6 $Id: user-manual.sgml,v 1.60 2002/03/27 01:57:34 hal9 Exp $
8 The user manual gives users information on how to install, configure
9 and use Privoxy. Privoxy is a web proxy with advanced filtering
10 capabilities for protecting privacy, filtering web page content,
11 managing cookies, controlling access, and removing ads, banners,
12 pop-ups and other obnoxious Internet Junk. Privoxy has a very flexible
13 configuration and can be customized to suit individual needs and
14 tastes. Privoxy has application for both stand-alone systems and
17 You can find the latest version of the user manual at
18 [1]http://www.privoxy.org/user-manual/.
19 _________________________________________________________________
35 3. [11]Privoxy Configuration
37 3.1. [12]Controlling Privoxy with Your Web Browser
38 3.2. [13]Configuration Files Overview
39 3.3. [14]The Main Configuration File
41 3.3.1. [15]Defining Other Configuration Files
42 3.3.2. [16]Other Configuration Options
43 3.3.3. [17]Access Control List (ACL)
45 3.3.5. [19]Windows GUI Options
47 3.4. [20]The Actions File
49 3.4.1. [21]URL Domain and Path Syntax
53 3.5. [24]The Filter File
56 4. [26]Quickstart to Using Privoxy
58 4.1. [27]Command Line Options
60 5. [28]Contacting the Developers, Bug Reporting and Feature Requests
61 6. [29]Copyright and History
69 8.1. [34]Regular Expressions
81 8.2. [35]Privoxy's Internal Pages
82 8.3. [36]Anatomy of an Action
86 Privoxy is a web proxy with advanced filtering capabilities for
87 protecting privacy, filtering web page content, managing cookies,
88 controlling access, and removing ads, banners, pop-ups and other
89 obnoxious Internet junk. Privoxy has a very flexible configuration and
90 can be customized to suit individual needs and tastes. Privoxy has
91 application for both stand-alone systems and multi-user networks.
93 Privoxy is based on the code of the Internet Junkbuster. Junkbuster
94 was originally written by JunkBusters Corporation, and was released as
95 free open-source software under the GNU GPL. Stefan Waldherr made many
96 improvements, and started the SourceForge project to continue
99 Privoxy continues the Junkbuster tradition, but adds many refinements
102 This documentation is included with the current BETA version of
103 Privoxy and is mostly complete at this point. The most up to date
104 reference for the time being is still the comments in the source files
105 and in the individual configuration files. Development of version 3.0
106 is currently nearing completion, and includes many significant changes
107 and enhancements over earlier versions. The target release date for
108 stable v3.0 is "soon" ;-)
110 Since this is a BETA version, not all new features are well tested.
111 This documentation may be slightly out of sync as a result (especially
112 with CVS sources). And there may be bugs, though hopefully not many!
113 _________________________________________________________________
117 In addition to Internet Junkbuster's traditional feature of ad and
118 banner blocking and cookie management, Privoxy provides new features,
119 some of them currently under development:
121 * Integrated browser based configuration and control utility
122 ([37]http://p.p). Browser-based tracing of rule and filter
124 * Blocking of annoying pop-up browser windows.
125 * HTTP/1.1 compliant (most, but not all 1.1 features are supported).
126 * Support for Perl Compatible Regular Expressions in the
127 configuration files, and generally a more sophisticated and
128 flexible configuration syntax over previous versions.
130 * Web page content filtering (removes banners based on size,
131 invisible "web-bugs", JavaScript, pop-ups, status bar abuse, etc.)
132 * Bypass many click-tracking scripts (avoids script redirection).
133 * Multi-threaded (POSIX and native threads).
134 * Auto-detection and re-reading of config file changes.
135 * User-customizable HTML templates (e.g. 404 error page).
136 * Improved cookie management features (e.g. session based cookies).
137 * Builds from source on most UNIX-like systems. Packages available
138 for: Linux (RedHat, SuSE, or Debian), Windows, Sun Solaris, Mac
139 OSX, OS/2, HP-UX 11 and AmigaOS.
140 * In addition, the configuration is much more powerful and versatile
142 _________________________________________________________________
146 Privoxy is available as raw source code, or pre-compiled binaries. See
147 the [38]Privoxy Home Page for binaries and current release info.
148 Privoxy is also available via [39]CVS. This is the recommended
149 approach at this time. But please be aware that CVS is constantly
150 changing, and it may break in mysterious ways.
151 _________________________________________________________________
155 For gzipped tar archives, unpack the source:
157 tar xzvf privoxy-2.9.13-beta-src* [.tgz or .tar.gz]
158 cd privoxy-2.9.13-beta
160 For retrieving the current CVS sources, you'll need the CVS package
161 installed first. To download CVS source:
163 cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
164 cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co cu
168 This will create a directory named current/, which will contain the
171 Then, in either case, to build from tarball/CVS source:
173 ./configure (--help to see options)
174 make (the make from gnu, gmake for *BSD)
176 make -n install (to see where all the files will go)
177 make install (to really install)
179 For Redhat and SuSE Linux RPM packages, see below.
180 _________________________________________________________________
184 To build Redhat RPM packages, install source as above. Then:
191 This will create both binary and src RPMs in the usual places.
194 /usr/src/redhat/RPMS/i686/privoxy-2.9.11-1.i686.rpm
196 /usr/src/redhat/SRPMS/privoxy-2.9.11-1.src.rpm
198 To install, of course:
200 rpm -Uvv /usr/src/redhat/RPMS/i686/privoxy-2.9.11-1.i686.rpm
202 This will place the Privoxy configuration files in /etc/privoxy/, and
203 log files in /var/log/privoxy/.
204 _________________________________________________________________
208 To build SuSE RPM packages, install source as above. Then:
215 This will create both binary and src RPMs in the usual places.
218 /usr/src/packages/RPMS/i686/privoxy-2.9.11-1.i686.rpm
220 /usr/src/packages/SRPMS/privoxy-2.9.11-1.src.rpm
222 To install, of course:
224 rpm -Uvv /usr/src/packages/RPMS/i686/privoxy-2.9.11-1.i686.rpm
226 This will place the Privoxy configuration files in /etc/privoxy/, and
227 log files in /var/log/privoxy/.
228 _________________________________________________________________
232 Privoxy is packaged in a WarpIN self- installing archive. The
233 self-installing program will be named depending on the release
234 version, something like: ijbos2_setup_1.2.3.exe. In order to install
235 it, simply run this executable or double-click on its icon and follow
236 the WarpIN installation panels. A shadow of the Privoxy executable
237 will be placed in your startup folder so it will start automatically
238 whenever OS/2 starts.
240 The directory you choose to install Privoxy into will contain all of
241 the configuration files.
243 If you would like to build binary images on OS/2 yourself, you will
244 need a few Unix-like tools: autoconf, autoheader and sh. These tools
245 will be used to create the required config.h file, which is not part
246 of the source distribution because it differs based on platform. You
247 will also need a compiler. The distribution has been created using IBM
248 VisualAge compilers, but you can use any compiler you like. GCC/EMX
249 has the disadvantage of needing to be single-threaded due to a
250 limitation of EMX's implementation of the select() socket call.
252 In addition to needing the source code distribution as outlined
253 earlier, you will want to extract the os2seutp directory from CVS:
254 cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
256 cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co os2
259 This will create a directory named os2setup/, which will contain the
260 Makefile.vac makefile and os2build.cmd which is used to completely
261 create the binary distribution. The sequence of events for building
262 the executable for yourself goes something like this:
268 nmake -f Makefile.vac
270 You will see this sequence laid out in os2build.cmd.
271 _________________________________________________________________
275 Click-click. (I need help on this. Not a clue here. Also for
276 configuration section below. HB.)
277 _________________________________________________________________
281 Some quick notes on other Operating Systems.
283 For FreeBSD (and other *BSDs?), the build will require gmake instead
284 of the included make. gmake is available from [40]http://www.gnu.org.
285 The rest should be the same as above for Linux/Unix.
286 _________________________________________________________________
288 3. Privoxy Configuration
290 All Privoxy configuration is kept in text files. These files can be
291 edited with a text editor. Many important aspects of Privoxy can also
292 be controlled easily with a web browser.
293 _________________________________________________________________
295 3.1. Controlling Privoxy with Your Web Browser
297 Privoxy can be reached by the special URL [41]http://p.p/ (or
298 alternately [42]http://www.privoxy.org/config/), which is an internal
299 page. You will see the following section:
301 Please choose from the following options:
303 * Show information about the current configuration
304 * Show the source code version numbers
305 * Show the client's request headers.
306 * Show which actions apply to a URL and why
307 * Toggle Privoxy on or off
308 * Edit the actions list
311 This should be self-explanatory. Note the last item is an editor for
312 the "actions list", which is where much of the ad, banner, cookie, and
313 URL blocking magic is configured as well as other advanced features of
314 Privoxy. This is an easy way to adjust various aspects of Privoxy
315 configuration. The actions file, and other configuration files, are
316 explained in detail below. Privoxy will automatically detect any
317 changes to these files.
