XTroll: A proxy filter for the
Reason Hit & Run blog

XTroll is a program that acts as an intermediary between a web browser and the Reason web server http://www.reason.com. XTroll can enhance your Hit & Run experience by removing posts from deserving commentators.


2008-12-03v1.4Remove embedded content
2007-12-07v1.3Add content filtering
2007-07-13v1.2Replace explicit URLs
2007-07-12v1.1Fixed chunk decoding bug
2007-07-11v1.0First release


The source code to XTroll could be used in textbooks as an example of insecure programming. Potential buffer overflows abound. XTroll is intended to be run in conjunction with a web browser on a single computer with a single user. Any other configuration is fraught with peril.


XTroll licensed under the terms of the GNU General Public License (GPL) version 3.

Source code: xtroll.c
Configuration file: xtroll.conf
Linux executable: xtroll
Windows executable: xtroll.exe
The GNU General Public License: http://www.gnu.org/licenses/gpl.txt
Author's e-mail: richard@heurtley.com


XTroll opens a TCP/IP port (4004 by default) on the computer on which XTroll is running. Web browser HTTP requests made to this port are relayed to a web server (http://www.reason.com by default). Server replies are relayed back to the web browser. Hit & Run blog comments are deleted if the commentator's name or link is found in the XTroll configuration file.

XTroll is a command line program. It is invoked by entering the following into a command prompt window:

Linux:[user@host user]# xtroll

XTroll first displays its configuration and the name and IP address of the web server and of the computer on which XTroll is running. Then XTroll displays information on the number of removed embedded URLs and posts.

An example of XTroll's initial output is:

XTroll v1.0 2007-07-11

servername: "www.reason.com"
  hostname: "omega.dumpnet"
      port: 4004

Server "www.reason.com" resolves to ""

Hostname "omega.dumpnet" resolves to ""

XTroll is accessed by entering into a web browser's address bar a local URL consisting of the name of the computer on which XTroll reports it is running, a colon, and the port number. The local URL for the above example is:


Web browser accesses to the local URL should behave exactly the same as Reason's server's URL except for the comment filtering functions. Any deviation is a bug that should be fixed.

XTroll is stopped by pressing Control-C.


XTroll configures itself from file xtroll.conf which must be in the local directory. A copy of the default xtroll.conf is reproduced here:

# xtroll.conf: The XTroll configuration file

# The '#' character at the beginning of a line indicates a comment.
# All configuration lines in this file are commented out.
# Remove the '#' character in front of a configuration line
# to configure XTroll.

# The name of the web server with which XTroll corresponds (default)
#server www.reason.com

# The name of computer on which XTroll is running (optional)
#host mycomputer.mydomain

# The TCP/IP port to which XTroll listens (default)
#port 4004

# Plonk this dweeb and all references to him (optional)
#name Richard Heurtley
#link mailto:richard#64;heurtley.com
#cont heurtley

# Remove embedded video (optional)
#xurl reason.tv
#xurl youtube.com
#xurl ytimg.com
#xurl macromedia.com

# Remove tracking (optional)
#xurl google-analytics.com
#xurl urchinTracker()
#xurl mavenapps.net

# Remove advertising (optional)
#xurl ads.reason.com

Note the format of the mailto link. This is how Hit & Run formats e-mail addresses.

XTroll adds a small (X) link next to the commentator's name. Clicking this link adds the commentator's name and link, if there is one, to the xtroll.conf file and enables filtering on the name and link.

XTroll can filter by post content. cont lines must be added to the xtroll.conf file manually. If the string of a cont line appears in a post surrounded by non-alpha characters then the post is deleted. cont line strings are not case sensitive.

XTroll can remove embedded URLs. xurl lines must be added to the xtroll.conf file manually. If the string of a xurl line appears in an HTML <embed>, <object> or <script> block then the entire block is removed. xurl line strings are not case sensitive.

XTroll replaces instances of explicit references to http://www.reason.com to XTroll's local URL to prevent the web session from inadventantly accessing Reason's web server directly.


XTroll is contained in a single C language source code file xtroll.c that compiles cleanly with high warning settings under Open Watcom (Windows), Microsoft Visual C++ Express (Windows) and gcc (Linux). XTroll is built in Linux with the following command:

[user@host user]# gcc -o xtroll xtroll.c


  1. XTroll uses large static buffers and is vulnerable to buffer overflow attacks. If this is a concern then it would be good idea to use a firewall to block outside access to XTroll's TCP/IP port.
  2. The main buffer is 2MB. If an HTTP reply is larger than 2MB then the reply is ignored and not relayed to the web browser.
  3. The HTTP 1.1 keep-alive headers are removed in the interest of simplifying the relaying logic.

Copyright © 2007-2008 Richard Heurtley.

Verbatim copying and distribution of this entire document is permitted in any medium, provided this notice is preserved.