defang: Interpose upon HTTP connections and filter animated gifs that come in. Can either replace the Animated Gif with a simple static gif, or can make the animated GIF do just one loop. It can also screen connections based on remote hostname (allow and deny) and URL pathname (deny only). defang evidently stands for: DElete Friggin ANimated Gifs :-) Configuration: Edit the top portion of the script. (or see cmd line options below) Setup your browser (e.g. Netscape) to use the machine and port you run this script on to be your browsers HTTP PROXY. Best to leave the FTP and GOPHER PROXYs alone. (although they might work too...). Options: -h, -help This help. -on Turn on (default mode: replace) -r Turn on GIF replacement mode. (red A) -once, -1 Turn on GIF One Loop mode. -off Turn off GIF filtering. -all Turn off ACCESS filtering. -noall Turn on ACCESS filtering. Using any of the above options will not cause the server to be started, unless run via, say: defang -once start Yow! Here are cmd line options for everything else: -c Use as config file instead of ./defang.conf. -F Use as the flag file prefix instead of /tmp/defang.runge. -f Set initial Gif read block size to "N" (only this portion is checked for animation signature) Default: 16384 -b Set the overall transfer read block size to "N". Default: 8192 -v Set to, say "HTTP/1.0" to force overwrite of the Http version in the GET line. Could be dangerous, really should be per-site. -nfg Never return a fake gif or jpg to client. Only return HTTP 202. -d Turn on debugging mode. -l Use as debugging logfile instead of "defang.log" Implies -d. -u The machine is Unix (ahhh) Default. -w The machine is Windows (gulp!) -sysv The machine is SVR4 wrt sockets. (e.g. Solaris) -p Listen on port , Default: 8082 -proxy_host Use as proxy to refer requests to. Specify "NONE" for no proxy. Default: NONE -proxy_port The port of the proxy to connect to. Ignored if host is "NONE". Default: 8080 Or use -proxy_host host:port -ef Do an extra fork() call on Unix for the two-way data flow. Not needed for most HTTP. (But may be for secure/CONNECT method). -sf Do a single fork to not protect against zombie creation. -ka Use Connection: Keep-Alive protocol. -pf Prefork children. Use 0 to skip prefork mechanism. -jpf Under prefork mode, each child handles this many connections. -allow Allow hosts matching names or ips in patterns E.g. -allow *.nick.com,*.disney.com -deny Deny hosts matching patterns E.g. -deny *.xxx.com,*.lycos.com -url_deny Deny urls with pathnames matching the patterns in . Spaces may be used instead of commas in pattern lists. Use // to use a perl regex w/o commas or spaces. Params to set in Config_File: Hosts_Allow (space/comma sep and additive) Hosts_Deny (space/comma sep and additive) Url_Deny (space/comma sep and additive) Url_Redir (additive) Url_Rewrite (additive) Flag_File_Prefix (filename) Proxy_host (host or host:port) Proxy_port (port #) My_Listen_Port (port #) First_Block_Size (number) Buf_Size (number) Pre_Fork (number) Jobs_Per_Fork (number) Http_Version (e.g. HTTP/1.1) Check_Multi_Gif89_Ext (0 or 1) Check_Any_Gif89_Ext (0 or 1) No_Fake_Gifs (0 or 1) Do_Shutdown (0 or 1) Do_Keepalive (0 or 1) Unix (0 or 1) Windows (0 or 1) IS_SYSV (0 or 1) Extra_Fork (0 or 1) Single_Fork (0 or 1) Debug (0 or 1) Argv_Url (0 or 1) ENV hacks: $ENV{DENIED_FILE} for internal Denied_Log_File Notes: The Config_File is reread if it is modified. Send signals to program named defang_master USR1 Restart_Children USR2, HUP Restart_All TERM, INT Kill everything and exit. Bugs: Loop once does not seem to work any more. Allow/Deny host lists take 2 connections to get back to server. Cannot turn off and on Host and Url access easily. Does not fork on Windows. 1 connection at a time. Copyright (c) 1997-2001 by Karl J. Runge