319 "Toggle Privoxy On or Off" is handy for sites that might have problems
320 with your current actions and filters, or just to test if a site
321 misbehaves, whether it is Privoxy causing the problem or not. Privoxy
322 continues to run as a proxy in this case, but all filtering is
324 _________________________________________________________________
326 3.2. Configuration Files Overview
328 For Unix, *BSD and Linux, all configuration files are located in
329 /etc/privoxy/ by default. For MS Windows, OS/2, and AmigaOS these are
330 all in the same directory as the Privoxy executable. The name and
331 number of configuration files has changed from previous versions, and
332 is subject to change as development progresses.
334 The installed defaults provide a reasonable starting point, though
335 possibly aggressive by some standards. For the time being, there are
336 only three default configuration files (this will change in time):
338 * The main configuration file is named config on Linux, Unix, BSD,
339 OS/2, and AmigaOS and config.txt on Windows.
340 * The default.action file is used to define various "actions"
341 relating to images, banners, pop-ups, access restrictions, banners
342 and cookies. There is a CGI based editor for this file that can be
343 accessed via [43]http://p.p. (Other actions files are included as
344 well with differing levels of filtering and blocking, e.g.
346 * The default.filter file can be used to re-write the raw page
347 content, including viewable text as well as embedded HTML and
348 JavaScript, and whatever else lurks on any given web page.
350 default.action and default.filter can use Perl style regular
351 expressions for maximum flexibility. All files use the "#" character
352 to denote a comment. Such lines are not processed by Privoxy. After
353 making any changes, there is no need to restart Privoxy in order for
354 the changes to take effect. Privoxy should detect such changes
357 While under development, the configuration content is subject to
358 change. The below documentation may not be accurate by the time you
359 read this. Also, what constitutes a "default" setting, may change, so
360 please check all your configuration files on important issues.
361 _________________________________________________________________
363 3.3. The Main Configuration File
365 Again, the main configuration file is named config on Linux/Unix/BSD
366 and OS/2, and config.txt on Windows. Configuration lines consist of an
367 initial keyword followed by a list of values, all separated by
368 whitespace (any number of spaces or tabs). For example:
370 blockfile blocklist.ini
372 Indicates that the blockfile is named "blocklist.ini". (A default
373 installation does not use this.)
375 A "#" indicates a comment. Any part of a line following a "#" is
376 ignored, except if the "#" is preceded by a "\".
378 Thus, by placing a "#" at the start of an existing configuration line,
379 you can make it a comment and it will be treated as if it weren't
380 there. This is called "commenting out" an option and can be useful to
381 turn off features: If you comment out the "logfile" line, Privoxy will
382 not log to a file at all. Watch for the "default:" section in each
383 explanation to see what happens if the option is left unset (or
386 Long lines can be continued on the next line by using a "\" as the
389 There are various aspects of Privoxy behavior that can be tuned.
390 _________________________________________________________________
392 3.3.1. Defining Other Configuration Files
394 Privoxy can use a number of other files to tell it what ads to block,
395 what cookies to accept, etc. This section of the configuration file
396 tells Privoxy where to find all those other files.
398 On Windows and AmigaOS, Privoxy looks for these files in the same
399 directory as the executable. On Unix and OS/2, Privoxy looks for these
400 files in the current working directory. In either case, an absolute
401 path name can be used to avoid problems.
403 When development goes modular and multi-user, the blocker, filter, and
404 per-user config will be stored in subdirectories of "confdir". For
405 now, only confdir/templates is used for storing HTML templates for CGI
408 The location of the configuration files:
410 confdir /etc/privoxy # No trailing /, please.
412 The directory where all logging (i.e. logfile and jarfile) takes
413 place. No trailing "/", please:
415 logdir /var/log/privoxy
417 Note that all file specifications below are relative to the above two
420 The "default.action" file contains patterns to specify the actions to
421 apply to requests for each site. Default: Cookies to and from all
422 destinations are kept only during the current browser session (i.e.
423 they are not saved to disk). Pop-ups are disabled for all sites. All
424 sites are filtered through selected sections of "default.filter". No
425 sites are blocked. Privoxy displays a checkboard type pattern for
426 filtered ads and other images. The syntax of this file is explained in
427 detail [44]below. Other "actions" files are included, and you are free
428 to use any of them. They have varying degrees of aggressiveness.
430 actionsfile default.action
432 The "default.filter" file contains content modification rules that use
433 "regular expressions". These rules permit powerful changes on the
434 content of Web pages, e.g., you could disable your favorite JavaScript
435 annoyances, re-write the actual displayed text, or just have some fun
436 replacing "Microsoft" with "MicroSuck" wherever it appears on a Web
437 page. Default: whatever the developers are playing with :-/
439 Filtering requires buffering the page content, which may appear to
440 slow down page rendering since nothing is displayed until all content
441 has passed the filters. (It does not really take longer, but seems
442 that way since the page is not incrementally displayed.) This effect
443 will be more noticeable on slower connections.
445 filterfile default.filter
447 The logfile is where all logging and error messages are written. The
448 logfile can be useful for tracking down a problem with Privoxy (e.g.,
449 it's not blocking an ad you think it should block) but in most cases
450 you probably will never look at it.
452 Your logfile will grow indefinitely, and you will probably want to
453 periodically remove it. On Unix systems, you can do this with a cron
454 job (see "man cron"). For Redhat, a logrotate script has been
457 On SuSE Linux systems, you can place a line like "/var/log/privoxy.*
458 +1024k 644 nobody.nogroup" in /etc/logfiles, with the effect that
459 cron.daily will automatically archive, gzip, and empty the log, when
462 Default: Log to the a file named logfile. Comment out to disable
467 The "jarfile" defines where Privoxy stores the cookies it intercepts.
468 Note that if you use a "jarfile", it may grow quite large. Default:
469 Don't store intercepted cookies.
473 If you specify a "trustfile", Privoxy will only allow access to sites
474 that are named in the trustfile. You can also mark sites as trusted
475 referrers, with the effect that access to untrusted sites will be
476 granted, if a link from a trusted referrer was used. The link target
477 will then be added to the "trustfile". This is a very restrictive
478 feature that typical users most probably want to leave disabled.
479 Default: Disabled, don't use the trust mechanism.
483 If you use the trust mechanism, it is a good idea to write up some
484 on-line documentation about your blocking policy and to specify the
485 URL(s) here. They will appear on the page that your users receive when
486 they try to access untrusted content. Use multiple times for multiple
487 URLs. Default: Don't display links on the "untrusted" info page.
489 trust-info-url http://www.your-site.com/why_we_block.html
490 trust-info-url http://www.your-site.com/what_we_allow.html
491 _________________________________________________________________
493 3.3.2. Other Configuration Options
495 This part of the configuration file contains options that control how
498 "Admin-address" should be set to the email address of the proxy
499 administrator. It is used in many of the proxy-generated pages.
500 Default: fill@me.in.please.
502 #admin-address fill@me.in.please
504 "Proxy-info-url" can be set to a URL that contains more info about
505 this Privoxy installation, it's configuration and policies. It is used
506 in many of the proxy-generated pages and its use is highly recommended
507 in multi-user installations, since your users will want to know why
508 certain content is blocked or modified. Default: Don't show a link to
509 on-line documentation.
511 proxy-info-url http://www.your-site.com/proxy.html
513 "Listen-address" specifies the address and port where Privoxy will
514 listen for connections from your Web browser. The default is to listen
515 on the localhost port 8118, and this is suitable for most users. (In
516 your web browser, under proxy configuration, list the proxy server as
517 "localhost" and the port as "8118").
519 If you already have another service running on port 8118, or if you
520 want to serve requests from other machines (e.g. on your local
521 network) as well, you will need to override the default. The syntax is
522 "listen-address [<ip-address>]:<port>". If you leave out the IP
523 address, Privoxy will bind to all interfaces (addresses) on your
524 machine and may become reachable from the Internet. In that case,
525 consider using access control lists (acl's) (see "aclfile" above), or
528 For example, suppose you are running Privoxy on a machine which has
529 the address 192.168.0.1 on your local private network (192.168.0.0)
530 and has another outside connection with a different address. You want
531 it to serve requests from inside only:
533 listen-address 192.168.0.1:8118
535 If you want it to listen on all addresses (including the outside
540 If you do this, consider using ACLs (see "aclfile" above). Note: you
541 will need to point your browser(s) to the address and port that you
542 have configured here. Default: localhost:8118 (127.0.0.1:8118).
544 The debug option sets the level of debugging information to log in the
545 logfile (and to the console in the Windows version). A debug level of
546 1 is informative because it will show you each request as it happens.
547 Higher levels of debug are probably only of interest to developers.
549 debug 1 # GPC = show each GET/POST/CONNECT request
550 debug 2 # CONN = show each connection status
551 debug 4 # IO = show I/O status
552 debug 8 # HDR = show header parsing
553 debug 16 # LOG = log all data into the logfile
554 debug 32 # FRC = debug force feature
555 debug 64 # REF = debug regular expression filter
556 debug 128 # = debug fast redirects
557 debug 256 # = debug GIF de-animation
558 debug 512 # CLF = Common Log Format
559 debug 1024 # = debug kill pop-ups
560 debug 4096 # INFO = Startup banner and warnings.
561 debug 8192 # ERROR = Non-fatal errors
563 It is highly recommended that you enable ERROR reporting (debug 8192),
564 at least until v3.0 is released.
566 The reporting of FATAL errors (i.e. ones which crash Privoxy) is
567 always on and cannot be disabled.
569 If you want to use CLF (Common Log Format), you should set "debug 512"
570 ONLY, do not enable anything else.
572 Multiple "debug" directives, are OK - they're logical-OR'd together.
574 debug 15 # same as setting the first 4 listed above
580 debug 8192 # Errors - *we highly recommended enabling this*
582 Privoxy normally uses "multi-threading", a software technique that
583 permits it to handle many different requests simultaneously. In some
584 cases you may wish to disable this -- particularly if you're trying to
585 debug a problem. The "single-threaded" option forces Privoxy to handle
586 requests sequentially. Default: Multi-threaded mode.
590 "toggle" allows you to temporarily disable all Privoxy's filtering.
593 The Windows version of Privoxy puts an icon in the system tray, which
594 also allows you to change this option. If you right-click on that icon
595 (or select the "Options" menu), one choice is "Enable". Clicking on
596 enable toggles Privoxy on and off. This is useful if you want to
597 temporarily disable Privoxy, e.g., to access a site that requires
598 cookies which you would otherwise have blocked. This can also be
599 toggled via a web browser at the Privoxy internal address of
600 [45]http://p.p on any platform.
602 "toggle 1" means Privoxy runs normally, "toggle 0" means that Privoxy
603 becomes a non-anonymizing non-blocking proxy. Default: 1 (on).
607 For content filtering, i.e. the "+filter" and "+deanimate-gif"
608 actions, it is necessary that Privoxy buffers the entire document
609 body. This can be potentially dangerous, since a server could just
610 keep sending data indefinitely and wait for your RAM to exhaust. With
613 The buffer-limit option lets you set the maximum size in Kbytes that
614 each buffer may use. When the documents buffer exceeds this size, it
615 is flushed to the client unfiltered and no further attempt to filter
616 the rest of it is made. Remember that there may multiple threads
617 running, which might require increasing the "buffer-limit" Kbytes
618 each, unless you have enabled "single-threaded" above.
622 To enable the web-based default.action file editor set
623 enable-edit-actions to 1, or 0 to disable. Note that you must have
624 compiled Privoxy with support for this feature, otherwise this option
625 has no effect. This internal page can be reached at [46]http://p.p.
627 Security note: If this is enabled, anyone who can use the proxy can
628 edit the actions file, and their changes will affect all users. For
629 shared proxies, you probably want to disable this. Default: enabled.
631 enable-edit-actions 1
633 Allow Privoxy to be toggled on and off remotely, using your web
634 browser. Set "enable-remote-toggle"to 1 to enable, and 0 to disable.
635 Note that you must have compiled Privoxy with support for this
636 feature, otherwise this option has no effect.
638 Security note: If this is enabled, anyone who can use the proxy can
639 toggle it on or off (see [47]http://p.p), and their changes will
640 affect all users. For shared proxies, you probably want to disable
641 this. Default: enabled.
643 enable-remote-toggle 1
644 _________________________________________________________________
646 3.3.3. Access Control List (ACL)
648 Access controls are included at the request of some ISPs and systems
649 administrators, and are not usually needed by individual users. Please
650 note the warnings in the FAQ that this proxy is not intended to be a
651 substitute for a firewall or to encourage anyone to defer addressing
652 basic security weaknesses.
654 If no access settings are specified, the proxy talks to anyone that
655 connects. If any access settings file are specified, then the proxy
656 talks only to IP addresses permitted somewhere in this file and not
657 denied later in this file.
659 Summary -- if using an ACL:
661 Client must have permission to receive service.
663 LAST match in ACL wins.
665 Default behavior is to deny service.
667 The syntax for an entry in the Access Control List is:
669 ACTION SRC_ADDR[/SRC_MASKLEN] [ DST_ADDR[/DST_MASKLEN] ]
671 Where the individual fields are:
673 ACTION = "permit-access" or "deny-access"
674 SRC_ADDR = client hostname or dotted IP address
675 SRC_MASKLEN = number of bits in the subnet mask for the source
676 DST_ADDR = server or forwarder hostname or dotted IP address
677 DST_MASKLEN = number of bits in the subnet mask for the target
679 The field separator (FS) is whitespace (space or tab).
681 IMPORTANT NOTE: If Privoxy is using a forwarder (see below) or a
682 gateway for a particular destination URL, the DST_ADDR that is
683 examined is the address of the forwarder or the gateway and NOT the
684 address of the ultimate target. This is necessary because it may be
685 impossible for the local Privoxy to determine the address of the
686 ultimate target (that's often what gateways are used for).
688 Here are a few examples to show how the ACL features work:
690 "localhost" is OK -- no DST_ADDR implies that ALL destination
693 permit-access localhost
695 A silly example to illustrate permitting any host on the class-C
696 subnet with Privoxy to go anywhere:
698 permit-access www.privoxy.com/24
700 Except deny one particular IP address from using it at all:
702 deny-access ident.privoxy.com
704 You can also specify an explicit network address and subnet mask.
705 Explicit addresses do not have to be resolved to be used.
707 permit-access 207.153.200.0/24
709 A subnet mask of 0 matches anything, so the next line permits
712 permit-access 0.0.0.0/0
714 Note, you cannot say:
718 to allow all *.org domains. Every IP address listed must resolve
721 An ISP may want to provide a Privoxy that is accessible by "the world"
722 and yet restrict use of some of their private content to hosts on its
723 internal network (i.e. its own subscribers). Say, for instance the ISP
724 owns the Class-B IP address block 123.124.0.0 (a 16 bit netmask). This
725 is how they could do it:
727 permit-access 0.0.0.0/0 0.0.0.0/0 # other clients can go anywhere
728 # with the following exceptions
731 deny-access 0.0.0.0/0 123.124.0.0/16 # block all external request
733 # sites on the ISP's network
734 permit 0.0.0.0/0 www.my_isp.com # except for the ISP's main
736 permit 123.124.0.0/16 0.0.0.0/0 # the ISP's clients can go
739 Note that if some hostnames are listed with multiple IP addresses, the
740 primary value returned by DNS (via gethostbyname()) is used. Default:
741 Anyone can access the proxy.
742 _________________________________________________________________
746 This feature allows chaining of HTTP requests via multiple proxies. It
747 can be used to better protect privacy and confidentiality when
748 accessing specific domains by routing requests to those domains to a
749 special purpose filtering proxy such as lpwa.com. Or to use a caching
750 proxy to speed up browsing.
752 It can also be used in an environment with multiple networks to route
753 requests via multiple gateways allowing transparent access to multiple
754 networks without having to modify browser configurations.
756 Also specified here are SOCKS proxies. Privoxy SOCKS 4 and SOCKS 4A.
757 The difference is that SOCKS 4A will resolve the target hostname using
758 DNS on the SOCKS server, not our local DNS client.
760 The syntax of each line is:
762 forward target_domain[:port] http_proxy_host[:port]
763 forward-socks4 target_domain[:port] socks_proxy_host[:port]
764 http_proxy_host[:port]
765 forward-socks4a target_domain[:port] socks_proxy_host[:port]
766 http_proxy_host[:port]
768 If http_proxy_host is ".", then requests are not forwarded to a HTTP
769 proxy but are made directly to the web servers.
771 Lines are checked in sequence, and the last match wins.
773 There is an implicit line equivalent to the following, which specifies
774 that anything not finding a match on the list is to go out without
775 forwarding or gateway protocol, like so:
777 forward .* . # implicit
779 In the following common configuration, everything goes to Lucent's
780 LPWA, except SSL on port 443 (which it doesn't handle):
782 forward .* lpwa.com:8000
785 Some users have reported difficulties related to LPWA's use of "." as
786 the last element of the domain, and have said that this can be fixed
789 forward lpwa. lpwa.com:8000
791 (NOTE: the syntax for specifying target_domain has changed since the
792 previous paragraph was written -- it will not work now. More
793 information is welcome.)
795 In this fictitious example, everything goes via an ISP's caching
796 proxy, except requests to that ISP:
798 forward .* caching.myisp.net:8000
801 For the @home network, we're told the forwarding configuration is
804 forward .* proxy:8080
806 Also, we're told they insist on getting cookies and JavaScript, so you
807 should allow cookies from home.com. We consider JavaScript a potential
808 security risk. Java need not be enabled.
810 In this example direct connections are made to all "internal" domains,
811 but everything else goes through Lucent's LPWA by way of the company's
812 SOCKS gateway to the Internet.
814 forward-socks4 .* lpwa.com:8000 firewall.my_company.com:1080
815 forward my_company.com .
