Block url in a whitelisted domain
276 views
Skip to first unread message
sede...@protonmail.ch
Jun 9, 2020, 8:34:43 PM6/9/20
to e2guardian
I'm using e2guardian in BlanketBlock/whitelisting mode.
If I
allow a domain and put it in an exception list, how can I block a url
within that domain?
I can't put it in a banned list as exception lists
override banned lists.
Is this a limitation of e2guardian please?
Philip Pearce
Jun 15, 2020, 11:05:14 AM6/15/20
to sede...@protonmail.ch, e2guardian
If the site is http then put the url to block in the localbannedurllist.
If it is https you will need to have MITM enabled, and add the url path prefixes that you want to the exceptionurllist, and remove the site name from the exceptionsitelist.
It is not a limitation of e2guardian as such, but of the standard configuration. It is possible to change the order of list evaluation in v5 by modifying the storyboard logic. If you want to do this, you should study both the documentation and the example storyboards carefully before making any changes.
Regards
Philip
--
E2guardian:
https://groups.google.com/d/forum/e2guardian
Github:
https://github.com/e2guardian/e2guardian
Follow us on twitter:
https://twitter.com/e2guardian
---
You received this message because you are subscribed to the Google Groups "e2guardian" group.
To unsubscribe from this group and stop receiving emails from it, send an email to e2guardian+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/e2guardian/aebe23d2-1390-43c6-9a84-8322ea9b0326o%40googlegroups.com.
sede...@protonmail.ch
Jun 16, 2020, 6:11:26 AM6/16/20
to e2guardian
If the site is http then put the url to block in the localbannedurllist.
But the 'exception' lists override the 'banned' lists also.
If it is https you will need to have MITM enabled, and add the url path prefixes that you want to the exceptionurllist, and remove the site name from the exceptionsitelist.
This would necessitate that I add countless urls to 'exceptionurllist' just to avoide a single one. This is very unpractical.
It is not a limitation of e2guardian as such
At its current state, it does not provide the logic of (ALLOW EVERYTHING BUT SOMETHING). It seems to me a very simple rule, and it should be enabled in the Blanket Block mode by default, as in this mode, 'banned' lists are absolutely redundant.
If you want to do this, you should study both the documentation and the example storyboards carefully before making any changes.
I find this the only solution, thank you. My only problem is that I cannot find any documentation for the storyboards. http://www.e2guardian.org contains nothing. Could you please refer me to the docs please?
On Monday, 15 June 2020 15:05:14 UTC, Philip wrote:
If the site is http then put the url to block in the localbannedurllist.If it is https you will need to have MITM enabled, and add the url path prefixes that you want to the exceptionurllist, and remove the site name from the exceptionsitelist.It is not a limitation of e2guardian as such, but of the standard configuration. It is possible to change the order of list evaluation in v5 by modifying the storyboard logic. If you want to do this, you should study both the documentation and the example storyboards carefully before making any changes.Regards
Philip
From: "sedessap via e2guardian" <e2gua...@googlegroups.com>
To: "e2guardian" <e2gua...@googlegroups.com>
Sent: Wednesday, 10 June, 2020 1:34:43 AM
Subject: Block url in a whitelisted domain--I'm using e2guardian in BlanketBlock/whitelisting mode.If I allow a domain and put it in an exception list, how can I block a url within that domain?I can't put it in a banned list as exception lists override banned lists.Is this a limitation of e2guardian please?
E2guardian:
https://groups.google.com/d/forum/e2guardian
Github:
https://github.com/e2guardian/e2guardian
Follow us on twitter:
https://twitter.com/e2guardian
---
You received this message because you are subscribed to the Google Groups "e2guardian" group.
To unsubscribe from this group and stop receiving emails from it, send an email to e2gua...@googlegroups.com.
sede...@protonmail.ch
Jun 16, 2020, 6:14:09 AM6/16/20
to e2guardian
Oh I just found it thank you!
sede...@protonmail.ch
Jun 16, 2020, 6:22:57 AM6/16/20
to e2guardian
I'm sorry but I still can't find any storyboard documentation even on github.
Philip Pearce
Jun 16, 2020, 7:46:21 AM6/16/20
to e2guardian
See https://github.com/e2guardian/e2guardian/tree/v5.3/notes (V5.3)
The files NEWIN_v5 V5_Storyboard.pdf V5_list_definition.pdf
Also look at the example conf and storyboards in the distribution configs directory https://github.com/e2guardian/e2guardian/tree/v5.4.dev/configs or https://github.com/e2guardian/e2guardian/tree/v5.3/configs
From: "sedessap via e2guardian" <e2gua...@googlegroups.com>
To: "e2guardian" <e2gua...@googlegroups.com>
--
E2guardian:
https://groups.google.com/d/forum/e2guardian
Github:
https://github.com/e2guardian/e2guardian
Follow us on twitter:
https://twitter.com/e2guardian
---
You received this message because you are subscribed to the Google Groups "e2guardian" group.
