+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>The Main Configuration File</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
-TITLE="Privoxy 2.9.16 User Manual"
+TITLE="Privoxy 3.0.3 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Privoxy Configuration"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 2.9.16 User Manual</TH
+>Privoxy 3.0.3 User Manual</TH
></TR
><TR
><TD
VALIGN="bottom"
><A
HREF="configuration.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="actions-file.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
values, all separated by whitespace (any number of spaces or tabs). For
example:</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>confdir /etc/privoxy</I
+></SPAN
></P
>
- </TT
+ </VAR
> </P
><P
-> Assigns the value <TT
+> Assigns the value <VAR
CLASS="LITERAL"
->/etc/privoxy</TT
+>/etc/privoxy</VAR
> to the option
- <TT
+ <VAR
CLASS="LITERAL"
->confdir</TT
+>confdir</VAR
> and thus indicates that the configuration
directory is named <SPAN
CLASS="QUOTE"
>"/etc/privoxy/"</SPAN
>.</P
><P
-> All options in the config file except for <TT
+> All options in the config file except for <VAR
CLASS="LITERAL"
->confdir</TT
+>confdir</VAR
> and
- <TT
+ <VAR
CLASS="LITERAL"
->logdir</TT
+>logdir</VAR
> are optional. Watch out in the below description
for what happens if you leave them unset.</P
><P
>Default value:</DT
><DD
><P
->/etc/privoxy (Unix) <I
+>/etc/privoxy (Unix) <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>or</I
+></SPAN
> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>Effect if unset:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Mandatory</I
+></SPAN
></P
></DD
><DT
><P
> No trailing <SPAN
CLASS="QUOTE"
->"<TT
+>"<VAR
CLASS="LITERAL"
->/</TT
+>/</VAR
>"</SPAN
>, please
</P
>Default value:</DT
><DD
><P
->/var/log/privoxy (Unix) <I
+>/var/log/privoxy (Unix) <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>or</I
+></SPAN
> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>Effect if unset:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Mandatory</I
+></SPAN
></P
></DD
><DT
><P
> No trailing <SPAN
CLASS="QUOTE"
->"<TT
+>"<VAR
CLASS="LITERAL"
->/</TT
+>/</VAR
>"</SPAN
>, please
</P
>Type of value:</DT
><DD
><P
->File name, relative to <TT
+>File name, relative to <VAR
CLASS="LITERAL"
->confdir</TT
->, without the <TT
+>confdir</VAR
+>, without the <VAR
CLASS="LITERAL"
->.action</TT
+>.action</VAR
> suffix</P
></DD
><DT
>Notes:</DT
><DD
><P
-> Multiple <TT
+> Multiple <VAR
CLASS="LITERAL"
->actionsfile</TT
+>actionsfile</VAR
> lines are permitted, and are in fact recommended!
</P
><P
>Type of value:</DT
><DD
><P
->File name, relative to <TT
+>File name, relative to <VAR
CLASS="LITERAL"
->confdir</TT
+>confdir</VAR
></P
></DD
><DT
>Default value:</DT
><DD
><P
->default.filter (Unix) <I
+>default.filter (Unix) <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>or</I
+></SPAN
> default.filter.txt (Windows)</P
></DD
><DT
><DD
><P
> No textual content filtering takes place, i.e. all
- <TT
+ <VAR
CLASS="LITERAL"
>+<A
HREF="actions-file.html#FILTER"
>filter</A
->{<TT
+>{<VAR
CLASS="REPLACEABLE"
-><I
->name</I
-></TT
->}</TT
+>name</VAR
+>}</VAR
>
actions in the actions files are turned neutral.
</P
</P
><P
> The
- <TT
+ <VAR
CLASS="LITERAL"
>+<A
HREF="actions-file.html#FILTER"
>filter</A
->{<TT
+>{<VAR
CLASS="REPLACEABLE"
-><I
->name</I
-></TT
->}</TT
+>name</VAR
+>}</VAR
>
- actions rely on the relevant filter (<TT
+ actions rely on the relevant filter (<VAR
CLASS="REPLACEABLE"
-><I
->name</I
-></TT
+>name</VAR
>)
to be defined in the filter file!