817 This is how you could set up a site that always uses SOCKS but no
820 forward-socks4a .* . firewall.my_company.com:1080
822 An advanced example for network administrators:
824 If you have links to multiple ISPs that provide various special
825 content to their subscribers, you can configure forwarding to pass
826 requests to the specific host that's connected to that ISP so that
827 everybody can see all of the content on all of the ISPs.
829 This is a bit tricky, but here's an example:
831 host-a has a PPP connection to isp-a.com. And host-b has a PPP
832 connection to isp-b.com. host-a can run a Privoxy proxy with
833 forwarding like this:
836 forward isp-b.com host-b:8118
838 host-b can run a Privoxy proxy with forwarding like this:
841 forward isp-a.com host-a:8118
843 Now, anyone on the Internet (including users on host-a and host-b) can
844 set their browser's proxy to either host-a or host-b and be able to
845 browse the content on isp-a or isp-b.
847 Here's another practical example, for University of Kent at Canterbury
848 students with a network connection in their room, who need to use the
849 University's Squid web cache.
851 forward *. ssbcache.ukc.ac.uk:3128 # Use the proxy, except for:
852 forward .ukc.ac.uk . # Anything on the same domain as us
853 forward * . # Host with no domain specified
854 forward 129.12.*.* . # A dotted IP on our /16 network.
855 forward 127.*.*.* . # Loopback address
856 forward localhost.localdomain . # Loopback address
857 forward www.ukc.mirror.ac.uk . # Specific host
859 If you intend to chain Privoxy and squid locally, then chain as
860 browser -> squid -> privoxy is the recommended way.
862 Your squid configuration could then look like this:
864 # Define Privoxy as parent cache
866 cache_peer 127.0.0.1 parent 8118 0 no-query
868 # Define ACL for protocol FTP
870 # Do not forward ACL FTP to privoxy
871 always_direct allow FTP
872 # Do not forward ACL CONNECT (https) to privoxy
873 always_direct allow CONNECT
874 # Forward the rest to privoxy
875 never_direct allow all
876 _________________________________________________________________
878 3.3.5. Windows GUI Options
880 Privoxy has a number of options specific to the Windows GUI interface:
882 If "activity-animation" is set to 1, the Privoxy icon will animate
883 when "Privoxy" is active. To turn off, set to 0.
887 If "log-messages" is set to 1, Privoxy will log messages to the
892 If "log-buffer-size" is set to 1, the size of the log buffer, i.e. the
893 amount of memory used for the log messages displayed in the console
894 window, will be limited to "log-max-lines" (see below).
896 Warning: Setting this to 0 will result in the buffer to grow
897 infinitely and eat up all your memory!
901 log-max-lines is the maximum number of lines held in the log buffer.
906 If "log-highlight-messages" is set to 1, Privoxy will highlight
907 portions of the log messages with a bold-faced font:
909 log-highlight-messages 1
911 The font used in the console window:
913 log-font-name Comic Sans MS
915 Font size used in the console window:
919 "show-on-task-bar" controls whether or not Privoxy will appear as a
920 button on the Task bar when minimized:
924 If "close-button-minimizes" is set to 1, the Windows close button will
925 minimize Privoxy instead of closing the program (close with the exit
926 option on the File menu).
928 close-button-minimizes 1
930 The "hide-console" option is specific to the MS-Win console version of
931 Privoxy. If this option is used, Privoxy will disconnect from and hide
935 _________________________________________________________________
937 3.4. The Actions File
939 The "default.action" file (formerly actionsfile or ijb.action) is used
940 to define what actions Privoxy takes, and thus determines how images,
941 cookies and various other aspects of HTTP content and transactions are
942 handled. Images can be anything you want, including ads, banners, or
943 just some obnoxious URL that you would rather not see. Cookies can be
944 accepted or rejected, or accepted only during the current browser
945 session (i.e. not written to disk). Changes to default.action should
946 be immediately visible to Privoxy without the need to restart.
948 The easiest way to edit "actions" file is with a browser by loading
949 [48]http://p.p/, and then select "Edit Actions List". A text editor
952 To determine which actions apply to a request, the URL of the request
953 is compared to all patterns in this file. Every time it matches, the
954 list of applicable actions for the URL is incrementally updated. You
955 can trace this process by visiting [49]http://p.p/show-url-info.
957 There are four types of lines in this file: comments (begin with a "#"
958 character), actions, aliases and patterns, all of which are explained
959 below, as well as the configuration file syntax that Privoxy
961 _________________________________________________________________
963 3.4.1. URL Domain and Path Syntax
965 Generally, a pattern has the form <domain>/<path>, where both the
966 <domain> and <path> part are optional. If you only specify a domain
967 part, the "/" can be left out:
969 www.example.com - is a domain only pattern and will match any request
970 to "www.example.com".
972 www.example.com/ - means exactly the same.
974 www.example.com/index.html - matches only the single document
975 "/index.html" on "www.example.com".
977 /index.html - matches the document "/index.html", regardless of the
980 index.html - matches nothing, since it would be interpreted as a
981 domain name and there is no top-level domain called ".html".
983 The matching of the domain part offers some flexible options: if the
984 domain starts or ends with a dot, it becomes unanchored at that end.
987 .example.com - matches any domain that ENDS in ".example.com".
989 www. - matches any domain that STARTS with "www".
991 Additionally, there are wild-cards that you can use in the domain
992 names themselves. They work pretty similar to shell wild-cards: "*"
993 stands for zero or more arbitrary characters, "?" stands for any
994 single character. And you can define character classes in square
995 brackets and they can be freely mixed:
997 ad*.example.com - matches "adserver.example.com", "ads.example.com",
998 etc but not "sfads.example.com".
1000 *ad*.example.com - matches all of the above, and then some.
1002 .?pix.com - matches "www.ipix.com", "pictures.epix.com",
1003 "a.b.c.d.e.upix.com", etc.
1005 www[1-9a-ez].example.com - matches "www1.example.com",
1006 "www4.example.com", "wwwd.example.com", "wwwz.example.com", etc., but
1007 not "wwww.example.com".
1009 If Privoxy was compiled with "pcre" support (default), Perl compatible
1010 regular expressions can be used. See the pcre/docs/ directory or "man
1011 perlre" (also available on
1012 [50]http://www.perldoc.com/perl5.6/pod/perlre.html) for details. A
1013 brief discussion of regular expressions is in the [51]Appendix. For
1016 /.*/advert[0-9]+\.jpe?g - would match a URL from any domain, with any
1017 path that includes "advert" followed immediately by one or more
1018 digits, then a "." and ending in either "jpeg" or "jpg". So we match
1019 "example.com/ads/advert2.jpg", and
1020 "www.example.com/ads/banners/advert39.jpeg", but not
1021 "www.example.com/ads/banners/advert39.gif" (no gifs in the example
1024 Please note that matching in the path is case INSENSITIVE by default,
1025 but you can switch to case sensitive at any point in the pattern by
1026 using the "(?-i)" switch:
1028 www.example.com/(?-i)PaTtErN.* - will match only documents whose path
1029 starts with "PaTtErN" in exactly this capitalization.
1030 _________________________________________________________________
1034 Actions are enabled if preceded with a "+", and disabled if preceded
1035 with a "-". Actions are invoked by enclosing the action name in curly
1036 braces (e.g. {+some_action}), followed by a list of URLs to which the
1037 action applies. There are three classes of actions:
1039 * Boolean (e.g. "+/-block"):
1040 {+name} # enable this action
1041 {-name} # disable this action
1043 * parameterized (e.g. "+/-hide-user-agent"):
1044 {+name{param}} # enable action and set parameter to "param"
1045 {-name} # disable action
1047 * Multi-value (e.g. "{+/-add-header{Name: value}}",
1048 "{+/-wafer{name=value}}"):
1049 {+name{param}} # enable action and add parameter "param"
1050 {-name{param}} # remove the parameter "param"
1051 {-name} # disable this action totally
1053 If nothing is specified in this file, no "actions" are taken. So in
1054 this case Privoxy would just be a normal, non-blocking,
1055 non-anonymizing proxy. You must specifically enable the privacy and
1056 blocking features you need (although the provided default
1057 default.action file will give a good starting point).
1059 Later defined actions always over-ride earlier ones. For multi-valued
1060 actions, the actions are applied in the order they are specified.
1062 The list of valid Privoxy "actions" are:
1064 * Add the specified HTTP header, which is not checked for validity.
1065 You may specify this many times to specify many different headers:
1066 +add-header{Name: value}
1068 * Block this URL totally. In a default installation, a "blocked" URL
1069 will result in bright red banner that says "BLOCKED", with a
1070 reason why it is being blocked.
