-<!DOCTYPE Article PUBLIC "-//OASIS//DTD DocBook V3.1//EN">
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN">
<!--
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
File : $Source: /cvsroot/ijbswa/current/doc/source/user-manual.sgml,v $
Purpose : user manual
This file belongs into
ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- $Id: user-manual.sgml,v 1.2 2001/09/13 15:27:40 swa Exp $
+ $Id: user-manual.sgml,v 1.39 2002/03/06 16:19:28 hal9 Exp $
Written by and Copyright (C) 2001 the SourceForge
IJBSWA team. http://ijbswa.sourceforge.net
-->
<!--
-Sun 09/23/01 08:53:31 PM
+Sat 03/02/02 04:53:47 PM
-This is an unfinished, rough draft. Anyone reading this, believe let me
-know errors!!!!! Stefan, especially you!
+This should be ready for BETA release.
Hal Burgiss <hal@foobox.net>
-->
<artheader>
<title>Junkbuster User Manual</title>
-<pubdate>$Id: user-manual.sgml,v 1.2 2001/09/13 15:27:40 swa Exp $</pubdate>
+<pubdate>$Id: user-manual.sgml,v 1.39 2002/03/06 16:19:28 hal9 Exp $</pubdate>
<authorgroup>
<author>
security to users of the World Wide Web.
</para>
<para>
-You can find the latest version of the user manual at <ulink url="http://ijbswa.sourceforge.net/doc/user-manual/">http://ijbswa.sourceforge.net/doc/user-manual/</ulink>.
+You can find the latest version of the user manual at <ulink url="http://ijbswa.sourceforge.net/user-manual/">http://ijbswa.sourceforge.net/user-manual/</ulink>.
</para>
<para>
<sect1 id="introduction"><title>Introduction</title>
<para>
<application>Internet Junkbuster</application> is a web proxy with advanced
- filtering capabilities for protecting privacy, filtering web page content,
- managing cookies and removing ads, banners, pop-ups and other obnoxious
- Internet Junk. <application>Junkbuster</application> has a very flexible
- configuration and can be customized to suit individual needs and tastes.
- <application>Internet Junkbuster</application> has application for both
- stand-alone systems and multi-user networks.
+ filtering capabilities for protecting privacy, filtering and modifying web
+ page content, managing cookies, controlling access, and removing ads,
+ banners, pop-ups and other obnoxious Internet Junk.
+ <application>Junkbuster</application> has a very flexible configuration and
+ can be customized to suit individual needs and tastes. <application>Internet
+ Junkbuster</application> has application for both stand-alone systems and
+ multi-user networks.
</para>
<para>
- This documentation is included with the current development version of
- <application>Internet Junkbuster</application> and is incomplete at this
+ This documentation is included with the current BETA version of
+ <application>Internet Junkbuster</application> and mostly complete at this
point. The most up to date reference for the time being is still the comments
in the source files and in the individual configuration files. Development
- of version 3.0 is currently underway, and includes significant changes and
- enhancements over earlier verions.
+ of version 3.0 is currently nearing completion, and includes many significant
+ changes and enhancements over earlier versions. The target release date for
+ stable v3.0 is <quote>soon</quote> ;-)
</para>
<para>
- Since this is a development version, there <emphasis>are</emphasis> bugs!
+ Since this is a BETA version, not all new features are well tested. This
+ documentation may be slightly out of sync as a result. And there
+ <emphasis>may be</emphasis> bugs, though hopefully not many!
</para>
-<!-- ~~~~~ New section ~~~~~ -->
+<!-- ~~~~~ New section ~~~~~ -->
<sect2>
-<title>License</title>
+<title>New Features</title>
<para>
- <application>Internet Junkbuster</application> is free software; you can
- redistribute it and/or modify it under the terms of the GNU General Public
- License as published by the Free Software Foundation; either version 2 of the
- License, or (at your option) any later version.
+ In addition to <application>Junkbuster's</application> traditional features
+ of ad and banner blocking and cookie management, this is a list of new
+ features currently under development:
</para>
<para>
- This program is distributed in the hope that it will be useful, but WITHOUT
- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
- details, which is available from <ulink
- url="http://www.gnu.org/copyleft/gpl.html">the Free Software Foundation,
- Inc</ulink>, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-</para>
+ <itemizedlist>
-</sect2>
+ <listitem>
+ <para>
+ Integrated browser based configuration and control utility (<ulink
+ url="http://i.j.b">http://i.j.b</ulink>). Browser-based tracing of rule
+ and filter effects.
+ </para>
+ </listitem>
-<!-- ~ End section ~ -->
+ <listitem>
+ <para>
+ Modularized configuration that will allow for system wide settings, and
+ individual user settings. (not implemented yet, probably a 3.1 feature)
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Blocking of annoying pop-up browser windows.
+ </para>
+ </listitem>
-<!-- ~~~~~ New section ~~~~~ -->
+ <listitem>
+ <para>
+ HTTP/1.1 compliant (most, but not all 1.1 features are supported).
+ </para>
+ </listitem>
-<sect2>
-<title>History</title>
-<para>
- <application>Junkbuster</application> was originally written by <ulink
- url="http://www.junkbusters.com/ht/en/ijbfaq.html">JunkBusters
- Corporation</ulink>, and was released as free open-source software under the
- GNU GPL. <ulink url="http://www.waldherr.org/junkbuster/">Stefan
- Waldherr</ulink> made many improvements, and started the <ulink
- url="http://sourceforge.net/projects/ijbswa/">SourceForge project</ulink> to
- rekindle development.
+ <listitem>
+ <para>
+ Support for Perl Compatible Regular Expressions in the configuration files, and
+ generally a more sophisticated and flexible configuration syntax over
+ previous versions.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ GIF de-animation.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Web page content filtering (removes banners based on size,
+ invisible <quote>web-bugs</quote>, JavaScript, pop-ups, status bar abuse,
+ etc.)
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Bypass many click-tracking scripts (avoids script redirection).
+
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Multi-threaded (POSIX and native threads).
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Auto-detection and re-reading of config file changes.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ User-customizable HTML templates (e.g. 404 error page).
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Improved cookie management features (e.g. session based cookies).
+ </para>
+</listitem>
+
+ <listitem>
+ <para>
+ Builds from source on most UNIX-like systems. Packages available for: Linux
+ (RedHat, SuSE, or Debian), Windows, Sun Solaris, Mac OSX, OS/2.
+
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ In addition, the configuration is much more powerful and versatile over-all.
+ </para>
+</listitem>
+
+ </itemizedlist>
</para>
</sect2>
<application>Junkbuster</application> is available as raw source code, or
pre-compiled binaries. See the <ulink
url="http://sourceforge.net/projects/ijbswa/">Junkbuster Home Page</ulink>
- for current release
s. <application>Junkbuster</application> is also available
+ for current release
info. <application>Junkbuster</application> is also available
via <ulink
url="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/current/">CVS</ulink>.
- This is the recommended approach at this time.
+ This is the recommended approach at this time. But please be aware that CVS
+ is constantly changing, and it may break in mysterious ways.
