Squidguard not displaying reason for error code on pages that are blocked
-
Hi
Is there a way to display a reason why the webpage has been blocked by PFSense (Squidguard). Before I start tampering with creating custom error pages for my firewall, there's just one thing I would like to resolve. See attached for an example.
PFSense 2.1.5
Squid 2.7.9 pkg v.4.3.4
SquidGuard 1.4_4 pkg v.1.9.10Thanks
-
For the category list, make sure it's set to "int err message" and then put the text for the Reason in the box.
-
Hi
Thanks for the reply. I tried your suggestion and it is still not displaying a reason code. When I look in sgerror.php the $err_msg parameter looks undefined.
include "globals.inc"; include "config.inc"; $page_info = <<<eod<br># ---------------------------------------------------------------------------------------------------------------------- # SquidGuard error page generator # (C)2006-2007 Serg Dvoriancev # ---------------------------------------------------------------------------------------------------------------------- # This programm processed redirection to specified URL or generated error page for standart HTTP error code. # Redirection supported http and https protocols. # ---------------------------------------------------------------------------------------------------------------------- # Format: # sgerror.php?url=[http://myurl]or[https://myurl]or[error_code[space_code]output-message][incoming SquidGuard variables] # Incoming SquidGuard variables: # a=client_address # n=client_name # i=client_user # s=client_group # t=target_group # u=client_url # Example: # sgerror.php?url=http://myurl.com&a=..&n=..&i=..&s=..&t=..&u=.. # sgerror.php?url=https://myurl.com&a=..&n=..&i=..&s=..&t=..&u=.. # sgerror.php?url=404%20output-message&a=..&n=..&i=..&s=..&t=..&u=.. # ---------------------------------------------------------------------------------------------------------------------- # Tags: # myurl and output messages can include Tags # [a] - client address # [n] - client name # [i] - client user # [s] - client group # [t] - target group # [u] - client url # Example: # sgerror.php?url=401 Unauthorized access to URL [u] for client [n] # sgerror.php?url=http://my_error_page.php?cladr=%5Ba%5D&clname=%5Bn%5D // %5b=[ %d=] # ---------------------------------------------------------------------------------------------------------------------- # Special Tags: # blank - get blank page # blank_img - get one-pixel transparent image (for replace banners and etc.) # Example: # sgerror.php?url=blank # sgerror.php?url=blank_img # ---------------------------------------------------------------------------------------------------------------------- EOD; define('ACTION_URL', 'url'); define('ACTION_RES', 'res'); define('ACTION_MSG', 'msg'); define('TAG_BLANK', 'blank'); define('TAG_BLANK_IMG', 'blank_img'); # ---------------------------------------------------------------------------------------------------------------------- # ?url=EMPTY_IMG # Use this options for replace baners/ads to transparent picture. Thisbetter for viewing. # ---------------------------------------------------------------------------------------------------------------------- # NULL GIF file # HEX: 47 49 46 38 39 61 - - - # SYM: G I F 8 9 a 01 00 | 01 00 80 00 00 FF FF FF | 00 00 00 2C 00 00 00 00 | 01 00 01 00 00 02 02 44 | 01 00 3B # ---------------------------------------------------------------------------------------------------------------------- define(GIF_BODY, "GIF89a\x01\x00\x01\x00\x80\x00\x00\xFF\xFF\xFF\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B"); $url = ''; $msg = ''; $cl = Array(); // squidGuard variables: %a %n %i %s %t %u $err_code = array(); $err_code[301] = "301 Moved Permanently"; $err_code[302] = "302 Found"; $err_code[303] = "303 See Other"; $err_code[305] = "305 Use Proxy"; $err_code[400] = "400 Bad Request"; $err_code[401] = "401 Unauthorized"; $err_code[402] = "402 Payment Required"; $err_code[403] = "403 Forbidden"; $err_code[404] = "404 Not Found"; $err_code[405] = "405 Method Not Allowed"; $err_code[406] = "406 Not Acceptable"; $err_code[407] = "407 Proxy Authentication Required"; $err_code[408] = "408 Request Time-out"; $err_code[409] = "409 Conflict"; $err_code[410] = "410 Gone"; $err_code[411] = "411 Length Required"; $err_code[412] = "412 Precondition Failed"; $err_code[413] = "413 Request Entity Too Large"; $err_code[414] = "414 Request-URI Too Large"; $err_code[415] = "415 Unsupported Media Type"; $err_code[416] = "416 Requested range not satisfiable"; $err_code[417] = "417 Expectation Failed"; $err_code[500] = "500 Internal Server Error"; $err_code[501] = "501 Not Implemented"; $err_code[502] = "502 Bad Gateway"; $err_code[503] = "503 Service Unavailable"; $err_code[504] = "504 Gateway Time-out"; $err_code[505] = "505 HTTP Version not supported"; # ---------------------------------------------------------------------------------------------------------------------- # check