OpenWRT - site and content filtering #2 privoxy

CONTENT FILTERING #2

WORKING IN PROGRESS

Router NameOpenWrt
Router ModelBuffalo WZR-HP-G450H
Firmware VersionOpenWrt Attitude Adjustment 12.09 / LuCI 0.11.1 Release (0.11.1)
Kernel Version3.3.8

ssh into your router.


root@OpenWrt:~# opkg update
root@OpenWrt:~# opkg install privoxy
root@OpenWrt:~# cat /etc/privoxy/config 
confdir /etc/privoxy
logdir /var/log
filterfile default.filter
logfile privoxy
actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.
actionsfile default.action   # Main actions file
actionsfile user.action      # User customizations
listen-address 192.168.1.1:8118
toggle  1
enable-remote-toggle  1
enable-remote-http-toggle  0
enable-edit-actions 1
enforce-blocks 0
buffer-limit 4096
forwarded-connect-retries  0
accept-intercepted-requests 1
allow-cgi-request-crunching 0
split-large-forms 0
keep-alive-timeout 300
socket-timeout 300
permit-access  192.168.1.0/24
debug   2    # show each GET/POST/CONNECT request
debug   4096 # Startup banner and warnings
debug   8192 # Errors - *we highly recommended enabling this*
debug   65536 # Log the applying actions
debug   1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
#admin-address privoxy-admin@example.com
#proxy-info-url http://www.example.com/proxy-service.html
Add +filter{shockwave-flash} \
root@OpenWrt:~# cat /etc/privoxy/match-all.action 
#############################################################################
# $Id: match-all.action,v 1.3 2010/03/27 18:48:38 fabiankeil Exp $
#
# This file contains the actions that are applied to all requests and
# may be overruled later on by other actions files. Less experienced
# users should only edit this file through the actions file editor.
#
#############################################################################
{ \
+change-x-forwarded-for{block} \
+client-header-tagger{css-requests} \
+client-header-tagger{image-requests} \
+hide-from-header{block} \
+set-image-blocker{pattern} \
+filter{shockwave-flash} \
+set-image-blocker{pattern} \
}
/ # Match all URLs
ONLY THE shockwage-flash filter




Append the following to /etc/privoxy/user.action

{+block{Block video extensions.}}                                                
/.*\.(mov|mp4|wmv|swf|avi|mpg|rms|wpl|tp|fbr|mpeg|otrkey|veg|m21|msdvd|mswmm|nvc|
                                                                                 
{-block}                                                                         
.lsmwebcast.com                                                                  
                                                                                 
{+block{Site-specific block pattern matches.}}                                   
# Blocked sites added by Jake He                                                 
.pptv.com                                                                        
.steam*.com                                                                      
.battle.net                                                                      
.youku.com                                                                       
.newsarama.com                                                                   
                                                                                 
# block movie sites                                                              
# source : shalla list http://www.shallalist.de/                                 
.cokeandpopcorn.ch                                                               
.56.com  
         

2 comments

Hello,

I followed your instructions but privoxy is not blocking the configured URLs. Do you have any idea of what it can be?

Thanks.

Reply

We are the worlds leading publisher of Squid 'Native ACL' formatted blacklists, that allow for web filtering directly with Squid proxy. Of course we also offer alternative formats for the most widely used third party plugins, such as DansGuardian and Squidguard. And while our blacklists are subscription based, they are as a result of our efforts, of a much higher degree of quality than the free alternatives.

We hope to serve you,

--
Signed,

Benjamin E. Nichols
http://www.squidblacklist.org

Reply

Post a Comment