Purpose : Used with other docs and files only.
- $Id: p-config.sgml,v 2.18 2007/11/03 14:31:27 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.33 2008/12/13 10:48:21 fabiankeil Exp $
- Copyright (C) 2001-2007 Privoxy Developers http://www.privoxy.org/
+ Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
See LICENSE.
========================================================================
Sample Configuration File for Privoxy v&p-version;
</title>
<para>
- $Id: p-config.sgml,v 2.18 2007/11/03 14:31:27 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.33 2008/12/13 10:48:21 fabiankeil Exp $
</para>
<para>
-Copyright (C) 2001-2007 Privoxy Developers http://www.privoxy.org/
+Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
</para>
<para>
<literal>PATH</literal> to where the <citetitle>User Manual</citetitle> is
located:
</para>
-<para>
+ <para>
<screen> user-manual /usr/share/doc/privoxy/user-manual</screen>
</para>
<para>
- The User Manual is then available to anyone with access to the proxy, by
- following the built-in URL: <literal>http://config.privoxy.org/user-manual/</literal>
+ The User Manual is then available to anyone with access to
+ <application>Privoxy</application>, by following the built-in URL:
+ <literal>http://config.privoxy.org/user-manual/</literal>
(or the shortcut: <literal>http://p.p/user-manual/</literal>).
</para>
<para>
<listitem>
<para>
The value of this option only matters if the experimental trust mechanism has been
- activated. (See <link linkend="trustfile"><emphasis>trustfile</emphasis></link> above.)
+ activated. (See <link linkend="trustfile"><emphasis>trustfile</emphasis></link> below.)
</para>
<para>
If you use the trust mechanism, it is a good idea to write up some on-line
<term>Specifies:</term>
<listitem>
<para>
- An email address to reach the proxy administrator.
+ An email address to reach the <application>Privoxy</application> administrator.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Notes:</term>
<listitem>
- <para>
+ <para>
If both <literal>admin-address</literal> and <literal>proxy-info-url</literal>
are unset, the whole "Local Privoxy Support" box on all generated pages will
not be shown.
<varlistentry>
<term>Specifies:</term>
<listitem>
- <para>The directory where the other configuration files are located</para>
+ <para>The directory where the other configuration files are located.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Notes:</term>
<listitem>
<para>
- No trailing <quote><literal>/</literal></quote>, please
+ No trailing <quote><literal>/</literal></quote>, please.
</para>
<!--
This is really outdated and not likely to happen. HB 09/20/06
<varlistentry>
<term>Specifies:</term>
<listitem>
- <para>An alternative directory where the templates are loaded from</para>
+ <para>An alternative directory where the templates are loaded from.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Notes:</term>
<listitem>
<para>
- Privoxy's original templates are usually overwritten
- with each update. Use this option to relocate customized templates
- that should be kept. Note that you might be missing new features
- if you use outdated templates.
+ <application>Privoxy's</application> original templates are usually
+ overwritten with each update. Use this option to relocate customized
+ templates that should be kept. As template variables might change
+ between updates, you shouldn't expect templates to work with
+ <application>Privoxy</application> releases other than the one
+ they were part of, though.
</para>
</listitem>
</varlistentry>
<term>Specifies:</term>
<listitem>
<para>
- The directory where all logging takes place (i.e. where <filename>logfile</filename> and
- <filename>jarfile</filename> are located)
+ The directory where all logging takes place
+ (i.e. where the <filename>logfile</filename> is located).
</para>
</listitem>
</varlistentry>
<term>Notes:</term>
<listitem>
<para>
- No trailing <quote><literal>/</literal></quote>, please
+ No trailing <quote><literal>/</literal></quote>, please.
</para>
</listitem>
</varlistentry>
Multiple <literal>actionsfile</literal> lines are permitted, and are in fact recommended!
</para>
<para>
- The default values include standard.action, which is used for internal
- purposes and should be loaded, default.action, which is the
- <quote>main</quote> actions file maintained by the developers, and
+ The default values include <filename>standard.action</filename>, which is used
+ for internal purposes and should be loaded, <filename>default.action</filename>,
+ which is the <quote>main</quote> actions file maintained by the developers, and
<filename>user.action</filename>, where you can make your personal additions.
</para>
<para>
- Actions files are where all the per site and per URL configuration is done for
+ Actions files contain all the per site and per URL configuration for
ad blocking, cookie management, privacy considerations, etc.