</para>
<!-- ~~~~~ New section ~~~~~ -->
<para>
<screen>
- tar zxvf ijb_source_2.9*
- cd ijb_source_2.9*
+ tar xzvf ijb_source_* [.tgz or .tar.gz]
+ cd ijb_source_2.9.11_beta
</screen>
</para>
</para>
<para>
- Then, in either case, to build from source:
+ Then, in either case, to build from tarball/CVS source:
</para>
<para>
<screen>
- ./configure
- make
- su
- make install
+ ./configure (--help to see options)
+ make (the make from gnu, gmake for *BSD)
+ su
+ make -n install (to see where all the files will go)
+ make install (to really install)
</screen>
</para>
<para>
<screen>
+ autoheader [suggested for CVS source]
+ autoconf [suggested for CVS source]
./configure
make redhat-dist
</screen>
</para>
<para>
- /usr/src/redhat/RPMS/i686/junkbuster-2.9.8-1.i686.rpm
+ /usr/src/redhat/RPMS/i686/junkbuster-2.9.11-1.i686.rpm
</para>
<para>
- /usr/src/redhat/SRPMS/junkbuster-2.9.8-1.src.rpm
+ /usr/src/redhat/SRPMS/junkbuster-2.9.11-1.src.rpm
</para>
<para>
<para>
<screen>
- rpm -Uvv /usr/src/redhat/RPMS/i686/junkbuster-2.9.8-1.i686.rpm
+ rpm -Uvv /usr/src/redhat/RPMS/i686/junkbuster-2.9.11-1.i686.rpm
</screen>
</para>
<para>
<screen>
+ autoheader [suggested for CVS source]
+ autoconf [suggested for CVS source]
./configure
make suse-dist
</screen>
</para>
<para>
- /usr/src/suse/RPMS/i686/junkbuster-2.9.8-1.i686.rpm
+ /usr/src/packages/RPMS/i686/junkbuster-2.9.11-1.i686.rpm
</para>
<para>
- /usr/src/suse/SRPMS/junkbuster-2.9.8-1.src.rpm
+ /usr/src/packages/SRPMS/junkbuster-2.9.11-1.src.rpm
</para>
<para>
<para>
<screen>
- rpm -Uvv /usr/src/suse/RPMS/i686/junkbuster-2.9.8-1.i686.rpm
+ rpm -Uvv /usr/src/packages/RPMS/i686/junkbuster-2.9.11-1.i686.rpm
</screen>
</para>
</sect2>
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 id="installation-os2"><title>OS/2</title>
+
+<!--
+Thanx David Schmidt!
+-->
+
+<para>
+ <application>Junkbuster</application> is packaged in a WarpIN self-
+ installing archive. The self-installing program will be named depending
+ on the release version, something like:
+ <filename>ijbos2_setup_1.2.3.exe</filename>. In order to install it, simply
+ run this executable or double-click on its icon and follow the WarpIN
+ installation panels. A shadow of the <application>Junkbuster</application>
+ executable will be placed in your startup folder so it will start
+ automatically whenever OS/2 starts.
+</para>
+
+<para>
+ The directory you choose to install <application>Junkbuster</application>
+ into will contain all of the configuration files.
+</para>
+
+<para>
+ If you would like to build binary images on OS/2 yourself, you will need
+ a few Unix-like tools: autoconf, autoheader and sh. These tools will be
+ used to create the required config.h file, which is not part of the
+ source distribution because it differs based on platform. You will also
+ need a compiler.
+ The distribution has been created using IBM VisualAge compilers, but you
+ can use any compiler you like. GCC/EMX has the disadvantage of needing
+ to be single-threaded due to a limitation of EMX's implementation of the
+ select() socket call.
+</para>
+
+<para>
+ In addition to needing the source code distribution as outlined earlier,
+ you will want to extract the <filename>os2seutp</filename> directory from CVS:
+ <screen>
+ cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
+ cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co os2setup
+ </screen>
+ This will create a directory named os2setup/, which will contain the
+ <filename>Makefile.vac</filename> makefile and <filename>os2build.cmd</filename>
+ which is used to completely create the binary distribution. The sequence
+ of events for building the executable for yourself goes something like this:
+ <screen>
+ cd current
+ autoheader
+ autoconf
+ sh configure
+ cd ..\os2setup
+ nmake -f Makefile.vac
+ </screen>
+ You will see this sequence laid out in <filename>os2build.cmd</filename>.
+</para>
+
+</sect2>
+
+
<!-- ~~~~~ New section ~~~~~ -->
<sect2 id="installation-win"><title>Windows</title>
-<para>I need help on this. Not a clue here. Also for
-configuration section below.
+<para>Click-click. (I need help on this. Not a clue here. Also for
+configuration section below. HB.)
</para>
</sect2>
<!-- ~~~~~ New section ~~~~~ -->
<sect2 id="installation-other"><title>Other</title>
-<para>I need help on this too. OS/2? What others?
+<para>
+ Some quick notes on other Operating Systems.
+</para>
+
+<para>
+ For FreeBSD (and other *BSDs?), the build will require <command>gmake</command>
+ instead of the included <command>make</command>. <command>gmake</command> is
+ available from <ulink url="http://www.gnu.org">http://www.gnu.org</ulink>.
+ The rest should be the same as above for Linux/Unix.
</para>
+
</sect2>
</sect1>
<!-- ~~~~~ New section ~~~~~ -->
-<sect1 id="configuration"><title>Junkbuster Configuration</title>
+<sect1 id="configuration"><title>Invoking and Configuring JunkBuster</title>
<para>
- For Unix and Linux, all configuraton files are located in
- <filename>/etc/junkbuster/</filename> by default. For MS Windows, these
- are all in the same directory as the <application>Junkbuster</application>
- executable. The name and number of configuration files has changed from
- previous versions, and is subject to change as development progresses.
+ For Unix, *BSD and Linux, all configuration files are located in
+ <filename>/etc/junkbuster/</filename> by default. For MS Windows, OS/2, and
+ AmigaOS these are all in the same directory as the
+ <application>Junkbuster</application> executable. The name and number of
+ configuration files has changed from previous versions, and is subject to
+ change as development progresses.
</para>
<para>
- The installed defaults provide a reasonable starting point. For the
- time being, there are only three default configuration files (this will
- change in time):
+ The installed defaults provide a reasonable starting point, though possibly
+ aggressive by some standards. For the time being, there are only three
+ default configuration files (this will change in time):
</para>
<para>
<listitem>
<para>
The main configuration file is named <filename>config</filename>
- on Linux and Unix, and <filename>junkbustr.txt</filename> on Windows.
+ on Linux, Unix, BSD, OS/2, and AmigaOS and <filename>config.txt</filename>
+ on Windows.
</para>
</listitem>
<listitem>
<para>
- The <filename>actionsfile</filename> file is used to define various
- actions relating to images, banners, pop-ups, banners and cookies.
+ The <filename>ijb.action</filename> file is used to define various
+ <quote>actions</quote> relating to images, banners, pop-ups, access
+ restrictions, banners and cookies. There is a CGI based editor for this
+ file that can be accessed via <ulink
+ url="http://i.j.b">http://i.j.b</ulink>. This is the easiest method of
+ configuring actions. (Other actions
+ files are included as well with differing levels of filtering
+ and blocking, e.g. <filename>ijb-basic.action</filename>.)
</para>
</listitem>
</para>
<para>
- <filename>actionsfile</filename> and <filename>re_filterfile</filename>
+ <filename>ijb.action</filename> and <filename>re_filterfile</filename>
can use Perl style regular expressions for maximum flexibility. All files use
the <quote><literal>#</literal></quote> character to denote a comment. Such
lines are not processed by <application>Junkbuster</application>. After
- making any changes, restart <application>Junkbuster</application> in order
- for the changes to take effect.
+ making any changes, there is no need to restart
+ <application>Junkbuster</application> in order for the changes to take
+ effect. <application>Junkbuster</application> should detect such changes
+ automatically.
</para>
+<para>
+ While under development, the configuration content is subject to change.
+ The below documentation may not be accurate by the time you read this.
+ Also, what constitutes a <quote>default</quote> setting, may change, so
+ please check all your configuration files on important issues.
+</para>
+
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+
+<sect2>
+<title>Command Line Options</title>
+<para>
+ <application>JunkBuster</application> may be invoked with the following
+ command-line options:
+</para>
+
+<para>
+ <itemizedlist>
+
+ <listitem>
+ <para>
+ <emphasis>--version</emphasis>
+ </para>
+ <para>
+ Print version info and exit, Unix only.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>--help</emphasis>
+ </para>
+ <para>
+ Print a short usage info and exit, Unix only.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>--no-daemon</emphasis>
+ </para>
+ <para>
+ Don't become a daemon, i.e. don't fork and become process group
+ leader, don't detach from controlling tty. Unix only.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>--pidfile FILE</emphasis>
+
+ </para>
+ <para>
+ On startup, write the process ID to <emphasis>FILE</emphasis>. Delete the
+ <emphasis>FILE</emphasis> on exit. Failiure to create or delete the
+ <emphasis>FILE</emphasis> is non-fatal. If no <emphasis>FILE</emphasis>
+ option is given, no PID file will be used. Unix only.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>--user USER</emphasis>
+
+ </para>
+ <para>
+ After (optionally) writing the PID file, assume the user ID of
+ <emphasis>USER</emphasis>. Exit if the privileges are not sufficient to do
+ so. Unix only.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>configfile</emphasis>
+ </para>
+ <para>
+ If no <emphasis>configfile</emphasis> is included on the command line,
+ <application>JunkBuster</application> will look for a file named
+ <quote>config</quote> in the current directory (except on Win32
+ where it will look for <quote>config.txt</quote> instead). Specify
+ full path to avoid confusion.
