# Sample Configuration file for the Internet Junkbuster 2.9.x
#
-# $Id: config,v 1.14 2001/06/08 00:25:01 jongfoster Exp $
+# $Id: config,v 1.28 2002/03/04 19:32:07 oes Exp $
#
# Table of Contents
#
# Long lines can be continued on the next line by using a `\' as
# the last character.
-#
-
#
# 3. OTHER CONFIGURATION FILES
#
#
logdir .
-#
# Note that all file specifications below are relative to
# the above two directories!!!
-#
# The actions file contains patterns to specify the
# actions to apply to requests for each site.
# All sites are filtered if re_filterfile specified.
# No sites are blocked. Nothing is an image.
#
-actionsfile actionsfile
+actionsfile ijb.action
-#
# The re_filterfile contains content modification rules. These rules
# permit powerful changes on the content of Web pages, e.g., you
# could disable your favourite JavaScript annoyances, rewrite the
# actual content, or just have some fun replacing "Microsoft"
# with "Microsuck" wherever it appears on a Web page.
#
-# Default: No content modification.
+# Default: content modification. (see '+-filter' in actionsfile)
#
-re_filterfile re_filterfile
+re_filterfile re_filterfile
#
# The logfile is where all logging and error messages are written.
#
# Default: Log to the standard error channel, not to a file
#
-logfile logfile
+logfile logfile
#
# The jarfile defines where Junkbuster stores the cookies it
#
# Default: Don't store intercepted cookies
#
-#jarfile jarfile
+jarfile jarfile
#
# If you specify a trustfile, Junkbuster will only allow access
trust-info-url http://www.your-site.com/why_we_block.html
trust-info-url http://www.your-site.com/what_we_allow.html
-
-#
# 4. OPTIONS
#
# This part of the configuration file contains options that control
# how Junkbuster operates.
#
-#
# Admin-address should be set to the email address of the proxy
# administrator. It is used in many of the proxy-generated pages.
#
# Default: fill@me.in.please
#
-#admin-address fill@me.in.please
+admin-address fill@me.in.please
#
# Proxy-info-url can be set to a URL that contains more info about
#
# Listen-address specifies the address and port where Junkbuster will
# listen for connections from your Web browser. The default is to
-# listen on the local host on port 8000, and this is suitable for
+# listen on the local host on port 8118, and this is suitable for
# most users. (In your web browser, under proxy configuration, list
-# the proxy server as 'localhost' and the port as '8000').
+# the proxy server as 'localhost' and the port as '8118').
#
-# If you already have another service running on port 8000, or if you
+# If you already have another service running on port 8118, or if you
# want to serve requests from other machines (e.g. on your local
# network) as well, you will need to override the default. The syntax
# is "listen-address [<ip-address>]:<port>" If you leave out the ip
# (192.168.0.0) and has another outside connection with a different
# address. You want it to serve requests from inside only:
#
-# listen-address 192.168.0.1:8000
+# listen-address 192.168.0.1:8118
#
# If you want it to listen on all addresses (including the outside
# connection):
#
-# listen-address :8000
+# listen-address :8118
#
# If you do this, consider using acls (see "aclfile" above).
#
# Note: you will need to point your browser(s) to the address
# and port that you have configured here.
#
-# Default: listen-address localhost:8000
-# listen-address 127.0.0.1:8000
+# Default: listen-address localhost:8118
+# listen-address 127.0.0.1:8118
#
# debug 16 # LOG = log all data into the logfile
# debug 32 # FRC = debug force feature
# debug 64 # REF = debug regular expression filter
-# debug 128 # RED = debug fast redirects
-# debug 256 # CLF = Common Log Format
+# debug 128 # = debug fast redirects
+# debug 256 # = debug GIF deanimation
+# debug 512 # CLF = Common Log Format
+# debug 1024 # = debug kill popups
# debug 4096 # INFO = Startup banner and warnings.
# debug 8192 # ERROR = Non-fatal errors
#
# The reporting of FATAL errors (i.e. ones which crash
# JunkBuster) is always on and cannot be disabled.
#
-# If you want to use CLF, you should set "debug 256" ONLY,
+# If you want to use CLF, you should set "debug 512" ONLY,
# do not enable anything else.
#
# Multiple "debug" directives, are OK - they're logical-OR'd
#
toggle 1
+#
+# For content filtering, i.e. the +filter and +deanimate-gif
+# actions, it is neccessary that Junkbuster buffers up the
+# whole document body. This can be potentially dangerous, since
+# a server could just keep sending data indefinitely and wait
+# for your RAM to exhaust.