1073 * De-animate all animated GIF images, i.e. reduce them to their last
1074 frame. This will also shrink the images considerably (in bytes,
1075 not pixels!). If the option "first" is given, the first frame of
1076 the animation is used as the replacement. If "last" is given, the
1077 last frame of the animation is used instead, which probably makes
1078 more sense for most banner animations, but also has the risk of
1079 not showing the entire last frame (if it is only a delta to an
1081 +deanimate-gifs{last}
1082 +deanimate-gifs{first}
1084 * "+downgrade" will downgrade HTTP/1.1 client requests to HTTP/1.0
1085 and downgrade the responses as well. Use this action for servers
1086 that use HTTP/1.1 protocol features that Privoxy doesn't handle
1087 well yet. HTTP/1.1 is only partially implemented. Default is not
1088 to downgrade requests.
1091 * Many sites, like yahoo.com, don't just link to other sites.
1092 Instead, they will link to some script on their own server, giving
1093 the destination as a parameter, which will then redirect you to
1094 the final target. URLs resulting from this scheme typically look
1095 like: http://some.place/some_script?http://some.where-else.
1096 Sometimes, there are even multiple consecutive redirects encoded
1097 in the URL. These redirections via scripts make your web browsing
1098 more traceable, since the server from which you follow such a link
1099 can see where you go to. Apart from that, valuable bandwidth and
1100 time is wasted, while your browser ask the server for one redirect
1101 after the other. Plus, it feeds the advertisers.
1102 The "+fast-redirects" option enables interception of these
1103 requests by Privoxy, who will cut off all but the last valid URL
1104 in the request and send a local redirect back to your browser
1105 without contacting the remote site.
1108 * Apply the filters in the section_header section of the
1109 default.filter file to the site(s). default.filter sections are
1110 grouped according to like functionality.
1111 +filter{section_header}
1113 Filter sections that are pre-defined in the supplied
1114 default.filter include:
1116 html-annoyances: Get rid of particularly annoying HTML abuse.
1118 js-annoyances: Get rid of particularly annoying JavaScript abuse
1120 no-poups: Kill all popups in JS and HTML
1122 frameset-borders: Give frames a border
1124 webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
1126 no-refresh: Automatic refresh sucks on auto-dialup lines
1128 fun: Text replacements for subversive browsing fun!
1130 nimda: Remove (virus) Nimda code.
1132 banners-by-size: Kill banners by size
1134 crude-parental: Kill all web pages that contain the words "sex" or
1137 * Block any existing X-Forwarded-for header, and do not add a new
1141 * If the browser sends a "From:" header containing your e-mail
1142 address, this either completely removes the header ("block"), or
1143 changes it to the specified e-mail address.
1145 +hide-from{spam@sittingduck.xqq}
1147 * Don't send the "Referer:" (sic) header to the web site. You can
1148 block it, forge a URL to the same server as the request (which is
1149 preferred because some sites will not send images otherwise) or
1150 set it to a constant string of your choice.
1151 +hide-referer{block}
1152 +hide-referer{forge}
1153 +hide-referer{http://nowhere.com}
1155 * Alternative spelling of "+hide-referer". It has the same
1156 parameters, and can be freely mixed with, "+hide-referer".
1157 ("referrer" is the correct English spelling, however the HTTP
1158 specification has a bug - it requires it to be spelled "referer".)
1161 * Change the "User-Agent:" header so web servers can't tell your
1162 browser type. Warning! This breaks many web sites. Specify the
1163 user-agent value you want. Example, pretend to be using Netscape
1165 +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
1167 * Treat this URL as an image. This only matters if it's also
1168 "+block"ed, in which case a "blocked" image can be sent rather
1169 than a HTML page. See "+image-blocker{}" below for the control
1170 over what is actually sent. If you want invisible ads, they should
1171 be defined as images and blocked. And also, "image-blocker" should
1175 * Decides what to do with URLs that end up tagged with "{+block
1176 +image}", e.g an advertizement. There are five options.
1177 "-image-blocker" will send a HTML "blocked" page, usually
1178 resulting in a "broken image" icon. "+image-blocker{blank}" will
1179 send a 1x1 transparent GIF image. And finally,
1180 "+image-blocker{http://xyz.com}" will send a HTTP temporary
1181 redirect to the specified image. This has the advantage of the
1182 icon being being cached by the browser, which will speed up the
1183 display. "+image-blocker{pattern}" will send a checkboard type
1185 +image-blocker{blank}
1186 +image-blocker{pattern}
1187 +image-blocker{http://p.p/send-banner}
1189 * By default (i.e. in the absence of a "+limit-connect" action),
1190 Privoxy will only allow CONNECT requests to port 443, which is the
1191 standard port for https as a precaution.
1192 The CONNECT methods exists in HTTP to allow access to secure
1193 websites (https:// URLs) through proxies. It works very simply:
1194 the proxy connects to the server on the specified port, and then
1195 short-circuits its connections to the client and to the remote
1196 proxy. This can be a big security hole, since CONNECT-enabled
1197 proxies can be abused as TCP relays very easily.
1198 If you want to allow CONNECT for more ports than this, or want to
1199 forbid CONNECT altogether, you can specify a comma separated list
1200 of ports and port ranges (the latter using dashes, with the
1201 minimum defaulting to 0 and max to 65K):
1202 +limit-connect{443} # This is the default and need no be
1204 +limit-connect{80,443} # Ports 80 and 443 are OK.
1205 +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to
1207 #and above 500 are OK.
1209 * "+no-compression" prevents the website from compressing the data.
1210 Some websites do this, which can be a problem for Privoxy, since
1211 "+filter", "+no-popup" and "+gif-deanimate" will not work on
1212 compressed data. This will slow down connections to those
1213 websites, though. Default is "nocompression" is turned on.
1216 * If the website sets cookies, "no-cookies-keep" will make sure they
1217 are erased when you exit and restart your web browser. This makes
1218 profiling cookies useless, but won't break sites which require
1219 cookies so that you can log in for transactions. Default: on.
1222 * Prevent the website from reading cookies:
1225 * Prevent the website from setting cookies:
1228 * Filter the website through a built-in filter to disable those
1229 obnoxious JavaScript pop-up windows via window.open(), etc. The
1230 two alternative spellings are equivalent.
1234 * This action only applies if you are using a jarfile for saving
1235 cookies. It sends a cookie to every site stating that you do not
1236 accept any copyright on cookies sent to you, and asking them not
1237 to track you. Of course, this is a (relatively) unique header they
1238 could use to track you.
1241 * This allows you to add an arbitrary cookie. It can be specified
1242 multiple times in order to add as many cookies as you like.
1245 The meaning of any of the above is reversed by preceding the action
1246 with a "-", in place of the "+".
1250 Turn off cookies by default, then allow a few through for specified
1253 # Turn off all persistent cookies
1254 { +no-cookies-read }
1256 # Allow cookies for this browser session ONLY
1257 { +no-cookies-keep }
1258 # Exceptions to the above, sites that benefit from persistent cookies
1259 { -no-cookies-read }
1261 { -no-cookies-keep }
1267 # Alternative way of saying the same thing
1268 {-no-cookies-set -no-cookies-read -no-cookies-keep}
1272 Now turn off "fast redirects", and then we allow two exceptions:
1277 # Reverse it for these two sites, which don't work right without it.
1279 www.ukc.ac.uk/cgi-bin/wac\.cgi\?
1282 Turn on page filtering according to rules in the defined sections of
1283 refilterfile, and make one exception for sourceforge:
1285 # Run everything through the filter file, using only the
1286 # specified sections:
1287 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\
1288 +filter{webbugs} +filter{nimda} +filter{banners-by-size}
1290 # Then disable filtering of code from sourceforge!
1292 .cvs.sourceforge.net
1294 Now some URLs that we want "blocked", ie we won't see them. Many of
1295 these use regular expressions that will expand to match multiple URLs:
1299 /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))
1300 /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])
1301 /.*/(ng)?adclient\.cgi
1302 /.*/(plain|live|rotate)[-_.]?ads?/
1303 /.*/(sponsor)s?[0-9]?/
1304 /.*/_?(plain|live)?ads?(-banners)?/
1306 /.*/ad(sdna_image|gifs?)/
1307 /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)
1311 /.*/adv((er)?ts?|ertis(ing|ements?))?/
1315 /.*/cgi-bin/centralad/getimage
1316 /.*/images/addver\.gif
1317 /.*/images/marketing/.*\.(gif|jpe?g)
1321 /.*/sponsors?[0-9]?/
1322 /.*/advert[0-9]+\.jpg
1329 /graphics/defaultAd/
1331 /image\.ng/transactionID
1332 /images/.*/.*_anim\.gif # alvin brattli
1333 /ip_img/.*\.(gif|jpe?g)
1337 /cgi-bin/nph-adclick.exe/
1338 /.*/Image/BannerAdvertising/
1340 /.*/adlib/server\.cgi
1343 Note that many of these actions have the potential to cause a page to
1344 misbehave, possibly even not to display at all. There are many ways a
1345 site designer may choose to design his site, and what HTTP header
1346 content he may depend on. There is no way to have hard and fast rules
1347 for all sites. See the [52]Appendix for a brief example on
1348 troubleshooting actions.