There is no point in using <application>Privoxy</application> without at
least one actions file.
<!-- html -> text conversion, blah -->
<![%config-file;[<literallayout>@@actionsfile standard.action # Internal purpose, recommended</literallayout>]]>
<![%config-file;[<literallayout>@@actionsfile default.action # Main actions file</literallayout>]]>
+<!--
+ XXX: Like user.filter, user.action should probably be commented out
+ by default as not all packages install it into the default directory.
+ fk 2007-11-07
+-->
<![%config-file;[<literallayout>@@actionsfile user.action # User customizations</literallayout>]]>
</sect3>
The <link linkend="filter-file">filter files</link> contain content modification
rules that use <link linkend="regex">regular expressions</link>. These rules permit
powerful changes on the content of Web pages, and optionally the headers
- as well, e.g., you could disable your favorite JavaScript annoyances,
+ as well, e.g., you could try to disable your favorite JavaScript annoyances,
re-write the actual displayed text, or just have some fun
playing buzzword bingo with web pages.
</para>
<varlistentry>
<term>Default value:</term>
<listitem>
- <para><emphasis>Unset (commented out)</emphasis>. When activated: logfile (Unix) <emphasis>or</emphasis> privoxy.log (Windows)</para>
+ <para><emphasis>Unset (commented out)</emphasis>. When activated: logfile (Unix) <emphasis>or</emphasis> privoxy.log (Windows).</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Effect if unset:</term>
<listitem>
<para>
- No log file is used, all log messages go to the console (<literal>STDERR</literal>).
+ No logfile is written.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Notes:</term>
<listitem>
- <!--
- removed per bug report 688728 02/20/03 HB
-
- <para>
- The windows version will additionally log to the console.
- </para>
- -->
<para>
The logfile is where all logging and error messages are written. The level
of detail and number of messages are set with the <literal>debug</literal>
option (see below). The logfile can be useful for tracking down a problem with
<application>Privoxy</application> (e.g., it's not blocking an ad you
- think it should block) but in most cases you probably will never look at
- it. For this reason, it is disabled by default. For troubleshooting
- purposes, you will have to explicitly enable it.
+ think it should block) and it can help you to monitor what your browser
+ is doing.
+ </para>
+ <para>
+ Depending on the debug options below, the logfile may be a privacy risk
+ if third parties can get access to it. As most users will never look
+ at it, <application>Privoxy</application> 3.0.7 and later only log fatal
+ errors by default.
+ </para>
+ <para>
+ For most troubleshooting purposes, you will have to change that,
+ please refer to the debugging section for details.
</para>
<para>
Your logfile will grow indefinitely, and you will probably want to
(see <quote>man cron</quote>). For Red Hat based Linux distributions, a
<command>logrotate</command> script has been included.
</para>
- <para>
- On SuSE Linux systems, you can place a line like <quote>/var/log/privoxy.*
- +1024k 644 nobody.nogroup</quote> in <filename>/etc/logfiles</filename>, with
- the effect that cron.daily will automatically archive, gzip, and empty the
- log, when it exceeds 1M size.
- </para>
<para>
Any log files must be writable by whatever user <application>Privoxy</application>
- is being run as (default on UNIX, user id is <quote>privoxy</quote>).
- </para>
- </listitem>
- </varlistentry>
-</variablelist>
-
-<![%config-file;[<literallayout>@@#logfile logfile</literallayout>]]>
-</sect3>
-
-
-<!-- ~~~~~ New section ~~~~~ -->
-<sect3 renderas="sect4" id="jarfile"><title>jarfile</title>
-
-<variablelist>
- <varlistentry>
- <term>Specifies:</term>
- <listitem>
- <para>
- The file to store intercepted cookies in
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Type of value:</term>
- <listitem>
- <para>File name, relative to <literal>logdir</literal></para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Default value:</term>
- <listitem>
- <para><emphasis>Unset (commented out)</emphasis>. When activated: jarfile (Unix) <emphasis>or</emphasis> privoxy.jar (Windows)</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Effect if unset:</term>
- <listitem>
- <para>
- Intercepted cookies are not stored in a dedicated log file.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Notes:</term>
- <listitem>
- <para>
- The jarfile may grow to ridiculous sizes over time.