+# The buffer-limit option lets you set the size in Kbytes that
+# each buffer may use at maximum. When the documents buffer
+# exceeds that size, it is flushed to the client unfiltered and
+# no further attempt to filter the rest of it is taken.
+# Remember that there may multiple threads running, which might
+# require up to buffer-limit Kbytes *each*, unless you have set
+# single-threaded below.
+#
+# Default: 4069, i.e. 4 MB
+#
+buffer-limit 4069
+
+
+#
+# Enable the web-based actionsfile editor. Set to 1 to enable,
+# 0 to disable. Note that you must have compiled JunkBuster
+# with support for this feature, otherwise this option has no
+# effect.
+#
+# Security note: If this is enabled, anyone who can use the proxy
+# can edit the actions file, and their changes will affect all users.
+# For shared proxies, you probably want to disable this.
+#
+# Default: Disabled
+#
+enable-edit-actions 1
+
+
+#
+# Allow JunkBuster to be toggled on and off remotely, using your
+# web browser. Set to 1 to enable, 0 to disable. Note that you
+# must have compiled JunkBuster with support for this feature,
+# otherwise this option has no effect.
+#
+# Security note: If this is enabled, anyone who can use the proxy
+# can toggle it on or off, and their changes will affect all users.
+# For shared proxies, you probably want to disable this.
+#
+# Default: Disabled
+#
+enable-remote-toggle 1
#############################################################################
# Access Control List
# There is an implicit line equivalent to the following, which specifies that
# anything not finding a match on the list is to go out without forwarding
# or gateway protocol; like so:
-# forward .* . # implicit
+# forward .* . # implicit
#
# In the following common configuration, everything goes to Lucent's LPWA,
# except SSL on port 443 (which it doesn't handle)
-# forward .* lpwa.com:8000
+# forward .* lpwa.com:8118
# forward :443 .
#
# See the FAQ for instructions on how to automate the login procedure for LPWA.
# Some users have reported difficulties related to LPWA's use of . as the
# last element of the domain, and have said that this can be fixed with this:
-# forward lpwa. lpwa.com:8000
+# forward lpwa. lpwa.com:8118
# (NOTE: the syntax for specifiying target_domain has changed since the
# previous paragraph weas written - it will not work now. More information
# is welcome.)
# In this fictitious example, everything goes via an ISP's caching proxy,
# except requests to that ISP:
#
-# forward .* caching.myisp.net:8000
+# forward .* caching.myisp.net:8118
# forward myisp.net .
#
# For the @home network, we're told the forwarding configuration is this:
# but everything else goes through Lucent's LPWA by way of the company's
# SOCKS gateway to the Internet.
#
-# forward_socks4 .* lpwa.com:8000 firewall.my_company.com:1080
+# forward-socks4 .* lpwa.com:8118 firewall.my_company.com:1080
# forward my_company.com .
#
# This is how you could set up a site that always uses SOCKS but no forwarders
#
-# forward_socks4a .* . firewall.my_company.com:1080
+# forward-socks4a .* . firewall.my_company.com:1080
#
# An advanced example for network administrators:
#
#
# host-a can run an Internet Junkbuster proxy with forwarding like this:
# forward .* .
-# forward isp-b.com host-b:8000
+# forward isp-b.com host-b:8118
#
# host-b can run an Internet Junkbuster proxy with forwarding like this:
# forward .* .
-# forward isp-a.com host-a:8000
+# forward isp-a.com host-a:8118
#
# Now, *anyone* on the Internet (including users on host-a and host-b)
# can set their browser's proxy to *either* host-a or host-b and
# forward localhost.localdomain . # Loopback address
# forward www.ukc.mirror.ac.uk . # Specific host
#
-
+#
+# Note: If you intend to chain junkbuster and squid locally, the chain
+# broswer -> squid -> junkbuster is the recommended way.
+#
+# Your squid configuration could then look like this:
+#
+# # Define junkbuster as parent cache
+# cache_peer 127.0.0.1 8118 parent 0 no-query
+#
+# # Define ACL for protocol FTP
+# acl FTP proto FTP
+#
+# # Do not forward ACL FTP to junkbuster
+# always_direct allow FTP
+#
+# # Do not forward ACL CONNECT (https) to junkbuster
+# always_direct allow CONNECT
+#
+# # Forward the rest to junkbuster
+# never_direct allow all
+#
#############################################################################
# 5. WINDOWS GUI OPTIONS