cmd

command

v0.18.0 Latest Latest Go to latest Published: Feb 13, 2024 License: GPL-3.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/AdguardTeam/urlfilter

Links

Open Source Insights

README ¶

AdGuard urlfilter proxy

This is a MITM proxy that is able to apply AdGuard content blocking rules to the web pages.

Here's what you'll need to build and run the proxy:

go v1.13 or newer
openssl (or any other tool to generate the root CA)

Limitations Please note, that at the time of writing, the library is limited to a subset of AdGuard content blocking rules. Check out the TODO list in the main README to find out what exactly is missing.

How to build

git clone https://github.com/AdguardTeam/urlfilter
cd urlfilter/cmd
go build -o adguard

How to prepare

1. Generate self-signed root CA

First of all, you need to generate a root certificate that will be used by the proxy.

Use the following openssl commands to do this:

openssl genrsa -out root.key 2048
openssl req -new -x509 -key demo.key -out root.crt

2. Install the certificate as a trusted authority

Windows

On the Windows computer, start MMC (mmc.exe).
Add the Certificates snap-in for the computer account and manage certificates for the local computer.
Import the root CA certificate into Trusted Root Certification Authorities > Certificates.

Mac

Double-click the root.crt CA certificate to open it in Keychain Access.
- The root CA certificate appears in login.
(Optional) Copy the root CA certificate to System.
- This step is necessary only if you want all users to trust the certificate.
Open the root CA certificate, expand "Trust", select "Use System Defaults", and save your changes.
Reopen the root CA certificate, expand "Trust", select "Always Trust", and save your changes.
(Optional, only if you did step 2) Delete the root CA certificate from login.

3. Prepare filter lists

Please note, that at the current moment, AdGuard urlfilter supports a limited subset of the filtering rules syntax. Commands below download the versions of AdGuard filter lists that are compatible with AdGuard urlfilter.

These commands download AdGuard Base filter, Tracking Protection filter, and Social widgets filter.

curl http://filters.adtidy.org/extension/android-content-blocker/filters/2.txt > adguard_base.txt
curl http://filters.adtidy.org/extension/android-content-blocker/filters/3.txt > adguard_tracking_protection.txt
curl http://filters.adtidy.org/extension/android-content-blocker/filters/4.txt > adguard_social.txt

4. Run AdGuard urlfilter proxy

./adguard -l 0.0.0.0 -p 8080\
          -c root.crt\
          -k root.key\
          -f adguard_base.txt\
          -f adguard_tracking_protection.txt\
          -f adguard_social.txt

5. Configure your browser to use this proxy

You can use your browser settings to do this.

Alternatively, you can use a browser extension like SwitchyOmega that allows you to quickly enable or disable proxy, or even configure an HTTPS proxy (read below how to run AdGuard urlfilter proxy in this mode).

Securing the proxy

If you're running this proxy on a public server, most likely you'd like to secure it.

There are two things you can do:

Proxy authentication. Configure username and password to make sure there can be no unauthorized use of the proxy.
HTTPS proxy. You can run the proxy as an HTTPS (HTTP over TLS) proxy to make sure that your connection to it stays secure, and no one can see what's inside. In this case, the proxy will use your custom root certificate to generate a new HTTPS certificate, that will be used to encrypt the traffic.

Example:

./adguard -l 0.0.0.0 -p 8080\
          -c root.crt\
          -k root.key\
          -f adguard_base.txt\
          -f adguard_tracking_protection.txt\
          -f adguard_social.txt\
          -u user\
          -a password\
          -t -n yourdomainname

Command-line arguments

$ ./adguard -h
Usage:
  adguard [OPTIONS]

Application Options:
  -v, --verbose     Verbose output (optional).
  -o, --output=     Path to the log file. If not set, it writes to stderr.
  -l, --listen=     Listen address. (default: 0.0.0.0)
  -p, --port=       Listen port. Zero value disables TCP and UDP listeners.
                    (default: 8080)
  -c, --ca-cert=    Path to a file with the root certificate.
  -k, --ca-key=     Path to a file with the CA private key.
  -f, --filter=     Path to the filter list. Can be specified multiple times.
  -u, --username=   Proxy auth username. If specified, proxy authorization is
                    required.
  -a, --password=   Proxy auth password. If specified, proxy authorization is
                    required.
  -t, --https       Run an HTTPS proxy (otherwise, it runs plain HTTP proxy).
  -n, --https-name= Server name for the HTTPS proxy.

Help Options:
  -h, --help        Show this help message

Documentation ¶

Overview ¶

Package main is responsible for the command-line interface of the urlfilter content filtering proxy.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL