====== Preparing white list ======
{{indexmenu_n>2}}
The allowed resources list is created in two steps: first, **a text file** with the list of resources is created. Second, this **file is converted** into internal dictionary's format by the special utility.

<note tip>The following utilities are used for conversion:
  * url2dic - for URL, SNI, CN
  * ip2bin - for IP

Reverse conversion utilities:

  * dic2host - to convert dic files with URL, SNI, CN to a list of domains
  * dic2star - to convert dic files from SNI, CN to a list of domains with *
  * bin2ip - to convert dic files from IP

To create a white list for payment systems, we recommend using a ready-made list. [[https://github.com/cloudipsp/all_banks_ips|List of payment systems]]
</note>

After the text file is converted you need to move the lists to the DPI configuration directory:

<code>mv my_url_list.bin /var/lib/dpi/whlist.bin
mv my_cn_list.bin /var/lib/dpi/whlistcn.bin
mv my_ip_list.bin  /var/lib/dpi/whlistip.bin
mv my_sni_list.bin  /var/lib/dpi/whlistsni.bin</code>

<note important>This list names are used for the default profile.\\
Any of the above lists may be absent</note>

===== The file format of the whitelisted resources' URLs: =====

Each line contains one URL (no <nowiki>http://</nowiki> prefix). **For example:**
<code ini>1magehut.com/users.php?act=gallery&gal=81&page=4
3dmx.net</code>

To convert into the internal format:
<code>cat my_url_list.txt|url2dic my_url_list.dic</code>

===== The file format of the whitelisted names in SSL certificates (Common name): =====

Each line contains one [[en:dpi:dpi_options:opt_filtration:making_dictionary:cn_info|name]]. For example:
<code>*.facebook.com
www.vasexpertsdpi.com</code>

To convert into the internal format:
<code>cat my_cn_list.txt|url2dic my_cn_list.dic</code>

===== The file format of the whitelisted SNI (HTTPS) =====

Each line contains one SNI (without <nowiki>http://</nowiki> prefix). It is allowed to use *. **For expample:**

<code>qiwi.ru
*.qiwi.ru</code>

To convert into the internal format:
<code>cat my_sni_list.txt|url2dic my_sni_list.bin</code>

<note>To prevent the https sites blocking, you have to prepare white list for CN, SNI with *** symbol**, signaling that CN and SN can be any.</note>

===== The file format of the whitelisted IP addresses: =====
 
Each line contains one ip <space> port's number (443):
<code>78.47.115.34 443
95.211.6.92 443</code>

To convert into the internal format:
<code>cat my_ip_list.txt|ip2bin my_ip_list.bin</code>