+</sect2>
+
+<sect2 renderas="sect3" id="microsuck">
+<title>I've noticed that Privoxy changes <quote>Microsoft</quote> to
+<quote>MicroSuck</quote>! Why are you manipulating my browsing?</title>
+
+<para>
+ We're not. The text substitutions that you are seeing are disabled
+ in the default configuration as shipped. You have either manually
+ activated the <quote><literal>fun</literal></quote> filter which
+ is clearly labeled <quote>Text replacements for subversive browsing
+ fun!</quote> or you are using an older Privoxy version and have implicitly
+ activated it by choosing the <quote>Advanced</quote> profile in the
+ web-based editor. Please upgrade.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="valid">
+<title>Does Privoxy produce <quote>valid</quote> HTML (or XHTML)?</title>
+
+<para>
+ Privoxy generates HTML in both its own <quote>templates</quote>, and possibly
+ whenever there are text substitutions via a &my-app; filter. While this
+ should always conform to the HTML 4.01 specifications, it has not been
+ validated against this or any other standard.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="surprise-privoxy">
+<title>How did you manage to get Privoxy on my computer without my consent?</title>
+
+<para>
+ We didn't. We make Privoxy available for download, but we don't go
+ around installing it on other people's systems behind their back.
+ If you discover Privoxy running on your system and are sure you didn't
+ install it yourself, somebody else did. You may not even be running
+ the real Privoxy, but maybe something else that only pretends to be
+ Privoxy, or maybe something that is based on the real Privoxy,
+ but has been modified.
+</para>
+<para>
+ Lately there have been reports of problems with some kind of
+ Privoxy versions that come preinstalled on some Netbooks.
+ Some of the problems described are inconsistent with the behaviour
+ of official Privoxy versions, which suggests that the preinstalled
+ software may contain vendor modifications that we don't know about
+ and thus can't debug.
+</para>
+<para>
+ Privoxy's <link linkend="copyright">license</link> allows vendor
+ modifications, but the vendor has to comply with the license,
+ which involves informing the user about the changes and to make
+ the changes available under the same license as Privoxy itself.
+</para>
+<para>
+ If you are having trouble with a modified Privoxy version,
+ please try to talk to whoever made the modifications before
+ reporting the problem to us. Please also try to convince
+ whoever made the modifications to talk to us. If you think
+ somebody gave you a modified Privoxy version without complying
+ to the license, please let us know.
+</para>
+</sect2>
+
+
+</sect1>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+
+<sect1 id="trouble">
+<title>Troubleshooting</title>
+
+<sect2 renderas="sect3">
+<title id="refused">I cannot connect to any websites. Or, I am getting
+<quote>connection refused</quote> message with every web page. Why?</title>
+<para>
+ There are several possibilities:
+</para>
+<para>
+<itemizedlist>
+<listitem><para>
+<application>Privoxy</application> is not running. Solution: verify
+ that &my-app; is installed correctly, has not crashed, and is indeed running.
+ Turn on <application>Privoxy's</application> logging, and look at the logs to see what they say.
+</para></listitem>
+ <listitem><para>Or your browser is configured for a different port than what
+ <application>Privoxy</application> is using. Solution: verify that &my-app;
+ and your browser are set to the same port (<literal>listen-address</literal>).
+</para></listitem>
+ <listitem><para>Or if using a forwarding rule, you have a configuration problem or a
+ problem with a host in the forwarding chain. Solution: temporarily alter your
+ configuration and take the forwarders out of the equation.
+</para></listitem>
+ <listitem><para>
+ Or you have a firewall that is interfering and blocking you. Solution:
+ try disabling or removing the firewall as a simple test.
+ </para></listitem>
+</itemizedlist>
+</para>
+
+</sect2>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 renderas="sect3" id="error503">
+<title>Why am I getting a 503 Error (WSAECONNREFUSED) on every page?</title>
+ <para>
+ More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
+ been reported to cause this symptom -- even if not running! The solution is
+ to either fight the ZA configuration, or uninstall ZoneAlarm, and then find
+ something better behaved in its place. Other personal firewall type products
+ may cause similar type problems if not configured correctly.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="flushit">I just added a new rule, but the steenkin ad is
+still getting through. How?</title>
+<para>
+ If the ad had been displayed before you added its URL, it will probably be
+ held in the browser's cache for some time, so it will be displayed without
+ the need for any request to the server, and <application>Privoxy</application>
+ will not be involved. Flush the browser's caches, and then try again.
