6 $Id: user-manual.sgml,v 1.53 2002/03/24 11:51:00 swa Exp $
8 The user manual gives users information on how to install, configure
9 and use Privoxy. Privoxy is a web proxy with advanced filtering
10 capabilities for protecting privacy, filtering web page content,
11 managing cookies, controlling access, and removing ads, banners,
12 pop-ups and other obnoxious Internet Junk. Privoxy has a very flexible
13 configuration and can be customized to suit individual needs and
14 tastes. Privoxy has application for both stand-alone systems and
17 You can find the latest version of the user manual at
18 [1]http://ijbswa.sourceforge.net/user-manual/.
19 _________________________________________________________________
35 3. [11]Privoxy Configuration
37 3.1. [12]Controlling Privoxy with Your Web Browser
38 3.2. [13]Configuration Files Overview
39 3.3. [14]The Main Configuration File
41 3.3.1. [15]Defining Other Configuration Files
42 3.3.2. [16]Other Configuration Options
43 3.3.3. [17]Access Control List (ACL)
45 3.3.5. [19]Windows GUI Options
47 3.4. [20]The Actions File
49 3.4.1. [21]URL Domain and Path Syntax
53 3.5. [24]The Filter File
56 4. [26]Quickstart to Using Privoxy
58 4.1. [27]Command Line Options
60 5. [28]Contacting the Developers, Bug Reporting and Feature Requests
61 6. [29]Copyright and History
69 8.1. [34]Regular Expressions
81 8.2. [35]Privoxy's Internal Pages
82 8.3. [36]Anatomy of an Action
86 Privoxy is a web proxy with advanced filtering capabilities for
87 protecting privacy, filtering and modifying web page content, managing
88 cookies, controlling access, and removing ads, banners, pop-ups and
89 other obnoxious Internet Junk. Privoxy has a very flexible
90 configuration and can be customized to suit individual needs and
91 tastes. Privoxy has application for both stand-alone systems and
94 This documentation is included with the current BETA version of
95 Privoxy and is mostly complete at this point. The most up to date
96 reference for the time being is still the comments in the source files
97 and in the individual configuration files. Development of version 3.0
98 is currently nearing completion, and includes many significant changes
99 and enhancements over earlier versions. The target release date for
100 stable v3.0 is "soon" ;-)
102 Since this is a BETA version, not all new features are well tested.
103 This documentation may be slightly out of sync as a result (especially
104 with CVS sources). And there may be bugs, though hopefully not many!
105 _________________________________________________________________
109 In addition to Internet Junkbuster's traditional feature of ad and
110 banner blocking and cookie management, Privoxy provides new features,
111 some of them currently under development:
113 * Integrated browser based configuration and control utility
114 ([37]http://i.j.b). Browser-based tracing of rule and filter
116 * Blocking of annoying pop-up browser windows.
117 * HTTP/1.1 compliant (most, but not all 1.1 features are supported).
118 * Support for Perl Compatible Regular Expressions in the
119 configuration files, and generally a more sophisticated and
120 flexible configuration syntax over previous versions.
122 * Web page content filtering (removes banners based on size,
123 invisible "web-bugs", JavaScript, pop-ups, status bar abuse, etc.)
124 * Bypass many click-tracking scripts (avoids script redirection).
125 * Multi-threaded (POSIX and native threads).
126 * Auto-detection and re-reading of config file changes.
127 * User-customizable HTML templates (e.g. 404 error page).
128 * Improved cookie management features (e.g. session based cookies).
129 * Builds from source on most UNIX-like systems. Packages available
130 for: Linux (RedHat, SuSE, or Debian), Windows, Sun Solaris, Mac
131 OSX, OS/2, HP-UX 11 and AmigaOS.
132 * In addition, the configuration is much more powerful and versatile
134 _________________________________________________________________
138 Privoxy is available as raw source code, or pre-compiled binaries. See
139 the [38]Privoxy Home Page for binaries and current release info.
140 Privoxy is also available via [39]CVS. This is the recommended
141 approach at this time. But please be aware that CVS is constantly
142 changing, and it may break in mysterious ways.
