Created on 06-16-2008 08:30 AM
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 06-16-2008 08:38 AM
(?i) c[i|1][a|4][i|l|1|!][i|l|1|!][s|z]This matches many derivatives of " cialis" which is now a common word in spam messages. I use (?i) to disable case sensitivity... don' t know if this is technically correct but it works. I inserted the white space in front of the word to prevent false matches with words such as specialist.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
/ c[i|1][a|4][i|l|1|!][i|l|1|!][s|z]/i should do the trick. What you have is looking for one or no ' i' s at the beginning....question: using the above example, is there supposed to be whitespace between the first forward slash and the c? I used the above example, only I removed the white space. Only, now it picks up on the word " specialist" ... if I put the whitespace back in, will it not do that? Well to answer my question ... I put the whitespace back in, and now the word specialist get' s through. If only trying to understand perl regular expressions didn' t make my brain implode I probably would' ve figured that out. Thanks for the examples guys!
question: using the above example, is there supposed to be whitespace between the first forward slash and the c? I used the above example, only I removed the white space. Only, now it picks up on the word " specialist" ... if I put the whitespace back in, will it not do that? Well to answer my question ... I put the whitespace back in, and now the word specialist get' s through. If only trying to understand perl regular expressions didn' t make my brain implode I probably would' ve figured that out. Thanks for the examples guys!Yes maurixxx, in that pattern it is supposed that before the c letter there must be a whitespace. To match an exact word with or without whitespaces before or after and with the logic of the pattern, you can use word boundaries \b as aszujatovich suggested in his pattern: /\bc[i|1][a|4][i|l|1|!][i|l|1|!][s|z]/i would do the trick. Regards, Marco
zaskarThanks --------------------------------------------- Marco Scala Fortigate-200 2.80,build489,051027
ORIGINAL: Marco ScalaAloha again Marco, I recently ran into a new " problem" with banned words. I have the word " sex" blocked, but now we' re doing business with a guy named " Dan Sexton" So how would I block " sex" but allow " Sexton" ? I' m currently using the following expression: / s[e|3]x/i Would adding the \b (like so: /\bs ) do the trick? Mahalo!question: using the above example, is there supposed to be whitespace between the first forward slash and the c? I used the above example, only I removed the white space. Only, now it picks up on the word " specialist" ... if I put the whitespace back in, will it not do that? Well to answer my question ... I put the whitespace back in, and now the word specialist get' s through. If only trying to understand perl regular expressions didn' t make my brain implode I probably would' ve figured that out. Thanks for the examples guys!Yes maurixxx, in that pattern it is supposed that before the c letter there must be a whitespace. To match an exact word with or without whitespaces before or after and with the logic of the pattern, you can use word boundaries \b as aszujatovich suggested in his pattern: /\bc[i|1][a|4][i|l|1|!][i|l|1|!][s|z]/i would do the trick. Regards, Marco
I recently ran into a new " problem" with banned words. I have the word " sex" blocked, but now we' re doing business with a guy named " Dan Sexton" So how would I block " sex" but allow " Sexton" ? I' m currently using the following expression: / s[e|3]x/iI know this is old but may still help someone. What I did for cases like that is check for spaces before and after the word. For Ex: / s[e|3]xy? /i This will check for sex, s3x, sexy and s3xy but won' t trigger on names as in your example. I also suggest that you never give one term a score high enough to block a message on it' s own. You should try to have at least two positive matches before you block a message. This will prevent false positives. Each term that matches only scores once so if the term above has a score of 3 and the term is matched 10 times it only counts as a score of 3.
Created on 06-17-2008 06:33 AM
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.