sohan krishi wrote:
Hi all,
I am using Squid 2.6 Stable18 in transparent mode on ubuntu 8.04. I
have a problem with blocking some words. I am using this ACL
acl blocklist url_regex -i "/usr/local/etc/blocked1.txt"
and in blocked1.txt I have many words line porn, masala, sex, blog ...
All is working fine but when users try to browse any thing like
weblogic...it is blocked ! I found it by debuging and noticed that
weblogic is found in blog word in blocked1.txt....
How can I tell Squid to use exact word, like use only blog and not
weblogic. Is it possible ?
Sigh.. Content filtering. Back to bite again.
- very easy to think of and start
- impossible to get right
- bypassed so easily
Did you know what "YFMTUAGPI" means to a content filter?
At least you have reached level 2: the penismightier problem.
Guess what level 3 is? placenames! been to cocksucker, Wyoming. Fucker,
Australia. Shitterton, England, how about bad knob in Europe? those are
just the famous ones. Not even gong near street names.
Level 4: aliases; seen a monkey? or a scary duck? a clinton? a gore? a
president bush?
Level 5: now encrypt all those with a simple +1 Caeser-cipher
.. the bravest I've ever known often crumble after reaching...
Level 6: wetware symbolic encryptions: \/!gara for yuo!
** NP: these 'levels' are my own invented rating system to judge how
determined filtering people are. Based on my 16 years experience in
security.
Best option is to give up early and take other easier paths, like
teaching each and every client not to browse porn in the first place. Or
just blocking all non-plaintext traffic unless its pre-vetted.
To keep on the pattern filtering road, you need to become an expert in
regex, encryption, and security. The porn people professionally
by-passing your filter are 10+ years ahead in expertise. And have a
handful of languages to choose from even at level 1.
The full-word pattern looks like this:
[^a-zA-Z]([a-zA-Z]+)[^a-zA-Z]
substitute your word for the bracketed part.
*** Note this is ONLY US-ASCII english words. Mostly useless now that
URI have been internationalized.
Amos
--
Please use Squid 2.7.STABLE3 or 3.0.STABLE8