+ </para>
+ </listitem>
+
+ </itemizedlist>
+</para>
+
+</sect2>
+
+<!-- ~ End section ~ -->
+
<!-- ~~~~~ New section ~~~~~ -->
<title>The Main Configuration File</title>
<para>
Again, the main configuration file is named <filename>config</filename> on
- Linux and Unix, and <filename>junkbustr.txt</filename> on Windows.
+ Linux/Unix/BSD and OS/2, and <filename>config.txt</filename> on Windows.
Configuration lines consist of an initial keyword followed by a list of
values, all separated by whitespace (any number of spaces or tabs). For
example:
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>blockfile blocklist.ini</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</para>
<para>
- The <quote><literal>#</literal></quote> indicates a comment. Any part of a
+ A <quote><literal>#</literal></quote> indicates a comment. Any part of a
line following a <quote><literal>#</literal></quote> is ignored, except if
the <quote><literal>#</literal></quote> is preceded by a
<quote><literal>\</literal></quote>.
<para>
There are various aspects of <application>Junkbuster</application> behavior
- that can be adjusted.
+ that can be tuned.
</para>
</para>
<para>
- On <application>Windows</application>, <application>Junkbuster</application>
- looks for these files in the same directory as the executable. On Unix,
+ On <application>Windows</application> and <application>AmigaOS</application>,
+ <application>Junkbuster</application> looks for these files in the same
+ directory as the executable. On Unix and OS/2,
<application>Junkbuster</application> looks for these files in the current
- working directory. In either case, an absolute path name can be used to
+ working directory. In either case, an absolute path name can be used to
avoid problems.
</para>
<para>
- When development goes modular and multiuser, the blocker, filter, and
+ When development goes modular and multi-user, the blocker, filter, and
per-user config will be stored in subdirectories of <quote>confdir</quote>.
For now, only <filename>confdir/templates</filename> is used for storing HTML
templates for CGI results.
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>confdir /etc/junkbuster</emphasis> # No trailing /, please.
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>logdir /var/log/junkbuster</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</para>
<para>
- The <quote>actionsfile</quote> contains patterns to specify the actions to
+ The <quote>ijb.action</quote> file contains patterns to specify the actions to
apply to requests for each site. Default: Cookies to and from all
- destinations are filtered. Popups are disabled for all sites. All sites are
- filtered if re_filterfile specified. No sites are blocked. An empty image is
- displayed for filtered ads and other images (formerly
- <quote>tinygif</quote>). The syntax of this file is explained in detail
- <link linkend="actionsfile">below</link>.
+ destinations are kept only during the current browser session (i.e. they
+ are not saved to disk). Pop-ups are disabled for all sites. All sites are
+ filtered if <quote>re_filterfile</quote> specified according to the
+ contents of <quote>re_filterfile</quote>. No sites are blocked. The
+ JunkBuster logo is displayed for filtered ads and other images . The syntax
+ of this file is explained in detail <link
+ linkend="actionsfile">below</link>.
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- <emphasis>actionsfile actionsfile</emphasis>
+ <emphasis>actionsfile ijb.action</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
The <quote>re_filterfile</quote> file contains content modification rules.
These rules permit powerful changes on the content of Web pages, e.g., you
- could disable your favourite JavaScript annoyances, rewrite the actual
+ could disable your favorite JavaScript annoyances, rewrite the actual
content, or just have some fun replacing <quote>Microsoft</quote> with
<quote>MicroSuck</quote> wherever it appears on a Web page. Default: No
content modification, or whatever the developers are playing with :-/
</para>
+<para>
+ Filtering requires buffering the page content, which may appear to slow down
+ page rendering since nothing is displayed until all content has passed
+ the filters. (It does not really take longer, but seems that way since
+ the page is not incrementally displayed.) This effect will be more noticeable
+ on slower connections.
+
+</para>
+
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>re_filterfile re_filterfile</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>logfile logfile</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>#jarfile jarfile</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
with the effect that access to untrusted sites will be granted, if a link
from a trusted referrer was used. The link target will then be added to the
<quote>trustfile</quote>. This is a very restrictive feature that typical
- users most propably want to leave disabled. Default: Disabled, don't use the
+ users most probably want to leave disabled. Default: Disabled, don't use the
trust mechanism.
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>#trustfile trust</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
- If you use the trust mechanism, it is a good idea to write up some online
+ If you use the trust mechanism, it is a good idea to write up some on-line
documentation about your blocking policy and to specify the URL(s) here. They
will appear on the page that your users receive when they try to access
untrusted content. Use multiple times for multiple URLs. Default: Don't
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>trust-info-url http://www.your-site.com/why_we_block.html</emphasis>
<emphasis>trust-info-url http://www.your-site.com/what_we_allow.html</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>#admin-address fill@me.in.please</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
configuration and policies. It is used in many of the proxy-generated pages
and its use is highly recommended in multi-user installations, since your
users will want to know why certain content is blocked or modified. Default:
- Don't show a link to online documentation.
+ Don't show a link to on-line documentation.
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>proxy-info-url http://www.your-site.com/proxy.html</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<quote>Listen-address</quote> specifies the address and port where
<application>Junkbuster</application> will listen for connections from your
- Web browser. The default is to listen on the localhost port 8000, and
+ Web browser. The default is to listen on the localhost port 8118, and
this is suitable for most users. (In your web browser, under proxy
configuration, list the proxy server as <quote>localhost</quote> and the
- port as <quote>8000</quote>).
+ port as <quote>8118</quote>).
</para>
<para>
- If you already have another service running on port 8000, or if you want to
+ If you already have another service running on port 8118, or if you want to
serve requests from other machines (e.g. on your local network) as well, you
will need to override the default. The syntax is
<quote>listen-address [<ip-address>]:<port></quote>. If you leave
- out the IP adress, <application>junkbuster</application> will bind to all
+ out the IP ad
dress, <application>junkbuster</application> will bind to all
interfaces (addresses) on your machine and may become reachable from the
- internet. In that case, consider using access control lists (acl's) (see
- <quote>aclfile</quote> above).
+ Internet. In that case, consider using access control lists (acl's) (see
+ <quote>aclfile</quote> above), or a firewall.
</para>
<para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- <emphasis>listen-address 192.168.0.1:8000</emphasis>
+ <emphasis>listen-address 192.168.0.1:8118</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- <emphasis>listen-address :8000</emphasis>
+ <emphasis>listen-address :8118</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
If you do this, consider using ACLs (see <quote>aclfile</quote> above). Note:
you will need to point your browser(s) to the address and port that you have
- configured here. Default: localhost:8000 (127.0.0.1:8000).
+ configured here. Default: localhost:8118 (127.0.0.1:8118).
</para>
<para>
levels of debug are probably only of interest to developers.
</para>
-<Para>
- <Literal>
- <MSGText>
- <LiteralLayout>
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
debug 1 # GPC = show each GET/POST/CONNECT request
debug 2 # CONN = show each connection status
debug 4 # IO = show I/O status
debug 32 # FRC = debug force feature
debug 64 # REF = debug regular expression filter
debug 128 # = debug fast redirects
- debug 256 # = debug GIF deanimation
+ debug 256 # = debug GIF de-animation
debug 512 # CLF = Common Log Format
- debug 1024 # = debug kill popups
+ debug 1024 # = debug kill pop-ups
debug 4096 # INFO = Startup banner and warnings.
debug 8192 # ERROR = Non-fatal errors
- </LiteralLayout>
- </MSGText>
- </Literal>
-</Para>
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
<para>
It is <emphasis>highly recommended</emphasis> that you enable ERROR
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>debug 15 # same as setting the first 4 listed above</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>debug 1 # URLs</emphasis>
<emphasis>debug 4096 # Info</emphasis>
<emphasis>debug 8192 # Errors - *we highly recommended enabling this*</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>#single-threaded</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
The Windows version of <application>Junkbuster</application> puts an icon in
- the system tray, which allows you to change this option without having to
- edit this file. If you right-click on that icon (or select the
- <quote>Options</quote> menu), one choice is <quote>Enable</quote>. Clicking
- on enable toggles <application>Junkbuster</application> on and off. This is
- useful if you want to temporarily disable
- <application>Junkbuster</application>, e.g., to access a site that requires
- cookies which you normally have blocked.
