// // PAC (Proxy Auto Configuration) Filter // Available at: // // http://www.hostsfile.org/pac.html // http://www.securemecca.com/pac.html // // Primary Code Author: // Danny R. Johnston // (REGEXP GURU) // Word Analyzer: // David Alexander Harvey // AKA Henry Hertz Hobbit // hhhobbit CASEY_AT_BAT securemecca.com // (using 430,000+ porn host names) // Original List: // Eric Phelps // http://www.ericphelps.com/security/pac.htm // // Version: 2.5.2 // Release Date: Sunday 16 November 2008 // // (C) Copyright 2006, 2007, 2008 // David Alexander Harvey, AKA Henry Hertz Hobbit // Danny R Johnston // With contributions by Eric Phelps // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be // useful, but WITHOUT ANY WARRANTY; without even the implied // warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR // PURPOSE. See the GNU General Public License for more details. // // You should have received a copy of the GNU General Public // License along with this program; if not, write to the Free // Software Foundation, Inc., 59 Temple Place, Suite 330, // Boston, MA 02111-1307 USA // // If you normally use a proxy, replace "DIRECT" below with // "PROXY MACHINE:PORT" // where MACHINE is the IP address or host name of your proxy // server and PORT is the port number of your proxy server. var normal = "DIRECT"; var blackhole = "PROXY 127.0.0.1:80"; //var blackhole = "PROXY 192.168.0.1:80"; // Set debug to level you want status alerts for testing var debugNone = 0; // No debuging alerts. var debugGeneral = 1; // Show alert when file is loaded. var debugShowPass = 2; // Show all URLS that pass and why. var debugShowFail = 4; // Show all URLS that fail and why. var debugRegxGen = 8; // Show Regx expressions generated. var debugModURL = 16; // Show removal of CGI args and anchors from URL. var debugShowIP = 32; // Show when we find an IP numeric address. var debugNormal = debugGeneral | debugShowFail; var debugAll = debugGeneral | debugShowPass | debugShowFail | debugRegxGen | debugModURL | debugShowIP; // WARNING: Opera, Konqueror, AND Safari USERS MUST NEVER SET DEBUG TO // ANYTHING OTHER THAN debugNone. THE alert() CALL CAUSES THEM TO FAIL! var debug = debugNone; var fullParse = 0; // Parse the whole thing. var pathParse = 1; // Parse the host & path but no CGI args or anchors. var parseURL = pathParse; // WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING // The arrays below are for words to disallow or allow host or URLS. Be // very carefull about adding things if you don't understand regular // expressions. They can be very tricky. Danny has set up a function to // escape periods so you don't have to worry about their special // meanings in regular expressions but all the other stuff works. One // handy regular expression you may need to use is the brackets [] and // the caret ^. When used in an expression like "[^c]lips" it will match // lips but not clips. Please note that you do not use something like // that in any of the following ways: // // GoodDomains at the end // BadDomains at the end // // BadURL_Parts okay anywhere // BadHostParts okay anywhere // // BadURL_WordStarts at the begining // BadHostWordStarts at the begining // // BadURL_WordEnds at the end // BadHostWordEnds at the end // // You MUST do it this way due to anchors in the regular expressions // that are generated from them. If you do use a character that is // used in regular expressions you must double backslash them to // escape them due to the way the regular expressions are generated // from the strings. One escape will be eaten by the string generation // and escape the second one that will be passed to the regular // expression parser. // // http://www.webreference.com/js/column5/ is a good site for learning // about regular expressions // Please also note that some words you may think are bad may be // embedded. For example "cheapornothing" has the word "porn" in it. // Likewise "stockmansexchange" has "sex" in it. Buried inside a phrase // like that, it might be okay. However, it's harder to imagine a // "good" phrase that starts or finishes with the word "sex" or "porn", // so you would not want to put it in the BadURL_Parts array but probably // would want it in one or both of the BadURL_WordStart or BadURL_WordEnd // arrays. Nevertheless, until a false positive shows up, the word // "porn" is not allowed anywhere in a URL. As soon as that rule elicits // a false positive, it will be downgraded to HOST, and the start and end // rules will be uncommented and activated for the URL. // Here are what the arrays do: // // GoodDomains Regular expressions that must match the end of // a host name to force a URL to pass. // GoodNetworks Network number followed by a netmask for ranges // of good networks // BadNetworks Network number followed by a netmask for ranges // of bad networks // BadDomains Regular expressions that must match the end of // a host name to force a URL to fail. // // BadURL_Parts Words that will cause blocking if they show up // anywhere in a URL. // BadHostParts Regular expressions the will cause a URL to fail // if found anywhere in the HOST name. // // BadURL_WordStarts Regular expressions that will cause a URL to // fail if they have a non alpha character before // them anywhere in a URL. // BadHostWordStarts Regular expressions that will cause a HOST to // fail if they have a non alpha character before // them in a HOST name or start the host name. // // BadURL_WordEnds Regular expressions that will cause a URL to // fail if they have a non alpha character following // them or are at the very end of a URL. // BadHostWordEnds Regular expressions that will cause a HOST to // fail if they have a non alpha character following // them or are at the very end of a HOST name. // // NOTE: Even if a URL fails it may still be passed if the IP is in RFC // reserved nets. This is because any thing that is behind your // firewall using these addresses are considered safe and should // never exist in the internet. These are defined at the very // bottom of the function FindProxyForURL and if you want to // modify them you must do it there. // Counter Variable to initalize the arrays. var i= 0; // If the host name ends in any of the following domains it will be passed // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var GoodDomains = new Array(); i=0; GoodDomains[i++] = "abcdelasecurite.free.fr"; // GoodDomains[i++] = ".amazon.ca"; // GoodDomains[i++] = ".amazon.com"; // GoodDomains[i++] = ".ask.com"; GoodDomains[i++] = "assiste.com.free.fr"; GoodDomains[i++] = ".avg.com"; // "[^g]free[^d]" // GoodDomains[i++] = ".barnesandnoble.com"; // GoodDomains[i++] = ".bestbuy.com"; GoodDomains[i++] = ".bluecoat.com"; GoodDomains[i++] = "bytecrime.org"; // GoodDomains[i++] = "circuitcity.com"; // GoodDomains[i++] = ".cnn.com"; // GoodDomains[i++] = "crazyfox.com"; // GoodDomains[i++] = "creativecommons.org"; GoodDomains[i++] = "cybertipline.com"; // Advertising // GoodDomains[i++] = "ebay.com"; // "17" && "18" // GoodDomains[i++] = ".ebayimg.com"; // "17" && "18" // GoodDomains[i++] = ".ebaystatic.com"; // "17" && "18" GoodDomains[i++] = ".edu"; GoodDomains[i++] = "eurotunnel.com"; GoodDomains[i++] = ".facebook.com"; // PROXY GoodDomains[i++] = ".free-av.com"; GoodDomains[i++] = ".free-graphics.com"; GoodDomains[i++] = ".freebsd.org"; GoodDomains[i++] = "freenet-homepage.de"; GoodDomains[i++] = "freepatentsonline.com"; GoodDomains[i++] = "freenode.net"; GoodDomains[i++] = "freeos.com"; GoodDomains[i++] = ".freeresumeexamples.net"; // GoodDomains[i++] = "gnome.org"; // "live" // GoodDomains[i++] = ".go.com"; // Disney GoodDomains[i++] = ".google.com"; GoodDomains[i++] = ".googlepages.com"; // "17" & "18" GoodDomains[i++] = ".gov"; GoodDomains[i++] = ".grisoft.com"; // "[^g]free[^d]" GoodDomains[i++] = ".grisoft.cz"; // "[^g]free[^d]" GoodDomains[i++] = ".hosts-file.net"; GoodDomains[i++] = "hotmail.com"; GoodDomains[i++] = "hotwire.com"; // GoodDomains[i++] = ".hp.com"; // "17" && "18" GoodDomains[i++] = ".hulu.com"; // "thumb" US-only // GoodDomains[i++] = ".images-amazon.com"; // GoodDomains[i++] = ".imageshack.us"; // "17" && "18" GoodDomains[i++] = "imdb.com"; // GoodDomains[i++] = "intermountainlive.org"; GoodDomains[i++] = "internetfilter.com"; GoodDomains[i++] = "javacoolsoftware.com"; GoodDomains[i++] = "kaspersky-labs.com"; // GoodDomains[i++] = ".live.com"; // GoodDomains[i++] = "live365.com"; // GoodDomains[i++] = "livejournal.com"; GoodDomains[i++] = "microsoft.com"; GoodDomains[i++] = ".monster.com"; GoodDomains[i++] = ".msn.com"; // "hot" GoodDomains[i++] = "msmvps.com"; GoodDomains[i++] = "mvps.org"; GoodDomains[i++] = "myspace.com"; // PROXY GoodDomains[i++] = "netfilter.org"; GoodDomains[i++] = "netsafeutah.org"; GoodDomains[i++] = "netscape.com"; GoodDomains[i++] = "network54.com"; GoodDomains[i++] = "npr.org"; GoodDomains[i++] = "officemax.com"; GoodDomains[i++] = "opendns.com"; // "adult" GoodDomains[i++] = "openoffice.org"; GoodDomains[i++] = "pandasoftware.com"; GoodDomains[i++] = ".passport.com"; // "hot" GoodDomains[i++] = ".passport.net"; // "hot" GoodDomains[i++] = ".pbs.org"; GoodDomains[i++] = "pbskids.org"; GoodDomains[i++] = "privacydigest.com"; GoodDomains[i++] = "pointsmartclicksafe.org"; // Advertising GoodDomains[i++] = "rlwpx.free.fr"; // Airelle GoodDomains[i++] = "sarc.com"; // Symantec GoodDomains[i++] = "securemecca.com"; // HHH GoodDomains[i++] = "seventeentraditions.com"; // PERSONAL RULE GoodDomains[i++] = ".shutterstock.com"; // "thumb" GoodDomains[i++] = "siteadvisor.com"; GoodDomains[i++] = "skyangel.com"; GoodDomains[i++] = "spywareremove.com"; GoodDomains[i++] = ".sourceforge.net"; GoodDomains[i++] = "surfcontrol.com"; GoodDomains[i++] = "stopscum.com"; GoodDomains[i++] = "symantec.com"; GoodDomains[i++] = ".symantecliveupdate.com"; GoodDomains[i++] = ".tbs.com"; GoodDomains[i++] = ".thumbshots.com"; GoodDomains[i++] = ".thumbshots.org"; GoodDomains[i++] = "versiontracker.com"; GoodDomains[i++] = "virginmedia.com"; GoodDomains[i++] = "virginmega.fr"; GoodDomains[i++] = "virustotal.com"; // "anal" GoodDomains[i++] = ".webshots.net"; // "thumb" GoodDomains[i++] = "wikimedia.org"; GoodDomains[i++] = "wikipedia.org"; GoodDomains[i++] = "womenssportsfoundation.org"; GoodDomains[i++] = "wwwomen.com"; GoodDomains[i++] = "yahoo.com"; GoodDomains[i++] = "youngdemocrats.net"; GoodDomains[i++] = "youngrepublicans.com"; GoodDomains[i++] = ".youtube.com"; GoodDomains[i++] = "zonealarm.com"; GoodDomains[i++] = "zonelabs.com"; // Add any good networks here. Format is network folowed by a comma and // optional white space, and then the netmask. var GoodNetworks = new Array(); i=0; GoodNetworks[i++] = "10.0.0.0, 255.0.0.0"; // NRIP GoodNetworks[i++] = "65.52.0.0, 255.255.252.0"; // Microsoft GoodNetworks[i++] = "192.168.0.0, 255.255.0.0"; // NRIP GoodNetworks[i++] = "169.254.0.0, 255.255.0.0"; // APIPA GoodNetworks[i++] = "127.0.0.0, 255.0.0.0"; // LOOPBACK GoodNetworks[i++] = "172.16.0.0, 255.240.0.0"; // NRIP // Add any bad networks here. Format is network folowed by a comma and // optional white space, and then the netmask. var BadNetworks = new Array(); i=0; BadNetworks[i++] = "62.161.94.0, 255.255.255.0"; // xiti.com_1 BadNetworks[i++] = "63.144.121.128, 255.255.255.128"; // YOUR CHOICE PANTHER1 BadNetworks[i++] = "64.28.176.0, 255.255.248.0"; // PORN 006.1 (TROJAN) BadNetworks[i++] = "64.28.184.0, 255.255.254.0"; // PORN 006.2 (TROJAN) BadNetworks[i++] = "64.58.80.0, 255.255.254.0"; // RealMedia BadNetworks[i++] = "64.94.137.0, 255.255.255.128"; // ZANGO1 BadNetworks[i++] = "64.136.25.165, 255.255.255.255"; // SITETRACKER+FREESTATS BadNetworks[i++] = "64.152.73.0, 255.255.255.0"; // GATORBELNK BadNetworks[i++] = "64.154.80.0, 255.255.252.0"; // YOUR CHOICE HITBOX - 2008-11-17 BadNetworks[i++] = "64.191.192.0, 255.255.255.0"; // instacontent_3 BadNetworks[i++] = "64.191.218.0, 255.255.254.0"; // RealMedia BadNetworks[i++] = "65.216.116.0, 255.255.255.0"; // instacontent_1 BadNetworks[i++] = "66.114.48.0, 255.255.240.0"; // YOUR CHOICE PANTHER2 BadNetworks[i++] = "66.150.14.0, 255.255.255.128"; // ZANGO2 BadNetworks[i++] = "66.150.161.44, 255.255.255.255"; // PARKFUNNEL - 2008-09-21 BadNetworks[i++] = "66.220.17.0, 255.255.255.0"; // LOP BadNetworks[i++] = "67.228.177.143, 255.255.255.255"; // dwnld1.com_1 - 2008-11-13 BadNetworks[i++] = "67.228.177.146, 255.255.255.255"; // dwnld1.com_2 - 2008-11-13 BadNetworks[i++] = "69.25.47.166, 255.255.255.255"; // PARKFUNNEL - 2008-09-21 BadNetworks[i++] = "69.31.128.0, 255.255.255.0"; // DISNEY PORN (TROJAN) BadNetworks[i++] = "72.9.98.66, 255.255.255.255"; // DP Park BadNetworks[i++] = "80.80.13.194, 255.255.255.240"; // imrworldwide BadNetworks[i++] = "80.118.149.0, 255.255.255.0"; // xiti.com_2 BadNetworks[i++] = "81.29.249.27, 255.255.255.255"; // PORN 007 (TROJAN) BadNetworks[i++] = "81.176.69.192, 255.255.255.192"; // HOTLOG1 BadNetworks[i++] = "85.255.113.0, 255.255.255.248"; // PORN 005 (TROJAN) BadNetworks[i++] = "85.255.121.76, 255.255.255.255"; // PORN 011 (TROJAN) BadNetworks[i++] = "87.242.90.132, 255.255.255.252"; // ADWARE BadNetworks[i++] = "130.117.119.0, 255.255.255.0"; // xiti.com_3 BadNetworks[i++] = "159.54.239.0, 255.255.255.128"; // gcirm BadNetworks[i++] = "168.75.66.156, 255.255.255.254"; // hittail BadNetworks[i++] = "208.66.192.0, 255.255.252.0"; // McColo - 2008-11-16 BadNetworks[i++] = "208.67.70.27, 255.255.255.255"; // YMGR BadNetworks[i++] = "208.71.120.0, 255.255.248.0"; // YOUR CHOICE RealMedia BadNetworks[i++] = "208.73.210.32, 255.255.255.255"; // PARK-IP BadNetworks[i++] = "208.87.33.150, 255.255.255.255"; // PARK-IP BadNetworks[i++] = "212.113.031.48, 255.255.255.248"; // YOUR CHOICE RealMedia // YOUR CHOICE - instacontent - comment out first and uncomment second BadNetworks[i++] = "216.38.160.0, 255.255.248.0"; // instacontent_2 // BadNetworks[i++] = "216.38.160.0, 255.255.240.0"; // instacontent_2_ALT BadNetworks[i++] = "216.65.41.185, 255.255.255.255"; // OWNBOX FE TYPO BadNetworks[i++] = "216.65.41.188, 255.255.255.255"; // OWNBOX FE TYPO BadNetworks[i++] = "216.200.199.0, 255.255.255.0"; // BPATH BadNetworks[i++] = "216.240.129.82, 255.255.255.255"; // PORN 010 (TROJAN) BadNetworks[i++] = "217.16.31.112, 255.255.255.240"; // HOTLOG2 // 2o7.net BadNetworks[i++] = "66.150.208.0, 255.255.255.0"; // 2008-09-03 BadNetworks[i++] = "66.150.217.0, 255.255.255.224"; // 2008-09-03 BadNetworks[i++] = "66.151.152.0, 255.255.255.0"; // 2008-09-03 BadNetworks[i++] = "66.151.244.0, 255.255.255.0"; // 2008-09-03 // Covers 66.235.128.0 ... 66.235.159.255 // BadNetworks[i++] = "66.235.132.0, 255.255.254.0"; // 2008-09-03 // BadNetworks[i++] = "66.235.142.0, 255.255.254.0"; // 2008-09-14 BadNetworks[i++] = "66.235.128.0, 255.255.224.0"; // 2008-11-04 BadNetworks[i++] = "128.241.21.0, 255.255.255.0"; // 2008-09-03 BadNetworks[i++] = "128.242.100.0, 255.255.255.224"; // 2008-09-03 BadNetworks[i++] = "128.242.125.0, 255.255.255.0"; // 2008-09-03 BadNetworks[i++] = "209.85.51.0, 255.255.255.0"; // 2008-09-03 BadNetworks[i++] = "216.52.17.0, 255.255.255.0"; // 2008-09-03 // SPAM BadNetworks[i++] = "8.14.98.0, 255.255.255.0"; // SPAM BadNetworks[i++] = "8.14.100.4, 255.255.255.255"; // SPAM BadNetworks[i++] = "66.128.147.4, 255.255.255.255"; // SPAM BadNetworks[i++] = "72.5.218.0, 255.255.254.0"; // SPAM - 2008-10-15 BadNetworks[i++] = "122.198.62.4, 255.255.255.255"; // SPAM - Airelle BadNetworks[i++] = "128.168.240.4, 255.255.255.255"; // SPAM BadNetworks[i++] = "208.53.17.0, 255.255.255.0"; // SPAM BadNetworks[i++] = "218.61.33.235, 255.255.255.255"; // SPAM - Airelle // Proxy servers. Do not depend on these any more. Organized // crime are changing their IP addresses too often now. The // number at the end is the count of live hosts at that IP. // List created 2008-08-21. BadNetworks[i++] = "208.53.137.178, 255.255.255.255"; // 103 BadNetworks[i++] = "83.170.97.191, 255.255.255.255"; // 90 BadNetworks[i++] = "208.53.138.150, 255.255.255.255"; // 80 BadNetworks[i++] = "69.93.244.114, 255.255.255.255"; // 47 BadNetworks[i++] = "74.208.14.63, 255.255.255.255"; // 46 BadNetworks[i++] = "67.159.35.59, 255.255.255.255"; // 42 BadNetworks[i++] = "85.234.150.249, 255.255.255.255"; // 36 BadNetworks[i++] = "72.232.77.98, 255.255.255.255"; // 22 BadNetworks[i++] = "67.159.54.26, 255.255.255.255"; // 22 BadNetworks[i++] = "75.126.219.186, 255.255.255.255"; // 12 BadNetworks[i++] = "67.159.45.51, 