- </para>
- <para>
- If debug 8 (show header parsing) is enabled, cookies are
- written to the logfile with the rest of the headers.
+ is being run as (on Unix, default user id is <quote>privoxy</quote>).
</para>
</listitem>
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@#jarfile jarfile</literallayout>]]>
+<![%config-file;[<literallayout>@@logfile logfile</literallayout>]]>
</sect3>
<term>Specifies:</term>
<listitem>
<para>
- Key values that determine what information gets logged to the
- <link linkend="logfile"><emphasis>logfile</emphasis></link>.
+ Key values that determine what information gets logged.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Default value:</term>
<listitem>
- <para>12289 (i.e.: URLs plus informational and warning messages)</para>
+ <para>0 (i.e.: only fatal errors (that cause Privoxy to exit) are logged)</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Effect if unset:</term>
<listitem>
<para>
- Nothing gets logged.
+ Default value is used (see above).
</para>
</listitem>
</varlistentry>
</para>
<para>
<programlisting>
- debug 1 # show each GET/POST/CONNECT request
- debug 2 # show each connection status
- debug 4 # show I/O status
- debug 8 # show header parsing
- debug 16 # log all data written to the network into the logfile
- debug 32 # debug force feature
- debug 64 # debug regular expression filters
- debug 128 # debug redirects
- debug 256 # debug GIF de-animation
- debug 512 # Common Log Format
- debug 1024 # debug kill pop-ups
- debug 2048 # CGI user interface
- debug 4096 # Startup banner and warnings.
- debug 8192 # Non-fatal errors
+ debug 1 # Log the destination for each request &my-app; let through. See also debug 1024.
+ debug 2 # show each connection status
+ debug 4 # show I/O status
+ debug 8 # show header parsing
+ debug 16 # log all data written to the network into the logfile
+ debug 32 # debug force feature
+ debug 64 # debug regular expression filters
+ debug 128 # debug redirects
+ debug 256 # debug GIF de-animation
+ debug 512 # Common Log Format
+ debug 1024 # Log the destination for requests &my-app; didn't let through, and the reason why.
+ debug 2048 # CGI user interface
+ debug 4096 # Startup banner and warnings.
+ debug 8192 # Non-fatal errors
</programlisting>
</para>
<para>
</para>
<para>
A debug level of 1 is informative because it will show you each request
- as it happens. <emphasis>1, 4096 and 8192 are highly recommended</emphasis>
- so that you will notice when things go wrong. The other levels are probably
- only of interest if you are hunting down a specific problem. They can produce
- a hell of an output (especially 16).
+ as it happens. <emphasis>1, 4096 and 8192 are recommended</emphasis>
+ so that you will notice when things go wrong. The other levels are
+ probably only of interest if you are hunting down a specific problem.
+ They can produce a hell of an output (especially 16).
<!-- LOL -->
</para>
<para>
- The reporting of <emphasis>fatal</emphasis> errors (i.e. ones which causes
- <application>Privoxy</application> to exit) is always on and cannot be disabled.
+ &my-app; used to ship with the debug levels recommended above enabled by
+ default, but due to privacy concerns 3.0.7 and later are configured to
+ only log fatal errors.
</para>
<para>
- If you want to use CLF (Common Log Format), you should set <quote>debug
+ If you are used to the more verbose settings, simply enable the debug lines
+ below again.
+ </para>
+ <para>
+ If you want to use pure CLF (Common Log Format), you should set <quote>debug
512</quote> <emphasis>ONLY</emphasis> and not enable anything else.
</para>
<para>
length of log messages. If it's reached, messages are logged truncated
and marked with <quote>... [too long, truncated]</quote>.
</para>
+ <para>
+ Please don't file any support requests without trying to reproduce
+ the problem with increased debug level first. Once you read the log
+ messages, you may even be able to solve the problem on your own.
+ </para>
</listitem>
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@debug 1 # show each GET/POST/CONNECT request</literallayout>]]>
-<![%config-file;[<literallayout>@@debug 4096 # Startup banner and warnings</literallayout>]]>
-<![%config-file;[<literallayout>@@debug 8192 # Errors - *we highly recommended enabling this*</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug 1 # Log the destination for each request &my-app; let through.</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug 1024 # Log the destination for requests &my-app; didn't let through, and the reason why.</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug 4096 # Startup banner and warnings</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug 8192 # Non-fatal errors</literallayout>]]>
</sect3>
<term>Specifies:</term>
<listitem>
<para>
- Whether to run only one server thread
+ Whether to run only one server thread.
