2 File : $Source: /cvsroot/ijbswa/current/doc/source/privoxy-man-page.sgml,v $
6 ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
8 $Id: privoxy-man-page.sgml,v 2.13 2007/04/12 11:30:37 fabiankeil Exp $
10 Copyright (C) 2001-2007 Privoxy Developers http://www.privoxy.org/
13 ========================================================================
14 NOTE: Please read developer-manual/documentation.html before touching
15 anything in this, or other Privoxy documentation.
16 ========================================================================
18 Doc NOTES: This is some tricky markup! There are some quirks
19 to how this markup is handled. It is not always so co-operative.
20 Please don't change the markup unless you can verify the changes
21 will improve finished output!
23 literallayout tags are particularly sensitive to where they are placed.
24 The 'replaceable' and 'command' tags are used here somewhat unconventionally,
25 since it seems to generate the proper formatting (at least for me :).
27 Create man page: 'make man'
29 Requires docbook2man (short perl script), see CVS
30 http://sources.redhat.com/docbook-tools/. Also requires openjade and SGMLSpm
33 For man page references, see:
34 http://www.linuxdoc.org/HOWTO/mini/DocBook-Install/using.html
35 http://docbook.org/tdg/en/html/ch02.html#making-refentry
38 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"[
39 <!entity % dummy "IGNORE">
40 <!entity p-intro SYSTEM "privoxy.sgml">
41 <!entity seealso SYSTEM "seealso.sgml">
42 <!entity copyright SYSTEM "copyright.sgml">
43 <!entity license SYSTEM "license.sgml">
44 <!entity authors SYSTEM "p-authors.sgml">
45 <!entity p-version "3.0.7">
46 <!entity p-status "UNRELEASED">
47 <!entity % p-not-stable "INCLUDE">
48 <!entity % p-stable "IGNORE">
49 <!entity % p-text "IGNORE"> <!-- define we are not a text only doc -->
50 <!entity % p-authors-formal "IGNORE"> <!-- exclude additional formating -->
51 <!entity my-copy "(C)"> <!-- db2man barfs on copyright symbol -->
54 <refentry id="privoxy">
56 <date>2007-04-12</date>
59 <refentrytitle>privoxy</refentrytitle>
60 <manvolnum>1</manvolnum>
62 Privoxy &p-version;<![%p-not-stable;[ &p-status;]]>
67 <refname><application>privoxy</application></refname>
68 <refpurpose>Privacy Enhancing Proxy</refpurpose>
73 <command>privoxy</command>
74 <arg><option>--help</option></arg>
75 <arg><option>--version</option></arg>
76 <arg><option>--no-daemon</option></arg>
77 <arg><option>--pidfile </option><replaceable class="parameter">pidfile</replaceable></arg>
78 <arg><option>--user </option><replaceable class="parameter">user[.group]</replaceable></arg>
79 <arg><option>--chroot</option></arg>
80 <arg><option>--pre-chroot-nslookup </option><replaceable class="parameter">hostname</replaceable></arg>
81 <arg><replaceable class="parameter">configfile</replaceable></arg>
87 <!-- ~~~~~ New section ~~~~~ -->
88 <refsect1><title>Options</title>
90 <command>Privoxy</command> may be invoked with the following command line
99 Print brief usage info and exit.
105 <term>--version</term>
108 Print version info and exit.
114 <term>--no-daemon</term>
117 Don't become a daemon, i.e. don't fork and become process group
118 leader, don't detach from controlling tty, and do all logging there.
124 <term>--pidfile <replaceable class="parameter">pidfile</replaceable></term>
127 On startup, write the process ID to <replaceable class="parameter">pidfile</replaceable>.
128 Delete the <replaceable class="parameter">pidfile</replaceable> on exit.
129 Failure to create or delete the <replaceable class="parameter">pidfile</replaceable>
130 is non-fatal. If no <command>--pidfile</command> option is given, no PID file will be used.
136 <term>--user <replaceable class="parameter">user[.group]</replaceable></term>
139 <!-- Note: replaceable is maybe the wrong tag, but generates -->
140 <!-- correct looking man output. -->
141 After (optionally) writing the PID file, assume the user ID of
142 <replaceable class="parameter">user</replaceable> and the GID of
143 <replaceable class="parameter">group</replaceable>, or, if the optional
144 <replaceable class="parameter">group</replaceable> was not given, the default group of
145 <replaceable class="parameter">user</replaceable>. Exit if the privileges are not
151 <term>--chroot</term>
154 Before changing to the user ID given in the --user option, chroot to
155 that user's home directory, i.e. make the kernel pretend to the
156 <command>Privoxy</command> process that the directory tree starts
157 there. If set up carefully, this can limit the impact of possible
158 vulnerabilities in <command>Privoxy</command> to the files contained in
164 <term>--pre-chroot-nslookup <replaceable class="parameter">hostname</replaceable></term>
167 Initialize the resolver library using <replaceable class="parameter">hostname</replaceable>
168 before chroot'ing. On some systems this reduces the number of files
169 that must be copied into the chroot tree.