+</para>
+
+<para>
+ If this doesn't help, you probably have an error in the rule you
+ applied. Try pasting the full URL of the offending ad into <ulink
+ url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
+ and see if it really matches your new rule. Blocking ads is like blocking
+ spam: a lot of tinkering is required to stay ahead of the game. And
+ remember you need to block the URL of the ad in question, which may be
+ entirely different from the site URL itself. Most ads are hosted on different
+ servers than the main site itself. If you right-click on the ad, you should
+ be able to get all the relevant information you need. Alternately, you can
+ find the correct URL by looking at <application>Privoxy's</application> logs
+ (you may need to enable logging in the main config file if its disabled).
+</para>
+<para>
+ Below is a slightly modified real-life log snippet that originates with one
+ requested URL: <literal>www.example.com</literal> (name of site was changed
+ for this example, the number of requests is real). You can see in this the
+ complexity of what goes into making up this one <quote>page</quote>. There
+ are eight different domains involved here, with thirty two separate URLs
+ requested in all, making up all manner of images, Shockwave Flash,
+ JavaScript, CSS stylesheets, scripts, and other related content. Some of this
+ content is obviously <quote>good</quote> or <quote>bad</quote>, but not all.
+ Many of the more questionable looking requests, are going to outside domains
+ that seem to be identifying themselves with suspicious looking names, making
+ our job a little easier. &my-app; has <quote>crunched</quote> (meaning caught
+ and BLOCKED) quite a few items in this example, but perhaps missed a few as well.
+</para>
+<para>
+<screen>
+<![CDATA[
+Request: www.example.com/
+Request: www.example.com/favicon.ico
+Request: img.example.com/main.css
+Request: img.example.com/sr.js
+Request: example.betamarker.com/example.html
+Request: www.lik-sang.com/Banners/bestsellers/skyscraper.php?likref=BSellers
+Request: img.example.com/pb.png
+Request: www.google-analytics.com/urchin.js crunch! (Blocked)
+Request: www.advertising-department.com/ats/switch.ps.php?26856 crunch! (Blocked)
+Request: img.example.com/p.gif
+Request: www.popuptraffic.com/assign.php?l=example&mode=behind crunch! (Blocked)
+Request: www.popuptraffic.com/scripts/popup.php?hid=5c3cf&tmpl=PBa.tmpl crunch! (Blocked)
+Request: www.popuptraffic.com/assign.php?l=example crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/best_sellers.css
+Request: www.adtrak.net/adx.js crunch! (Blocked)
+Request: img.example.com/hbg.gif
+Request: img.example.com/example.jpg
+Request: img.example.com/mt.png
+Request: img.example.com/mm.png
+Request: img.example.com/mb.png
+Request: www.popuptraffic.com/scripts/popup.php?hid=a71b91fa5&tmpl=Ua.tmp crunch! (Blocked)
+Request: www.example.com/tracker.js
+Request: www.lik-sang.com/Banners/best_sellers/lsi_head.gif
+Request: www.adtrak.net/adjs.php?n=020548130&what=zone:61 crunch! (Blocked)
+Request: www.adtrak.net/adjs.php?n=463594413&what=zone:58&source=Ua crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/bottomani.swf
+Request: mmm.elitemediagroup.net/install.php?allowpop=no&popupmincook=0&allowsp2=1 crunch! (Blocked)
+Request: www.example.com/tracker.js?screen=1400x1050&win=962x693
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=61 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=5c3cf599a9efd0320d26&si
+Request: 66.70.21.80/img/pixel.gif
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=58&source=Ua&block=86400 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=a71b9f6504b0c5681fa5&si=Ua
+]]>
+</screen>
+</para>
+<para>
+ Despite 12 out of 32 requests being blocked, the page looked, and seemed to
+ behave perfectly <quote>normal</quote> (minus some ads, of course).