</para>
</listitem>
</varlistentry>
<term>Notes:</term>
<listitem>
<para>
- This option is only there for debug purposes and you should never
- need to use it. <emphasis>It will drastically reduce performance.</emphasis>
+ This option is only there for debugging purposes.
+ <emphasis>It will drastically reduce performance.</emphasis>
</para>
</listitem>
</varlistentry>
<![%config-file;[<literallayout>@@#single-threaded</literallayout>]]>
</sect3>
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="hostname"><title>hostname</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Specifies:</term>
+ <listitem>
+ <para>
+ The hostname shown on the CGI pages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Type of value:</term>
+ <listitem>
+ <para>Text</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Default value:</term>
+ <listitem>
+ <para><emphasis>Unset</emphasis></para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Effect if unset:</term>
+ <listitem>
+ <para>
+ The hostname provided by the operating system is used.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ On some misconfigured systems resolving the hostname fails or
+ takes too much time and slows Privoxy down. Setting a fixed hostname
+ works around the problem.
+ </para>
+ <para>
+ In other circumstances it might be desirable to show a hostname
+ other than the one returned by the operating system. For example
+ if the system has several different hostnames and you don't want
+ to use the first one.
+ </para>
+ <para>
+ Note that Privoxy does not validate the specified hostname value.
+ </para>
+ </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#hostname hostname.example.org</literallayout>]]>
+</sect3>
+
</sect2>
<!-- ~ End section ~ -->
</para>
<para>
If you open <application>Privoxy</application> to untrusted users, you will
- also want to turn off the <literal><link
+ also want to make sure that the following actions are disabled: <literal><link
linkend="enable-edit-actions">enable-edit-actions</link></literal> and
<literal><link linkend="enable-remote-toggle">enable-remote-toggle</link></literal>
- options!
</para>
</listitem>
</varlistentry>
<para>
If set to 0, <application>Privoxy</application> will start in
<quote>toggled off</quote> mode, i.e. mostly behave like a normal,
- content-neutral proxy where all ad blocking, filtering, etc are disabled. See
- <literal>enable-remote-toggle</literal> below. This is not really useful
+ content-neutral proxy with both ad blocking and content filtering
+ disabled. See <literal>enable-remote-toggle</literal> below.
+<!--
+ This is not really useful
anymore, since toggling is much easier via <ulink
url="http://config.privoxy.org/toggle">the web interface</ulink> than via
editing the <filename>conf</filename> file.
+
+ Remote toggling is now disabled by default. fk 2007-11-07)
+-->
</para>
<para>
The windows version will only display the toggle icon in the system tray
<listitem>
<para>
When toggled off, <application>Privoxy</application> mostly acts like a normal,
- content-neutral proxy, i.e. it acts as if none of the actions applied to
- any URL.
+ content-neutral proxy, i.e. doesn't block ads or filter content.
</para>
<para>
Access to the toggle feature can <emphasis>not</emphasis> be
so that everybody who can access <application>Privoxy</application> (see
<quote>ACLs</quote> and <literal>listen-address</literal> above) can
toggle it for all users. So this option is <emphasis>not recommended</emphasis>
- for multi-user environments with untrusted users. Because of
- the obvious security implications, this feature is off by default.
- Note that malicious client side code (e.g JavaScript) is also potentially
- capable of changing <application>Privoxy's</application> intended
- behavior.
+ for multi-user environments with untrusted users.
+ </para>
+ <para>
+ Note that malicious client side code (e.g Java) is also
+ capable of using this option.
+ </para>
+ <para>
+ As a lot of <application>Privoxy</application> users don't read
+ documentation, this feature is disabled by default.
</para>
<para>
Note that you must have compiled <application>Privoxy</application> with
This feature is disabled by default. If you are using
<application>Privoxy</application> in a environment with trusted clients,
you may enable this feature at your discretion. Note that malicious client
- side code (e.g JavaScript) is also potentially capable of changing
- <application>Privoxy's</application> intended behavior.
+ side code (e.g Java) is also capable of using this feature.
+ </para>
+ <para>
+ This option will be removed in future releases as it has been obsoleted
+ by the more general header taggers.