255.255.255.255"; // 12 BadNetworks[i++] = "38.100.42.114, 255.255.255.255"; // 6 BadNetworks[i++] = "74.86.121.192, 255.255.255.255"; // 6 BadNetworks[i++] = "208.53.157.248, 255.255.255.255"; // 2 // If the host name ends with any of the following domains the // FindProxyForURL function will reject it unless it was previously // matched by any of the GoodDomains or the IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var BadDomains = new Array(); i=0; BadDomains[i++] = ".112.2o7.net"; // Tracker BadDomains[i++] = ".122.2o7.net"; // Tracker BadDomains[i++] = ".15x.net"; // Tracker BadDomains[i++] = ".247realmedia.com"; // AdServer BadDomains[i++] = ".51yes.com"; // Tracker BadDomains[i++] = ".adbureau.net"; // AdServer BadDomains[i++] = ".adgardener.com"; // AdServer BadDomains[i++] = ".adjuggler.com"; // AdServer BadDomains[i++] = ".adtech.de"; // AdServer BadDomains[i++] = ".adtech.fr"; // AdServer BadDomains[i++] = ".advertising.com"; // AdServer BadDomains[i++] = ".advertserve.com"; // AdServer BadDomains[i++] = ".axelsfun.com"; // AdServer BadDomains[i++] = ".bigmir.net"; // AdServer - WebBug BadDomains[i++] = ".bravenet.com"; // Tracker BadDomains[i++] = ".cjb.net"; // PORN - MalWare BadDomains[i++] = ".clickbank.net"; // Tracker BadDomains[i++] = ".clickzs.com"; // Tracker BadDomains[i++] = ".cn"; // YOUR CHOICE - MalWare BadDomains[i++] = ".cnzz.com"; // MalWare BadDomains[i++] = ".cqcounter.com"; // Tracker BadDomains[i++] = ".directtrack.com"; // Tracker BadDomains[i++] = ".everesttech.net"; // WebBug BadDomains[i++] = ".exmasters.com"; // PORN - MalWare BadDomains[i++] = ".extreme-dm.com"; // Tracker BadDomains[i++] = ".falkag.net"; // Tracker BadDomains[i++] = ".fastclick.net"; // Tracker - SpyWare BadDomains[i++] = ".gemius.pl"; // WebBug - Tracker BadDomains[i++] = ".gostats.com"; // Tracker BadDomains[i++] = ".hitbox.com"; // Tracker BadDomains[i++] = ".hittail.com"; // DNSWCD AdServer // BadDomains[i++] = ".hk"; // YOUR CHOICE - MalWare BadDomains[i++] = ".hotbar.com"; // AdWare BadDomains[i++] = ".hotlog.ru"; // Tracker BadDomains[i++] = ".hpg.com.br"; // DNSWCD AdServer BadDomains[i++] = ".hpg.ig.com.br"; // DNSWCD AdServer BadDomains[i++] = ".imrworldwide.com"; // Nielsen Ratings Tracker BadDomains[i++] = ".insightexpressai.com"; // Tracker BadDomains[i++] = ".instacontent.net"; // AdServer BadDomains[i++] = ".intellitxt.com"; // Tracker BadDomains[i++] = ".ivwbox.de"; // Tracker - (some) WebBug BadDomains[i++] = ".l2m.net"; // DNSWCD - Tracker - WebBug BadDomains[i++] = ".list.ru"; // WebBug BadDomains[i++] = ".liveadvert.com"; // AdServer BadDomains[i++] = ".liveperson.net"; // Tracker - WebBug BadDomains[i++] = ".masterstats.com"; // Tracker BadDomains[i++] = ".maxserving.com"; // Tracker BadDomains[i++] = ".metriweb.be"; // Tracker BadDomains[i++] = ".misstrends.com"; // Tracker BadDomains[i++] = ".mystat-in.net"; // DNSWCD - Tracker BadDomains[i++] = ".offermatica.com"; // Tracker BadDomains[i++] = ".outster.com"; // Tracker - Spyware BadDomains[i++] = ".openclick.com"; // Tracker BadDomains[i++] = ".opentracker.net"; // Tracker BadDomains[i++] = ".overture.com"; // Tracker BadDomains[i++] = ".p0rt2.com"; // DNSWCD - MalWare BadDomains[i++] = ".realtracker.com"; // Tracker BadDomains[i++] = ".ru"; // YOUR CHOICE - MalWare BadDomains[i++] = ".ru4.com"; // Tracker BadDomains[i++] = ".searchmiracle.com"; // DNSWCD - MalWare BadDomains[i++] = ".seekmo.com"; // DNSWCD - MalWare BadDomains[i++] = ".sexcounter.com"; // Tracker BadDomains[i++] = ".sitemeter.com"; // WebBug - Tracker BadDomains[i++] = ".sitestat.com"; // Tracker BadDomains[i++] = ".sitestats.com"; // Tracker BadDomains[i++] = ".sitetracker.com"; // Tracker BadDomains[i++] = ".spylog.com"; // Tracker - WebBug BadDomains[i++] = ".statcounter.com"; // Tracker - WebBug BadDomains[i++] = ".superstats.com"; // Tracker BadDomains[i++] = ".tradedoubler.com"; // Tracker - WebBug BadDomains[i++] = ".tribalfusion.com"; // Tracker BadDomains[i++] = ".web-stats.org"; // DNSWCD - Tracker BadDomains[i++] = ".x-traceur.com"; // Tracker BadDomains[i++] = ".x0.nl"; // DNSWCD - MalWare BadDomains[i++] = ".xiti.com"; // Tracker - WebBug BadDomains[i++] = ".zango.com"; // DNSWCD - WebBug BadDomains[i++] = ".zedo.com"; // Tracker - WebBug // If any of the following BadURL_Parts show up anywhere in the URL // the FindProxyForURL will reject it unless the resulting IP is // in a safe range. You can put REGEXPs anywhere you want here. var BadURL_Parts = new Array(); i=0; BadURL_Parts[i++] = "adult"; BadURL_Parts[i++] = "babes"; BadURL_Parts[i++] = "baise"; BadURL_Parts[i++] = "bigtit[^l]"; BadURL_Parts[i++] = "blowjob"; BadURL_Parts[i++] = "bondage"; BadURL_Parts[i++] = "boobs"; BadURL_Parts[i++] = "celeb"; BadURL_Parts[i++] = "chicks"; BadURL_Parts[i++] = "[^aeilnos]cul[^it]"; // YOUR CHOICE BadURL_Parts[i++] = "cumshot"; BadURL_Parts[i++] = "eroti"; BadURL_Parts[i++] = "ficken"; BadURL_Parts[i++] = "fuck"; BadURL_Parts[i++] = "glamour"; // BadURL_Parts[i++] = "gratis"; // YOUR CHOICE // BadURL_Parts[i++] = "gratuit"; // YOUR CHOICE BadURL_Parts[i++] = "hardcore"; BadURL_Parts[i++] = "hentai"; BadURL_Parts[i++] = "incest"; BadURL_Parts[i++] = "lesbi"; BadURL_Parts[i++] = "lolita"; BadURL_Parts[i++] = "milf"; // YOUR CHOICE BadURL_Parts[i++] = "naked"; BadURL_Parts[i++] = "nasty"; BadURL_Parts[i++] = "orgy"; BadURL_Parts[i++] = "pissing"; BadURL_Parts[i++] = "porn"; BadURL_Parts[i++] = "pussy"; BadURL_Parts[i++] = "sesso"; BadURL_Parts[i++] = "sexvideo"; BadURL_Parts[i++] = "sexy"; BadURL_Parts[i++] = "slut"; BadURL_Parts[i++] = "suck"; BadURL_Parts[i++] = "[^_k]tgp[^r]"; BadURL_Parts[i++] = "tits"; BadURL_Parts[i++] = "voyeur"; BadURL_Parts[i++] = "warez"; BadURL_Parts[i++] = "xxx"; // If the HOST name has any of the following words in it the // FindProxyForURL function will reject it unless it matched any // of the GoodDomains or the IP is in a safe range. // You can put REGEXPs anywhere you want here. var BadHostParts = new Array(); i=0; BadHostParts[i++] = "doubleclick"; // AdServer BadHostParts[i++] = "--"; BadHostParts[i++] = "3x"; BadHostParts[i++] = "69"; BadHostParts[i++] = "[^hrv]angel"; BadHostParts[i++] = "asian"; BadHostParts[i++] = "boob"; BadHostParts[i++] = "bypass"; // PROXY BadHostParts[i++] = "casino"; // GAMBLING RULE BadHostParts[i++] = "cloak"; // PROXY BadHostParts[i++] = "[^hn]cock"; // BadHostParts[i++] = "codec"; // YOUR CHOICE - TROJAN // BadHostParts[i++] = "cool"; // YOUR CHOICE BadHostParts[i++] = "facebook"; // PROXY BadHostParts[i++] = "filter"; // PROXY BadHostParts[i++] = "gay"; // BadHostParts[i++] = "[^g]free[^d]"; // YOUR CHOICE BadHostParts[i++] = "galleri"; BadHostParts[i++] = "gallery"; BadHostParts[i++] = "getpast"; // PROXY BadHostParts[i++] = "girls"; BadHostParts[i++] = "hidden"; // PROXY BadHostParts[i++] = "hide"; // PROXY YOUR CHOICE BadHostParts[i++] = "huge"; BadHostParts[i++] = "invisible"; // PROXY BadHostParts[i++] = "kazaa"; // P2P YOUR CHOICE BadHostParts[i++] = "[^cl]lust"; BadHostParts[i++] = "mature"; BadHostParts[i++] = "myspace"; // PROXY BadHostParts[i++] = "nude"; BadHostParts[i++] = "oasc"; // AdServer BadHostParts[i++] = "poker"; // GAMBLING RULE BadHostParts[i++] = "privacy"; // PROXY YOUR CHOICE BadHostParts[i++] = "prox"; // PROXY BadHostParts[i++] = "sextracker"; // BadHostParts[i++] = "surf"; // YOUR CHOICE - PROXY BadHostParts[i++] = "teen"; BadHostParts[i++] = "thumb"; BadHostParts[i++] = "tracker"; BadHostParts[i++] = "tunnel"; // PROXY BadHostParts[i++] = "unblock"; // PROXY BadHostParts[i++] = "unlock"; // PROXY BadHostParts[i++] = "valueclick"; // AdServer BadHostParts[i++] = "virgin[^im]"; BadHostParts[i++] = "women"; BadHostParts[i++] = "young"; // If any of the following BadURL_WordStarts show up at the start of a // word in the URL the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *START* OF THIS ARRAY // That is why anal[^oy] is in the second position rather than // at the start of this array! var BadURL_WordStarts = new Array(); i=0; BadURL_WordStarts[i++] = "eros"; BadURL_WordStarts[i++] = "anal[^oy]"; BadURL_WordStarts[i++] = "gay"; BadURL_WordStarts[i++] = "mature"; BadURL_WordStarts[i++] = "nude"; BadURL_WordStarts[i++] = "teen"; // If