DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9289>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9289 Add a banner word blocking directive in the mod_proxy Summary: Add a banner word blocking directive in the mod_proxy Product: Apache httpd-1.3 Version: 1.3.24 Platform: All OS/Version: All Status: NEW Severity: Enhancement Priority: Other Component: mod_proxy AssignedTo: bugs@httpd.apache.org ReportedBy: [EMAIL PROTECTED] I think Apache should have a directive to block some banner words if apache is used as a pure proxy server. This directive is similar to the ProxyBlock directive. This directive allows apache to grep an ad word in the URL and block the connection if it matches the predefined word. it also doesn't do a host lookup in the server start-up. Here is what I did to implement a directive ProxyWordBlock : (1) add the following to the definition of static const command_rec proxy_cmds[]= { ... ... {"ProxyWordBlock", set_proxy_word_exclude, NULL, RSRC_CONF, ITERATE, /* LINKBYTE */ "A list of names, words, hosts or domains to which the proxy will not connect"}, {NULL} }; where, funcion set_proxy_word_exclude is defined later. (2) add a new data member to the structure of proxy_server_conf in the mod_proxy.h file: array_header *nowords; (3) insert the following line into the function of create_proxy_config: ps->nowords = ap_make_array(p, 10, sizeof(struct noproxy_entry)); (4) insert the following line into the function of merge_proxy_config: ps->nowords = ap_append_arrays(p, base->nowords, overrides->nowords); (5) create a new funciton in the mod_proxy.c file: /* Similar to set_proxy_exclude(), but not resolve the hostname and make * the case sensible */ static const char * set_proxy_word_exclude(cmd_parms *parms, void *dummy, char *arg) { server_rec *s = parms->server; proxy_server_conf *conf = ap_get_module_config(s->module_config, &proxy_module); struct noproxy_entry *new; struct noproxy_entry *list = (struct noproxy_entry *) conf->nowords->elts; int found = 0; int i; /* Don't duplicate entries */ for (i = 0; i < conf->nowords->nelts; i++) { if (strcmp(arg, list[i].name) == 0) found = 1; } if (!found) { new = ap_push_array(conf->nowords); new->name = arg; new->addr.s_addr = 0; } return NULL; } (6)in the file of proxy_http.c, add the following line in the beginning of function ap_proxy_http_handler: struct noproxy_entry *nwent = (struct noproxy_entry *) conf->nowords->elts; 6)in the file of proxy_http.c, add the following line in the function ap_proxy_http_handler after the similar proxyblock codes: /* check if ProxyWordBlock directive on this host */ for (i = 0; i < conf->nowords->nelts; i++) { if (nwent[i].name && nwent[i].name[0] && strstr(url, nwent[i].name)) return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked"); } (7) we can do the similar thing for the proxy_ftp.c and proxy_connect.c, however, i choose to let it alone. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
