-# Sample Configuration file for the Internet Junkbuster 2.0
+# Sample Configuration file for the Internet Junkbuster 2.9.x
#
-# $Id: config,v 1.13 2001/06/04 18:31:58 swa Exp $
+# $Id: config,v 1.20 2001/07/26 15:06:21 haroon Exp $
#
# Table of Contents
# you can make it a comment and it will be treated as if it weren't there.
# This is called "commenting out" an option and can be useful to turn
# off features: If you comment out the "logfile" line, junkbuster will
-# not log at all. Watch for the "default:" section in each explanation
-# to see what happens if the option is left unset (or commented out).
+# not log to a file at all. Watch for the "default:" section in each
+# explanation to see what happens if the option is left unset (or
+# commented out).
#
# Long lines can be continued on the next line by using a `\' as
-# the last character. This also works if comments are present in
-# between.
+# the last character.
#
#
# files in the current working directory. In either case, an
# absolute path name can be used to avoid problems.
-# While we go modular and multiuser, the blocker, filter, and
-# per-user config will be stored in subdirectories of confdir.
-# Now, only confdir/templates is used for storing HTML templates
-# for CGI results.
+# While we go modular and multiuser, the blocker, filter, and
+# per-user config will be stored in subdirectories of confdir.
+# Now, only confdir/templates is used for storing HTML templates
+# for CGI results.
#
-# No trailing /, please.
+# No trailing /, please.
confdir .
#
-# The directory where all logging (i.e. logfile and jarfile) takes place
-# No trailing /, please.
+# The directory where all logging (i.e. logfile and jarfile) takes place
+# No trailing /, please.
#
logdir .
#
-# Note that all file specifications below are relative to
-# the above two directories!!!
+# Note that all file specifications below are relative to
+# the above two directories!!!
#
-# The permissions file contains patterns to specify the
-# filtering rules to apply to each site.
+# The actions file contains patterns to specify the
+# actions to apply to requests for each site.
#
# Default: Cookies to and from all destinations are filtered.
# Popups are disabled for all sites.
# All sites are filtered if re_filterfile specified.
# No sites are blocked. Nothing is an image.
#
-permissionsfile permissionsfile
+actionsfile actionsfile
#
# The re_filterfile contains content modification rules. These rules
#
#jarfile jarfile
+#
+# If you specify a trustfile, Junkbuster will only allow access
+# to sites that are named in the trustfile. You can also mark
+# sites as trusted referrers, with the effect that access to
+# untrusted sites will be granted, if a link from a trusted
+# referrer was used. The link target will then be added to the
+# trustfile.
+# Note that this is a very restrictive feature that typical users
+# most propably want to leave disabled.
+#
+# Default: Don't use the trust mechanism
+#
+#trustfile trust
+
+#
+# If you use the trust mechanism, it is a good idea to write up
+# some online documentation about your blocking policy and to
+# specify the URL(s) here. They will appear on the page that
+# your users receive when they try to access untrusted content.
+# Use multiple times for multiple URLs.
+#
+# Default: Don't display links on the "untrusted" info page.
+#
+trust-info-url http://www.your-site.com/why_we_block.html
+trust-info-url http://www.your-site.com/what_we_allow.html
+
#
# 4. OPTIONS
# how Junkbuster operates.
#
+#
+# Admin-address should be set to the email address of the proxy
+# administrator. It is used in many of the proxy-generated pages.
+#
+# Default: fill@me.in.please
+#
+#admin-address fill@me.in.please
+
+#
+# Proxy-info-url can be set to a URL that contains more info about
+# this junkbuster installation, it's configuration and policies.
+# It is used in many of the proxy-generated pages and its use is
+# highly recommended, since your users will want to know why certain
+# content is blocked or modified.
+#
+# Default: Don't show a link to online documentation
+#
+proxy-info-url http://www.your-site.com/proxy.html
+
#
# Listen-address specifies the address and port where Junkbuster will
# listen for connections from your Web browser. The default is to
# debug 16 # LOG = log all data into the logfile
# debug 32 # FRC = debug force feature
# debug 64 # REF = debug regular expression filter
-# debug 128 # RED = debug fast redirects
-# debug 256 # CLF = Common Log Format
+# debug 128 # = debug fast redirects
+# debug 256 # = debug GIF deanimation
+# debug 512 # CLF = Common Log Format
+# debug 1024 # = debug kill popups
# debug 4096 # INFO = Startup banner and warnings.
# debug 8192 # ERROR = Non-fatal errors
#
# The reporting of FATAL errors (i.e. ones which crash
# JunkBuster) is always on and cannot be disabled.
#
-# If you want to use CLF, you should set "debug 256" ONLY,
+# If you want to use CLF, you should set "debug 512" ONLY,
# do not enable anything else.
#
# Multiple "debug" directives, are OK - they're logical-OR'd
#
# Default: Multithreaded mode
#
-#single-threaded
+single-threaded
#
# 'toggle' allows you to temporarily disable all Junkbuster's
#
toggle 1
+#
+# For content filtering, i.e. the +filter and +deanimate-gif
+# actions, it is neccessary that Junkbuster buffers up the
+# whole document body. This can be potentially dangerous, since
+# a server could just keep sending data indefinitely and wait
+# for your RAM to exhaust.
+# The buffer-limit option lets you set the size in Kbytes that
+# each buffer may use at maximum. When the documents buffer
+# exceeds that size, it is flushed to the client unfiltered and
+# no further attempt to filter the rest of it is taken.
+# Remember that there may multiple threads running, which might
+# require up to buffer-limit Kbytes *each*, unless you have set
+# single-threaded below.
+#
+# Default: 4069, i.e. 4 MB
+#
+buffer-limit 4069
#############################################################################
# Access Control List
# There is an implicit line equivalent to the following, which specifies that
# anything not finding a match on the list is to go out without forwarding
# or gateway protocol; like so:
-# forward .* . # implicit
+# forward .* . # implicit
#
# In the following common configuration, everything goes to Lucent's LPWA,
# except SSL on port 443 (which it doesn't handle)
# forward .ukc.ac.uk . # Anything on the same domain as us
# forward * . # Host with no domain specified
# forward 129.12.*.* . # A dotted IP on our /16 network.
-# forward 128.*.*.* . # Loopback address
+# forward 127.*.*.* . # Loopback address
# forward localhost.localdomain . # Loopback address
# forward www.ukc.mirror.ac.uk . # Specific host
#
-
+#
+# Note: If you intend to chain junkbuster and squid locally, the chain
+# broswer -> squid -> junkbuster is the recommended way.
+#
+# Your squid configuration could then look like this:
+#
+# # Define junkbuster as parent cache
+# cache_peer 127.0.0.1 8000 parent 0 no-query
+#
+# # Define ACL for protocol FTP
+# acl FTP proto FTP
+#
+# # Do not forward ACL FTP to junkbuster
+# always_direct allow FTP
+#
+# # Do not forward ACL CONNECT (https) to junkbuster
+# always_direct allow CONNECT
+#
+# # Forward the rest to junkbuster
+# never_direct allow all
+#
#############################################################################
# 5. WINDOWS GUI OPTIONS