mkblacklist — tool for converting http-proxy blacklists into DB format
The http-proxy can limit access to some servers according to a blacklist. The blacklist can exist in textual or DB formats. The proxy uses only the DB format, which provides much faster search for entries. Utility mkblacklist reads the blacklist in text format from the standard input and writes entries into a DB file given as an argument.
If the DB database file already exists, its content is preserved and new entries are added to it. If an entry with a key already existing in the database is to be added, a warning message is written to the standard error and the original entry is left in the DB file.
Each line defines a single blacklist entry consisting of a server address (hostname or IP address) with an optional path and a list of categories. Individual categories are separated among themselves and from the address by whitespace. For example:
warez.xyz.com warez hacking 10.0.0.1/multimedia audio video
define two entries of a blacklist. The first one assigns
hacking to all
content on server
warez.xyz.com. The second line
to pages in subtree specified by path
on the server with the IP address
There are no port numbers in the blacklist, because matching is always done regardless of the port the server is running on.
Empty and comment lines (those with
#' as the first non-whitespace character) in
the blacklist are ignored.
Matching of server addresses is performed as text, i.e., hostname matches only with hostname and IP address with IP address. Utility resolveblacklist(1) can be used to automatically add all IP addresses for each host in the blacklist.