arg's # ---------------------------------------------------------------------------------------------------------------------- if (count($_POST)) { $url = trim($_POST['url']); $msg = $_POST['msg']; $cl['a'] = $_POST['a']; $cl['n'] = $_POST['n']; $cl['i'] = $_POST['i']; $cl['s'] = $_POST['s']; $cl['t'] = $_POST['t']; $cl['u'] = $_POST['u']; } elseif (count($_GET)) { $url = trim($_GET['url']); $msg = $_GET['msg']; $cl['a'] = $_GET['a']; $cl['n'] = $_GET['n']; $cl['i'] = $_GET['i']; $cl['s'] = $_GET['s']; $cl['t'] = $_GET['t']; $cl['u'] = $_GET['u']; } else { # Show 'About page' echo get_page(get_about()); exit(); } # ---------------------------------------------------------------------------------------------------------------------- # url's # ---------------------------------------------------------------------------------------------------------------------- if ($url) { $err_id = 0; // check error code foreach ($err_code as $key => $val) { if (strpos(strtolower($url), strval($key)) === 0) { $err_id = $key; break; } } # blank page if ($url === TAG_BLANK) { echo get_page(''); } # blank image elseif ($url === TAG_BLANK_IMG) { $msg = trim($msg); if(strpos($msg, "maxlen_") !== false) { $maxlen = intval(trim(str_replace("maxlen_", "", $url))); filter_by_image_size($cl['u'], $maxlen); exit(); } else { # -------------------------------------------------------------- # return blank image # -------------------------------------------------------------- header("Content-Type: image/gif;"); // charset=windows-1251"); echo GIF_BODY; } } # error code elseif ($err_id !== 0) { $er_msg = strstr($_GET['url'], ' '); echo get_error_page($err_id, $er_msg); } # redirect url elseif ((strpos(strtolower($url), "http://") === 0) or (strpos(strtolower($url), "https://") === 0)) { # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # redirect to specified url # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ header("HTTP/1.0"); header("Location: $url", '', 302); } // error arguments else { echo get_page("sgerror: error arguments $url"); } } else { echo get_page($_SERVER['QUERY_STRING']); //$url . implode(" ", $_GET)); # echo get_error_page(500); } # ~~~~~~~~~~ # Exit # ~~~~~~~~~~ exit(); # ---------------------------------------------------------------------------------------------------------------------- # functions # ---------------------------------------------------------------------------------------------------------------------- function get_page($body) { $str = Array(); $str[] = ''; $str[] = "\n$body\n"; $str[] = ''; return implode("\n", $str); } # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # IE displayed self-page, if them size > 1024 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ function get_error_page($er_code_id, $err_msg='') { global $err_code; global $cl; global $g; global $config; $str = Array(); header("HTTP/1.1 " . $err_code[$er_code_id]); $str[] = ''; $str[] = ''; if ($config['installedpackages']['squidguarddefault']['config'][0]['deniedmessage']) { $str[] = " <center> # {$config['installedpackages']['squidguarddefault']['config'][0]['deniedmessage']}: {$err_code[$er_code_id]} </center> "; } else { $str[] = " # Request denied by {$g['product_name']} proxy: {$err_code[$er_code_id]} "; } if ($err_msg) $str[] = " ### **Reason:** $err_msg"; $str[] = ' * * * '; if ($cl['a']) $str[] = " **Client address:** {$cl['a']} "; if ($cl['n']) $str[] = " **Client name:** {$cl['n']} "; if ($cl['i']) $str[] = " **Client user:** {$cl['i']} "; if ($cl['s']) $str[] = " **Client group:** {$cl['s']} "; if ($cl['t']) $str[] = " **Target group:** {$cl['t']} "; if ($cl['u']) $str[] = " **URL:** {$cl['u']} "; $str[] = ' * * * '; $str[] = ""; $str[] = ""; return implode("\n", $str); } function get_about() { global $err_code; global $page_info; $str = Array(); // about info $s = str_replace("\n", " ", $page_info); $str[] = $s; $str[] = " "; $str[] = ''; $str[] = ' **HTTP error codes (ERROR_CODE):'; foreach($err_code as $val) { $str []= "** | $val"; } $str[] = ' | **'; return implode("\n", $str); } function filter_by_image_size($url, $val_size) { # load url header $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $hd = curl_exec($ch); curl_close($ch); $size = 0; $SKEY = "content-length:"; $s_tmp = strtolower($hd); $s_tmp = str_replace("\n", " ", $s_tmp); # replace all "\n" if (strpos($s_tmp, $SKEY) !== false) { $s_tmp = trim(substr($s_tmp, strpos($s_tmp, $SKEY) + strlen($SKEY))); $s_tmp = trim(substr($s_tmp, 0, strpos($s_tmp, " "))); if (is_numeric($s_tmp)) $size = intval($s_tmp); else $size = 0; } # === check url type and content size === # redirect to specified url if (($size !== 0) && ($size < $val_size)) { header("HTTP/1.0"); header("Location: $url", '', 302); } # return blank image else { header("Content-Type: image/gif;"); echo GIF_BODY; $str[] = ' MJ '; } } ?>    [/u][/u][/s][/i]**</eod<br>
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.