| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- <h3>3proxy Perl Compatible Regular Expressions (PCRE) plugin</h3>
- This filtering plugin can be used to create matching and replace
- rules with regular expressions for client's request, client and
- servers header and client and server data. It adds 3 additional
- configuration commands:
- <pre>
- pcre TYPE FILTER_ACTION REGEXP [ACE]
- pcre_rewrite TYPE FILTER_ACTION REGEXP REWRITE_EXPRESSION [ACE]
- pcre_extend FILTER_ACTION [ACE]
- pcre_options OPTION1 [...]
- </pre>
- pcre - allows to apply some rule for matching
- <br>pcre_rewrite - in addition to 'pcre' allows to substitute substrings
- <br>pcre_extend - extends ACL of the last pcre or pcre_rewrite comand by
- adding additional ACE (like with allow/deny configuration commands).
- <br>pcre_options - allows to set matching options. Awailable options are:
- PCRE_CASELESS,
- PCRE_MULTILINE,
- PCRE_DOTALL,
- PCRE_EXTENDED,
- PCRE_ANCHORED,
- PCRE_DOLLAR_ENDONLY,
- PCRE_EXTRA,
- PCRE_NOTBOL,
- PCRE_NOTEOL,
- PCRE_UNGREEDY,
- PCRE_NOTEMPTY,
- PCRE_UTF8,
- PCRE_NO_AUTO_CAPTURE,
- PCRE_NO_UTF8_CHECK,
- PCRE_AUTO_CALLOUT,
- PCRE_PARTIAL,
- PCRE_DFA_SHORTEST,
- PCRE_DFA_RESTART,
- PCRE_FIRSTLINE,
- PCRE_DUPNAMES,
- PCRE_NEWLINE_CR,
- PCRE_NEWLINE_LF,
- PCRE_NEWLINE_CRLF,
- PCRE_NEWLINE_ANY,
- PCRE_NEWLINE_ANYCRLF,
- PCRE_BSR_ANYCRLF,
- PCRE_BSR_UNICODE
- <ul>
- <li>TYPE - type of filtered data. May contain one or more
- (comma delimited list) values:
- <ul>
- <li>request - content of client's request e.g. HTTP GET request string.
- (known problem: changing request string doesn't change IP of the host to connect)
- <li>cliheader - content of client request headers, e.g. HTTP request header.
- <li>srvheader - content of server's reply headers, e.g. HTTP status and headers.
- <li>clidata - data received from client, e.g. HTTP POST request data
- <li>srvdata - data received from server, e.g. HTML page
- </ul>
- <li>FILTER_ACTION - action on match
- <ul>allow - allow this request without checking rest of the given type
- of the rules
- <li>deny - deny this request without checking rest of the rules
- <li>dunno - continue with the rest of rules (useful with pcre_rewrite)
- </ul>
- <li>REGEXP - PCRE (perl) regular expression. Use * if no regexp matching
- required.
- <li>REWRITE_EXPRESSION - substitution string. May contain perl-style
- substrings
- (not tested) $1, $2. $0 - means whole matched string. \r and \n may be used
- to insert new strings, string may be empty ("").
- <li>ACE - access control entry (user names, source IPs, destination IPs,
- ports, etc), absolutely identical to allow/deny/bandlimin commands.
- Regular expression is only matched if ACL matches connection data.
- Warning:
- reqular expression doesn't require authentication and can not replace
- authentication and/or allow/deny ACLs.
- </ul>
- <h4>Example:</h4>
- <pre>
- plugin PCREPlugin.dll pcre_plugin
- pcre request deny "porn|sex" user1,user2,user3 192.168.0.0/16
- pcre srvheader deny "Content-type: application"
- pcre_rewrite clidata,srvdata dunno "porn|sex|pussy" "***" baduser
- pcre_extend deny * 192.168.0.1/16
- </pre>
- <h4>Download:</h4>
- <ul>
- <li>Plugin is included into 3proxy 0.6 binary and source distribution
- <li>Example configuration (by Dennis Garber): <A HREF="NoPornLitest.cfg.txt">NoPornLitest.cfg</A>
- </ul>
|