176 If the <filename>configfile</filename> is not specified on the command line,
177 <command>Privoxy</command> will look for a file named
178 <filename>config</filename> in the current directory . If no
179 <filename>configfile</filename> is found, <command>Privoxy</command> will
186 <!-- ~~~~~ New section ~~~~~ -->
187 <refsect1><title>Description</title>
188 <!-- Include privoxy.sgml boilerplate: -->
190 <!-- end boilerplate -->
194 <!-- ~~~~~ New section ~~~~~ -->
195 <refsect1><title>Installation and Usage</title>
197 Browsers can either be individually configured to use
198 <command>Privoxy</command> as a HTTP proxy, or <command>Privoxy</command> can
199 be set to act as an intercepting proxy (see <filename>config</filename>). The default setting is for
200 localhost, on port 8118 (configurable in the main config file). To set the
201 HTTP proxy in Netscape and Mozilla, go through: <command>Edit</command>;
202 <command>Preferences</command>; <command>Advanced</command>;
203 <command>Proxies</command>; <command>Manual Proxy Configuration</command>;
204 <command>View</command>.
207 For Firefox, go through: <command>Tools</command>;
208 <command>Options</command>; <command>General</command>;
209 <command>Connection Settings</command>;
210 <command>Manual Proxy Configuration</command>.
213 For Internet Explorer, go through: <command>Tools</command>;
214 <command>Internet Properties</command>; <command>Connections</command>;
215 <command>LAN Settings</command>.
218 The Secure (SSL) Proxy should also be set to the same values, otherwise
219 https: URLs will not be proxied. Note: <command>Privoxy</command> can only
220 proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
221 HTTPS presents some limitations, and not all features will work with HTTPS
226 For other browsers, check the documentation.
231 <!-- ~~~~~ New section ~~~~~ -->
232 <refsect1><title>Configuration</title>
234 <command>Privoxy</command> can be configured with the various configuration
235 files. The default configuration files are: <filename>config</filename>,
236 <filename>default.filter</filename>, and
237 <filename>default.action</filename>. <filename>user.action</filename> should
238 be used for locally defined exceptions to the default rules of
239 <filename>default.action</filename>, and <filename>user.filter</filename> for
240 locally defined filters. These are well commented. On Unix
241 and Unix-like systems, these are located in
242 <filename>/etc/privoxy/</filename> by default.
245 <command>Privoxy</command> uses the concept of <command>actions</command>
246 in order to manipulate the data stream between the browser and remote sites.
247 There are various actions available with specific functions for such things
248 as blocking web sites, managing cookies, etc. These actions can be invoked
249 individually or combined, and used against individual URLs, or groups of URLs
250 that can be defined using wildcards and regular expressions. The result is
251 that the user has greatly enhanced control and freedom.
254 The actions list (ad blocks, etc) can also be configured with your
255 web browser at <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
256 (assuming the configuration allows it).
257 <command>Privoxy's</command> configuration parameters can also be viewed at
258 the same page. In addition, <command>Privoxy</command> can be toggled on/off.
259 This is an internal page, and does not require Internet access.
263 url="http://www.privoxy.org/user-manual/"><citetitle>User Manual</citetitle></ulink> for a detailed
264 explanation of installation, general usage, all configuration options, new
265 features and notes on upgrading.
270 <!-- ~~~~~ New section ~~~~~ -->
271 <refsect1><title>Sample Configuration</title>
273 A brief example of what a simple <filename>default.action</filename>
274 configuration might look like:
278 # Define a few useful custom aliases for later use
281 # Useful aliases that combine more than one action
282 +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
283 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
284 +block-as-image = +block +handle-as-image
286 # Fragile sites should have the minimum changes
287 fragile = -block -deanimate-gifs -fast-redirects -filter \
288 -hide-referer -prevent-cookies -kill-popups
290 ## Turn some actions on ################################
291 ## NOTE: Actions are off by default, unless explictily turned on
292 ## otherwise with the '+' operator.