+ the system tray, which also allows you to change this option. If you
+ right-click on that icon (or select the <quote>Options</quote> menu), one
+ choice is <quote>Enable</quote>. Clicking on enable toggles
+ <application>Junkbuster</application> on and off. This is useful if you want
+ to temporarily disable <application>Junkbuster</application>, e.g., to access
+ a site that requires cookies which you would otherwise have blocked. This can also
+ be toggled via a web browser at the <application>Junkbuster</application>
+ internal address of <ulink url="http://i.j.b">http://i.j.b</ulink> on
+ any platform.
</para>
<para>
<quote>toggle 1</quote> means <application>Junkbuster</application> runs
normally, <quote>toggle 0</quote> means that
<application>Junkbuster</application> becomes a non-anonymizing non-blocking
- proxy. Default: 1.
+ proxy. Default: 1 (on).
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>toggle 1</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ For content filtering, i.e. the <quote>+filter</quote> and
+ <quote>+deanimate-gif</quote> actions, it is necessary that
+ <application>Junkbuster</application> buffers the entire document body.
+ This can be potentially dangerous, since a server could just keep sending
+ data indefinitely and wait for your RAM to exhaust. With nasty consequences.
+</para>
+
+<para>
+ The <application>buffer-limit</application> option lets you set the maximum
+ size in Kbytes that each buffer may use. When the documents buffer exceeds
+ this size, it is flushed to the client unfiltered and no further attempt to
+ filter the rest of it is made. Remember that there may multiple threads
+ running, which might require increasing the <quote>buffer-limit</quote>
+ Kbytes <emphasis>each</emphasis>, unless you have enabled
+ <quote>single-threaded</quote> above.
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>buffer-limit 4069</emphasis>
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ To enable the web-based <filename>ijb.action</filename> file editor set
+ <application>enable-edit-actions</application> to 1, or 0 to disable. Note
+ that you must have compiled <application>JunkBuster</application> with
+ support for this feature, otherwise this option has no effect. This
+ internal page can be reached at <ulink
+ url="http://i.j.b">http://i.j.b</ulink>.
+ </para>
+
+<para>
+ Security note: If this is enabled, anyone who can use the proxy
+ can edit the actions file, and their changes will affect all users.
+ For shared proxies, you probably want to disable this. Default: enabled.
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>enable-edit-actions 1</emphasis>
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ Allow <application>JunkBuster</application> to be toggled on and off
+ remotely, using your web browser. Set <quote>enable-remote-toggle</quote>to
+ 1 to enable, and 0 to disable. Note that you must have compiled
+ <application>JunkBuster</application> with support for this feature,
+ otherwise this option has no effect.
+</para>
+
+<para>
+ Security note: If this is enabled, anyone who can use the proxy can toggle
+ it on or off (see <ulink url="http://i.j.b">http://i.j.b</ulink>), and
+ their changes will affect all users. For shared proxies, you probably want to
+ disable this. Default: enabled.
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>enable-remote-toggle 1</emphasis>
+ </literallayout>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
ACTION SRC_ADDR[/SRC_MASKLEN] [ DST_ADDR[/DST_MASKLEN] ]
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>ACTION</emphasis> = <quote>permit-access</quote> or <quote>deny-access</quote>
<emphasis>DST_ADDR</emphasis> = server or forwarder hostname or dotted IP address
<emphasis>DST_MASKLEN</emphasis> = number of bits in the subnet mask for the target
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>permit-access localhost</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>permit-access www.junkbusters.com/24</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>deny-access ident.junkbusters.com</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>permit-access 207.153.200.0/24</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>permit-access 0.0.0.0/0</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>permit-access .org</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>permit-access 0.0.0.0/0 0.0.0.0/0</emphasis> # other clients can go anywhere
# with the following exceptions:
<emphasis>permit 123.124.0.0/16 0.0.0.0/0</emphasis> # the ISP's clients can go
# anywhere
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<title>Forwarding</title>
<para>
- This feature allows routing of HTTP requests via multiple proxies.
+ This feature allows chaining of HTTP requests via multiple proxies.
It can be used to better protect privacy and confidentiality when
accessing specific domains by routing requests to those domains
- to a special purpose filtering proxy such as lpwa.com.
+ to a special purpose filtering proxy such as lpwa.com. Or to use
+ a caching proxy to speed up browsing.
</para>
<para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward target_domain[:port] http_proxy_host[:port]</emphasis>
<emphasis>forward-socks4 target_domain[:port] socks_proxy_host[:port] http_proxy_host[:port]</emphasis>
<emphasis>forward-socks4a target_domain[:port] socks_proxy_host[:port] http_proxy_host[:port]</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward .* . </emphasis># implicit
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward .* lpwa.com:8000</emphasis>
<emphasis>forward :443 .</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward lpwa. lpwa.com:8000</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
- (NOTE: the syntax for specifiying target_domain has changed since the
+ (NOTE: the syntax for specifying target_domain has changed since the
previous paragraph was written -- it will not work now. More information
is welcome.)
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward .* caching.myisp.net:8000</emphasis>
<emphasis>forward myisp.net .</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward .* proxy:8080</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
- Also, we're told they insist on getting cookies and JavaScript, so you need
- to add home.com to the cookie file. We consider JavaScript a security risk.
+ Also, we're told they insist on getting cookies and JavaScript, so you should
+ add home.com to the cookie file. We consider JavaScript a security risk.
Java need not be enabled.
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- <emphasis>forward_socks4 .* lpwa.com:8000 firewall.my_company.com:1080</emphasis>
+ <emphasis>forward-socks4 .* lpwa.com:8000 firewall.my_company.com:1080</emphasis>
<emphasis>forward my_company.com .</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- <emphasis>forward_socks4a .* . firewall.my_company.com:1080</emphasis>
+ <emphasis>forward-socks4a .* . firewall.my_company.com:1080</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward .* .</emphasis>
- <emphasis>forward isp-b.com host-b:8000</emphasis>
+ <emphasis>forward isp-b.com host-b:8118</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward .* .</emphasis>
- <emphasis>forward isp-a.com host-a:8000</emphasis>
+ <emphasis>forward isp-a.com host-a:8118</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>forward *. ssbcache.ukc.ac.uk:3128</emphasis> # Use the proxy, except for:
<emphasis>forward .ukc.ac.uk . </emphasis> # Anything on the same domain as us
<emphasis>forward localhost.localdomain . </emphasis> # Loopback address
<emphasis>forward www.ukc.mirror.ac.uk . </emphasis> # Specific host
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# Define junkbuster as parent cache
- cache_peer 127.0.0.1 8000 parent 0 no-query
-
+ <!-- per feedback from user...
+ cache_peer 127.0.0.1 8118 parent 0 no-query
+ -->
+ cache_peer 127.0.0.1 parent 8118 0 no-query
+
# Define ACL for protocol FTP
acl FTP proto FTP
# Forward the rest to junkbuster
never_direct allow all
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>activity-animation 1</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>log-messages 1</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>log-buffer-size 1</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>log-max-lines 200</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>log-highlight-messages 1</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>log-font-name Comic Sans MS</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>log-font-size 8</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>show-on-task-bar 0</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>close-button-minimizes 1</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
#hide-console
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<title>The Actions File</title>
<para>
- The <quote>actionsfile</quote> is used to define what actions
+ The <quote>ijb.action</quote> file (formerly
+ <filename>actionsfile</filename>) is used to define what actions
<application>Junkbuster</application> takes, and thus determines how images,
cookies and various other aspects of HTTP content and transactions are
handled. Images can be anything you want, including ads, banners, or just
some obnoxious image that you would rather not see. Cookies can be accepted
- or rejected. The default file is in fact named <filename>actionsfile</filename>.
+ or rejected, or accepted only during the current browser session (i.e.
+ not written to disk). Changes to <filename>ijb.action</filename> should
+ be immediately visible to <application>Junkbuster</application> without
+ the need to restart.
</para>
<para>
url="http://i.j.b/show-url-info">http://i.j.b/show-url-info</ulink>.
