Update Reg Exp to enforce Google Safe Search in DansGuardian

adoucette

What is the latest regular expression to enforce google safe search in DansGuardian?
This would be under Services –> Dansguardian --> ACLs --> URL Lists --> Modify

I've tried the following user submitted regular expressions from this forum with no joy:
This one was supposed to redirect to a non-https version of google, but currently doesn't appear to work

"^https://www.google.[a-z]{2,6}(.*)"->"https://nosslsearch.google.com\1"

These were to add &safe=vss& to either http or https google search url, but don't work

#"(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/search\?)"->"\1&safe=vss&"
"(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/s\?)"->"\1&safe=vss&"
"(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/images\?)"->"\1&safe=vss&"
"(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/videos\?)"->"\1&safe=vss&"
"(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/\?)(.*)(&?)(safe=[^&]*)"->"\1\2\3"
# ... and add 'safe=vss'
These do the same, but again, don't work
[code]"(^https://[0-9a-zA-Z]{0,12}?\.google\.[/0-9a-zA-Z]*\?)(.+)"->"\1\2&safe=vss&"
"(^http://[0-9a-zA-Z]{0,12}?\.google\.[/0-9a-zA-Z]*\?)(.+)"->"\1\2&safe=vss&"
[/code]
And these
[code]"([a-z]*\.google\..*)(&q=.*)"->"\1&safe=vss\2"
"([a-z]*\.google\..*)(\?)(q=.*)"->"\1?safe=vss&\3"[/code]

However, the included strings for Bing, Yahoo, Hotbot, etc DO work:
[code]# BING Add &adlt=strict
"(^http://.+\.bing\.[a-z]+[-/%.0-9a-z]*/.*$)"->"\1&adlt=strict"

# Singingfish - remove 'ff=...' and add 'ff=1'
"(^http://search\.singingfish\.com/[-/%.0-9a-z]*\?)(.*)(&?)(ff=[^&]*)"->"\1\2\3"

"(^http://search\.singingfish\.com/[-/%.0-9a-z]*\?)"->"\1ff=1&"

# Ilse - remove 'family=...' and add 'family=yes'
"(^http://www\.ilse\.nl/searchresults\.dbl\?)(.*)(&?)(family=[^&]*)"->"\1\2\3"
"(^http://www\.ilse\.nl/searchresults\.dbl\?)"->"\1family=yes&"

# KEL - remove 'Realm%3AErotiek=...'
"(^http://www\.kel\.nl/search/search.cgi\?)(.*)(&?)(Realm%3AErotiek=[^&]*)"->"\1\2\3"

# Lycos.com - family filter only available in advanced mode.
# Remove 'adv=...' and 'adf=...' and add 'adv=1&adf=on'
"(^http://[^/]*search[^/]*\.lycos\.com/[-/%.0-9a-z]*\?)(.*)(&?)(adv=[^&]*)"->"\1\2\3"
"(^http://[^/]*search[^/]*\.lycos\.com/[-/%.0-9a-z]*\?)(.*)(&?)(xadult\.)(.*)(xadult\.)"->"\1\2\3\5"
"(^http://[^/]*search[^/]*\.lycos\.com/[-/%.0-9a-z]*\?)"->"\1adv=1&adf=on&"

# Lycos.nl - remove 'family=...' and add 'family=on'
"(^http://zoek\.lycos\.nl/[-/%.0-9a-z]*\?)(.*)(&?)(family=[^&]*)"->"\1\2\3"
"(^http://zoek\.lycos\.nl/[-/%.0-9a-z]*\?)"->"\1family=on&"

# Alltheweb - change the customize url so that 'offensive' cannot be turned off
"(^http://www\.alltheweb\.com/customize\?)(.*)(&?)(copt_offensive=[^&]*)"->"\1\2\3copt_offensive=on"

# Yahoo - remove 'vm=...' and add 'vm=r'
"(^http://[.0-9a-z]+\.yahoo\.[a-z]+[-/%.0-9a-z]*/search)(.*)(&?)(vm=[^&]*)"->"\1\2\3"
"(^http://[.0-9a-z]+\.yahoo\.[a-z]+[-/%.0-9a-z]*/search+.*\?)"->"\1vm=r&"

# Hotbot - remove 'adf=...' and add 'adf=on'
"(^http://[0-9a-z]+\.hotbot\.[a-z]+/default\.asp\?)(.*)(&?)(adf=[^&]*)"->"\1\2\3"
"(^http://[0-9a-z]+\.hotbot\.[a-z]+/default\.asp\?)"->"\1adf=on&"

# Wisenut - change the customize url so that 'wisepatrol' cannot be turned off
"(^http://www\.wisenut\.com/preferences/savePreferences\.[^?]*\?)(.*)(&?)(wisepatrol=[^&]*)"->"\1\2\3wisepatrol=1"

# Metacrawler - remove 'familyfilter=...' and add 'familyfilter=1'
"(^http://www\.metacrawler\.com/info\.metac/search/[-/%.0-9a-z]*\?)(.*)(&?)(familyfilter=[^&]*)"->"\1\2\3"
"(^http://www\.metacrawler\.com/info\.metac/search/[-/%.0-9a-z]*\?)"->"\1familyfilter=1&"[/code]

Thanks for any help.
Ari[/s][/s][/s][/s][/s]

rjcrowder

I've had mixed luck on the forcing of safe search. I haven't played with it in a while, but I believe the following is adding the safe = vss (at least is shows on the address line).

# Google, Go etc. - remove 'safe=...'
"(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/\?)(.*)(&?)(safe=[^&]*)"->"\1\2\3"
# ... and add 'safe=vss'
"(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/\?)"->"\1safe=vss&"
"([a-z]*\.google\..*)(&q=.*)"->"\1&safe=vss\2"
"([a-z]*\.google\..*)(\?)(q=.*)"->"\1?safe=vss&\3"

The best way to redirect to the non SSL site - which is necessary to filter content with Dans (unless you want to do SSL man in the middle) - is to override the DNS. You will need to create entries under the "Host Overrides" section of the DNS forwarder to resolve:
  www.google.com
  google.co.uk
  google.com
to the address of nosslsearch.google.com. You may also want to block other SSL search engines.

For the integrity install, I created a little daemon that runs via cron to automatically update the IP address of the override (since google could change the resolution of it). The daemon looks for "ip=some.url" in the description and then updates the IP address. I've attached a screenshot of my host overrides.


adoucette

Thanks, that seems to be working.
Google now locks no ssl, and safesearch.