1349 _________________________________________________________________
1353 Custom "actions", known to Privoxy as "aliases", can be defined by
1354 combining other "actions". These can in turn be invoked just like the
1355 built-in "actions". Currently, an alias can contain any character
1356 except space, tab, "=", "{" or "}". But please use only "a"- "z",
1357 "0"-"9", "+", and "-". Alias names are not case sensitive, and must be
1358 defined before anything else in the default.actionfile ! And there can
1359 only be one set of "aliases" defined.
1361 Now let's define a few aliases:
1363 # Useful customer aliases we can use later. These must come first!
1365 +no-cookies = +no-cookies-set +no-cookies-read
1366 -no-cookies = -no-cookies-set -no-cookies-read
1367 fragile = -block -no-cookies -filter -fast-redirects -hide-refere
1369 shop = -no-cookies -filter -fast-redirects
1370 +imageblock = +block +image
1371 #For people who don't like to type too much: ;-)
1374 c2 = -no-cookies-set +no-cookies-read
1375 c3 = +no-cookies-set -no-cookies-read
1376 #... etc. Customize to your heart's content.
1378 Some examples using our "shop" and "fragile" aliases from above:
1380 # These sites are very complex and require
1381 # minimal interference.
1383 .office.microsoft.com
1384 .windowsupdate.microsoft.com
1386 # Shopping sites - still want to block ads.
1389 .worldpay.com # for quietpc.com
1392 # These shops require pop-ups
1396 _________________________________________________________________
1398 3.5. The Filter File
1400 Any web page can be dynamically modified with the filter file. This
1401 modification can be removal, or re-writing, of any web page content,
1402 including tags and non-visible content. The default filter file is
1403 default.filter, located in the config directory.
1405 The included example file is divided into sections. Each section
1406 begins with the FILTER keyword, followed by the identifier for that
1407 section, e.g. "FILTER: webbugs". Each section performs a similar type
1408 of filtering, such as "html-annoyances".
1410 This file uses regular expressions to alter or remove any string in
1411 the target page. The expressions can only operate on one line at a
1412 time. Some examples from the included default default.filter:
1414 Stop web pages from displaying annoying messages in the status bar by
1415 deleting such references:
1417 FILTER: html-annoyances
1418 # New browser windows should be resizeable and have a location and st
1422 s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig
1423 s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig
1424 s/scrolling="?(no|0|Auto)"?/scrolling=1/ig
1425 s/menubar="?(no|0)"?/menubar=1/ig
1426 # The <BLINK> tag was a crime!
1428 s*<blink>|</blink>**ig
1431 #s/framespacing="?(no|0)"?//ig
1432 #s/margin(height|width)=[0-9]*//gi
1434 Just for kicks, replace any occurrence of "Microsoft" with
1435 "MicroSuck", and have a little fun with topical buzzwords:
1438 s/microsoft(?!.com)/MicroSuck/ig
1441 s/industry-leading|cutting-edge|award-winning/<font color=red><b>BING
1444 Kill those pesky little web-bugs:
1446 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
1448 s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\
1449 s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig
1450 _________________________________________________________________
1454 When Privoxy displays one of its internal pages, such as a 404 Not
1455 Found error page, it uses the appropriate template. On Linux, BSD, and
1456 Unix, these are located in /etc/privoxy/templates by default. These
1457 may be customized, if desired.
1458 _________________________________________________________________
1460 4. Quickstart to Using Privoxy
1462 Install package, then run and enjoy! Privoxy is typically started by
1463 specifying the main configuration file to be used on the command line.
1464 Example Unix startup command:
1467 # /usr/sbin/privoxy /etc/privoxy/config
1470 An init script is provided for SuSE and Redhat.
1472 For for SuSE: /etc/rc.d/privoxy start
1474 For RedHat: /etc/rc.d/init.d/privoxy start
1476 If no configuration file is specified on the command line, Privoxy
1477 will look for a file named config in the current directory. Except on
1478 Win32 where it will try config.txt. If no file is specified on the
1479 command line and no default configuration file can be found, Privoxy
1482 Be sure your browser is set to use the proxy which is by default at
1483 localhost, port 8118. With Netscape (and Mozilla), this can be set
1484 under Edit -> Preferences -> Advanced -> Proxies -> HTTP Proxy. For
1485 Internet Explorer: Tools > Internet Properties -> Connections -> LAN
1486 Setting. Then, check "Use Proxy" and fill in the appropriate info
1487 (Address: localhost, Port: 8118). Include if HTTPS proxy support too.
1489 The included default configuration files should give a reasonable
1490 starting point, though may be somewhat aggressive in blocking junk.
1491 You will probably want to keep an eye out for sites that require
1492 persistent cookies, and add these to default.action as needed. By
1493 default, most of these will be accepted only during the current
1494 browser session, until you add them to the configuration. If you want
1495 the browser to handle this instead, you will need to edit
1496 default.action and disable this feature. If you use more than one
1497 browser, it would make more sense to let Privoxy handle this. In which
1498 case, the browser(s) should be set to accept all cookies.
1500 If a particular site shows problems loading properly, try adding it to
1501 the {fragile} section of default.action. This will turn off most
1502 actions for this site.
1504 Privoxy is HTTP/1.1 compliant, but not all 1.1 features are as yet
1505 implemented. If browsers that support HTTP/1.1 (like Mozilla or recent
1506 versions of I.E.) experience problems, you might try to force HTTP/1.0
1507 compatibility. For Mozilla, look under Edit -> Preferences -> Debug ->
1508 Networking. Or set the "+downgrade" config option in default.action.
1510 After running Privoxy for a while, you can start to fine tune the
1511 configuration to suit your personal, or site, preferences and
1512 requirements. There are many, many aspects that can be customized.
1513 "Actions" (as specified in default.action) can be adjusted by pointing
1514 your browser to [53]http://p.p/, and then follow the link to "edit the
1515 actions list". (This is an internal page and does not require Internet
1518 In fact, various aspects of Privoxy configuration can be viewed from
1519 this page, including current configuration parameters, source code
1520 version numbers, the browser's request headers, and "actions" that
1521 apply to a given URL. In addition to the default.action file editor
1522 mentioned above, Privoxy can also be turned "on" and "off" from this
1525 If you encounter problems, please verify it is a Privoxy bug, by
1526 disabling Privoxy, and then trying the same page. Also, try another
1527 browser if possible to eliminate browser or site problems. Before
1528 reporting it as a bug, see if there is not a configuration option that
1529 is enabled that is causing the page not to load. You can then add an
1530 exception for that page or site. If a bug, please report it to the
1531 developers (see below).
1532 _________________________________________________________________
1534 4.1. Command Line Options
1536 Privoxy may be invoked with the following command-line options:
1539 Print version info and exit, Unix only.
1541 Print a short usage info and exit, Unix only.
1543 Don't become a daemon, i.e. don't fork and become process group
1544 leader, don't detach from controlling tty. Unix only.
1546 On startup, write the process ID to FILE. Delete the FILE on exit.
1547 Failiure to create or delete the FILE is non-fatal. If no FILE
1548 option is given, no PID file will be used. Unix only.
1549 * --user USER[.GROUP]
1550 After (optionally) writing the PID file, assume the user ID of
1551 USER, and if included the GID of GROUP. Exit if the privileges are
1552 not sufficient to do so. Unix only.
1554 If no configfile is included on the command line, Privoxy will
1555 look for a file named "config" in the current directory (except on
1556 Win32 where it will look for "config.txt" instead). Specify full
1557 path to avoid confusion.
1558 _________________________________________________________________
1560 5. Contacting the Developers, Bug Reporting and Feature Requests
1562 We value your feedback. However, to provide you with the best support,
1565 * Use the [54]Sourceforge support forum to get help.
1566 * Submit bugs only thru our [55]Sourceforge bug forum. Make sure
1567 that the bug has not already been submitted. Please try to verify
1568 that it is a Privoxy bug, and not a browser or site bug first. If
1569 you are using your own custom configuration, please try the stock
1570 configs to see if the problem is a configuration related bug. And
1571 if not using the latest development snapshot, please try the
1572 latest one. Or even better, CVS sources.
1573 * Submit feature requests only thru our [56]Sourceforge feature
1576 For any other issues, feel free to use the [57]mailing lists.
1578 Anyone interested in actively participating in development and related
1579 discussions can join the appropriate mailing list [58]here. Archives
1580 are available here too.
1581 _________________________________________________________________
1583 6. Copyright and History
1587 Privoxy is free software; you can redistribute it and/or modify it
1588 under the terms of the GNU General Public License as published by the
1589 Free Software Foundation; either version 2 of the License, or (at your
1590 option) any later version.
1592 This program is distributed in the hope that it will be useful, but
1593 WITHOUT ANY WARRANTY; without even the implied warranty of
1594 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1595 General Public License for more details, which is available from
1596 [59]the Free Software Foundation, Inc, 59 Temple Place - Suite 330,
1597 Boston, MA 02111-1307, USA.
1598 _________________________________________________________________
1602 Privoxy is derived from the Internet Junkbuster, with many improvments
1603 and enhancements over the original.