</para>
+<para>
+ The actions file can be edited with a browser by loading
+ <ulink url="http://i.j.b/">http://i.j.b/</ulink>, and then select
+ <quote>Edit Actions</quote>.
+</para>
+
<para>
There are four types of lines in this file: comments (begin with a
<quote>#</quote> character), actions, aliases and patterns, all of which are
- explained below.
+ explained below, as well as the configuration file syntax that
+ <application>Junkbuster</application> understands.
+
</para>
</para>
<para>
- Additionally, there are wildcards that you can use in the domain names
- themselves. They work pretty similar to shell wildcards: <quote>*</quote>
+ Additionally, there are wild-cards that you can use in the domain names
+ themselves. They work pretty similar to shell wild-cards: <quote>*</quote>
stands for zero or more arbitrary characters, <quote>?</quote> stands for
- any single character. And you can define charachter classes in square
+ any single character. And you can define character classes in square
brackets and they can be freely mixed:
</para>
<para>
If <application>Junkbuster</application> was compiled with
<quote>pcre</quote> support (default), Perl compatible regular expressions
- can be used. See the <filename>pcre/docs/</filename> direcory or <quote>man
+ can be used. See the <filename>pcre/docs/</filename> directory or <quote>man
perlre</quote> (also available on <ulink
url="http://www.perldoc.com/perl5.6/pod/perlre.html">http://www.perldoc.com/perl5.6/pod/perlre.html</ulink>)
for details. A brief discussion of regular expressions is in the
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>{+name}</emphasis> # enable this action
<emphasis>{-name}</emphasis> # disable this action
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
<listitem>
<para>
- Parameterized (e.g. <quote>+/-hide-user-agent</quote>):
+ parameterized (e.g. <quote>+/-hide-user-agent</quote>):
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>{+name{param}}</emphasis> # enable action and set parameter to <quote>param</quote>
<emphasis>{-name}</emphasis> # disable action
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>{+name{param}}</emphasis> # enable action and add parameter <quote>param</quote>
<emphasis>{-name{param}}</emphasis> # remove the parameter <quote>param</quote>
<emphasis>{-name}</emphasis> # disable this action totally
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
So in this case <application>JunkBuster</application> would just be a
normal, non-blocking, non-anonymizing proxy. You must specifically
enable the privacy and blocking features you need (although the
- provided default <filename>actionsfile</filename> file will
+ provided default <filename>ijb.action</filename> file will
give a good starting point).
</para>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+add-header{Name: value}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+block</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
This will also shrink the images considerably (in bytes, not pixels!). If
the option <quote>first</quote> is given, the first frame of the animation
is used as the replacement. If <quote>last</quote> is given, the last frame
- of the animation is used instead, which propably makes more sense for most
+ of the animation is used instead, which probably makes more sense for most
banner animations, but also has the risk of not showing the entire last
frame (if it is only a delta to an earlier frame).
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+deanimate-gifs{last}</emphasis>
<emphasis>+deanimate-gifs{first}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
-
+
+ <listitem>
+ <para>
+ <quote>+downgrade</quote> will downgrade HTTP/1.1 client requests to
+ HTTP/1.0 and downgrade the responses as well. Use this action for servers
+ that use HTTP/1.1 protocol features that
+ <application>Junkbuster</application> doesn't handle well yet. HTTP/1.1
+ is only partially implemented. Default is not to downgrade requests.
+ </para>
+ <para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>+downgrade</emphasis>
+ </literallayout>
+ </msgtext>
+ </literal>
+ </para>
+ </listitem>
+
<listitem>
<para>
Many sites, like yahoo.com, don't just link to other sites. Instead, they
</para>
<para>
Sometimes, there are even multiple consecutive redirects encoded in the
- URL. These redirections via scripts make your web browing more traceable,
+ URL. These redirections via scripts make your web browsing more traceable,
since the server from which you follow such a link can see where you go to.
Apart from that, valuable bandwidth and time is wasted, while your browser
ask the server for one redirect after the other. Plus, it feeds the
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+fast-redirects</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+filter{filename}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-forwarded</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-from{block}</emphasis>
<emphasis>+hide-from{spam@sittingduck.xqq}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-referer{block}</emphasis>
<emphasis>+hide-referer{forge}</emphasis>
<emphasis>+hide-referer{http://nowhere.com}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-referrer{...}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<!--
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-user-agent{JunkBuster/1.0}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
(Don't change the version number from 1.0 - after all, why tell them?)
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+hide-user-agent{browser-type}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
-->
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+image</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+image-blocker{logo}</emphasis>
<emphasis>+image-blocker{blank}</emphasis>
<emphasis>+image-blocker{http://i.j.b/send-banner}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
+ </literal>
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ By default (i.e. in the absence of a <quote>+limit-connect</quote>
+ action), <application>Junkbuster</application> will only allow CONNECT
+ requests to port 443, which is the standard port for https as a
+ precaution.
+ </para>
+
+ <para>
+ The CONNECT methods exists in HTTP to allow access to secure websites
+ (https:// URLs) through proxies. It works very simply: the proxy
+ connects to the server on the specified port, and then short-circuits
+ its connections to the client <emphasis>and</emphasis> to the remote proxy.
+ This can be a big security hole, since CONNECT-enabled proxies can
+ be abused as TCP relays very easily.
+ </para>
+
+ <para>
+ If you want to allow CONNECT for more ports than this, or want to forbid
+ CONNECT altogether, you can specify a comma separated list of ports and
+ port ranges (the latter using dashes, with the minimum defaulting to 0 and
+ max to 65K):
+ </para>
+
+ <para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>+limit-connect{443} # This is the default and need no be specified.</emphasis>
+ <emphasis>+limit-connect{80,443} # Ports 80 and 443 are OK.</emphasis>
+ <emphasis>+limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100</emphasis>
+ <emphasis> #and above 500 are OK.</emphasis>
+ </literallayout>
+ </msgtext>
+ </literal>
+ </para>
+
+ </listitem>
+
+ <listitem>
+ <para>
+ <quote>+no-compression</quote> prevents the website from compressing the
+ data. Some websites do this, which can be a problem for
+ <application>Junkbuster</application>, since <quote>+filter</quote>,
+ <quote>+no-popup</quote> and <quote>+gif-deanimate</quote> will not work on
+ compressed data. This will slow down connections to those websites,
+ though. Default is <quote>nocompression</quote> is turned on.
+ </para>
+
+ <para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>+nocompression</emphasis>
+ </literallayout>
+ </msgtext>
+ </literal>
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ If the website sets cookies, <quote>no-cookies-keep</quote> will make sure
+ they are erased when you exit and restart your web browser. This makes
+ profiling cookies useless, but won't break sites which require cookies so
+ that you can log in for transactions. Default: on.
+ </para>
+ <para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ <emphasis>+no-cookies-keep</emphasis>
+ </literallayout>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+no-cookies-read</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+no-cookies-set</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+no-popup</emphasis>
<emphasis>+no-popups</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+vanilla-wafer</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
<emphasis>+wafer{name=value}</emphasis>
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</listitem>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- # Turn off all cookies
+ # Turn off all persistent cookies
{ +no-cookies-read }
{ +no-cookies-set }
+ # Allow cookies for this browser session ONLY
+ { +no-cookies-keep }
- # Execeptions to the above, sites that need cookies
+ # Exceptions to the above, sites that benefit from persistent cookies
{ -no-cookies-read }
{ -no-cookies-set }
+ { -no-cookies-keep }
.javasoft.com
.sun.com
.yahoo.com
.redhat.com
# Alternative way of saying the same thing
- {-no-cookies-set -no-cookies-read}
+ {-no-cookies-set -no-cookies-read -no-cookies-keep}
.sourceforge.net
.sf.net
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# Turn them off!
{+fast-redirects}
www.ukc.ac.uk/cgi-bin/wac\.cgi\?
login.yahoo.com
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# Run everything through the default filter file (<filename>re_filterfile</filename>):
{+filter}
{-filter}
.cvs.sourceforge.net
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# Blocklist:
{+block}
/.*/adlib/server\.cgi
/autoads/
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<title>Aliases</title>
<para>
Custom <quote>actions</quote>, known to <application>Junkbuster</application>
- as <quote>aliases</quote>, can be defined by combing other <quote>actions</quote>.
