Update Reg Exp to enforce Google Safe Search in DansGuardian



  • What is the latest regular expression to enforce google safe search in DansGuardian?
    This would be under Services –> Dansguardian --> ACLs --> URL Lists --> Modify

    I've tried the following user submitted regular expressions from this forum with no joy:
    This one was supposed to redirect to a non-https version of google, but currently doesn't appear to work

    "^https://www.google.[a-z]{2,6}(.*)"->"https://nosslsearch.google.com\1"
    

    These were to add &safe=vss& to either http or https google search url, but don't work

    #"(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/search\?)"->"\1&safe=vss&"
    "(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/s\?)"->"\1&safe=vss&"
    "(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/images\?)"->"\1&safe=vss&"
    "(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/videos\?)"->"\1&safe=vss&"
    "(^http[s]?://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/\?)(.*)(&?)(safe=[^&]*)"->"\1\2\3"
    # ... and add 'safe=vss'
    These do the same, but again, don't work
    [code]"(^https://[0-9a-zA-Z]{0,12}?\.google\.[/0-9a-zA-Z]*\?)(.+)"->"\1\2&safe=vss&"
    "(^http://[0-9a-zA-Z]{0,12}?\.google\.[/0-9a-zA-Z]*\?)(.+)"->"\1\2&safe=vss&"
    [/code]
    And these
    [code]"([a-z]*\.google\..*)(&q=.*)"->"\1&safe=vss\2"
    "([a-z]*\.google\..*)(\?)(q=.*)"->"\1?safe=vss&\3"[/code]
    
    However, the included strings for Bing, Yahoo, Hotbot, etc DO work:
    [code]# BING Add &adlt=strict
    "(^http://.+\.bing\.[a-z]+[-/%.0-9a-z]*/.*$)"->"\1&adlt=strict"
    
    # Singingfish - remove 'ff=...' and add 'ff=1'
    "(^http://search\.singingfish\.com/[-/%.0-9a-z]*\?)(.*)(&?)(ff=[^&]*)"->"\1\2\3"
    
    "(^http://search\.singingfish\.com/[-/%.0-9a-z]*\?)"->"\1ff=1&"
    
    # Ilse - remove 'family=...' and add 'family=yes'
    "(^http://www\.ilse\.nl/searchresults\.dbl\?)(.*)(&?)(family=[^&]*)"->"\1\2\3"
    "(^http://www\.ilse\.nl/searchresults\.dbl\?)"->"\1family=yes&"
    
    # KEL - remove 'Realm%3AErotiek=...'
    "(^http://www\.kel\.nl/search/search.cgi\?)(.*)(&?)(Realm%3AErotiek=[^&]*)"->"\1\2\3"
    
    # Lycos.com - family filter only available in advanced mode.
    # Remove 'adv=...' and 'adf=...' and add 'adv=1&adf=on'
    "(^http://[^/]*search[^/]*\.lycos\.com/[-/%.0-9a-z]*\?)(.*)(&?)(adv=[^&]*)"->"\1\2\3"
    "(^http://[^/]*search[^/]*\.lycos\.com/[-/%.0-9a-z]*\?)(.*)(&?)(xadult\.)(.*)(xadult\.)"->"\1\2\3\5"
    "(^http://[^/]*search[^/]*\.lycos\.com/[-/%.0-9a-z]*\?)"->"\1adv=1&adf=on&"
    
    # Lycos.nl - remove 'family=...' and add 'family=on'
    "(^http://zoek\.lycos\.nl/[-/%.0-9a-z]*\?)(.*)(&?)(family=[^&]*)"->"\1\2\3"
    "(^http://zoek\.lycos\.nl/[-/%.0-9a-z]*\?)"->"\1family=on&"
    
    # Alltheweb - change the customize url so that 'offensive' cannot be turned off
    "(^http://www\.alltheweb\.com/customize\?)(.*)(&?)(copt_offensive=[^&]*)"->"\1\2\3copt_offensive=on"
    
    # Yahoo - remove 'vm=...' and add 'vm=r'
    "(^http://[.0-9a-z]+\.yahoo\.[a-z]+[-/%.0-9a-z]*/search)(.*)(&?)(vm=[^&]*)"->"\1\2\3"
    "(^http://[.0-9a-z]+\.yahoo\.[a-z]+[-/%.0-9a-z]*/search+.*\?)"->"\1vm=r&"
    
    # Hotbot - remove 'adf=...' and add 'adf=on'
    "(^http://[0-9a-z]+\.hotbot\.[a-z]+/default\.asp\?)(.*)(&?)(adf=[^&]*)"->"\1\2\3"
    "(^http://[0-9a-z]+\.hotbot\.[a-z]+/default\.asp\?)"->"\1adf=on&"
    
    # Wisenut - change the customize url so that 'wisepatrol' cannot be turned off
    "(^http://www\.wisenut\.com/preferences/savePreferences\.[^?]*\?)(.*)(&?)(wisepatrol=[^&]*)"->"\1\2\3wisepatrol=1"
    
    # Metacrawler - remove 'familyfilter=...' and add 'familyfilter=1'
    "(^http://www\.metacrawler\.com/info\.metac/search/[-/%.0-9a-z]*\?)(.*)(&?)(familyfilter=[^&]*)"->"\1\2\3"
    "(^http://www\.metacrawler\.com/info\.metac/search/[-/%.0-9a-z]*\?)"->"\1familyfilter=1&"[/code]
    
    Thanks for any help.
    Ari[/s][/s][/s][/s][/s]
    


  • I've had mixed luck on the forcing of safe search. I haven't played with it in a while, but I believe the following is adding the safe = vss (at least is shows on the address line).

    # Google, Go etc. - remove 'safe=...'
    "(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/\?)(.*)(&?)(safe=[^&]*)"->"\1\2\3"
    # ... and add 'safe=vss'
    "(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/\?)"->"\1safe=vss&"
    "([a-z]*\.google\..*)(&q=.*)"->"\1&safe=vss\2"
    "([a-z]*\.google\..*)(\?)(q=.*)"->"\1?safe=vss&\3"
    
    

    The best way to redirect to the non SSL site - which is necessary to filter content with Dans (unless you want to do SSL man in the middle) - is to override the DNS. You will need to create entries under the "Host Overrides" section of the DNS forwarder to resolve:
      www.google.com
      google.co.uk
      google.com
    to the address of nosslsearch.google.com. You may also want to block other SSL search engines.

    For the integrity install, I created a little daemon that runs via cron to automatically update the IP address of the override (since google could change the resolution of it). The daemon looks for "ip=some.url" in the description and then updates the IP address. I've attached a screenshot of my host overrides.

    ![Screenshot from 2015-01-04 15:17:30.png](/public/imported_attachments/1/Screenshot from 2015-01-04 15:17:30.png)
    ![Screenshot from 2015-01-04 15:17:30.png_thumb](/public/imported_attachments/1/Screenshot from 2015-01-04 15:17:30.png_thumb)



  • Thanks, that seems to be working.
    Google now locks no ssl, and safesearch.


Log in to reply