+</para>
+
+</sect2>
+
+<sect2 id="badsite" renderas="sect3">
+<title >One of my favorite sites does not work with Privoxy.
+What can I do?</title>
+
+<para>
+ First verify that it is indeed a <application>Privoxy</application> problem,
+ by toggling off <application>Privoxy</application> through <ulink
+ url="http://config.privoxy.org/toggle">http://config.privoxy.org/toggle</ulink>
+ (the toggle feature may need to be enabled in the main
+ <filename>config</filename>),
+ and then shift-reloading the problem page (i.e. holding down the shift key
+ while clicking reload. Alternatively, flush your browser's disk and memory
+ caches).
+</para>
+
+<para>
+ If the problem went away, we know we have a configuration related problem.
+ Now go to <ulink
+ url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
+ and paste the full URL of the page in question into the prompt. See which
+ actions are being applied to the URL, and which matches in which actions
+ files are responsible for that. It might be helpful also to look at your logs
+ for this site too, to see what else might be happening (note: logging may need
+ to be enabled in the main config file). Many sites are
+ complex and require a number of related pages to help present their content.
+ Look at what else might be used by the page in question, and what of that
+ might be <emphasis>required</emphasis>.
+ Now, armed with this information, go to
+ <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+ and select the appropriate actions files for editing. </para>
+<para>
+ You can now either look for a section which disables the actions that
+ you suspect to cause the problem and add a pattern for your site there,
+ or make up a completely new section for your site. In any case, the recommended
+ way is to disable only the prime suspect, reload the problem page, and only
+ if the problem persists, disable more and more actions until you have
+ identified the culprit. You may or may not want to turn the other actions
+ on again. Remember to flush your browser's caches in between any such changes!
+</para>
+<para>
+ Alternately, if you are comfortable with a text editor, you can accomplish
+ the same thing by editing the appropriate actions file. Probably the easiest
+ way to deal with such problems when editing by hand is to add your
+ site to a <literal>{ fragile }</literal> section in <filename>user.action</filename>,
+ which is an alias that turns off most <quote>dangerous</quote>
+ actions, but is also likely to turn off more actions then needed, and thus lower
+ your privacy and protection more than necessary,
+</para>
+<para>
+ Troubleshooting actions is discussed in more detail in the <ulink
+ url="../user-manual/appendix.html#ACTIONSANAT">User Manual appendix,
+ Troubleshooting: the Anatomy of an Action</ulink>.
+ There is also an <ulink
+ url="../user-manual/actions-file.html#ACT-EXAMPLES">actions tutorial</ulink>
+ with general configuration information and examples.
+</para>
+<para>
+ As a last resort, you can always see if your browser has a setting that will
+ bypass the proxy setting for selective sites. Modern browsers can do this.
+</para>
+
+</sect2>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 id="dun" renderas="sect3">
+<title>After installing Privoxy, I have to log in
+every time I start IE. What gives?</title>
+
+<para>
+ This is a quirk that effects the installation of
+ <application>Privoxy</application>, in conjunction with Internet Explorer and
+ Internet Connection Sharing on Windows 2000 and Windows XP. The symptoms may
+ appear to be corrupted or invalid DUN settings, or passwords.
+</para>
+
+<para>
+ When setting up an NT based Windows system with
+ <application>Privoxy</application> you may find that things do not seem to be
+ doing what you expect. When you set your system up you will probably have set
+ up Internet Connection Sharing (ICS) with Dial up Networking (DUN) when
+ logged in with administrator privileges. You will probably have made this DUN
+ connection available to other accounts that you may have set-up on your
+ system. E.g. Mum or Dad sets up the system and makes accounts suitably
+ configured for the kids.
+</para>
+
+<para>
+ When setting up <application>Privoxy</application> in this environment you
+ will have to alter the proxy set-up of Internet Explorer (IE) for the
+ specific DUN connection on which you wish to use
+ <application>Privoxy</application>. When you do this the ICS DUN set-up
+ becomes user specific. In this instance you will see no difference if you
+ change the DUN connection under the account used to set-up the connection.