</P
>default.filter</TT
> that contains
a bunch of handy filters for common problems is included in the distribution.
- See the section on the <TT
+ See the section on the <VAR
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER"
>filter</A
-></TT
+></VAR
>
action for a list.
</P
>Type of value:</DT
><DD
><P
->File name, relative to <TT
+>File name, relative to <VAR
CLASS="LITERAL"
->logdir</TT
+>logdir</VAR
></P
></DD
><DT
>Default value:</DT
><DD
><P
->logfile (Unix) <I
+>logfile (Unix) <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>or</I
+></SPAN
> privoxy.log (Windows)</P
></DD
><DT
>Effect if unset:</DT
><DD
><P
-> No log file is used, all log messages go to the console (<TT
+> No log file is used, all log messages go to the console (<VAR
CLASS="LITERAL"
->STDERR</TT
+>STDERR</VAR
>).
</P
></DD
>Notes:</DT
><DD
><P
-> The windows version will additionally log to the console.
- </P
-><P
> The logfile is where all logging and error messages are written. The level
- of detail and number of messages are set with the <TT
+ of detail and number of messages are set with the <VAR
CLASS="LITERAL"
->debug</TT
+>debug</VAR
>
option (see below). The logfile can be useful for tracking down a problem with
<SPAN
>Type of value:</DT
><DD
><P
->File name, relative to <TT
+>File name, relative to <VAR
CLASS="LITERAL"
->logdir</TT
+>logdir</VAR
></P
></DD
><DT
>Default value:</DT
><DD
><P
->jarfile (Unix) <I
+>jarfile (Unix) <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>or</I
+></SPAN
> privoxy.jar (Windows)</P
></DD
><DT
>Type of value:</DT
><DD
><P
->File name, relative to <TT
+>File name, relative to <VAR
CLASS="LITERAL"
->confdir</TT
+>confdir</VAR
></P
></DD
><DT
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset (commented out)</I
->. When activated: trust (Unix) <I
+></SPAN
+>. When activated: trust (Unix) <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>or</I
+></SPAN
> trust.txt (Windows)</P
></DD
><DT
>Effect if unset:</DT
><DD
><P
-> The whole trust mechanism is turned off.
+> The entire trust mechanism is turned off.
</P
></DD
><DT
><DD
><P
> The trust mechanism is an experimental feature for building white-lists and should
- be used with care. It is <I
+ be used with care. It is <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>NOT</I
+></SPAN
> recommended for the casual user.
</P
><P
CLASS="APPLICATION"
>Privoxy</SPAN
> will only allow
- access to sites that are named in the trustfile.
- You can also mark sites as trusted referrers (with <TT
-CLASS="LITERAL"
->+</TT
->), with
- the effect that access to untrusted sites will be granted, if a link from a
- trusted referrer was used.
- The link target will then be added to the <SPAN
+ access to sites that are specified in the trustfile. Sites can be listed
+ in one of two ways:
+ </P
+><P
+> Prepending a <VAR
+CLASS="LITERAL"
+>~</VAR
+> character limits access to this site
+ only (and any sub-paths within this site), e.g.
+ <VAR
+CLASS="LITERAL"
+>~www.example.com</VAR
+>.
+ </P
+><P
+> Or, you can designate sites as <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>trusted referrers</I
+></SPAN
+>, by
+ prepending the name with a <VAR
+CLASS="LITERAL"
+>+</VAR
+> character. The effect is that
+ access to untrusted sites will be granted -- but only if a link from this
+ trusted referrer was used. The link target will then be added to the
+ <SPAN
CLASS="QUOTE"
>"trustfile"</SPAN
->.
- Possible applications include limiting Internet access for children.
+> so that future, direct accesses will be granted.
+ Sites added via this mechanism do not become trusted referrers themselves
+ (i.e. they are added with a <VAR
+CLASS="LITERAL"
+>~</VAR
+> designation).
