diff options
| author | D. V. Serg <dvserg@pfsense.org> | 2008-01-14 14:15:39 +0000 |
|---|---|---|
| committer | D. V. Serg <dvserg@pfsense.org> | 2008-01-14 14:15:39 +0000 |
| commit | f7cdc1edbf14721a73ca73b944902b6d03dca43e (patch) | |
| tree | 2c909ef7c273d7a582b6dc60e9ca2be8b5350cda /packages/squidGuard/sgerror.php | |
| parent | b2c9520bd92d7ff4ae9617c3e5ab016fef5c7782 (diff) | |
| download | pfsense-packages-f7cdc1edbf14721a73ca73b944902b6d03dca43e.tar.gz pfsense-packages-f7cdc1edbf14721a73ca73b944902b6d03dca43e.tar.bz2 pfsense-packages-f7cdc1edbf14721a73ca73b944902b6d03dca43e.zip | |
- sources page moved to ACL
- fix blacklist
- add non-80 port support
- changes in error report generator page
Diffstat (limited to 'packages/squidGuard/sgerror.php')
| -rw-r--r-- | packages/squidGuard/sgerror.php | 241 |
1 files changed, 215 insertions, 26 deletions
diff --git a/packages/squidGuard/sgerror.php b/packages/squidGuard/sgerror.php index 302126fb..7e3b5c6c 100644 --- a/packages/squidGuard/sgerror.php +++ b/packages/squidGuard/sgerror.php @@ -1,51 +1,240 @@ <?php +$page_info = <<<EOD # ---------------------------------------------------------------------------------------------------------------------- -# Error page generator +# SquidGuard error page generator # (C)2006-2007 Serg Dvoriancev # ---------------------------------------------------------------------------------------------------------------------- -# .php?url='redirect url' +# This programm processed redirection to specified URL or generated error page for standart HTTP error code. +# Redirection supported http and https protocols. # ---------------------------------------------------------------------------------------------------------------------- -# Forbidden 403 -# Not found 404 -# 410 -# Internal Error 500 -# Moved 301 -# Found 302 +# Format: +# sgerror.php?url=[http://myurl]or[https://myurl]or[error_code[space_code]output-message][incoming SquidGuard variables] +# Incoming SquidGuard variables: +# a=client_address +# n=client_name +# i=client_user +# s=client_group +# t=target_group +# u=client_url +# Example: +# sgerror.php?url=http://myurl.com&a=..&n=..&i=..&s=..&t=..&u=.. +# sgerror.php?url=https://myurl.com&a=..&n=..&i=..&s=..&t=..&u=.. +# sgerror.php?url=404%20output-message&a=..&n=..&i=..&s=..&t=..&u=.. # ---------------------------------------------------------------------------------------------------------------------- +# Tags: +# myurl and output messages can include Tags +# [a] - client address +# [n] - client name +# [i] - client user +# [s] - client group +# [t] - target group +# [u] - client url +# Example: +# sgerror.php?url=401 Unauthorized access to URL [u] for client [n] +# sgerror.php?url=http://my_error_page.php?cladr=%5Ba%5D&clname=%5Bn%5D // %5b=[ %d=] +# ---------------------------------------------------------------------------------------------------------------------- +# Special Tags: +# blank - get blank page +# blank_img - get one-pixel transparent image (for replace banners and etc.) +# Example: +# sgerror.php?url=blank +# sgerror.php?url=blank_img +# ---------------------------------------------------------------------------------------------------------------------- +EOD; define('ACTION_URL', 'url'); define('ACTION_RES', 'res'); define('ACTION_MSG', 'msg'); -header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 +define('TAG_BLANK', 'blank'); +define('TAG_BLANK_IMG', 'blank_img'); + +# ---------------------------------------------------------------------------------------------------------------------- +# ?url=EMPTY_IMG +# Use this options for replace baners/ads to transparent picture. Thisbetter for viewing. +# ---------------------------------------------------------------------------------------------------------------------- +# NULL GIF file +# HEX: 47 49 46 38 39 61 - - - +# SYM: G I F 8 9 a 01 00 | 01 00 80 00 00 FF FF FF | 00 00 00 2C 00 00 00 00 | 01 00 01 00 00 02 02 44 | 01 00 3B +# ---------------------------------------------------------------------------------------------------------------------- +define(GIF_BODY, "GIF89a\x01\x00\x01\x00\x80\x00\x00\xFF\xFF\xFF\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B"); $url = ''; $msg = ''; +$cl = Array(); // squidGuard variables: %a %n %i %s %t %u +$err_code = array(); + +$err_code[301] = "301 Moved Permanently"; +$err_code[302] = "302 Found"; +$err_code[303] = "303 See Other"; +$err_code[305] = "305 Use Proxy"; + +$err_code[400] = "400 Bad Request"; +$err_code[401] = "401 Unauthorized"; +$err_code[402] = "402 Payment Required"; +$err_code[403] = "403 Forbidden"; +$err_code[404] = "404 Not Found"; +$err_code[405] = "405 Method Not Allowed"; +$err_code[406] = "406 Not Acceptable"; +$err_code[407] = "407 Proxy Authentication Required"; +$err_code[408] = "408 Request Time-out"; +$err_code[409] = "409 Conflict"; +$err_code[410] = "410 Gone"; +$err_code[411] = "411 Length Required"; +$err_code[412] = "412 Precondition Failed"; +$err_code[413] = "413 Request Entity Too Large"; +$err_code[414] = "414 Request-URI Too