Squid redirector

Written in vi editor

A Squid proxy server redirector replaces certain URLs with others. It can therefore be used as an ad-blocker. Speeding up page load speeds and reducing tracking. It can also be used to block malicious scripts. Here a list of Squid Related Redirectors Software.

Squid redirector with RBL support

This redirector matches URLs against entries in a file. It can match against the beginning of an URL, the end of an URL and a substring of an URL.
It can also lookup host-names and IP addresses in DNS-based blacklists or RBLs.
Keep in mind that this will lead to false positives. Often there are many websites sharing the same IP address(es). Blacklisting a single IP address will block access to all of those sites. Including those which are not malicious.



Directory for conf files.


Optional. 'debug on' will enable debugging.
You need this. The redirurl is the URL the redirector redirects to. Usually a link to a small transparent GIF. E.G.;
redirurl http://www.example.org/images/transparant.gif
This won't work for HTTPS: The browser will complain. The site still gets blocked though.
Optional. Syntax;
dnsbl mode name
dnsbl 4 blacklist.example.net
You can use multiple blacklists.
dnsbl mode

A value between 1 and 15. It's an OR of;

Check host-name
If alias, check CNAME
Check IP address(es)
Log TXT record


List of URLs not to fetch.

Grep This program 
 ^Foobar  Foobar
 Foobar$  *Foobar
 .*Foobar.*  *Foobar*
http://ad.doubleclick.net/  Matches any URL that begins with 'http://ad.doubleclick.net/'.
ad.doubleclick.net The same for HTTPS.
*count.gif Matches any URL that ends in 'count.gif'.
*doubleclick* Matches any URL that contains 'doubleclick'.


Directory for log files. The directory has to be writable by the Squid process owner.


epoch.ms pid blocked_host_or_ip blacklist A lookup TXT

Number seconds since the 1st of January 1970 00:00:00 UTC.
Process ID of redirector. Squid may spawn several. This way you can tell their log entries apart.
Host-name or IP address of blocked website.
The blacklist that blocked it.
RBLs return an IP address just above E.G.:
The actual lookup that resulted in the above IP address.
TXT record for the same lookup. Usually a link to a web-page explaining why this IP address is blacklisted.

Lookup examples;

 www.example.org  www.example.org.blacklist.example.net

Before log-file rotation you need to reload Squid. This will kill the redirectors.


For TXT look-ups to work you need to remove the comments around '#define RSD_TXT_LKP 1'. If you do this you need to compile with -lresolv;
cc -O2 -Wall -lresolv -o rblsredir rblsredir.c
The maximum number of RBLs is eight. If you want more you need to increase the number next to '#define RSD_MAXLISTS'.

Convert Spamhaus blacklists into zone files

The Spamhaus DROP (Don't Route Or Peer) list consists of a number of files in network/netmask format. They are meant to be part of a firewall. You can however, convert them in a blacklist zone file instead.
The stuff below does this for you;

Script that does most of the work. Edit to suit your needs.
Header for zone file. Edit to suit your needs.
Program that generates the zone file entries.
The '-t' option adds TXT records.

You can add your own entries if you want.

malice.example.com	IN	A