</P
><P
-> If you use <TT
+> If you use the <VAR
+CLASS="LITERAL"
+>+</VAR
+> operator in the trust file, it may grow
+ considerably over time.
+ </P
+><P
+> It is recommended that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> be compiled with
+ the <VAR
+CLASS="LITERAL"
+>--disable-force</VAR
+>, <VAR
+CLASS="LITERAL"
+>--disable-toggle</VAR
+> and
+ <VAR
CLASS="LITERAL"
->+</TT
-> operator in the trust file, it may grow considerably over time.
+> --disable-editor</VAR
+> options, if this feature is to be
+ used.
+ </P
+><P
+> Possible applications include limiting Internet access for children.
</P
></DD
></DL
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
> <A
HREF="http://www.privoxy.org/user-manual/"
TARGET="_top"
->http://www.privoxy.org/<TT
+>http://www.privoxy.org/<VAR
CLASS="REPLACEABLE"
-><I
->version</I
-></TT
+>version</VAR
>/user-manual/</A
>
- will be used, where <TT
+ will be used, where <VAR
CLASS="REPLACEABLE"
-><I
->version</I
-></TT
+>version</VAR
> is the <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
><TD
><PRE
CLASS="SCREEN"
->user-manual file:///usr/share/doc/privoxy-2.9.16/user-manual/</PRE
+> user-manual file:///usr/share/doc/privoxy-3.0.3/user-manual/</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> Windows, in local filesystem, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>must</I
+></SPAN
+> use forward slash notation:
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> user-manual file:/c:/some-dir/privoxy-3.0.3/user-manual/</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> Windows, UNC notation (with forward slashes):
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> user-manual file://///some-server/some-path/privoxy-3.0.3/user-manual/</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->user-manual http://local-webserver/privoxy-user-manual/</PRE
+> user-manual http://local-webserver/privoxy-user-manual/</PRE
></TD
></TR
></TABLE
><TD
ALIGN="LEFT"
><P
-> If set, this option should be <I
+> If set, this option should be <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>the first option in the config
file</I
+></SPAN
>, because it is used while the config file is being read.
</P
></TD
> The value of this option only matters if the experimental trust mechanism has been
activated. (See <A
HREF="config.html#TRUSTFILE"
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>trustfile</I
+></SPAN
></A
> above.)
</P
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
>Notes:</DT
><DD
><P
-> If both <TT
+> If both <VAR
CLASS="LITERAL"
->admin-address</TT
-> and <TT
+>admin-address</VAR
+> and <VAR
CLASS="LITERAL"
->proxy-info-url</TT
+>proxy-info-url</VAR
>
are unset, the whole "Local Privoxy Support" box on all generated pages will
not be shown.
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
>Notes:</DT
><DD
><P
-> If both <TT
+> If both <VAR
CLASS="LITERAL"
->admin-address</TT
-> and <TT
+>admin-address</VAR
+> and <VAR
CLASS="LITERAL"
->proxy-info-url</TT
+>proxy-info-url</VAR
>
are unset, the whole "Local Privoxy Support" box on all generated pages will
not be shown.
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> with the <TT
+> with the <VAR
CLASS="LITERAL"
->--no-daemon</TT
+>--no-daemon</VAR
>
command line option when debugging.
</P
> Key values that determine what information gets logged to the
<A
HREF="config.html#LOGFILE"
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>logfile</I
+></SPAN
></A
>.
</P
debug 256 # debug GIF de-animation
debug 512 # Common Log Format
debug 1024 # debug kill pop-ups
+ debug 2048 # CGI user interface
debug 4096 # Startup banner and warnings.
debug 8192 # Non-fatal errors</PRE
></TD
</P
><P
> To select multiple debug levels, you can either add them or use
- multiple <TT
+ multiple <VAR
CLASS="LITERAL"
->debug</TT
+>debug</VAR
> lines.
