1 .\" This manpage has been automatically generated by docbook2man
2 .\" from a DocBook document. This tool can be found at:
3 .\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
4 .\" Please send any bug reports, improvements, comments, patches,
5 .\" etc. to Steve Cheng <steve@ggi-project.org>.
6 .TH "PRIVOXY" "1" "12 November 2007" "Privoxy 3.0.7 UNRELEASED" ""
8 privoxy \- Privacy Enhancing Proxy
11 \fBprivoxy\fR [\fB--help\fR ] [\fB--version\fR ] [\fB--no-daemon\fR ] [\fB--pidfile \fIpidfile\fB\fR ] [\fB--user \fIuser[.group]\fB\fR ] [\fB--chroot\fR ] [\fB--pre-chroot-nslookup \fIhostname\fB\fR ] [\fB\fIconfigfile\fB\fR ]
15 \fBPrivoxy\fR may be invoked with the following command line
19 Print brief usage info and exit.
22 Print version info and exit.
25 Don't become a daemon, i.e. don't fork and become process group
26 leader, don't detach from controlling tty, and do all logging there.
28 \fB--pidfile \fIpidfile\fB\fR
29 On startup, write the process ID to \fIpidfile\fR.
30 Delete the \fIpidfile\fR on exit.
31 Failure to create or delete the \fIpidfile\fR
32 is non-fatal. If no \fB--pidfile\fR option is given, no PID file will be used.
34 \fB--user \fIuser[.group]\fB\fR
35 After (optionally) writing the PID file, assume the user ID of
36 \fIuser\fR and the GID of
37 \fIgroup\fR, or, if the optional
38 \fIgroup\fR was not given, the default group of
39 \fIuser\fR. Exit if the privileges are not
43 Before changing to the user ID given in the --user option, chroot to
44 that user's home directory, i.e. make the kernel pretend to the
45 \fBPrivoxy\fR process that the directory tree starts
46 there. If set up carefully, this can limit the impact of possible
47 vulnerabilities in \fBPrivoxy\fR to the files contained in
50 \fB--pre-chroot-nslookup \fIhostname\fB\fR
51 Initialize the resolver library using \fIhostname\fR
52 before chroot'ing. On some systems this reduces the number of files
53 that must be copied into the chroot tree.
55 If the \fIconfigfile\fR is not specified on the command line,
56 \fBPrivoxy\fR will look for a file named
57 \fIconfig\fR in the current directory . If no
58 \fIconfigfile\fR is found, \fBPrivoxy\fR will
62 Privoxy is a non-caching
64 with advanced filtering capabilities for enhancing privacy,
65 modifying web page data, managing HTTP
67 controlling access, and removing ads, banners, pop-ups and other obnoxious
68 Internet junk. Privoxy has a flexible configuration and can be
69 customized to suit individual needs and tastes. Privoxy has application for
70 both stand-alone systems and multi-user networks.
72 Privoxy is based on Internet Junkbuster (tm).
73 .SH "INSTALLATION AND USAGE"
75 Browsers can either be individually configured to use
76 \fBPrivoxy\fR as a HTTP proxy, or \fBPrivoxy\fR can
77 be set to act as an intercepting proxy (see \fIconfig\fR). The default setting is for
78 localhost, on port 8118 (configurable in the main config file). To set the
79 HTTP proxy in Netscape and Mozilla, go through: \fBEdit\fR;
80 \fBPreferences\fR; \fBAdvanced\fR;
81 \fBProxies\fR; \fBManual Proxy Configuration\fR;
84 For Firefox, go through: \fBTools\fR;
85 \fBOptions\fR; \fBGeneral\fR;
86 \fBConnection Settings\fR;
87 \fBManual Proxy Configuration\fR.
89 For Internet Explorer, go through: \fBTools\fR;
90 \fBInternet Properties\fR; \fBConnections\fR;
93 The Secure (SSL) Proxy should also be set to the same values, otherwise
94 https: URLs will not be proxied. Note: \fBPrivoxy\fR can only
95 proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
96 HTTPS presents some limitations, and not all features will work with HTTPS
99 For other browsers, check the documentation.
102 \fBPrivoxy\fR can be configured with the various configuration
103 files. The default configuration files are: \fIconfig\fR,
104 \fIdefault.filter\fR, and
105 \fIdefault.action\fR. \fIuser.action\fR should
106 be used for locally defined exceptions to the default rules of
107 \fIdefault.action\fR, and \fIuser.filter\fR for
108 locally defined filters. These are well commented. On Unix
109 and Unix-like systems, these are located in
110 \fI/etc/privoxy/\fR by default.