+ as <quote>aliases</quote>, can be defined by combining other <quote>actions</quote>.
These can in turn be invoked just like the built-in <quote>actions</quote>.
Currently, an alias can contain any character except space, tab, <quote>=</quote>,
<quote>{</quote> or <quote>}</quote>. But please use only <quote>a</quote>-
<quote>z</quote>, <quote>0</quote>-<quote>9</quote>, <quote>+</quote>, and
- <quote>-</quote>. Alias names are not case sensitive, and must be defined
- before they are used.
+ <quote>-</quote>. Alias names are not case sensitive, and
+ <emphasis>must be defined before anything</emphasis> else in the
+ <filename>ijb.action</filename>file ! And there can only be one set of
+ <quote>aliases</quote> defined.
</para>
<para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
- # Aliases
+ # Useful customer aliases we can use later. These must come first!
{{alias}}
-
- # Useful aliases
+no-cookies = +no-cookies-set +no-cookies-read
-no-cookies = -no-cookies-set -no-cookies-read
fragile = -block -no-cookies -filter -fast-redirects -hide-referer -no-popups
c3 = +no-cookies-set -no-cookies-read
#... etc. Customize to your heart's content.
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# These sites are very complex and require
# minimal interference.
{fragile}
.office.microsoft.com
.windowsupdate.microsoft.com
+ .nytimes.com
# Shopping sites - still want to block ads.
{shop}
.dabs.com
.overclockers.co.uk
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# The status bar is for displaying link targets, not pointless buzzwords.
# Again, check it out on http://www.airport-cgn.de/.
s/status='.*?';*//ig
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
s/microsoft(?!.com)/MicroSuck/ig
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
<para>
<literal>
- <MSGText>
+ <msgtext>
<literallayout>
# Kill refresh tags. I like to refresh myself. Manually.
# check it out on http://www.airport-cgn.de/ and go to the arrivals page.
s/<meta[^>]*http-equiv[^>]*refresh.*URL=([^>]*?)"?>/<link rev="x-refresh" href=$1>/i
s/<meta[^>]*http-equiv="?page-enter"?[^>]*content=[^>]*>/<!--no page enter for me-->/i
</literallayout>
- </MSGText>
+ </msgtext>
</literal>
</para>
</sect2>
+<!-- ~ End section ~ -->
+
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+
+<sect2>
+<title>Templates</title>
+<para>
+ When <application>Junkbuster</application> displays one of its internal
+ pages, such as a 404 Not Found error page, it uses the appropriate template.
+ On Linux, BSD, and Unix, these are locate in
+ <filename>/etc/junkbuster/templates</filename> by default. These may be
+ customized, if desired.
+
+</para>
+</sect2>
+
</sect1>
+<!-- ~ End section ~ -->
+
+
+
<!-- ~~~~~ New section ~~~~~ -->
<sect1 id="quickstart"><title>Quickstart to Using Junkbuster</title>
-<para>To be filled.
+<para>
+ Install package, then run and enjoy! <application>JunkBuster</application>
+ accepts only one command line option -- the configuration file to be
+ used. Example Unix startup command:
+</para>
+
+<para>
+ <screen>
+
+ # /usr/sbin/junkbuster /etc/junkbuster/config
+
+ </screen>
+</para>
+
+<para>
+ An init script is provided for SuSE and Redhat.
+</para>
+
+<para>
+For for SuSE: /etc/rc.d/junkbuster start
+</para>
+
+<para>
+For RedHat: /etc/rc.d/init.d/junkbuster start
</para>
+
+
+<para>
+ If no configuration file is specified on the command line,
+ <application>Junkbuster</application> will look for a file named
+ <filename>config</filename> in the current directory. Except on Win32 where
+ it will try <filename>config.txt</filename>. If no file is specified on the
+ command line and no default configuration file can be found,
+ <application>Junkbuster</application> will fail to start.
+</para>
+
+<para>
+ Be sure your browser is set to use the proxy which is by default at
+ localhost, port 8118. With <application>Netscape</application> (and
+ <application>Mozilla</application>), this can be set under <literal>Edit
+ -> Preferences -> Advanced -> Proxies -> HTTP Proxy</literal>.
+ For <application>Internet Explorer</application>: <literal>Tools >
+ Internet Properties -> Connections -> LAN Setting</literal>. Then,
+ check <quote>Use Proxy</quote> and fill in the appropriate info (Address:
+ localhost, Port: 8118). Include if HTTPS proxy support too.
+</para>
+
+<para>
+ The included default configuration files should give a reasonable starting
+ point, though may be somewhat aggressive in blocking junk. You will probably
+ want to keep an eye out for sites that require persistent cookies, and add these to
+ <filename>ijb.action</filename> as needed. By default, most of these will
+ be accepted only during the current browser session, until you add them to
+ the configuration. If you want the browser to handle this instead, you will
+ need to edit <filename>ijb.action</filename> and disable this feature. If you
+ use more than one browser, it would make more sense to let
+ <application>Junkbuster</application> handle this. In which case, the
+ browser(s) should be set to accept all cookies.
+</para>
+
+<para>
+ If a particular site shows problems loading properly, try adding it
+ to the <literal>{fragile}</literal> section of
+ <filename>ijb.action</filename>. This will turn off most actions for
+ this site.
+</para>
+
+<para>
+ <application>Junkbuster</application> is HTTP/1.1 compliant, but not all 1.1
+ features are as yet implemented. If browsers that support HTTP/1.1 (like
+ <application>Mozilla</application> or recent versions of I.E.) experience
+ problems, you might try to force HTTP/1.0 compatibility. For Mozilla, look
+ under <literal>Edit -> Preferences -> Debug -> Networking</literal>.
+ Or set the <quote>+downgrade</quote> config option in
+ <filename>ijb.action</filename>.
+</para>
+
+<para>
+ After running <application>Junkbuster</application> for a while, you can
+ start to fine tune the configuration to suit your personal, or site,
+ preferences and requirements. There are many, many aspects that can
+ be customized. <quote>Actions</quote> (as specified in <filename>ijb.action</filename>)
+ can be adjusted by pointing your browser to
+ <ulink url="http://i.j.b/">http://i.j.b/</ulink>,
+ and then follow the link to <quote>edit the actions list</quote>.
+ (This is an internal page and does not require Internet access.)
+</para>
+
+<para>
+ In fact, various aspects of <application>Junkbuster</application>
+ configuration can be viewed from this page, including
+ current configuration parameters, source code version numbers,
+ the browser's request headers, and <quote>actions</quote> that apply
+ to a given URL. In addition to the <filename>ijb.action</filename> file
+ editor mentioned above, <application>Junkbuster</application> can also
+ be turned <quote>on</quote> and <quote>off</quote> from this page.
+</para>
+
+<para>
+ If you encounter problems, please verify it is a
+ <application>Junkbuster</application> bug, by disabling
+ <application>Junkbuster</application>, and then trying the same page.
+ Also, try another browser if possible to eliminate browser or site
+ problems. Before reporting it as a bug, see if there is not a configuration
+ option that is enabled that is causing the page not to load. You can
+ then add an exception for that page or site. If a bug, please report it to
+ the developers (see below).
+</para>
+
</sect1>
<!-- ~~~~~ New section ~~~~~ -->
-<sect1 id="contact"><title>Contact the developers</title>
-<para>To be filled. mention the support forums as the primary channel of
-communication (bugs, feature requests, etc.)
+<sect1 id="contact"><title>Contacting the Developers, Bug Reporting and Feature
+Requests</title>
+<para>
+We value your feedback. However, to provide you with the best support,
+please note:
+ <simplelist>
+ <member>Use the <ulink url="http://sourceforge.net/tracker/?group_id=11118&atid=211118">support forum</ulink> to get
+ help.</member>
+ <member>Submit bugs only thru our <ulink url="http://sourceforge.net/tracker/?group_id=11118&atid=111118">bug
+ forum</ulink>.
+Make sure that the bug has not yet been submitted. Please try to
+verify that it is a <application>Junkbuster</application> bug, and not
+a browser or site bug first. Also, check to make sure this is not
+already a known bug. If you are using your own custom configuration,
+please try the stock configs to see if the problem is a configuration
+related bug. And if not using the latest development snapshot, please
+try the latest one. Or even better, CVS sources.