</P
><P
> A debug level of 1 is informative because it will show you each request
- as it happens. <I
+ as it happens. <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>1, 4096 and 8192 are highly recommended</I
+></SPAN
>
so that you will notice when things go wrong. The other levels are probably
only of interest if you are hunting down a specific problem. They can produce
</P
><P
-> The reporting of <I
+> The reporting of <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>fatal</I
+></SPAN
> errors (i.e. ones which crash
<SPAN
CLASS="APPLICATION"
CLASS="QUOTE"
>"debug
512"</SPAN
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>ONLY</I
+></SPAN
> and not enable anything else.
</P
></DD
>Type of value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>None</I
+></SPAN
></P
></DD
><DT
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
><DD
><P
> This option is only there for debug purposes and you should never
- need to use it. <I
+ need to use it. <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>It will drastically reduce performance.</I
+></SPAN
>
</P
></DD
>Type of value:</DT
><DD
><P
->[<TT
+>[<VAR
CLASS="REPLACEABLE"
-><I
->IP-Address</I
-></TT
->]:<TT
+>IP-Address</VAR
+>]:<VAR
CLASS="REPLACEABLE"
-><I
->Port</I
-></TT
+>Port</VAR
></P
></DD
><DT
CLASS="APPLICATION"
>Privoxy</SPAN
> to untrusted users, you will
- also want to turn off the <TT
+ also want to turn off the <VAR
CLASS="LITERAL"
><A
HREF="config.html#ENABLE-EDIT-ACTIONS"
>enable-edit-actions</A
-></TT
+></VAR
> and
- <TT
+ <VAR
CLASS="LITERAL"
><A
HREF="config.html#ENABLE-REMOTE-TOGGLE"
>enable-remote-toggle</A
-></TT
+></VAR
>
options!
</P
>"toggled off"</SPAN
> mode, i.e. behave like a normal, content-neutral
proxy where all ad blocking, filtering, etc are disabled. See
- <TT
+ <VAR
CLASS="LITERAL"
->enable-remote-toggle</TT
+>enable-remote-toggle</VAR
> below. This is not really useful
anymore, since toggling is much easier via <A
HREF="http://config.privoxy.org/toggle"
any URL.
</P
><P
-> For the time being, access to the toggle feature can <I
+> For the time being, access to the toggle feature can <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>not</I
+></SPAN
> be
controlled separately by <SPAN
CLASS="QUOTE"
<SPAN
CLASS="QUOTE"
>"ACLs"</SPAN
-> and <TT
+> and <VAR
CLASS="LITERAL"
->listen-address</TT
+>listen-address</VAR
> above) can
- toggle it for all users. So this option is <I
+ toggle it for all users. So this option is <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>not recommended</I
+></SPAN
>
for multi-user environments with untrusted users.
</P
>Notes:</DT
><DD
><P
-> For the time being, access to the editor can <I
+> For the time being, access to the editor can <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>not</I
+></SPAN
> be
controlled separately by <SPAN
CLASS="QUOTE"
<SPAN
CLASS="QUOTE"
>"ACLs"</SPAN
-> and <TT
+> and <VAR
CLASS="LITERAL"
->listen-address</TT
+>listen-address</VAR
> above) can
- modify its configuration for all users. So this option is <I
+ modify its configuration for all users. So this option is <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>not
recommended</I
+></SPAN
> for multi-user environments with untrusted users.
</P
><P
>Type of value:</DT
><DD
><P
-> <TT
+> <VAR
CLASS="REPLACEABLE"
-><I
->src_addr</I
-></TT
->[/<TT
+>src_addr</VAR
+>[/<VAR
CLASS="REPLACEABLE"
-><I
->src_masklen</I
-></TT
+>src_masklen</VAR
>]
- [<TT
+ [<VAR
CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
->[/<TT
+>dst_addr</VAR
+>[/<VAR
CLASS="REPLACEABLE"
-><I
->dst_masklen</I
-></TT
+>dst_masklen</VAR
>]]
</P
><P
-> Where <TT
+> Where <VAR
CLASS="REPLACEABLE"
-><I
->src_addr</I
-></TT
+>src_addr</VAR
> and
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
+>dst_addr</VAR
> are IP addresses in dotted decimal notation or valid
- DNS names, and <TT
+ DNS names, and <VAR
CLASS="REPLACEABLE"
-><I
->src_masklen</I
-></TT
+>src_masklen</VAR
> and
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->dst_masklen</I
-></TT
+>dst_masklen</VAR
> are subnet masks in CIDR notation, i.e. integer
values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
destination part are optional.