</para>
</listitem>
</varlistentry>
controlled separately by <quote>ACLs</quote> or HTTP authentication,
so that everybody who can access <application>Privoxy</application> (see
<quote>ACLs</quote> and <literal>listen-address</literal> above) can
- modify its configuration for all users. This option is <emphasis>not
- recommended</emphasis> for multi-user environments with untrusted users
- and is therefore disabled by default. Note that malicious client side code
- (e.g JavaScript) is also potentially capable of changing
- <application>Privoxy's</application> intended behavior.
+ modify its configuration for all users.
+ </para>
+ <para>
+ This option is <emphasis>not recommended</emphasis> for environments
+ with untrusted users and as a lot of <application>Privoxy</application>
+ users don't read documentation, this feature is disabled by default.
+ </para>
+ <para>
+ Note that malicious client side code (e.g Java) is also
+ capable of using the actions editor and you shouldn't enable
+ this options unless you understand the consequences and are
+ sure your browser is configured correctly.
</para>
<para>
Note that you must have compiled <application>Privoxy</application> with
option.
</para>
<para>
- Please see the warnings in the FAQ that this proxy is not intended to be a substitute
- for a firewall or to encourage anyone to defer addressing basic security
- weaknesses.
+ Please see the warnings in the FAQ that <application>Privoxy</application>
+ is not intended to be a substitute for a firewall or to encourage anyone
+ to defer addressing basic security weaknesses.
</para>
<para>
Multiple ACL lines are OK.
</para>
<para>
<screen>
- forward / caching-proxy.example-isp.net:8000
- forward .example-isp.net .
+ forward / caching-proxy.isp.example.net:8000
+ forward .isp.example.net .
</screen>
</para>
</listitem>
<!-- ~~~~~ New section ~~~~~ -->
<sect3 renderas="sect4" id="socks"><title>
-forward-socks4 and forward-socks4a</title>
+forward-socks4, forward-socks4a and forward-socks5</title>
<anchor id="forward-socks4">
<anchor id="forward-socks4a">
<replaceable class="parameter">http_parent</replaceable>[:<replaceable class="parameter">port</replaceable>]
</para>
<para>
- where <replaceable class="parameter">target_pattern</replaceable> is a <link linkend="af-patterns">URL pattern</link>
- that specifies to which requests (i.e. URLs) this forward rule shall apply. Use <literal>/</literal> to
- denote <quote>all URLs</quote>.
- <replaceable class="parameter">http_parent</replaceable> and <replaceable class="parameter">socks_proxy</replaceable>
- are IP addresses in dotted decimal notation or valid DNS names (<replaceable class="parameter">http_parent</replaceable>
+ where <replaceable class="parameter">target_pattern</replaceable> is a
+ <link linkend="af-patterns">URL pattern</link> that specifies to which
+ requests (i.e. URLs) this forward rule shall apply. Use <literal>/</literal> to
+ denote <quote>all URLs</quote>. <replaceable class="parameter">http_parent</replaceable>
+ and <replaceable class="parameter">socks_proxy</replaceable>
+ are IP addresses in dotted decimal notation or valid DNS names
+ (<replaceable class="parameter">http_parent</replaceable>
may be <quote>.</quote> to denote <quote>no HTTP forwarding</quote>), and the optional
- <replaceable class="parameter">port</replaceable> parameters are TCP ports, i.e. integer values from 1 to 64535
+ <replaceable class="parameter">port</replaceable> parameters are TCP ports,
+ i.e. integer values from 1 to 65535
</para>
</listitem>
</varlistentry>
is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
server, while in SOCKS 4 it happens locally.
</para>
+ <para>
+ With <literal>forward-socks5</literal> the DNS resolution will happen on the remote server as well.
+ </para>
<para>
If <replaceable class="parameter">http_parent</replaceable> is <quote>.</quote>, then requests are not
forwarded to another HTTP proxy but are made (HTTP-wise) directly to the web servers, albeit through
</para>
<para>
<screen>
- forward-socks4a / socks-gw.example.com:1080 www-cache.example-isp.net:8080
+ forward-socks4a / socks-gw.example.com:1080 www-cache.isp.example.net:8080
forward .example.com .
