Pluckeye rules change what you are able to access over the Internet, and which programs are allowed to access the
Internet. They live in your Pluckeye configurations, and they always contain one of
Recall that rules can be added in one of 3 places.
Here are some example Pluckeye rules in textual form:
block image/ allow example.com allow 127.0.0.1 block facebook.com flee word:pizza
The above 5 rules tell Pluckeye to block images by default, to allow all content from example.com or 127.0.0.1, to block facebook.com, and to flee any website containing the word “pizza”.
A rule consists of an action, a context, and optionally a when modifier.
How to add a rule
How to remove a rule
All rules contain an action that is either
- allow some specific context
- block some specific context
- flee a word or website
flee host obviouslybad.com flee url https://example.com/obviously-bad flee word pizza
flee action is similar to
block, but stronger. While
block will block a particular host or url,
block any webpage that links to a particular host or url or that contains a certain word.
One may flee the following 3 contexts:
A context can be a hostname, ipv4 address, ipv6 address, port, program name, media type, url, username, word (flee rules
only), one of the special terms
otherwise, or some combination of these contexts.
allow example.com block bb.example.com allow .edu
A rule for a
host automatically affects all subdomains of that host. A top-level host must be qualified with
or with an explicit
allow 192.168.1.1 allow 192.168.1.0 allow 192.168.0.0
IP addresses ending in 0 affect the entire subnet.
block port 80
A port requires an explicit
port qualification. E.g.
allow port 22
block program calc.exe allow program C:\Program Files\Visual Studio\code.exe block program C:\Program Files\Visual Studio\code.exe allow program /bin/curl
A program filename, a file system directory, or a full program pathname may be used.
See also nhb.
block image/ allow image/svg
Either major media types or full media types can be used. See media types.
allow user susan block user edmund
The user name must match that of a user on the local computer.
allow http://example.com/a/b/c block http://example.com/a/b
A rule for a urls automatically affects all suburls.
word (flee rules only)
flee word pizza flee host example.com
everything context can be used to
block everything. This is sometimes called a blackout (
block everything) or whiteout (
otherwise context can be used to specify what Pluckeye should do when no more specific context matches.