pybl/README.md

# pybl

Squid helper handling squidguard blacklists written in python

* Only supports domains blacklists actually (ie : google.com, www.google.com, mail.google.com, etc.)
* In config specified blacklists are loaded in memory or CDB backend using https://github.com/bbayles/python-pure-cdb
* Usable as an external acl plugin for squid 3
* Written because of poor development on squidguard and some issues using blacklists on squid
* Python 3 supported as of 2020


## Usage

Add this configuration to squid.conf :
```
external_acl_type urlblacklist_lookup ttl=5 %DST /usr/bin/python /usr/local/pybl/pybl.py
...
acl urlblacklist external urlblacklist_lookup
...
http_access deny urlblacklist
```

Config file must be include following statements
```
url = http://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz
basedir = /usr/local/pybl/
categories = adult,malware  # categories are coma separated values
backend = cdb
```

* url : squidguard-like blacklists files, this variable is not already usable
* basedir : root path containing blacklists files, metadata (update datetime)
* categories : blacklists to use for filtering
* backend : database flavour (ram|cdb)


## TODO

* Auto-fetcher using url if blacklists are not already downloaded or stored on the squid machine (wip)
* Compatibility with python3 only
* Filters for regex urls
* Code optimisation (profiling) and cleaning (wip)
* Tests (wip)
* ...


## DBs support ideas

* High performance but heavy RAM usage when using dict()
* Sqlite3 tested, small memory footprint, but very slow
* CDB backend seems to be as fast as attended, with a very small footprint


## DBs Benchmarks (2016)

RAM usage for one thread with categories ["adult","malware"]

Debian 8 / python 2.7.9 / squid 3.4.8

* ram : 90Mo
* cdb : 6Mo

Ubuntu 20.04 / python 3.8.2 / squid 4.9

* ram : 249Mo
* cdb : 12Mo


## License

Copyright (c) 2016, 2020 PaulBSD
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice, this
  list of conditions and the following disclaimer.

* Redistributions in binary form must reproduce the above copyright notice,
  this list of conditions and the following disclaimer in the documentation
  and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								# pybl
-												Initial commit
											
										
										
											2016-01-24 19:05:59 +01:00
+								Squid helper handling squidguard blacklists written in python
-												py-squid-blacklists: various updates

											
										
										
											2016-02-03 21:31:33 +01:00
-												Classes added (wip)

											
										
										
											2016-02-20 14:46:12 +01:00
+								* Only supports domains blacklists actually (ie : google.com, www.google.com, mail.google.com, etc.)
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								* In config specified blacklists are loaded in memory or CDB backend using https://github.com/bbayles/python-pure-cdb
 								* Usable as an external acl plugin for squid 3
 								* Written because of poor development on squidguard and some issues using blacklists on squid
 								* Python 3 supported as of 2020
-												update README.md

											
										
										
											2016-02-03 21:53:36 +01:00
 								## Usage
 								Add this configuration to squid.conf :
 								```
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								external_acl_type urlblacklist_lookup ttl=5 %DST /usr/bin/python /usr/local/pybl/pybl.py
-												update README.md

											
										
										
											2016-02-03 21:53:36 +01:00
+								...
 								acl urlblacklist external urlblacklist_lookup
 								...
 								http_access deny urlblacklist
 								```
-												update README.md

											
										
										
											2016-02-03 22:00:50 +01:00
-												Code refactoring
3 classes : Runner, Importer, Config
Improved speed using CDB
Several files renamed
ConfigParser object used for configuration

											
										
										
											2016-02-29 10:02:01 +01:00
+								Config file must be include following statements
-												update README.md

											
										
										
											2016-02-03 22:00:50 +01:00
+								```
-												Code refactoring
3 classes : Runner, Importer, Config
Improved speed using CDB
Several files renamed
ConfigParser object used for configuration

											
										
										
											2016-02-29 10:02:01 +01:00
+								url = http://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								basedir = /usr/local/pybl/
 								categories = adult,malware  # categories are coma separated values
 								backend = cdb
-												update README.md

											
										
										
											2016-02-03 22:00:50 +01:00
+								```
-												Classes added (wip)

											
										
										
											2016-02-20 14:46:12 +01:00
+								* url : squidguard-like blacklists files, this variable is not already usable
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								* basedir : root path containing blacklists files, metadata (update datetime)
-												Classes added (wip)

											
										
										
											2016-02-20 14:46:12 +01:00
+								* categories : blacklists to use for filtering
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								* backend : database flavour (ram|cdb)
-												update README.md

											
										
										
											2016-02-03 22:00:50 +01:00
 								## TODO
-												Code refactoring
3 classes : Runner, Importer, Config
Improved speed using CDB
Several files renamed
ConfigParser object used for configuration

											
										
										
											2016-02-29 10:02:01 +01:00
+								* Auto-fetcher using url if blacklists are not already downloaded or stored on the squid machine (wip)
-												update README.md

											
										
										
											2016-02-03 22:00:50 +01:00
+								* Compatibility with python3 only
 								* Filters for regex urls
-												update todo

											
										
										
											2016-02-26 12:22:20 +01:00
+								* Code optimisation (profiling) and cleaning (wip)
-												add CDB based script (testing)

											
										
										
											2016-02-14 14:52:25 +01:00
+								* Tests (wip)
-												update README.md

											
										
										
											2016-02-03 22:00:50 +01:00
+								* ...
-												Only loads blacklists specified in config, updates on README

											
										
										
											2016-02-14 12:23:43 +01:00
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
-												Only loads blacklists specified in config, updates on README

											
										
										
											2016-02-14 12:23:43 +01:00
+								## DBs support ideas
-												add CDB based script (testing)

											
										
										
											2016-02-14 14:52:25 +01:00
+								* High performance but heavy RAM usage when using dict()
-												merge cdb mode in main script
py-squid-blacklists-cdb is useless

											
										
										
											2016-02-20 16:29:59 +01:00
+								* Sqlite3 tested, small memory footprint, but very slow
 								* CDB backend seems to be as fast as attended, with a very small footprint
-												Added benchmarks

											
										
										
											2016-02-20 16:36:07 +01:00
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
+								## DBs Benchmarks (2016)
-												Added benchmarks

											
										
										
											2016-02-20 16:36:07 +01:00
-												Update 'README.md'

											
										
										
											2019-02-16 15:43:27 +01:00
+								RAM usage for one thread with categories ["adult","malware"]
-												Added benchmarks

											
										
										
											2016-02-20 16:36:07 +01:00
 								Debian 8 / python 2.7.9 / squid 3.4.8
 								* ram : 90Mo
-												update todo

											
										
										
											2016-02-26 12:22:20 +01:00
+								* cdb : 6Mo
-												reworked py-squid-blacklists for python3, renamed pybl

											
										
										
											2020-02-29 13:00:17 +01:00
 								Ubuntu 20.04 / python 3.8.2 / squid 4.9
 								* ram : 249Mo
 								* cdb : 12Mo
 								## License
 								Copyright (c) 2016, 2020 PaulBSD
 								All rights reserved.
 								Redistribution and use in source and binary forms, with or without
 								modification, are permitted provided that the following conditions are met:
 								* Redistributions of source code must retain the above copyright notice, this
 								  list of conditions and the following disclaimer.
 								* Redistributions in binary form must reproduce the above copyright notice,
 								  this list of conditions and the following disclaimer in the documentation
 								  and/or other materials provided with the distribution.
 								THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 								AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 								IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 								DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
 								FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 								DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 								SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 								CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 								OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 								OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.