</screen>
</para>
</para>
<para>
- To chain Privoxy and Tor, both running on the same system, you should use
- the rule:
+ To chain Privoxy and Tor, both running on the same system, you would use
+ something like:
</para>
<para>
<screen>
- forward-socks4 / 127.0.0.1:9050 .
+ forward-socks4a / 127.0.0.1:9050 .
</screen>
</para>
<para>
- The public <application>Tor</application> network can't be used to reach your local network,
- therefore it's a good idea to make some exceptions:
+ The public <application>Tor</application> network can't be used to
+ reach your local network, if you need to access local servers you
+ therefore might want to make some exceptions:
</para>
<para>
<screen>
<para>
Unencrypted connections to systems in these address ranges will
be as (un)secure as the local network is, but the alternative is that you
- can't reach the network at all.
+ can't reach the local network through <application>Privoxy</application>
+ at all. Of course this may actually be desired and there is no reason
+ to make these exceptions if you aren't sure you need them.
</para>
<para>
If you also want to be able to reach servers in your local network by
</para>
<para>
- Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
- isp-b.net. Both run <application>Privoxy</application>. Their forwarding
+ Assume that host-a has a PPP connection to isp-a.example.net. And host-b has a PPP connection to
+ isp-b.example.org. Both run <application>Privoxy</application>. Their forwarding
configuration can look like this:
</para>
<para>
<screen>
forward / .
- forward .isp-b.net host-b:8118
+ forward .isp-b.example.net host-b:8118
</screen>
</para>
<para>
<screen>
forward / .
- forward .isp-a.net host-a:8118
+ forward .isp-a.example.org host-a:8118
</screen>
</para>
<para>
If you intend to chain <application>Privoxy</application> and
- <application>squid</application> locally, then chain as
+ <application>squid</application> locally, then chaining as
<literal>browser -> squid -> privoxy</literal> is the recommended way.
</para>
</para>
<para>
- You could just as well decide to only forward requests for Windows executables through
- a virus-scanning parent proxy, say, on <literal>antivir.example.com</literal>, port 8010:
+ You could just as well decide to only forward requests you suspect
+ of leading to Windows executables through a virus-scanning parent proxy,
+ say, on <literal>antivir.example.com</literal>, port 8010:
</para>
<para>
that Privoxy forwards through other proxies. This option is not limited to the HTTP CONNECT method.
</para>
<para>
- Only use this option, if you are getting many forwarding related error messages,
+ Only use this option, if you are getting lots of forwarding-related error messages
that go away when you try again manually. Start with a small value and check Privoxy's
logfile from time to time, to see how many retries are usually needed.
</para>
<application>Privoxy's</application> CGI forms can lead to
rather long URLs. This isn't a problem as far as the HTTP
standard is concerned, but it can confuse clients with arbitrary
- URL lenght limitations.
+ URL length limitations.
</para>
<para>
Enabling split-large-forms causes <application>Privoxy</application>
- to devide big forms into smaller ones to keep the URL length down.
+ to divide big forms into smaller ones to keep the URL length down.
It makes editing a lot less convenient and you can no longer
submit all changes at once, but at least it works around this
browser bug.
<![%config-file;[<literallayout>@@split-large-forms 0</literallayout>]]>
</sect3>
+<sect3 renderas="sect4" id="keep-alive-timeout"><title>keep-alive-timeout</title>
+<variablelist>
+ <varlistentry>
+ <term>Specifies:</term>
+ <listitem>
+ <para>
+ Number of seconds after which an open connection will no longer be reused.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Type of value:</term>
+ <listitem>
+ <para>
+ <replaceable>Time in seconds.</replaceable>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Default value:</term>
+ <listitem>
+ <para>None</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Effect if unset:</term>
+ <listitem>
+ <para>
+ Connections are not reused.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ This option has no effect if <application>Privoxy</application>
+ has been compiled without keep-alive support.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Examples:</term>
+ <listitem>
+ <para>
+ keep-alive-timeout 300
+ </para>
+ </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@keep-alive-timeout 300</literallayout>]]>
+</sect3>
+
+
</sect2>
<!-- ~ End section ~ -->
<para>
The <quote>hide-console</quote> option is specific to the MS-Win console
version of <application>Privoxy</application>. If this option is used,
- <application>Privoxy</application> will disconnect from and hide the
+ <application>Privoxy</application> will disconnect from and hide the
command console.
</para>