1605 Junkbuster was originally written by Anonymous Coders and
1606 [60]Junkbuster's Corporation, and was released as free open-source
1607 software under the GNU GPL. [61]Stefan Waldherr made many
1608 improvements, and started the [62]SourceForge project Privoxy to
1609 rekindle development. There are now several active developers
1610 contributing. The last stable release of Junkbuster was v2.0.2, which
1611 has now grown whiskers ;-).
1612 _________________________________________________________________
1616 [63]http://sourceforge.net/projects/ijbswa
1618 [64]http://www.privoxy.org/
1622 [66]http://www.junkbusters.com/ht/en/cookies.html
1624 [67]http://www.waldherr.org/junkbuster/
1626 [68]http://privacy.net/analyze/
1628 [69]http://www.squid-cache.org/
1629 _________________________________________________________________
1633 8.1. Regular Expressions
1635 Privoxy can use "regular expressions" in various config files.
1636 Assuming support for "pcre" (Perl Compatible Regular Expressions) is
1637 compiled in, which is the default. Such configuration directives do
1638 not require regular expressions, but they can be used to increase
1639 flexibility by matching a pattern with wild-cards against URLs.
1641 If you are reading this, you probably don't understand what "regular
1642 expressions" are, or what they can do. So this will be a very brief
1643 introduction only. A full explanation would require a book ;-)
1645 "Regular expressions" is a way of matching one character expression
1646 against another to see if it matches or not. One of the "expressions"
1647 is a literal string of readable characters (letter, numbers, etc), and
1648 the other is a complex string of literal characters combined with
1649 wild-cards, and other special characters, called meta-characters. The
1650 "meta-characters" have special meanings and are used to build the
1651 complex pattern to be matched against. Perl Compatible Regular
1652 Expressions is an enhanced form of the regular expression language
1653 with backward compatibility.
1655 To make a simple analogy, we do something similar when we use
1656 wild-card characters when listing files with the dir command in DOS.
1657 *.* matches all filenames. The "special" character here is the
1658 asterisk which matches any and all characters. We can be more specific
1659 and use ? to match just individual characters. So "dir file?.text"
1660 would match "file1.txt", "file2.txt", etc. We are pattern matching,
1661 using a similar technique to "regular expressions"!
1663 Regular expressions do essentially the same thing, but are much, much
1664 more powerful. There are many more "special characters" and ways of
1665 building complex patterns however. Let's look at a few of the common
1666 ones, and then some examples:
1668 . - Matches any single character, e.g. "a", "A", "4", ":", or "@".
1670 ? - The preceding character or expression is matched ZERO or ONE
1673 + - The preceding character or expression is matched ONE or MORE
1676 * - The preceding character or expression is matched ZERO or MORE
1679 \ - The "escape" character denotes that the following character should
1680 be taken literally. This is used where one of the special characters
1681 (e.g. ".") needs to be taken literally and not as a special
1684 [] - Characters enclosed in brackets will be matched if any of the
1685 enclosed characters are encountered.
1687 () - parentheses are used to group a sub-expression, or multiple
1690 | - The "bar" character works like an "or" conditional statement. A
1691 match is successful if the sub-expression on either side of "|"
1694 s/string1/string2/g - This is used to rewrite strings of text.
1695 "string1" is replaced by "string2" in this example.
1697 These are just some of the ones you are likely to use when matching
1698 URLs with Privoxy, and is a long way from a definitive list. This is
1699 enough to get us started with a few simple examples which may be more
1702 /.*/banners/.* - A simple example that uses the common combination of
1703 "." and "*" to denote any character, zero or more times. In other
1704 words, any string at all. So we start with a literal forward slash,
1705 then our regular expression pattern (".*") another literal forward
1706 slash, the string "banners", another forward slash, and lastly another
1707 ".*". We are building a directory path here. This will match any file
1708 with the path that has a directory named "banners" in it. The ".*"
1709 matches any characters, and this could conceivably be more forward
1710 slashes, so it might expand into a much longer looking path. For
1711 example, this could match:
1712 "/eye/hate/spammers/banners/annoy_me_please.gif", or just
1713 "/banners/annoying.html", or almost an infinite number of other
1714 possible combinations, just so it has "banners" in the path somewhere.
1716 A now something a little more complex:
1718 /.*/adv((er)?ts?|ertis(ing|ements?))?/ - We have several literal
1719 forward slashes again ("/"), so we are building another expression
1720 that is a file path statement. We have another ".*", so we are
1721 matching against any conceivable sub-path, just so it matches our
1722 expression. The only true literal that must match our pattern is adv,
1723 together with the forward slashes. What comes after the "adv" string
1724 is the interesting part.
1726 Remember the "?" means the preceding expression (either a literal
1727 character or anything grouped with "(...)" in this case) can exist or
1728 not, since this means either zero or one match. So
1729 "((er)?ts?|ertis(ing|ements?))" is optional, as are the individual
1730 sub-expressions: "(er)", "(ing|ements?)", and the "s". The "|" means
1731 "or". We have two of those. For instance, "(ing|ements?)", can expand
1732 to match either "ing" OR "ements?". What is being done here, is an
1733 attempt at matching as many variations of "advertisement", and
1734 similar, as possible. So this would expand to match just "adv", or
1735 "advert", or "adverts", or "advertising", or "advertisement", or
1736 "advertisements". You get the idea. But it would not match
1737 "advertizements" (with a "z"). We could fix that by changing our
1738 regular expression to: "/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/",
1739 which would then match either spelling.
1741 /.*/advert[0-9]+\.(gif|jpe?g) - Again another path statement with
1742 forward slashes. Anything in the square brackets "[]" can be matched.
1743 This is using "0-9" as a shorthand expression to mean any digit one
1744 through nine. It is the same as saying "0123456789". So any digit
1745 matches. The "+" means one or more of the preceding expression must be
1746 included. The preceding expression here is what is in the square
1747 brackets -- in this case, any digit one through nine. Then, at the
1748 end, we have a grouping: "(gif|jpe?g)". This includes a "|", so this
1749 needs to match the expression on either side of that bar character
1750 also. A simple "gif" on one side, and the other side will in turn
1751 match either "jpeg" or "jpg", since the "?" means the letter "e" is
1752 optional and can be matched once or not at all. So we are building an
1753 expression here to match image GIF or JPEG type image file. It must
1754 include the literal string "advert", then one or more digits, and a
1755 "." (which is now a literal, and not a special character, since it is
1756 escaped with "\"), and lastly either "gif", or "jpeg", or "jpg". Some
1757 possible matches would include: "//advert1.jpg",
1758 "/nasty/ads/advert1234.gif", "/banners/from/hell/advert99.jpg". It
1759 would not match "advert1.gif" (no leading slash), or "/adverts232.jpg"
1760 (the expression does not include an "s"), or "/advert1.jsp" ("jsp" is
1761 not in the expression anywhere).
1763 s/microsoft(?!.com)/MicroSuck/i - This is a substitution. "MicroSuck"
1764 will replace any occurrence of "microsoft". The "i" at the end of the
1765 expression means ignore case. The "(?!.com)" means the match should
1766 fail if "microsoft" is followed by ".com". In other words, this acts
1767 like a "NOT" modifier. In case this is a hyperlink, we don't want to
1770 We are barely scratching the surface of regular expressions here so
1771 that you can understand the default Privoxy configuration files, and
1772 maybe use this knowledge to customize your own installation. There is
1773 much, much more that can be done with regular expressions. Now that
1774 you know enough to get started, you can learn more on your own :/
1776 More reading on Perl Compatible Regular expressions:
1777 [70]http://www.perldoc.com/perl5.6/pod/perlre.html
1778 _________________________________________________________________
1780 8.2. Privoxy's Internal Pages
1782 Since Privoxy proxies each requested web page, it is easy for Privoxy
1783 to trap certain URLs. In this way, we can talk directly to Privoxy,
1784 and see how it is configured, see how our rules are being applied,
1785 change these rules and other configuration options, and even turn
1786 Privoxy's filtering off, all with a web browser.
1788 The URLs listed below are the special ones that allow direct access to
1789 Privoxy. Of course, Privoxy must be running to access these. If not,
1790 you will get a friendly error message. Internet access is not
1793 * Privoxy main page:
1795 [71]http://www.privoxy.org/config/
1796 Alternately, this may be reached at [72]http://p.p/, but this
1797 variation may not work as reliably as the above in some
1799 * Show information about the current configuration:
1801 [73]http://www.privoxy.org/config/show-status
1802 * Show the source code version numbers:
1804 [74]http://www.privoxy.org/config/show-version
1805 * Show the client's request headers:
1807 [75]http://www.privoxy.org/config/show-request
1808 * Show which actions apply to a URL and why:
1810 [76]http://www.privoxy.org/config/show-url-info
1811 * Toggle Privoxy on or off:
1813 [77]http://www.privoxy.org/config/toggle
1814 Short cuts. Turn off, then on:
1816 [78]http://www.privoxy.org/config/toggle?set=disable
1818 [79]http://www.privoxy.org/config/toggle?set=enable
1819 * Edit the actions list file:
1821 [80]http://www.privoxy.org/config/edit-actions
1823 These may be bookmarked for quick reference.
1824 _________________________________________________________________
1826 8.3. Anatomy of an Action
1828 The way Privoxy applies "actions" to any given URL can be complex, and
1829 not always so easy to understand what is happening. And sometimes we
1830 need to be able to see just what Privoxy is doing. Especially, if
1831 something Privoxy is doing is causing us a problem inadvertantly. It
1832 can be a little daunting to look at the actions files themselves,
1833 since they tend to be filled with "regular expressions" whose
1834 consequences are not always so obvious. Privoxy provides the
1835 [81]http://www.privoxy.org/config/show-url-info page that can show us
1836 very specifically how actions are being applied to any given URL. This
1837 is a big help for troubleshooting.