112 \fBPrivoxy\fR uses the concept of \fBactions\fR
113 in order to manipulate the data stream between the browser and remote sites.
114 There are various actions available with specific functions for such things
115 as blocking web sites, managing cookies, etc. These actions can be invoked
116 individually or combined, and used against individual URLs, or groups of URLs
117 that can be defined using wildcards and regular expressions. The result is
118 that the user has greatly enhanced control and freedom.
120 The actions list (ad blocks, etc) can also be configured with your
121 web browser at http://config.privoxy.org/
122 (assuming the configuration allows it).
123 \fBPrivoxy's\fR configuration parameters can also be viewed at
124 the same page. In addition, \fBPrivoxy\fR can be toggled on/off.
125 This is an internal page, and does not require Internet access.
127 See the \fIUser Manual\fR for a detailed
128 explanation of installation, general usage, all configuration options, new
129 features and notes on upgrading.
130 .SH "SAMPLE CONFIGURATION"
132 A brief example of what a simple \fIdefault.action\fR
133 configuration might look like:
136 # Define a few useful custom aliases for later use
139 # Useful aliases that combine more than one action
140 +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
141 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
142 +block-as-image = +block +handle-as-image
144 # Fragile sites should have the minimum changes
145 fragile = -block -deanimate-gifs -fast-redirects -filter \\
146 -hide-referer -prevent-cookies -kill-popups
148 ## Turn some actions on ################################
149 ## NOTE: Actions are off by default, unless explictily turned on
150 ## otherwise with the '+' operator.
155 -client-header-filter{hide-tor-exit-notation} \\
156 -content-type-overwrite \\
157 -crunch-client-header \\
158 -crunch-if-none-match \\
159 -crunch-outgoing-cookies \\
160 -crunch-incoming-cookies \\
161 -crunch-server-header \\
163 -downgrade-http-version \\
165 -filter{js-annoyances} \\
166 -filter{js-events} \\
167 -filter{html-annoyances} \\
168 -filter{content-cookies} \\
169 -filter{refresh-tags} \\
170 -filter{unsolicited-popups} \\
171 -filter{all-popups} \\
172 -filter{img-reorder} \\
173 -filter{banners-by-size} \\
174 -filter{banners-by-link} \\
176 -filter{tiny-textforms} \\
177 -filter{jumping-windows} \\
178 -filter{frameset-borders} \\
179 -filter{demoronizer} \\
180 -filter{shockwave-flash} \\
181 -filter{quicktime-kioskmode} \\
183 -filter{crude-parental} \\
184 -filter{ie-exploits} \\
185 -filter{site-specifics} \\
192 -handle-as-empty-document \\
194 -hide-accept-language \\
195 -hide-content-disposition \\
196 -hide-if-modified-since \\
197 +hide-forwarded-for-headers \\
198 +hide-from-header{block} \\
204 -overwrite-last-modified \\
205 -prevent-compression \\
207 -send-vanilla-wafer \\
209 -server-header-filter{xml-to-html} \\
210 -server-header-filter{html-to-xml} \\
211 -session-cookies-only \\
212 +set-image-blocker{pattern} \\
213 -treat-forbidden-connects-like-blocks \\
215 / # '/' Match *all* URL patterns
218 # Block all URLs that match these patterns
224 /.*count(er)?\\.(pl|cgi|exe|dll|asp|php[34]?)
226 media./.*(ads|banner)
228 # Block, and treat these URL patterns as if they were 'images'.
229 # We would expect these to be ads.
232 .a[0-9].yimg.com/(?:(?!/i/).)*$
235 # Make exceptions for these harmless ones that would be
236 # caught by our +block patterns just above.
242 # uploads or downloads
246 Then for a \fIuser.action\fR, we would put local,
247 narrowly defined exceptions:
250 # Re-define aliases as needed here
254 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
256 # Set personal exceptions to the policies in default.action #######
258 # Sites where we want persistent cookies, so allow *all* cookies
259 { -crunch-cookies -session-cookies-only }
264 # These sites break easily. Use our "fragile" alias here.