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
>Effect if unset:</DT
><DD
><P
-> Don't restrict access further than implied by <TT
+> Don't restrict access further than implied by <VAR
CLASS="LITERAL"
->listen-address</TT
+>listen-address</VAR
>
</P
></DD
><DD
><P
> Access controls are included at the request of ISPs and systems
- administrators, and <I
+ administrators, and <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>are not usually needed by individual users</I
+></SPAN
>.
For a typical home user, it will normally suffice to ensure that
<SPAN
(127.0.0.1) or internal (home) network address by means of the
<A
HREF="config.html#LISTEN-ADDRESS"
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>listen-address</I
+></SPAN
></A
>
option.
CLASS="APPLICATION"
>Privoxy</SPAN
>
- talks only to IP addresses that match at least one <TT
+ talks only to IP addresses that match at least one <VAR
CLASS="LITERAL"
->permit-access</TT
+>permit-access</VAR
> line
- and don't match any subsequent <TT
+ and don't match any subsequent <VAR
CLASS="LITERAL"
->deny-access</TT
+>deny-access</VAR
> line. In other words, the
- last match wins, with the default being <TT
+ last match wins, with the default being <VAR
CLASS="LITERAL"
->deny-access</TT
+>deny-access</VAR
>.
</P
><P
> If <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is using a forwarder (see <TT
+> is using a forwarder (see <VAR
CLASS="LITERAL"
->forward</TT
+>forward</VAR
> below)
- for a particular destination URL, the <TT
+ for a particular destination URL, the <VAR
CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
+>dst_addr</VAR
>
- that is examined is the address of the forwarder and <I
+ that is examined is the address of the forwarder and <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>NOT</I
+></SPAN
> the address
of the ultimate target. This is necessary because it may be impossible for the local
<SPAN
</P
><P
> You should prefer using IP addresses over DNS names, because the address lookups take
- time. All DNS names must resolve! You can <I
+ time. All DNS names must resolve! You can <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>not</I
+></SPAN
> use domain patterns
like <SPAN
CLASS="QUOTE"
><DD
><P
> Explicitly define the default behavior if no ACL and
- <TT
+ <VAR
CLASS="LITERAL"
->listen-address</TT
+>listen-address</VAR
> are set: <SPAN
CLASS="QUOTE"
>"localhost"</SPAN
>
- is OK. The absence of a <TT
+ is OK. The absence of a <VAR
CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
+>dst_addr</VAR
> implies that
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>all</I
+></SPAN
> destination addresses are OK:
</P
><P
>Notes:</DT
><DD
><P
-> For content filtering, i.e. the <TT
+> For content filtering, i.e. the <VAR
CLASS="LITERAL"
->+filter</TT
+>+filter</VAR
> and
- <TT
+ <VAR
CLASS="LITERAL"
->+deanimate-gif</TT
+>+deanimate-gif</VAR
> actions, it is necessary that
<SPAN
CLASS="APPLICATION"
Hence this option.