To unsubscribe from this group and stop receiving emails from it, send an email to e2guardian+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/e2guardian/45931309-3e36-4df2-9097-328175a3ef8co%40googlegroups.com.
sede...@protonmail.ch
Aug 6, 2020, 1:11:29 PM8/6/20
to e2guardian
Hello Philip,
I hope you can help me if you have the time.
I copied the following functions from [common.story] into [site.story], and added the lines marked with '###'
But this does not work, and it gives an error "Action not defined" in each line:
function(checkrequest)
if(viruscheckset) checknoscanlists
if(bypassallowset) checknobypasslists
if(blockset) return setblock ###
if(exceptionset) return true
if(fullurlin,searchterms) setsearchterm
ifnot(greyset) returnif localcheckrequest
if(connect) return sslrequestcheck
ifnot(greyset) returnif exceptioncheck
ifnot(greyset) greycheck
ifnot(greyset) returnif bannedcheck
if(fullurlin, change) setmodurl
if(true) returnif embeddedcheck
if(headerin,headermods) setmodheader
if(fullurlin, addheader) setaddheader
if(searchin,override) setexception
if(returnset) return setdone
if(searchin,banned) return setblock
if(fullurlin,redirect) return setredirect
if(true) setgrey
# Exception check
# returns true on match
function(exceptioncheck)
if(urlin, banned) return setblock ###
if(sitein, banned) return setblock ###
if(urlin, exception) return setexception
if(refererin,refererexception) return setexception
if(headerin, exceptionheader) return setexception
if(useragentin, exceptionuseragent) return setexception
ifnot(urlin,embededreferer) return false
if(embeddedin,refererexception) return setexception
# SSL Exception check
# returns true on match
function(sslexceptioncheck)
if(urlin, banned) return setblock ###
if(sitein, banned) return setblock ###
if(sitein, exception) return setexception
if(headerin, exceptionheader) return setexception
if(useragentin, exceptionuseragent) return setexception
if(true) return falseCould you please give me some guidance?
Philip Pearce
Aug 6, 2020, 2:13:22 PM8/6/20
to sede...@protonmail.ch, e2guardian
Hi
Are you using v5.3 and do you have the ### in your actual story file? There is a 'feature' in v5.3 where comments in the middle of a storyboard line are not stripped, causing the symptom you describe This is fixed in v5.4.
Otherwise your syntax looks OK.
I'm not sure what you are trying to do with the extra line in checkrequest. It can never do anything as it effectively says if the block flag is set, set the block flag and return true. (Setblock always returns true).
You need some list checking rule before this to set the block flag.
In the following two lines in exceptioncheck the second one is redundant as sites are checked automatically as part of the urlin state.
In the following two lines in exceptioncheck the second one is redundant as sites are checked automatically as part of the urlin state.
if(urlin, banned) return setblock ###
if(sitein, banned) return setblock ###
if(sitein, banned) return setblock ###
In sslexceptioncheck only the last one is needed as at ssl level we only have the site name and cannot see the url part. (with ssl urlin and sitein are effectively the same, the list engine will not check any url lists as only the site name is present.
Philip
From: "sedessap via e2guardian" <e2gua...@googlegroups.com>
To: "e2guardian" <e2gua...@googlegroups.com>
Sent: Thursday, 6 August, 2020 6:11:28 PM
Subject: Re: Block url in a whitelisted domain
--
E2guardian:
https://groups.google.com/d/forum/e2guardian
Github:
https://github.com/e2guardian/e2guardian
Follow us on twitter:
https://twitter.com/e2guardian
---
You received this message because you are subscribed to the Google Groups "e2guardian" group.
To unsubscribe from this group and stop receiving emails from it, send an email to e2guardian+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/e2guardian/4a84cf96-2c95-468c-a9c5-90a6971b2e6do%40googlegroups.com.
Lyos
Dec 4, 2020, 4:53:23 PM12/4/20
to e2guardian
I'm really sorry but I've been using e2guardial in walled garden mode all this time, but everything mentioned on this page never worked.. I tried to repeat what is mentioned here many times but it never worked, I'm not sure what I'm missing..
el
Jan 17, 2021, 5:16:58 PM1/17/21
to e2guardian
I have a similar problem.
Instead of putting the domain in an 'exception' list; put it in a 'grey' list.
All you have to do now is to allow url filtering on 'grey' lists. But I'm not sure if this is possible..
Reply all
Reply to author
Forward
0 new messages