+ However when you do this from another user you will notice that the DUN
+ connection changes to make available to "Me only". You will also find that
+ you have to store the password under each different user!
+</para>
+
+<para>
+ The reason for this is that each user's set-up for IE is user specific. Each
+ set-up DUN connection and each LAN connection in IE store the settings for
+ each user individually. As such this enforces individual configurations
+ rather than common ones. Hence the first time you use a DUN connection after
+ re-booting your system it may not perform as you expect, and prompt you for
+ the password. Just set and save the password again and all should be OK.
+</para>
+
+<para>
+[Thanks to Ray Griffith for this submission.]
+</para>
+</sect2>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 id="ftp" renderas="sect3">
+<title>I cannot connect to any FTP sites. Privoxy
+ is blocking me.</title>
+ <para>
+ <application>Privoxy</application> cannot act as a proxy for FTP traffic,
+ so do not configure your browser to use <application>Privoxy</application>
+ as an FTP proxy. The same is true for <emphasis>any protocol other than HTTP
+ or HTTPS (SSL)</emphasis>.
+ </para>
+ <para>
+ Most browsers understand FTP as well as HTTP. If you connect to a site, with
+ a URL like <literal>ftp://ftp.example.com</literal>, your browser is making
+ an FTP connection, and not a HTTP connection. So while your browser may
+ speak FTP, <application>Privoxy</application> does not, and cannot proxy
+ such traffic.
+ </para>
+ <para>
+ To complicate matters, some systems may have a generic <quote>proxy</quote>
+ setting, which will enable various protocols, including
+ <emphasis>both</emphasis> HTTP and FTP proxying! So it is possible to
+ accidentally enable FTP proxying in these cases. And of course, if this
+ happens, <application>Privoxy</application> will indeed cause problems since
+ it does not know FTP. <![%p-newstuff;[Newer version will give a sane error
+ message if a FTP connection is attempted.]]> Just disable the FTP setting
+ and all will be well again.
+ </para>
+ <para>
+ Will <application>Privoxy</application> ever proxy FTP traffic? Unlikely.
+ There just is not much reason, and the work to make this happen is more than
+ it may seem.
+ </para>
+</sect2>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 id="macosxie" renderas="sect3">
+<title>In Mac OS X, I can't configure Microsoft Internet Explorer to use
+ Privoxy as the HTTP proxy.</title>
+ <para>
+ Microsoft Internet Explorer (in versions like 5.1) respects system-wide
+ network settings. In order to change the HTTP proxy, open System
+ Preferences, and click on the Network icon. In the settings pane that
+ comes up, click on the Proxies tab. Ensure the "Web Proxy (HTTP)" checkbox
+ is checked and enter <literal>127.0.0.1</literal> in the entry field.
+ Enter <literal>8118</literal> in the Port field. The next time you start
+ IE, it should reflect these values.
+ </para>
+</sect2>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 renderas="sect3" id="macosxuninstall">
+<title>In Mac OS X, I dragged the Privoxy folder to the trash in order to
+ uninstall it. Now the finder tells me I don't have sufficient privileges to
+ empty the trash.</title>
+ <para>
+ Note: This ONLY applies to privoxy 3.0.6 and earlier.
+ </para>
+ <para>
+ Just dragging the <application>Privoxy</application> folder to the trash is
+ not enough to delete it. <application>Privoxy</application> supplies an
+ <application>uninstall.command</application> file that takes care of
+ these details. Open the trash, drag the <application>uninstall.command</application>
+ file out of the trash and double-click on it. You will be prompted for
+ confirmation and the administration password.
+ </para>
+ <para>
+ The trash may still appear full after this command; emptying the trash
+ from the desktop should make it appear empty again.
+ </para>
+</sect2>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 renderas="sect3" id="macosximages">
+<title>In Mac OS X Panther (10.3), images often fail to load and/or I
+ experience random delays in page loading. I'm using
+ <literal>localhost</literal> as my browser's proxy setting.</title>
+ <para>
+ We believe this is due to an IPv6-related bug in Mac OS X, but don't fully
+ understand the issue yet. In any case, changing the proxy setting to
+ <literal>127.0.0.1</literal> instead of <literal>localhost</literal>
+ works around the problem.
