $ent_state = array();
                # create config if blacklist item exists
                if ($ent_state['exists']) {
                    $sg_tag->set("dest", $ent, "", "");
                    if ($ent_state[F_DOMAINS])     $sg_tag->items[] = "domainlist $ent/domains";
                    if ($ent_state[F_EXPRESSIONS]) $sg_tag->items[] = "expressionlist $ent/expressions";
                    if ($ent_state[F_URLS])        $sg_tag->items[] = "urllist $ent/urls";
                    if ($ent == "blk_BL_porn")
                        $ent_state->items[] = "redirect " . sg_redirector_base_url("YOU_URL_HERE", RMOD_EXT_MOVED);
                    $sg_tag->items[] = "log ". SQUIDGUARD_ACCESSBLOCK_FILE;

Log in to reply