1839 First, enter one URL (or partial URL) at the prompt, and then Privoxy
1840 will tell us how the current configuration will handle it. This will
1841 not help with filtering effects from the default.filter file! It also
1842 will not tell you about any other URLs that may be embedded within the
1843 URL you are testing. For instance, images such as ads are expressed as
1844 URLs within the raw page source of HTML pages. So you will only get
1845 info for the actual URL that is pasted into the prompt area -- not any
1846 sub-URLs. If you want to know about embedded URLs like ads, you will
1847 have to dig those out of the HTML source. Use your browser's "View
1848 Page Source" option for this.
1850 Let's look at an example, [82]google.com, one section at a time:
1852 System default actions:
1854 { -add-header -block -deanimate-gifs -downgrade -fast-redirects -filter
1855 -hide-forwarded -hide-from -hide-referer -hide-user-agent -image
1856 -image-blocker -limit-connect -no-compression -no-cookies-keep
1857 -no-cookies-read -no-cookies-set -no-popups -vanilla-wafer -wafer }
1860 This is the top section, and only tells us of the compiled in
1861 defaults. This is basically what Privoxy would do if there were not
1862 any "actions" defined, i.e. it does nothing. Every action is disabled.
1863 This is not particularly informative for our purposes here. OK, next
1866 Matches for http://google.com:
1868 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
1869 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1870 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1871 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1872 -hide-user-agent -image +image-blocker{blank} +no-compression
1873 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
1874 -vanilla-wafer -wafer }
1877 { -no-cookies-keep -no-cookies-read -no-cookies-set }
1884 This is much more informative, and tells us how we have defined our
1885 "actions", and which ones match for our example, "google.com". The
1886 first grouping shows our default settings, which would apply to all
1887 URLs. If you look at your "actions" file, this would be the section
1888 just below the "aliases" section near the top. This applies to all
1889 URLs as signified by the single forward slash -- "/".
1891 These are the default actions we have enabled. But we can define
1892 additional actions that would be exceptions to these general rules,
1893 and then list specific URLs that these exceptions would apply to. Last
1894 match wins. Just below this then are two explict matches for
1895 ".google.com". The first is negating our various cookie blocking
1896 actions (i.e. we will allow cookies here). The second is allowing
1897 "fast-redirects". Note that there is a leading dot here --
1898 ".google.com". This will match any hosts and sub-domains, in the
1899 google.com domain also, such as "www.google.com". So, apparently, we
1900 have these actions defined somewhere in the lower part of our actions
1901 file, and "google.com" is referenced in these sections.
1903 And now we pull it altogether in the bottom section and summarize how
1904 Privoxy is appying all its "actions" to "google.com":
1908 -add-header -block -deanimate-gifs -downgrade -fast-redirects
1909 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1910 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1911 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1912 -hide-user-agent -image +image-blocker{blank} -limit-connect +no-compression
1913 -no-cookies-keep -no-cookies-read -no-cookies-set +no-popups -vanilla-wafer
1917 Now another example, "ad.doubleclick.net":
1929 We'll just show the interesting part here, the explicit matches. It is
1930 matched three different times. Each as an "+block +image", which is
1931 the expanded form of one of our aliases that had been defined as:
1932 "+imageblock". ("Aliases" are defined in the first section of the
1933 actions file and typically used to combine more than one action.)
1935 Any one of these would have done the trick and blocked this as an
1936 unwanted image. This is unnecessarily redundant since the last case
1937 effectively would also cover the first. No point in taking chances
1938 with these guys though ;-) Note that if you want an ad or obnoxious
1939 URL to be invisible, it should be defined as "ad.doubleclick.net" is
1940 done here -- as both a "+block" and an "+image". The custom alias
1941 "+imageblock" does this for us.
1943 One last example. Let's try "http://www.rhapsodyk.net/adsl/HOWTO/".
1944 This one is giving us problems. We are getting a blank page. Hmmm...
1946 Matches for http://www.rhapsodyk.net/adsl/HOWTO/:
1948 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
1949 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1950 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1951 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1952 -hide-user-agent -image +image-blocker{blank} +no-compression
1953 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
1954 -vanilla-wafer -wafer }
1961 Ooops, the "/adsl/" is matching "/ads"! But we did not want this at
1962 all! Now we see why we get the blank page. We could now add a new
1963 action below this that explictly does not block (-block) pages with
1964 "adsl". There are various ways to handle such exceptions. Example:
1970 Now the page displays ;-)
1972 But now what about a situation where we get no explicit matches like
1979 That actually was very telling and pointed us quickly to where the
1980 problem was. If you don't get this kind of match, then it means one of
1981 the default rules in the first section is causing the problem. This
1982 would require some guesswork, and maybe a little trial and error to
1983 isolate the offending rule. One likely cause would be one of the
1984 "{+filter}" actions. Try adding the URL for the site to one of aliases
1985 that turn off "+filter":
1989 .worldpay.com # for quietpc.com
1995 "{shop}" is an "alias" that expands to "{ -filter -no-cookies
1996 -no-cookies-keep }". Or you could do your own exception to negate
2005 1. http://www.privoxy.org/user-manual/
2006 2. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INTRODUCTION
2007 3. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN35
2008 4. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION
2009 5. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-SOURCE
2010 6. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-RH
2011 7. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-SUSE
2012 8. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-OS2
2013 9. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-WIN
2014 10. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-OTHER
2015 11. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#CONFIGURATION
2016 12. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN154
2017 13. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN172
2018 14. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN203
2019 15. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN236
2020 16. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN329
2021 17. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN466
2022 18. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#FORWARDING
2023 19. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN663
2024 20. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSFILE
2025 21. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN762
2026 22. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN836
2027 23. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1153
2028 24. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#FILTERFILE
2029 25. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1212
2030 26. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#QUICKSTART
2031 27. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1268
2032 28. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#CONTACT
2033 29. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#COPYRIGHT
2034 30. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1327
2035 31. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1333
2036 32. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#SEEALSO
2037 33. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#APPENDIX
2038 34. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#REGEX
2039 35. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1521
2040 36. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSANAT
2042 38. http://sourceforge.net/projects/ijbswa/
2043 39. http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/current/
2044 40. http://www.gnu.org/
2046 42. http://www.privoxy.org/config/
2048 44. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSFILE
2053 49. http://p.p/show-url-info
2054 50. http://www.perldoc.com/perl5.6/pod/perlre.html
2055 51. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#REGEX
2056 52. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSANAT
2058 54. http://sourceforge.net/tracker/?group_id=11118&atid=211118
2059 55. http://sourceforge.net/tracker/?group_id=11118&atid=111118
2060 56. http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
2061 57. http://sourceforge.net/mail/?group_id=11118
2062 58. http://sourceforge.net/mail/?group_id=11118
2063 59. http://www.gnu.org/copyleft/gpl.html
2064 60. http://www.junkbusters.com/
2065 61. http://www.waldherr.org/junkbuster/
2066 62. http://sourceforge.net/projects/ijbswa/
2067 63. http://sourceforge.net/projects/ijbswa
2068 64. http://www.privoxy.org/
2070 66. http://www.junkbusters.com/ht/en/cookies.html
2071 67. http://www.waldherr.org/junkbuster/
2072 68. http://privacy.net/analyze/
2073 69. http://www.squid-cache.org/
2074 70. http://www.perldoc.com/perl5.6/pod/perlre.html
2075 71. http://www.privoxy.org/config/
2077 73. http://www.privoxy.org/config/show-status
2078 74. http://www.privoxy.org/config/show-version
2079 75. http://www.privoxy.org/config/show-request
2080 76. http://www.privoxy.org/config/show-url-info
2081 77. http://www.privoxy.org/config/toggle
2082 78. http://www.privoxy.org/config/toggle?set=disable
2083 79. http://www.privoxy.org/config/toggle?set=enable
2084 80. http://www.privoxy.org/config/edit-actions
2085 81. http://www.privoxy.org/config/show-url-info
2086 82. http://google.com/
2089 83. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1393
2090 84. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1401
2091 85. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1404
2092 86. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1407
2093 87. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1410
2094 88. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1415
2095 89. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1418
2096 90. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1421
2097 91. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1427