+ </para>
+</sect2>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<!-- XXX: Is this still relevant now that we have gzip support? -->
+<sect2 renderas="sect3" id="blankpage">
+<title>I get a completely blank page at one site. <quote>View Source</quote>
+ shows only: <markup><![CDATA[<html><body></body></html>]]></markup>. Without
+ Privoxy the page loads fine.</title>
+ <para>
+ Chances are that the site suffers from a bug in
+ <ulink url="http://www.php.net/"><application>PHP</application></ulink>,
+ which results in empty pages being sent if the client explicitly requests
+ an uncompressed page, like <application>Privoxy</application> does.
+ This bug has been fixed in PHP 4.2.3.
+ </para>
+ <para>
+ To find out if this is in fact the source of the problem, try adding
+ the site to a <literal>-prevent-compression</literal> section in
+ <filename>user.action</filename>:
+ </para>
+ <screen>
+ # Make exceptions for ill-behaved sites:
+ #
+ {-prevent-compression}
+ .example.com</screen>
+ <para>
+ If that works, you may also want to report the problem to the
+ site's webmasters, telling them to use zlib.output_compression
+ instead of ob_gzhandler in their PHP applications (workaround)
+ or upgrade to PHP 4.2.3 or later (fix).
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="nohostname">
+<title>My logs show many <quote>Unable to get my own hostname</quote> lines.
+Why?</title>
+<para>
+ <application>Privoxy</application> tries to get the hostname of the system
+ its running on from the IP address of the system interface it is bound to
+ (from the <filename>config</filename> file
+ <emphasis>listen-address</emphasis> setting). If the system cannot supply
+ this information, <application>Privoxy</application> logs this condition.
+</para>
+<para>
+ Typically, this would be considered a minor system configuration error. It is
+ not a fatal error to <application>Privoxy</application> however, but may
+ result in a much slower response from <application>Privoxy</application> on
+ some platforms due to DNS timeouts.
+</para>
+<para>
+ This can be caused by a problem with the local <filename>hosts</filename>
+ file. If this file has been changed from the original, try reverting it to
+ see if that helps. Make sure whatever name(s) are used for the local system,
+ that they resolve both ways.
+</para>
+<para>
+ You should also be able to work around the problem with the
+ <ulink url="../user-manual/config.html#HOSTNAME">hostname option</ulink>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="inuse">
+<title>When I try to launch Privoxy, I get an
+error message <quote>port 8118 is already in use</quote> (or similar wording).
+Why?</title>
+<para>
+ Port 8118 is <application>Privoxy's</application> default TCP
+ <quote>listening</quote> port. Typically this message would mean that there
+ is already one instance of <application>Privoxy</application> running, and
+ your system is actually trying to start a second
+ <application>Privoxy</application> on the same port, which will not work.
+ (You can have multiple instances but they must be assigned different ports.)
+ How and why this might happen varies from platform to platform, but you need
+ to check your installation and start-up procedures.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="demoronizer">
+<title>
+ Pages with UTF-8 fonts are garbled.
+</title>
+<para>
+ This is caused by the <quote>demoronizer</quote> filter. You should either
+ upgrade <application>Privoxy</application>, or at least upgrade to the most
+ recent <filename>default.action</filename> file available from <ulink
+ url="http://sourceforge.net/project/showfiles.php?group_id=11118">SourceForge</ulink>.
+ Or you can simply disable the demoronizer filter.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="demoronizer2">
+<title>
+ Why are binary files (such as images) corrupted when Privoxy
+ is used?
+</title>
+<para>
+ This may also be caused by the <quote>demoronizer</quote> filter,
+ in conjunction with a web server that is misreporting the content type. Binary
+ files are exempted from <application>Privoxy's</application> filtering
+ (unless the web server by mistake says the file is something else). Either
+ upgrade <application>Privoxy</application>, or go to the most recent
+ <filename>default.action</filename> file available from <ulink
+ url="http://sourceforge.net/project/showfiles.php?group_id=11118">SourceForge</ulink>.
+</para>
+</sect2>