Re: ACL convention for content filtering?

From: Robert Collins <robert.collins@dont-contact.us>
Date: Mon, 29 Jan 2001 22:46:32 +1100

look in rbcollins_filters :-] It's nearly there... ;-]

'Course it may not be the best way and I'm happy to nut it out until we get the best way.

Looking at the acl setup, the current acls work on an access list

so you have
xyz_access allow|deny [!]acl ...

And that works fine. What we need is
a) a filter_access ... rule for each configuration of a filter at each valid insertion point.

So I'm thinking something like (modified from my last email on this topic)

http_reply_filter myconfig allow|deny [!]acl ...
which we can parse as an access list with the current code to get the filter config applied to a reply, and
filter_add filter_name myconfig
filter_config myconfig config_param data ...
which will be parsed by each filter as it chooses. This is then passed to the filter when it is applied via http_reply_filter.

practical example:

1) Compiled into the squid code, a filter "urlfilter" is registered (I'm working on this bit already) (Down the track this can be a
squid.conf option with dlopen...)
Now urlfilter takes a regex "match" and a line "replace" as parameters
2) in squid.conf
# setup a filter config called site1accel
filter_add urlfilter site1accel
# configure it
filter_config site1accel match http://www\.site\.to\.accerlate\.com
filter_config site1accel replace http://www.myfrontend.com
# acls to apply it to a body
acl htmlpages rep_mime_type -i ^text/html$
# access list to make it happen
http_reply_filter site1accel allow htmlpages

Thoughts?

Rob

----- Original Message -----
From: "Joe Cooper" <joe@swelltech.com>
To: "Squid Dev" <squid-dev@squid-cache.org>; "Moez Mahfoudh" <moez.mahfoudh@imag.fr>
Sent: Monday, January 29, 2001 10:32 PM
Subject: ACL convention for content filtering?

> Hey folks,
>
> Moez and I (mostly Moez! ;-) have been discussing implementation of
> content filtering via ACL, specifically, HTML tag based filtering. I
> think Moez is actually beginning the final steps to get this into an
> ACL. And here's what we're thinking about doing for modifying tags in HTML:
>
> acl myurlfilter filter_href www.foo.com
>
> With the other part of the feature being:
>
> filter myurlfilter rewrite www.bar.com
>
> Obviously the goal is to continue to evolve it to be more generic, and
> include all of the various tag types (for example, the ability to strip
> javascript, gif anim bits, etc.). But for the time being, the
> functionality I need is the ability to modify a URL inline.
>
> I welcome further comments, because I'm a little vague on how best to
> present this kind of functionality in a generic way that still makes
> sense to a human. The above really only works for a very few types of
> modification...but it does work for the very generic "filter_regex"
> type, which is nice. I.e.:
>
> acl myregexfilter filter_regex naughtyword
>
> filter myregexfilter rewrite bleep
>
> To bleep out naughtywords...
>
> or
>
> filter myregexfilter deny
>
> To simply erase them...
>
> or
>
> filter myregexfilter highlight
>
> To highlight them, ala the Deja or Google search (when viewing the
> cached version which highlights the query terms).
>
> etc.... Just some thoughts.
>
> Robert, in particular, I imagine you must have done some thinking on
> this very subject. How do you want to see your filters come into being
> an ACL?
>
> Thanks.
> --
> Joe Cooper <joe@swelltech.com>
> Affordable Web Caching Proxy Appliances
> http://www.swelltech.com
>
>
Received on Mon Jan 29 2001 - 04:46:11 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:13:26 MST