any of the following BadHostWordStarts show up at the start of a // word in the HOST the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *START* OF THIS ARRAY var BadHostWordStarts = new Array(); i=0; BadHostWordStarts[i++] = "gcirm"; // AdServer BadHostWordStarts[i++] = "girl"; BadHostWordStarts[i++] = "hard[(b|c|e|p|s)]"; BadHostWordStarts[i++] = "hide"; // PROXY // BadHostWordStarts[i++] = "hot[^em]"; // YOUR CHOICE // next is for - *.insightexpressai.com, // *.insightfirst.com, and insightxe* SPIES BadHostWordStarts[i++] = "insight[(e|f|x)]"; // SPIES BadHostWordStarts[i++] = "tit[^abhilmu]"; BadHostWordStarts[i++] = "sex"; BadHostWordStarts[i++] = "surf"; // YOUR CHOICE - PROXY // If any of the following BadURL_WordEnds show up at the end of a // word in the URL the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var BadURL_WordEnds = new Array(); i=0; BadURL_WordEnds[i++] = "[^c]anal"; BadURL_WordEnds[i++] = "babe"; BadURL_WordEnds[i++] = "[^h]eros"; BadURL_WordEnds[i++] = "gay"; // BadURL_WordEnds[i++] = "[^s]hot"; // YOUR CHOICE BadURL_WordEnds[i++] = "mature"; BadURL_WordEnds[i++] = "nude"; BadURL_WordEnds[i++] = "teen"; // If any of the following BadHostWordEnds show up at the end of a // word in the HOST the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var BadHostWordEnds = new Array(); i=0; BadHostWordEnds[i++] = "girl"; BadHostWordEnds[i++] = "girls"; BadHostWordEnds[i++] = "[^cs]hard"; BadHostWordEnds[i++] = "hide"; // PROXY BadHostWordEnds[i++] = "sex"; /////////////////////////// // Set up GoodDomainRegx // /////////////////////////// for(i in GoodDomains) { GoodDomains[i] = GoodDomains[i].split(/\./).join("\\."); } var GoodDomainRegx = new RegExp("(" + GoodDomains.join("|") + ")$", "i"); if (debug & debugRegxGen) { alert("GoodDomainRegx = " + GoodDomainRegx); } ////////////////////////// // Set up BadDomainRegx // ////////////////////////// for(i in BadDomains) { BadDomains[i] = BadDomains[i].split(/\./).join("\\."); } var BadDomainRegx = new RegExp("(" + BadDomains.join("|") + ")$", "i"); if (debug & debugRegxGen) { alert("BadDomainRegx = " + BadDomainRegx); } /////////////////////////// // Set up BadHostPartRegx // /////////////////////////// for(i in BadHostParts) { BadHostParts[i] = BadHostParts[i].split(/\./).join("\\."); } var BadHostPartRegx = new RegExp(BadHostParts.join("|"), "i"); if (debug & debugRegxGen) { alert("BadHostPartRegx = " + BadHostPartRegx); } ///////////////////////////////// // Set up BadHostWordStartRegx // ///////////////////////////////// for(i in BadHostWordStarts) { BadHostWordStarts[i] = BadHostWordStarts[i].split(/\./).join("\\."); } var BadHostWordStartRegx = new RegExp("(^|[^a-z])(" + BadHostWordStarts.join("|") + ")", "i"); if (debug & debugRegxGen) { alert("BadHostWordStartRegx = " + BadHostWordStartRegx); } /////////////////////////////// // Set up BadHostWordEndRegx // /////////////////////////////// for(i in BadHostWordEnds) { BadHostWordEnds[i] = BadHostWordEnds[i].split(/\./).join("\\."); } var BadHostWordEndRegx = new RegExp("(" + BadHostWordEnds.join("|") + ")([^a-z]|$)", "i"); if (debug & debugRegxGen) { alert("BadHostWordEndRegx = " + BadHostWordEndRegx); } //////////////////////////// // SET UP BadURL_PartRegx // //////////////////////////// for(i in BadURL_Parts) { BadURL_Parts[i] = BadURL_Parts[i].split(/\./).join("\\."); } var BadURL_PartRegx = new RegExp(BadURL_Parts.join("|"), "i"); if (debug & debugRegxGen) { alert ("BadURL_PartRegx = " + BadURL_PartRegx ); } ///////////////////////////////// // SET UP BadURL_WordStartRegx // ///////////////////////////////// for(i in BadURL_WordStarts) { BadURL_WordStarts[i] = BadURL_WordStarts[i].split(/\./).join("\\."); } var BadURL_WordStartRegx = new RegExp("[^a-z](" + BadURL_WordStarts.join("|") + ")", "i"); if (debug & debugRegxGen) { alert ("BadURL_WordStartRegx = " + BadURL_WordStartRegx ); } /////////////////////////////// // SET UP BadURL_WordEndRegx // /////////////////////////////// for(i in BadURL_WordEnds) { BadURL_WordEnds[i] = BadURL_WordEnds[i].split(/\./).join("\\."); } var BadURL_WordEndRegx = new RegExp("(" + BadURL_WordEnds.join("|") + ")([^a-z]|$)", "i"); if (debug & debugRegxGen) { alert ("BadURL_WordEndRegx = " + BadURL_WordEndRegx ); } /////////////////////////////////////////// // Define the IsIPAddr function and vars // /////////////////////////////////////////// var IpAddrRegx = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/; function IsNumIpAddr(host) { var ipAry = host.match(IpAddrRegx); var isIPValid = false; if (ipAry) { isIPValid = true; for( i = 1; i <= 4; i++) { if (ipAry[i] >= 256) { isIPValid = false; } } } if (debug & debugShowIP && isIPValid) { alert("Found a IP host address: " + host); } return isIPValid; } ///////////////////// // Done Setting Up // ///////////////////// if (debug) {alert("proxy pac file loaded");} ////////////////////////////////// // Define the FindProxyFunction // ////////////////////////////////// function FindProxyForURL(url, host) { var TestResult; var FuncResult = normal; var str = ""; var i = ""; var tmpNet; var IsNumIP = IsNumIpAddr(host); // FTP patch for privoxy - Elric Scott schemalogic.com if (shExpMatch(url, "ftp:*")) { return "DIRECT"; } else if (parseURL == pathParse) { str = url.match(/^[^\?#]*/); if (str != url) { if (debug & debugModURL) { alert ("URL modified:\n" + url + "\n" + str); } url = str; } } /////////////////////////////////////////////////////////////////////// // PASS LIST: domains matched here will always be allowed. // /////////////////////////////////////////////////////////////////////// if (!IsNumIP && (TestResult = GoodDomainRegx.exec(host))) { if (debug & debugShowPass) { str = "Passed URL due to Good Domain in host: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return normal; } /////////////////////////////////////////////////////////////////////// // If the IP translates to one of the GoodNetworks we pass it // // since it is considered to be safe. // /////////////////////////////////////////////////////////////////////// for (i in GoodNetworks) { tmpNet = GoodNetworks[i].split(/,\s*/); if (isInNet(host, tmpNet[0], tmpNet[1])) { if (debug & debugShowPass) { str = "Passed URL due to good IP address: " + url + "\n\tNet: " + tmpNet[0] + " mask " + tmpNet[1]; alert(str); } return normal; } } /////////////////////////////////////////////////////////////////////// // If the IP translates to one of the BadNetworks we fail it // // since it is not considered to be safe. // /////////////////////////////////////////////////////////////////////// for (i in BadNetworks) { tmpNet = BadNetworks[i].split(/,\s*/); if (isInNet(host, tmpNet[0], tmpNet[1])) { if (debug & debugShowFail) { str = "Blocked URL due to bad IP address: " + url + "\n\tNet: " + tmpNet[0] + " mask " + tmpNet[1]; alert(str); } return blackhole; } } ////////////////////////////////////////////////////////// // BLOCK LIST: stuff matched here here will be blocked // ////////////////////////////////////////////////////////// if (!IsNumIP && (TestResult = BadDomainRegx.exec(host))) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word in Domain Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (!IsNumIP && (TestResult = BadHostPartRegx.exec(host))) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word in Host Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadHostWordStartRegx.exec(host)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word Start in Host Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadHostWordEndRegx.exec(host)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word End in Host Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadURL_PartRegx.exec(url)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word in URL: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadURL_WordStartRegx .exec(url)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Starting Word in URL: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadURL_WordEndRegx.exec(url)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Ending Word in URL: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (debug & debugShowPass) { str = "Passed URL: " + url; alert(str); } return normal; }