</P
><P
-> When a document buffer size reaches the <TT
+> When a document buffer size reaches the <VAR
CLASS="LITERAL"
->buffer-limit</TT
+>buffer-limit</VAR
>, it is
flushed to the client unfiltered and no further attempt to
filter the rest of the document is made. Remember that there may be multiple threads
- running, which might require up to <TT
+ running, which might require up to <VAR
CLASS="LITERAL"
->buffer-limit</TT
+>buffer-limit</VAR
> Kbytes
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>each</I
+></SPAN
>, unless you have enabled <SPAN
CLASS="QUOTE"
>"single-threaded"</SPAN
>Type of value:</DT
><DD
><P
-> <TT
+> <VAR
CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
->[:<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
+>target_pattern</VAR
+>
+ <VAR
CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->[/<TT
+>http_parent</VAR
+>[:<VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>]
</P
><P
-> Where <TT
+> where <VAR
CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
-> is a domain name pattern (see the
- chapter on domain matching in the <TT
-CLASS="FILENAME"
->default.action</TT
-> file),
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is the address of the parent HTTP proxy
- as an IP addresses in dotted decimal notation or as a valid DNS name (or <SPAN
+>target_pattern</VAR
+> is a <A
+HREF="actions-file.html#AF-PATTERNS"
+>URL pattern</A
+>
+ that specifies to which requests (i.e. URLs) this forward rule shall apply. Use <VAR
+CLASS="LITERAL"
+>/</VAR
+> to
+ denote <SPAN
CLASS="QUOTE"
->"."</SPAN
-> to denote
- <SPAN
+>"all URLs"</SPAN
+>.
+ <VAR
+CLASS="REPLACEABLE"
+>http_parent</VAR
+>[:<VAR
+CLASS="REPLACEABLE"
+>port</VAR
+>]
+ is the DNS name or IP address of the parent HTTP proxy through which the requests should be forwarded,
+ optionally followed by its listening port (default: 8080).
+ Use a single dot (<VAR
+CLASS="LITERAL"
+>.</VAR
+>) to denote <SPAN
CLASS="QUOTE"
>"no forwarding"</SPAN
->, and the optional
- <TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-> parameters are TCP ports, i.e. integer
- values from 1 to 64535
+>.
</P
></DD
><DT
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
>Notes:</DT
><DD
><P
-> If <TT
+> If <VAR
CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
+>http_parent</VAR
> is <SPAN
CLASS="QUOTE"
>"."</SPAN
><TD
><PRE
CLASS="SCREEN"
-> forward .* anon-proxy.example.org:8080
+> forward / anon-proxy.example.org:8080
forward :443 .</PRE
></TD
></TR
><TD
><PRE
CLASS="SCREEN"
-> forward .*. caching-proxy.example-isp.net:8000
+> forward / caching-proxy.example-isp.net:8000
forward .example-isp.net .</PRE
></TD
></TR
>Type of value:</DT
><DD
><P
-> <TT
+> <VAR
CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
->[:<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
+>target_pattern</VAR
+>
+ <VAR
CLASS="REPLACEABLE"
-><I
->socks_proxy</I
-></TT
->[/<TT
+>socks_proxy</VAR
+>[:<VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>]
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->[/<TT
+>http_parent</VAR
+>[:<VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>]
</P
><P
-> Where <TT
+> where <VAR
CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
-> is a domain name pattern (see the
- chapter on domain matching in the <TT
-CLASS="FILENAME"
->default.action</TT
-> file),
- <TT
+>target_pattern</VAR
+> is a <A
+HREF="actions-file.html#AF-PATTERNS"
+>URL pattern</A
+>
+ that specifies to which requests (i.e. URLs) this forward rule shall apply. Use <VAR
+CLASS="LITERAL"
+>/</VAR
+> to
+ denote <SPAN
+CLASS="QUOTE"
+>"all URLs"</SPAN
+>.
+ <VAR
CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> and <TT
+>http_parent</VAR
+> and <VAR
CLASS="REPLACEABLE"
-><I
->socks_proxy</I
-></TT
+>socks_proxy</VAR
>
- are IP addresses in dotted decimal notation or valid DNS names (<TT
+ are IP addresses in dotted decimal notation or valid DNS names (<VAR
CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
+>http_parent</VAR
>
may be <SPAN
CLASS="QUOTE"
CLASS="QUOTE"
>"no HTTP forwarding"</SPAN
>), and the optional
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
> parameters are TCP ports, i.e. integer values from 1 to 64535
</P
></DD
>Default value:</DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Unset</I
+></SPAN
></P
></DD
><DT
> Multiple lines are OK, they are checked in sequence, and the last match wins.