269 # Replace example.com's style sheet with one of my choosing
270 { +redirect{http://localhost/css-replacements/example.com.css} }
271 example.com/stylesheet.css
274 See the comments in the configuration files themselves, or the
276 for full explanations of the above syntax, and other \fBPrivoxy\fR
277 configuration options.
282 \fI/usr/sbin/privoxy\fR
283 \fI/etc/privoxy/config\fR
284 \fI/etc/privoxy/default.action\fR
285 \fI/etc/privoxy/standard.action\fR
286 \fI/etc/privoxy/user.action\fR
287 \fI/etc/privoxy/default.filter\fR
288 \fI/etc/privoxy/user.filter\fR
289 \fI/etc/privoxy/trust\fR
290 \fI/etc/privoxy/templates/*\fR
291 \fI/var/log/privoxy/logfile\fR
294 Various other files should be included, but may vary depending on platform
295 and build configuration. Additional documentation should be included in the local
296 documentation directory.
299 \fBPrivoxy\fR terminates on the \fBSIGINT\fR,
300 \fBSIGTERM\fR and \fBSIGABRT\fR signals. Log
301 rotation scripts may cause a re-opening of the logfile by sending a
302 \fBSIGHUP\fR to \fBPrivoxy\fR. Note that unlike
303 other daemons, \fBPrivoxy\fR does not need to be made aware of
304 config file changes by \fBSIGHUP\fR -- it will detect them
308 This is a UNRELEASED version of \fBPrivoxy\fR. Not
309 all features are well tested.
311 Please see the \fIUser Manual\fR on how to contact the
312 developers, for feature requests, reporting problems, and other questions.
315 Other references and sites of interest to \fBPrivoxy\fR
319 http://www.privoxy.org/,
320 the \fBPrivoxy\fR Home page.
322 http://www.privoxy.org/faq/,
323 the \fBPrivoxy\fR FAQ.
325 http://sourceforge.net/projects/ijbswa/,
326 the Project Page for \fBPrivoxy\fR on
329 http://config.privoxy.org/,
330 the web-based user interface. \fBPrivoxy\fR must be
331 running for this to work. Shortcut: http://p.p/
333 http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit ``misses'' and other
334 configuration related suggestions to the developers.
336 http://www.junkbusters.com/ht/en/cookies.html,
337 an explanation how cookies are used to track web users.
339 http://www.junkbusters.com/ijb.html,
340 the original Internet Junkbuster.
342 http://privacy.net/, a useful site
343 to check what information about you is leaked while you browse the web.
345 http://www.squid-cache.org/, a popular
346 caching proxy, which is often used together with \fBPrivoxy\fR.
348 http://www.pps.jussieu.fr/~jch/software/polipo/,
349 \fBPolipo\fR is a caching proxy with advanced features
350 like pipelining, multiplexing and caching of partial instances. In many setups
351 it can be used as \fBSquid\fR replacement.
354 \fBTor\fR can help anonymize web browsing,
355 web publishing, instant messaging, IRC, SSH, and other applications.
357 http://www.privoxy.org/developer-manual/,
358 the \fBPrivoxy\fR developer manual.
359 .SH "DEVELOPMENT TEAM"
362 Fabian Keil, lead developer
363 David Schmidt, developer
368 .SH "COPYRIGHT AND LICENSE"
371 Copyright (C) 2001 - 2007 by Privoxy Developers <ijbswa-developers@lists.sourceforge.net>
373 Some source code is based on code Copyright (C) 1997 by Anonymous Coders
374 and Junkbusters, Inc. and licensed under the \fIGNU General Public
378 \fBPrivoxy\fR is free software; you can
379 redistribute it and/or modify it under the terms of the
380 \fIGNU General Public
381 License\fR, version 2, as published by the Free Software Foundation.
383 This program is distributed in the hope that it will be useful, but WITHOUT
384 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
385 FITNESS FOR A PARTICULAR PURPOSE. See the
386 \fIGNU General Public License\fR for
387 more details, which is available from the Free Software Foundation, Inc,
388 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
390 You should have received a copy of the \fIGNU General Public License\fR
391 along with this program; if not, write to the Free Software
392 Foundation, Inc. 51 Franklin Street, Fifth Floor
393 Boston, MA 02110-1301