Custom SquidGuard error [How-To]



  • Hey there,

    Well, its pointless making a new thread just to put an existing code which is already available in this post here. That post really helped me to design within the sgerror.php file itself rather than redirecting to another file which didn't work for me through. Below is what I've edited to fit my needs and I just thought may this would help someone who needs another pre-edited code itself. If admins can merge this post with original thread, that would be great.

    File Location

    /usr/local/www/sgerror.php
    
    
    # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    # IE displayed self-page, if them size > 1024
    # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    function get_error_page($er_code_id, $err_msg='') {
            global $err_code;
            global $cl;
            global $g;
            global $config;
            $str = Array();
    
            header("HTTP/1.1 " . $err_code[$er_code_id]);
    		$str[] = '';
            $str[] = '';
    			$str[] = '<title>Access Denied by EoN Gateway</title>';
            $str[] = '';
    /*	if ($config['installedpackages']['squidguarddefault']['config'][0]['deniedmessage']) {
    		$str[] = "
    
    ### {$config['installedpackages']['squidguarddefault']['config'][0]['deniedmessage']}: {$err_code[$er_code_id]}
    
    ";
    	} else {
    		$str[] = "
    
    ### Request denied by {$g['product_name']} proxy: {$err_code[$er_code_id]}
    
    ";
    	}
    */
            $str[] = '';
    		$str[] = '';
                    if ($cl['n'])        $str[] = "Client Name: {$cl['n']} | ";
                    if ($cl['a'])        $str[] = "IP: {$cl['a']} | ";
                    if ($cl['i'])        $str[] = "User: {$cl['i']} | ";
                    if ($cl['s'])        $str[] = "Group: {$cl['s']} | ";
                    if ($cl['t'])        $str[] = "Blocked Category: {$cl['t']} ";
    		$str[] = '';
    		$str[] = 'Request Denied by Gateway!';
    		$str[] = '';
    				if ($cl['u'])        $str[] = "
    
    **URL:** {$cl['u']}
    
    ";
    		$str[] = '
    
    Access to above site is restricted during office hours (Sunday to Thursday, 9.30am - 6.30pm / Saturday, 10.30am - 3.00pm).
     Please try again outside of these hours, or if you need urgent access, discuss with the [System Administrator](mailto:user@domain.com).
    
    ';
    		$str[] = '
    
    ![geblockt](http://gateway2.domain.local/logo.png)
    
    ';
            $str[] = 'Web Filtering by [**PfSense**](https://pfsense.org) and [**SquidGuard**](http://squidguard.org) | Copyrights © 2014\. Company Name';
            $str[] = "";
            $str[] = "";
    
            return implode("\n", $str);
    }
    

    Points to consider in this code:

    • I've commented a code, its the default proxy error notification generates which I didn't want to appear as I was making it to fit my needs. comments are within "/*  */". If you need, you can allow it to appear.

    • At first image didn't appear to me, so I've called the complete URL of where the image located




  • when you upgrade to a new release of pfsense, the changes to the file "/usr/local/www/sgerror.php" are lost.
    I do it this way:

    1. in my home, I created the file "personalSgerror.php" which contains my function "get_error_page (….."
    2. in the file "/usr/local/www/sgerror.php" I added include "/home/<your home="">/personalSgerror.php";</your>  and I renamed the function "get_error_page (….." to "Xget_error_page (....."

    file "/usr/local/www/sgerror.php"```

    include "globals.inc";
    include "config.inc";
    include "/home/<your home="">/personalSgerror.php";
    $page_info = <<<eod<br># ----------------------------------------------------------------------------------------------------------------------

    SquidGuard error page generator

    (C)2006-2007 Serg Dvoriancev

    ...............
    ...............</eod<br></your>

    
    my function "get_error_page (….."  in the file  **personalSgerror.php**```
    /*
     https://forum.pfsense.org/index.php?topic=26057.0
    
      This file replaces the function get_error_page (.....
      save this file in your home dir, end rename to personalSgerror.php
    
      In the file /usr/local/www/sgerror.php
      i put the directive below
      include "/home/<your home="">/personalSgerror.php";
      and rename the original function
      get_error_page (.....
      Xget_error_page function (.....
    */
    function get_error_page($er_code_id, $err_msg='') {
    	global $err_code;
    	global $cl;
    	global $g;
    	global $config;
    	$str = Array();
    
    	header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
    	header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
    	header( 'Cache-Control: no-store, no-cache, must-revalidate' );
    	header( 'Cache-Control: post-check=0, pre-check=0', false );
    	header( 'Pragma: no-cache' );
    	header("HTTP/1.1 " . $err_code[$er_code_id]);
    	$str[] = '';
    	$str[] = '';
    	$str[] = '<title>'.$err_code[$er_code_id].'</title>';
    	$str[] = '';
    	$str[] = '';
    
    	$str[] = '';
    	$str[] = 'ACCESS DENIED';
    	$str[] = '';
    
    	$str[] = '';
    	$str[] = ''.date('D, d M Y H:i:s').'';
    	if ($cl['s']) $str[] = "Group: {$cl['s']} | ";
    	if ($cl['t']) $str[] = "Category: {$cl['t']}";
    	$str[] = '';
    	$str[] = '';
    	$str[] = '';
    	$str[] = 'NETWORK '.$config['system']['domain'].'';
    	$str[] = 'ACCESSO NEGATO!';
    	$str[] = ''. $err_code[$er_code_id].'';
    	$str[] = '';
    	$str[] = '';
    
    	if($config['installedpackages']['squidguarddefault']['config'][0]['deniedmessage']) {
    		$str[] = '
    
    '.$config['installedpackages']['squidguarddefault']['config'][0]['deniedmessage'].'
    
    ';
    	}else{
    		$str[] = '
    
    Access to the request page or domain
    has been denied by '.$g['product_name'].'
    
    ';
    	}
    
    	$str[] = '<hr  size="1" width="70%" noshade="">';
    	if ($cl['u']) $str[] = 'URL: '.$cl['u'].'';
    	if ($cl['s']) $str[] = '
    Gruppo: **'.$cl['s'].'** - ';
    	if ($cl['t']) $str[] = 'Categoria: **'.$cl['t'].'**';
    	$str[] = '<hr  size="1" width="70%" noshade="">';
    	if ($cl['n']) $str[] = 'Client Name: '.$cl['n'].'
    ';
    	if ($cl['a']) $str[] = 'Client IP: '.$cl['a'].'
    ';
    	if ($cl['i']) $str[] = 'Client User: '.$cl['i'].'
    ';
    	$str[] = '<hr  size="1" width="70%" noshade="">';
    
    	if(strlen($err_msg)>1 ){
    		 $str[] = ''.$err_msg.'';
    	}else{
    		$str[] = 'Contact the Network Administrator if you think there has been an error';
    	}
    
    	$str[] = '</hr ></hr ></hr >';
    	$str[] = '';
    	$str[] = 'Pagine web controllate e filtrate da  [**SquidGuard**](http://www.squidguard.org "http://www.squidguard.org") su firewall  [**'.$g['product_name'].'**](http://'.$g['product_website'].' "http://'.$g['product_website'].'")';
    	$str[] = '';
    	$str[] = '';
    	$str[] = "";
    
    	return implode("\n", $str);
    }
    ?></your>
    

    in the attached file "personalSgerror.php.txt" my function "get_error_page (….."
    put this file in your home and rename it to "personalSgerror.php"

    in the attached file "ACCESS_DENIED.png" a screenshot for the access denied page.

    I hope that in future versions of pfsense, developers can add in the web gui the ability to customize the function "get_error_page (….."

    sorry for my bad English.
    greetings
    Mario



    personalSgerror.php.txt



  • Nevermind, i'm dumb heh. got it working.