Large"; +$err_code[415] = "415 Unsupported Media Type"; +$err_code[416] = "416 Requested range not satisfiable"; +$err_code[417] = "417 Expectation Failed"; + +$err_code[500] = "500 Internal Server Error"; +$err_code[501] = "501 Not Implemented"; +$err_code[502] = "502 Bad Gateway"; +$err_code[503] = "503 Service Unavailable"; +$err_code[504] = "504 Gateway Time-out"; +$err_code[505] = "505 HTTP Version not supported"; + +# ---------------------------------------------------------------------------------------------------------------------- +# check arg's +# ---------------------------------------------------------------------------------------------------------------------- + if (count($_POST)) { - $url = $_POST['url']; + $url = trim($_POST['url']); $msg = $_POST['msg']; -} else { - $url = $_GET['url']; + $cl['a'] = $_POST['a']; + $cl['n'] = $_POST['n']; + $cl['i'] = $_POST['i']; + $cl['s'] = $_POST['s']; + $cl['t'] = $_POST['t']; + $cl['u'] = $_POST['u']; +} +elseif (count($_GET)) { + $url = trim($_GET['url']); $msg = $_GET['msg']; + $cl['a'] = $_GET['a']; + $cl['n'] = $_GET['n']; + $cl['i'] = $_GET['i']; + $cl['s'] = $_GET['s']; + $cl['t'] = $_GET['t']; + $cl['u'] = $_GET['u']; +} +else { + # Show 'About page' + echo get_page(get_about()); + exit(); } +# ---------------------------------------------------------------------------------------------------------------------- +# url's +# ---------------------------------------------------------------------------------------------------------------------- if ($url) { - if (strstr($url, "301")) header("HTTP/1.0 301"); - elseif (strstr($url, "302")) header("HTTP/1.0 302"); - elseif (strstr($url, "403")) header("HTTP/1.0 403"); - elseif (strstr($url, "404")) header("HTTP/1.0 404"); - elseif (strstr($url, "410")) header("HTTP/1.0 410"); -# elseif (strstr($url, "410")) header("HTTP/1.0 500"); - else { - # + $err_id = 0; + + // check error code + foreach ($err_code as $key => $val) { + if (strpos(strtolower($url), strval($key)) === 0) { + $err_id = $key; + break; + } + } + + # blank page + if ($url === 'blank') { + echo get_page(''); + } + # blank image + elseif ($url === TAG_BLANK_IMG) { + # -------------------------------------------------------------- + # return blank image + # -------------------------------------------------------------- + header("Content-Type: image/gif;"); // charset=windows-1251"); + echo GIF_BODY; + } + # error code + elseif ($err_id !== 0) { + $er_msg = strstr($_GET['url'], ' '); + echo get_error_page($err_id, $er_msg); + } + # redirect url + elseif ((strpos(strtolower($url), "http://") === 0) or (strpos(strtolower($url), "https://") === 0)) { + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # redirect to specified url - # + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ header("HTTP/1.0"); - header("Location: $url", '', 301); + header("Location: $url", '', 302); } - exit(); -} else { - header("HTTP/1.0 410"); - exit(); + // error arguments + else { + echo get_page("sgerror: error arguments $url"); + } +} +else { + echo get_page($_SERVER['QUERY_STRING']); //$url . implode(" ", $_GET)); +# echo get_error_page(500); +} + +# ~~~~~~~~~~ +# Exit +# ~~~~~~~~~~ +exit(); + +# ---------------------------------------------------------------------------------------------------------------------- +# functions +# ---------------------------------------------------------------------------------------------------------------------- +function get_page($body) { + $str = Array(); + $str[] = '<html>'; + $str[] = "<body>\n$body\n</body>"; + $str[] = '</html>'; + return implode("\n", $str); +} + +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# IE displayed self-page, if them size > 1024 +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +function get_error_page($er_code_id, $err_msg='') { + global $err_code; + global $cl; + $str = Array(); + + header("HTTP/1.1 " . $err_code[$er_code_id]); + + $str[] = '<html>'; + $str[] = '<body>'; + $str[] = '<h3>Request denied by pfSense proxy: ' . $err_code[$er_code_id] . '</h3>'; + if ($err_msg) $str[] = "<b> Reason: </b> $err_msg"; + $str[] = '<hr size="1" noshade>'; + if ($cl['a']) $str[] = "<b> Client address: </b> {$cl['a']} <br>"; + if ($cl['n']) $str[] = "<b> Client name: </b> {$cl['n']} <br>"; + if ($cl['i']) $str[] = "<b> Client user: </b> {$cl['i']} <br>"; + if ($cl['s']) $str[] = "<b> Client group: </b> {$cl['s']} <br>"; + if ($cl['t']) $str[] = "<b> Target group: </b> {$cl['t']} <br>"; + if ($cl['u']) $str[] = "<b> URL: </b> {$cl['u']} <br>"; + $str[] = '<hr size="1" noshade>'; + $str[] = "</body>"; + $str[] = "</html>"; + + return implode("\n", $str); +} + +function get_about() { + global $err_code; + global $page_info; + $str = Array(); + + // about info + $s = str_replace("\n", "<br>", $page_info); + $str[] = $s; + $str[] = "<br>"; + + $str[] = '<table>'; + $str[] = ' <b>HTTP error codes (ERROR_CODE):</th></tr>'; + foreach($err_code as $val) { + $str []= "<tr><td>$val"; + } + $str[] = '</table>'; + + return implode("\n", $str); } ?>
\ No newline at end of file |