297 -client-header-filter{hide-tor-exit-notation} \
298 -content-type-overwrite \
299 -crunch-client-header \
300 -crunch-if-none-match \
301 -crunch-outgoing-cookies \
302 -crunch-incoming-cookies \
303 -crunch-server-header \
305 -downgrade-http-version \
307 -filter{js-annoyances} \
309 -filter{html-annoyances} \
310 -filter{content-cookies} \
311 -filter{refresh-tags} \
312 -filter{unsolicited-popups} \
313 -filter{all-popups} \
314 -filter{img-reorder} \
315 -filter{banners-by-size} \
316 -filter{banners-by-link} \
318 -filter{tiny-textforms} \
319 -filter{jumping-windows} \
320 -filter{frameset-borders} \
321 -filter{demoronizer} \
322 -filter{shockwave-flash} \
323 -filter{quicktime-kioskmode} \
325 -filter{crude-parental} \
326 -filter{ie-exploits} \
327 -filter{site-specifics} \
334 -handle-as-empty-document \
336 -hide-accept-language \
337 -hide-content-disposition \
338 -hide-if-modified-since \
339 +hide-forwarded-for-headers \
340 +hide-from-header{block} \
346 -overwrite-last-modified \
347 -prevent-compression \
349 -send-vanilla-wafer \
351 -server-header-filter{xml-to-html} \
352 -server-header-filter{html-to-xml} \
353 -session-cookies-only \
354 +set-image-blocker{pattern} \
355 -treat-forbidden-connects-like-blocks \
357 / # '/' Match *all* URL patterns
360 # Block all URLs that match these patterns
366 /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
368 media./.*(ads|banner)
370 # Block, and treat these URL patterns as if they were 'images'.
371 # We would expect these to be ads.
374 .a[0-9].yimg.com/(?:(?!/i/).)*$
377 # Make exceptions for these harmless ones that would be
378 # caught by our +block patterns just above.
384 # uploads or downloads
389 Then for a <filename>user.action</filename>, we would put local,
390 narrowly defined exceptions:
394 # Re-define aliases as needed here
398 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
400 # Set personal exceptions to the policies in default.action #######
402 # Sites where we want persistent cookies, so allow *all* cookies
403 { -crunch-cookies -session-cookies-only }
408 # These sites break easily. Use our "fragile" alias here.
413 # Replace example.com's style sheet with one of my choosing
414 { +redirect{http://localhost/css-replacements/example.com.css} }
415 example.com/stylesheet.css
420 See the comments in the configuration files themselves, or the
421 <citetitle>User Manual</citetitle>
422 for full explanations of the above syntax, and other <command>Privoxy</command>
423 configuration options.
429 <!-- ~~~~~ New section ~~~~~ -->
430 <refsect1><title>Files</title>
431 <!-- this is a cheesy way to do this, but WTF. -->
433 <filename>/usr/sbin/privoxy</filename>
434 <filename>/etc/privoxy/config</filename>
435 <filename>/etc/privoxy/default.action</filename>
436 <filename>/etc/privoxy/standard.action</filename>
437 <filename>/etc/privoxy/user.action</filename>
438 <filename>/etc/privoxy/default.filter</filename>
439 <filename>/etc/privoxy/user.filter</filename>
440 <filename>/etc/privoxy/trust</filename>
441 <filename>/etc/privoxy/templates/*</filename>
442 <filename>/var/log/privoxy/logfile</filename>
446 Various other files should be included, but may vary depending on platform
447 and build configuration. Additional documentation should be included in the local
448 documentation directory.
454 <!-- ~~~~~ New section ~~~~~ -->
455 <refsect1><title>Signals</title>
457 <!-- command tag is used here to get proper looking format -->
458 <command>Privoxy</command> terminates on the <command>SIGINT</command>,
459 <command>SIGTERM</command> and <command>SIGABRT</command> signals. Log
460 rotation scripts may cause a re-opening of the logfile by sending a
461 <command>SIGHUP</command> to <command>Privoxy</command>. Note that unlike
462 other daemons, <command>Privoxy</command> does not need to be made aware of
463 config file changes by <command>SIGHUP</command> -- it will detect them
469 <!-- ~~~~~ New section ~~~~~ -->
470 <refsect1><title>Notes</title>
473 This is a &p-status; version of <command>Privoxy</command>. Not
474 all features are well tested.
477 Please see the <citetitle>User Manual</citetitle> on how to contact the
478 developers, for feature requests, reporting problems, and other questions.
483 <!-- ~~~~~ New section ~~~~~ -->
484 <refsect1><title>See Also</title>
485 <!-- Include seealso.sgml boilerplate: -->
487 <!-- end boilerplate -->
490 <!-- ~~~~~ New section ~~~~~ -->
491 <refsect1><title>Development Team</title>
492 <!-- Include p-authors.sgml boilerplate: -->
494 <!-- end boilerplate -->
497 <!-- ~~~~~ New section ~~~~~ -->
498 <refsect1><title>Copyright and License</title>
500 <refsect2><title>Copyright</title>
501 <!-- Include copyright.sgml boilerplate: -->
503 <!-- end boilerplate -->
506 <refsect2><title>License</title>
507 <!-- Include license.sgml boilerplate: -->
509 <!-- end boilerplate -->