</P
><P
-> The difference between <TT
+> The difference between <VAR
CLASS="LITERAL"
->forward-socks4</TT
-> and <TT
+>forward-socks4</VAR
+> and <VAR
CLASS="LITERAL"
->forward-socks4a</TT
+>forward-socks4a</VAR
>
is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
server, while in SOCKS 4 it happens locally.
</P
><P
-> If <TT
+> If <VAR
CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
+>http_parent</VAR
> is <SPAN
CLASS="QUOTE"
>"."</SPAN
><TD
><PRE
CLASS="SCREEN"
-> forward-socks4a .*. socks-gw.example.com:1080 www-cache.example-isp.net:8080
+> forward-socks4a / socks-gw.example.com:1080 www-cache.example-isp.net:8080
forward .example.com .</PRE
></TD
></TR
><TD
><PRE
CLASS="SCREEN"
-> forward-socks4 .*. socks-gw.example.com:1080 .</PRE
+> forward-socks4 / socks-gw.example.com:1080 .</PRE
></TD
></TR
></TABLE
>Privoxies</SPAN
>
which have connections to the respective ISPs to act as forwarders to each other, so that
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>your</I
+></SPAN
> users can see the internal content of all ISPs.</P
><P
> Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
><TD
><PRE
CLASS="SCREEN"
-> forward .*. .
+> forward / .
forward .isp-b.net host-b:8118</PRE
></TD
></TR
><TD
><PRE
CLASS="SCREEN"
-> forward .*. .
+> forward / .
forward .isp-a.net host-a:8118</PRE
></TD
></TR
CLASS="APPLICATION"
>squid</SPAN
> locally, then chain as
- <TT
+ <VAR
CLASS="LITERAL"
->browser -> squid -> privoxy</TT
+>browser -> squid -> privoxy</VAR
> is the recommended way. </P
><P
> Assuming that <SPAN
CLASS="APPLICATION"
>squid</SPAN
>'s address and port.
- Squid normally uses port 3128. If unsure consult <TT
+ Squid normally uses port 3128. If unsure consult <VAR
CLASS="LITERAL"
->http_port</TT
+>http_port</VAR
> in <TT
CLASS="FILENAME"
>squid.conf</TT
>.</P
+><P
+> You could just as well decide to only forward requests for Windows executables through
+ a virus-scanning parent proxy, say, on <VAR
+CLASS="LITERAL"
+>antivir.example.com</VAR
+>, port 8010:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> forward / .
+ forward /.*\.(exe|com|dll|zip)$ antivir.example.com:8010</PRE
+></TD
+></TR
+></TABLE
+> </P
></DIV
></DIV
><DIV
>"Privoxy"</SPAN
> is active. To turn off, set to 0.</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>activity-animation 1</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="LOG-MESSAGES"
> will log messages to the console
window:</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>log-messages 1</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="LOG-BUFFER-SIZE"
> Warning: Setting this to 0 will result in the buffer to grow infinitely and
eat up all your memory!</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>log-buffer-size 1</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="LOG-MAX-LINES"
> is the maximum number of lines held
in the log buffer. See above.</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>log-max-lines 200</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="LOG-HIGHLIGHT-MESSAGES"
> will highlight portions of the log
messages with a bold-faced font:</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>log-highlight-messages 1</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="LOG-FONT-NAME"
><P
> The font used in the console window:</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>log-font-name Comic Sans MS</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="LOG-FONT-SIZE"
><P
> Font size used in the console window:</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>log-font-size 8</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="SHOW-ON-TASK-BAR"
> will appear as a button on the Task bar
when minimized:</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>show-on-task-bar 0</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="CLOSE-BUTTON-MINIMIZES"
> instead of closing
the program (close with the exit option on the File menu).</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> <I
+> <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>close-button-minimizes 1</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
><A
NAME="HIDE-CONSOLE"
> will disconnect from and hide the
command console.</P
><P
-> <TT
+> <VAR
CLASS="LITERAL"
> <P
CLASS="LITERALLAYOUT"
-> #<I
+> #<SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>hide-console</I
+></SPAN
><br>
</P
>
- </TT
+ </VAR
></P
></DIV
></DIV
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="configuration.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="index.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="actions-file.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR