×
Few antiviral products inadequately detect 3proxy as Trojan.Daemonize,
Backdoor.Daemonize, etc and many detect 3proxy as a PUA (potentially unwanted program).
It may cause browser warning on download page.
3proxy is not trojan or backdoor and contains
no functionality except described in documentation. Clear explanation of this
fact is given, for example, in
Microsoft's
article.
3proxy Perl Compatible Regular Expressions (PCRE) plugin
This filtering plugin can be used to create matching and replace rules with regular expressions for client's request, client and servers header and client and server data. It adds 3 additional configuration commands:pcre TYPE FILTER_ACTION REGEXP [ACE] pcre_rewrite TYPE FILTER_ACTION REGEXP REWRITE_EXPRESSION [ACE] pcre_extend FILTER_ACTION [ACE] pcre_options OPTION1 [...]pcre - allows to apply some rule for matching
pcre_rewrite - in addition to 'pcre' allows to substitute substrings
pcre_extend - extends ACL of the last pcre or pcre_rewrite comand by adding additional ACE (like with allow/deny configuration commands).
pcre_options - allows to set matching options. Awailable options are: PCRE_CASELESS, PCRE_MULTILINE, PCRE_DOTALL, PCRE_EXTENDED, PCRE_ANCHORED, PCRE_DOLLAR_ENDONLY, PCRE_EXTRA, PCRE_NOTBOL, PCRE_NOTEOL, PCRE_UNGREEDY, PCRE_NOTEMPTY, PCRE_UTF8, PCRE_NO_AUTO_CAPTURE, PCRE_NO_UTF8_CHECK, PCRE_AUTO_CALLOUT, PCRE_PARTIAL, PCRE_DFA_SHORTEST, PCRE_DFA_RESTART, PCRE_FIRSTLINE, PCRE_DUPNAMES, PCRE_NEWLINE_CR, PCRE_NEWLINE_LF, PCRE_NEWLINE_CRLF, PCRE_NEWLINE_ANY, PCRE_NEWLINE_ANYCRLF, PCRE_BSR_ANYCRLF, PCRE_BSR_UNICODE
- TYPE - type of filtered data. May contain one or more
(comma delimited list) values:
- request - content of client's request e.g. HTTP GET request string. (known problem: changing request string doesn't change IP of the host to connect)
- cliheader - content of client request headers, e.g. HTTP request header.
- srvheader - content of server's reply headers, e.g. HTTP status and headers.
- clidata - data received from client, e.g. HTTP POST request data
- srvdata - data received from server, e.g. HTML page
- FILTER_ACTION - action on match
- allow - allow this request without checking rest of the given type
of the rules
- deny - deny this request without checking rest of the rules
- dunno - continue with the rest of rules (useful with pcre_rewrite)
- REGEXP - PCRE (perl) regular expression. Use * if no regexp matching required.
- REWRITE_EXPRESSION - substitution string. May contain perl-style substrings (not tested) $1, $2. $0 - means whole matched string. \r and \n may be used to insert new strings, string may be empty ("").
- ACE - access control entry (user names, source IPs, destination IPs, ports, etc), absolutely identical to allow/deny/bandlimin commands. Regular expression is only matched if ACL matches connection data. Warning: reqular expression doesn't require authentication and can not replace authentication and/or allow/deny ACLs.
Example:
plugin PCREPlugin.dll pcre_plugin pcre request deny "porn|sex" user1,user2,user3 192.168.0.0/16 pcre srvheader deny "Content-type: application" pcre_rewrite clidata,srvdata dunno "porn|sex|pussy" "***" baduser pcre_extend deny * 192.168.0.1/16
Download:
- Plugin is included into 3proxy 0.6 binary and source distribution
- Example configuration (by Dennis Garber): NoPornLitest.cfg