+</member>
+ <member>Submit feature requests only thru our <ulink
+ url="http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse">feature request forum</ulink>.</member>
+ </simplelist>
+</para>
+
+<para>
+For any other issues, feel free to use the <a
+href="http://sourceforge.net/mail/?group_id=11118">mailing lists</a>.
+</para>
+
+<para>
+ Anyone interested in actively participating in development and related
+ discussions can join the appropriate mailing list
+ <ulink url="http://sourceforge.net/mail/?group_id=11118">here</ulink>.
+ Archives are available here too.
</para>
+
</sect1>
+
<!-- ~~~~~ New section ~~~~~ -->
<sect1 id="copyright"><title>Copyright and History</title>
-<para>To be filled.
+
+<sect2>
+<title>License</title>
+<para>
+ <application>Internet Junkbuster</application> is free software; you can
+ redistribute it and/or modify it under the terms of the GNU General Public
+ License as published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+</para>
+
+<para>
+ This program is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ details, which is available from <ulink
+ url="http://www.gnu.org/copyleft/gpl.html">the Free Software Foundation,
+ Inc</ulink>, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
</para>
+
+</sect2>
+
+<!-- ~ End section ~ -->
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+
+<sect2>
+<title>History</title>
+<para>
+ <application>Junkbuster</application> was originally written by Anonymous
+ Coders and <ulink
+ url="http://www.junkbusters.com/ht/en/ijbfaq.html">Junkbuster's
+ Corporation</ulink>, and was released as free open-source software under the
+ GNU GPL. <ulink url="http://www.waldherr.org/junkbuster/">Stefan
+ Waldherr</ulink> made many improvements, and started the <ulink
+ url="http://sourceforge.net/projects/ijbswa/">SourceForge project</ulink> to
+ rekindle development. There are now several active developers contributing.
+ The last stable release was v2.0.2, which has now grown whiskers ;-).
+</para>
+
+</sect2>
+
</sect1>
<!-- ~~~~~ New section ~~~~~ -->
<sect1 id="seealso"><title>See also</title>
-<para>To be filled.
+<para>
+
+ <simplelist>
+ <member>
+ <ulink url="http://sourceforge.net/projects/ijbswa">http://sourceforge.net/projects/ijbswa</ulink>
+ </member>
+ </simplelist>
+ <simplelist>
+ <member>
+ <ulink url="http://ijbswa.sourceforge.net/">http://ijbswa.sourceforge.net/</ulink>
+ </member>
+ </simplelist>
+ <simplelist>
+ <member>
+ <ulink url="http://i.j.b/">http://i.j.b/</ulink>
+ </member>
+ </simplelist>
+ <simplelist>
+ <member>
+ <ulink url="http://www.junkbusters.com/ht/en/cookies.html">http://www.junkbusters.com/ht/en/cookies.html</ulink>
+ </member>
+ </simplelist>
+ <simplelist>
+ <member>
+ <ulink url="http://www.waldherr.org/junkbuster/">http://www.waldherr.org/junkbuster/</ulink>
+ </member>
+ </simplelist>
+ <simplelist>
+ <member>
+ <ulink url="http://privacy.net/analyze/">http://privacy.net/analyze/</ulink>
+ </member>
+ </simplelist>
+ <simplelist>
+ <member>
+ <ulink url="http://www.squid-cache.org/">http://www.squid-cache.org/</ulink>
+ </member>
+ </simplelist>
+
</para>
</sect1>
<sect2 id="regex">
<title>Regular Expressions</title>
<para>
- WIP
+ <application>Junkbuster</application> can use <quote>regular expressions</quote>
+ in various config files. Assuming support for <quote>pcre</quote> (Perl
+ Compatible Regular Expressions) is compiled in, which is the default. Such
+ configuration directives do not require regular expressions, but they can be
+ used to increase flexibility by matching a pattern with wild-cards against
+ URLs.
+</para>
+
+<para>
+ If you are reading this, you probably don't understand what <quote>regular
+ expressions</quote> are, or what they can do. So this will be a very brief
+ introduction only. A full explanation would require a book ;-)
+</para>
+
+<para>
+ <quote>Regular expressions</quote> is a way of matching one character
+ expression against another to see if it matches or not. One of the
+ <quote>expressions</quote> is a literal string of readable characters
+ (letter, numbers, etc), and the other is a complex string of literal
+ characters combined with wild-cards, and other special characters, called
+ meta-characters. The <quote>meta-characters</quote> have special meanings and
+ are used to build the complex pattern to be matched against. Perl Compatible
+ Regular Expressions is an enhanced form of the regular expression language
+ with backward compatibility.
+</para>
+
+<para>
+ To make a simple analogy, we do something similar when we use wild-card
+ characters when listing files with the <command>dir</command> command in DOS.
+ <literal>*.*</literal> matches all filenames. The <quote>special</quote>
+ character here is the asterisk which matches any and all characters. We can be
+ more specific and use <literal>?</literal> to match just individual
+ characters. So <quote>dir file?.text</quote> would match
+ <quote>file1.txt</quote>, <quote>file2.txt</quote>, etc. We are pattern
+ matching, using a similar technique to <quote>regular expressions</quote>!
+</para>
+
+<para>
+ Regular expressions do essentially the same thing, but are much, much more
+ powerful. There are many more <quote>special characters</quote> and ways of
+ building complex patterns however. Let's look at a few of the common ones,
+ and then some examples:
+</para>
+
+<simplelist>
+ <member>
+ <emphasis>.</emphasis> - Matches any single character, e.g. <quote>a</quote>,
+ <quote>A</quote>, <quote>4</quote>, <quote>:</quote>, or <quote>@</quote>.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>?</emphasis> - The preceding character or expression is matched ZERO or ONE
+ times. Either/or.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>+</emphasis> - The preceding character or expression is matched ONE or MORE
+ times.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>*</emphasis> - The preceding character or expression is matched ZERO or MORE
+ times.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>\</emphasis> - The <quote>escape</quote> character denotes that
+ the following character should be taken literally. This is used where one of the
+ special characters (e.g. <quote>.</quote>) needs to be taken literally and
+ not as a special meta-character.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>[]</emphasis> - Characters enclosed in brackets will be matched if
+ any of the enclosed characters are encountered.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>()</emphasis> - parentheses are used to group a sub-expression,
+ or multiple sub-expressions.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>|</emphasis> - The <quote>bar</quote> character works like an
+ <quote>or</quote> conditional statement. A match is successful if the
+ sub-expression on either side of <quote>|</quote> matches.
+ </member>
+</simplelist>
+
+<simplelist>
+ <member>
+ <emphasis>s/string1/string2/g</emphasis> - This is used to rewrite strings of text.
+ <quote>string1</quote> is replaced by <quote>string2</quote> in this
+ example.
+ </member>
+</simplelist>
+
+<para>
+ These are just some of the ones you are likely to use when matching URLs with
+ <application>Junkbuster</application>, and is a long way from a definitive
+ list. This is enough to get us started with a few simple examples which may
+ be more illuminating:
+</para>
+
+<para>
+ <emphasis><literal>/.*/banners/.*</literal></emphasis> - A simple example
+ that uses the common combination of <quote>.</quote> and <quote>*</quote> to
+ denote any character, zero or more times. In other words, any string at all.
+ So we start with a literal forward slash, then our regular expression pattern
+ (<quote>.*</quote>) another literal forward slash, the string
+ <quote>banners</quote>, another forward slash, and lastly another
+ <quote>.*</quote>. We are building
+ a directory path here. This will match any file with the path that has a
+ directory named <quote>banners</quote> in it. The <quote>.*</quote> matches
+ any characters, and this could conceivably be more forward slashes, so it
+ might expand into a much longer looking path. For example, this could match:
+ <quote>/eye/hate/spammers/banners/annoy_me_please.gif</quote>, or just
+ <quote>/banners/annoying.html</quote>, or almost an infinite number of other
+ possible combinations, just so it has <quote>banners</quote> in the path
+ somewhere.
+</para>
+
+<para>
+ A now something a little more complex:
+</para>
+
+<para>
+ <emphasis><literal>/.*/adv((er)?ts?|ertis(ing|ements?))?/</literal></emphasis> -
+ We have several literal forward slashes again (<quote>/</quote>), so we are
+ building another expression that is a file path statement. We have another
+ <quote>.*</quote>, so we are matching against any conceivable sub-path, just so
+ it matches our expression. The only true literal that <emphasis>must
+ match</emphasis> our pattern is <application>adv</application>, together with
+ the forward slashes. What comes after the <quote>adv</quote> string is the
+ interesting part.
+</para>
+
+<para>
+ Remember the <quote>?</quote> means the preceding expression (either a
+ literal character or anything grouped with <quote>(...)</quote> in this case)
+ can exist or not, since this means either zero or one match. So
+ <quote>((er)?ts?|ertis(ing|ements?))</quote> is optional, as are the
+ individual sub-expressions: <quote>(er)</quote>,
+ <quote>(ing|ements?)</quote>, and the <quote>s</quote>. The <quote>|</quote>
+ means <quote>or</quote>. We have two of those. For instance,
+ <quote>(ing|ements?)</quote>, can expand to match either <quote>ing</quote>
+ <emphasis>OR</emphasis> <quote>ements?</quote>. What is being done here, is an
+ attempt at matching as many variations of <quote>advertisement</quote>, and
+ similar, as possible. So this would expand to match just <quote>adv</quote>,
+ or <quote>advert</quote>, or <quote>adverts</quote>, or
+ <quote>advertising</quote>, or <quote>advertisement</quote>, or
+ <quote>advertisements</quote>. You get the idea. But it would not match
+ <quote>advertizements</quote> (with a <quote>z</quote>). We could fix that by
+ changing our regular expression to:
+ <quote>/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/</quote>, which would then match
+ either spelling.
+</para>
+
+<para>
+ <emphasis><literal>/.*/advert[0-9]+\.(gif|jpe?g)</literal></emphasis> - Again
+ another path statement with forward slashes. Anything in the square brackets
+ <quote>[]</quote> can be matched. This is using <quote>0-9</quote> as a
+ shorthand expression to mean any digit one through nine. It is the same as
+ saying <quote>0123456789</quote>. So any digit matches. The <quote>+</quote>
+ means one or more of the preceding expression must be included. The preceding
+ expression here is what is in the square brackets -- in this case, any digit
+ one through nine. Then, at the end, we have a grouping: <quote>(gif|jpe?g)</quote>.
+ This includes a <quote>|</quote>, so this needs to match the expression on
+ either side of that bar character also. A simple <quote>gif</quote> on one side, and the other
+ side will in turn match either <quote>jpeg</quote> or <quote>jpg</quote>,
+ since the <quote>?</quote> means the letter <quote>e</quote> is optional and
+ can be matched once or not at all. So we are building an expression here to
+ match image GIF or JPEG type image file. It must include the literal
+ string <quote>advert</quote>, then one or more digits, and a <quote>.</quote>
+ (which is now a literal, and not a special character, since it is escaped
+ with <quote>\</quote>), and lastly either <quote>gif</quote>, or
+ <quote>jpeg</quote>, or <quote>jpg</quote>. Some possible matches would
+ include: <quote>//advert1.jpg</quote>,
+ <quote>/nasty/ads/advert1234.gif</quote>,
+ <quote>/banners/from/hell/advert99.jpg</quote>. It would not match
+ <quote>advert1.gif</quote> (no leading slash), or
+ <quote>/adverts232.jpg</quote> (the expression does not include an
+ <quote>s</quote>), or <quote>/advert1.jsp</quote> (<quote>jsp</quote> is not
+ in the expression anywhere).
+</para>
+
+<para>
+ <emphasis><literal>s/microsoft(?!.com)/MicroSuck/i</literal></emphasis> - This is
+ a substitution. <quote>MicroSuck</quote> will replace any occurrence of
+ <quote>microsoft</quote>. The <quote>i</quote> at the end of the expression
+ means ignore case. The <quote>(?!.com)</quote> means
+ the match should fail if <quote>microsoft</quote> is followed by
+ <quote>.com</quote>. In other words, this acts like a <quote>NOT</quote>
+ modifier. In case this is a hyperlink, we don't want to break it ;-).
+</para>
+
+<para>
+ We are barely scratching the surface of regular expressions here so that you
+ can understand the default <application>Junkbuster</application>
+ configuration files, and maybe use this knowledge to customize your own
+ installation. There is much, much more that can be done with regular
+ expressions. Now that you know enough to get started, you can learn more on
+ your own :/
+</para>
+
+<para>
+ More reading on Perl Compatible Regular expressions:
+ <ulink url="http://www.perldoc.com/perl5.6/pod/perlre.html">http://www.perldoc.com/perl5.6/pod/perlre.html</ulink>
</para>
</sect2>
Temple Place - Suite 330, Boston, MA 02111-1307, USA.
$Log: user-manual.sgml,v $
+ Revision 1.39 2002/03/06 16:19:28 hal9
+ Note on perceived filtering slowdown per FR.
+
+ Revision 1.38 2002/03/05 23:55:14 hal9
+ Stupid I did it again. Double hyphen in comment breaks jade.
+
+ Revision 1.37 2002/03/05 23:53:49 hal9
+ jade barfs on '- -' embedded in comments. - -user option broke it.
+
+ Revision 1.36 2002/03/05 22:53:28 hal9
+ Add new - - user option.
+
+ Revision 1.35 2002/03/05 00:17:27 hal9
+ Added section on command line options.
+
+ Revision 1.34 2002/03/04 19:32:07 oes
+ Changed default port to 8118
+
+ Revision 1.33 2002/03/03 19:46:13 hal9
+ Emphasis on where/how to report bugs, etc
+
+ Revision 1.32 2002/03/03 09:26:06 joergs
+ AmigaOS changes, config is now loaded from PROGDIR: instead of
+ AmiTCP:db/junkbuster/ if no configuration file is specified on the
+ command line.
+
+ Revision 1.31 2002/03/02 22:45:52 david__schmidt
+ Just tweaking
+
+ Revision 1.30 2002/03/02 22:00:14 hal9
+ Updated 'New Features' list. Ran through spell-checker.
+
+ Revision 1.29 2002/03/02 20:34:07 david__schmidt
+ Update OS/2 build section
+
+ Revision 1.28 2002/02/24 14:34:24 jongfoster
+ Formatting changes. Now changing the doctype to DocBook XML 4.1
+ will work - no other changes are needed.
+
+ Revision 1.27 2002/01/11 14:14:32 hal9
+ Added a very short section on Templates
+
+ Revision 1.26 2002/01/09 20:02:50 hal9
+ Fix bug re: auto-detect config file changes.
+
+ Revision 1.25 2002/01/09 18:20:30 hal9
+ Touch ups for *.action files.
+
+ Revision 1.24 2001/12/02 01:13:42 hal9
+ Fix typo.
+
+ Revision 1.23 2001/12/02 00:20:41 hal9
+ Updates for recent changes.
+
+ Revision 1.22 2001/11/05 23:57:51 hal9
+ Minor update for startup now daemon mode.
+
+ Revision 1.21 2001/10/31 21:11:03 hal9
+ Correct 2 minor errors
+
+ Revision 1.18 2001/10/24 18:45:26 hal9
+ *** empty log message ***
+
+ Revision 1.17 2001/10/24 17:10:55 hal9
+ Catching up with Jon's recent work, and a few other things.
+
+ Revision 1.16 2001/10/21 17:19:21 swa
+ wrong url in documentation
+
+ Revision 1.15 2001/10/14 23:46:24 hal9
+ Various minor changes. Fleshed out SEE ALSO section.
+
+ Revision 1.13 2001/10/10 17:28:33 hal9
+ Very minor changes.
+
+ Revision 1.12 2001/09/28 02:57:04 hal9
+ Ditto :/
+
+ Revision 1.11 2001/09/28 02:25:20 hal9
+ Ditto.
+
+ Revision 1.9 2001/09/27 23:50:29 hal9
+ A few changes. A short section on regular expression in appendix.
+
+ Revision 1.8 2001/09/25 00:34:59 hal9
+ Some additions, and re-arranging.
+
+ Revision 1.7 2001/09/24 14:31:36 hal9
+ Diddling.
+
+ Revision 1.6 2001/09/24 14:10:32 hal9
+ Including David's OS/2 installation instructions.
+
Revision 1.2 2001/09/13 15:27:40 swa
cosmetics
projects / privoxy.git / blobdiff