143 _________________________________________________________________
147 For gzipped tar archives, unpack the source:
149 tar xzvf ijb_source_* [.tgz or .tar.gz]
150 cd ijb_source_2.9.11_beta
152 For retrieving the current CVS sources, you'll need the CVS package
153 installed first. To download CVS source:
155 cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
156 cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co cu
160 This will create a directory named current/, which will contain the
163 Then, in either case, to build from tarball/CVS source:
165 ./configure (--help to see options)
166 make (the make from gnu, gmake for *BSD)
168 make -n install (to see where all the files will go)
169 make install (to really install)
171 For Redhat and SuSE Linux RPM packages, see below.
172 _________________________________________________________________
176 To build Redhat RPM packages, install source as above. Then:
178 autoheader [suggested for CVS source]
179 autoconf [suggested for CVS source]
183 This will create both binary and src RPMs in the usual places.
186 /usr/src/redhat/RPMS/i686/privoxy-2.9.11-1.i686.rpm
188 /usr/src/redhat/SRPMS/privoxy-2.9.11-1.src.rpm
190 To install, of course:
192 rpm -Uvv /usr/src/redhat/RPMS/i686/privoxy-2.9.11-1.i686.rpm
194 This will place the Privoxy configuration files in /etc/privoxy/, and
195 log files in /var/log/privoxy/.
196 _________________________________________________________________
200 To build SuSE RPM packages, install source as above. Then:
202 autoheader [suggested for CVS source]
203 autoconf [suggested for CVS source]
207 This will create both binary and src RPMs in the usual places.
210 /usr/src/packages/RPMS/i686/privoxy-2.9.11-1.i686.rpm
212 /usr/src/packages/SRPMS/privoxy-2.9.11-1.src.rpm
214 To install, of course:
216 rpm -Uvv /usr/src/packages/RPMS/i686/privoxy-2.9.11-1.i686.rpm
218 This will place the Privoxy configuration files in /etc/privoxy/, and
219 log files in /var/log/privoxy/.
220 _________________________________________________________________
224 Privoxy is packaged in a WarpIN self- installing archive. The
225 self-installing program will be named depending on the release
226 version, something like: ijbos2_setup_1.2.3.exe. In order to install
227 it, simply run this executable or double-click on its icon and follow
228 the WarpIN installation panels. A shadow of the Privoxy executable
229 will be placed in your startup folder so it will start automatically
230 whenever OS/2 starts.
232 The directory you choose to install Privoxy into will contain all of
233 the configuration files.
235 If you would like to build binary images on OS/2 yourself, you will
236 need a few Unix-like tools: autoconf, autoheader and sh. These tools
237 will be used to create the required config.h file, which is not part
238 of the source distribution because it differs based on platform. You
239 will also need a compiler. The distribution has been created using IBM
240 VisualAge compilers, but you can use any compiler you like. GCC/EMX
241 has the disadvantage of needing to be single-threaded due to a
242 limitation of EMX's implementation of the select() socket call.
244 In addition to needing the source code distribution as outlined
245 earlier, you will want to extract the os2seutp directory from CVS:
246 cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
248 cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co os2
251 This will create a directory named os2setup/, which will contain the
252 Makefile.vac makefile and os2build.cmd which is used to completely
253 create the binary distribution. The sequence of events for building
254 the executable for yourself goes something like this:
260 nmake -f Makefile.vac
262 You will see this sequence laid out in os2build.cmd.
263 _________________________________________________________________
267 Click-click. (I need help on this. Not a clue here. Also for
268 configuration section below. HB.)
269 _________________________________________________________________
273 Some quick notes on other Operating Systems.
275 For FreeBSD (and other *BSDs?), the build will require gmake instead
276 of the included make. gmake is available from [40]http://www.gnu.org.
277 The rest should be the same as above for Linux/Unix.
278 _________________________________________________________________
280 3. Privoxy Configuration
282 All Privoxy configuration is kept in text files. These files can be
283 edited with a text editor. Many important aspects of Privoxy can also
284 be controlled easily with a web browser.
285 _________________________________________________________________
287 3.1. Controlling Privoxy with Your Web Browser
289 Privoxy can be reached by the special URL [41]http://i.j.b/ (or
290 alternately [42]http://ijbswa.sourceforge.net/config/), which is an
291 internal page. You will see the following section:
293 Please choose from the following options:
295 * Show information about the current configuration
296 * Show the source code version numbers
297 * Show the client's request headers.
298 * Show which actions apply to a URL and why
299 * Toggle Privoxy on or off
300 * Edit the actions list
303 This should be self-explanatory. Note the last item is an editor for
304 the "actions list", which is where much of the ad, banner, cookie, and
305 URL blocking magic is configured as well as other advanced features of
306 Privoxy. This is an easy way to adjust various aspects of Privoxy
307 configuration. The actions file, and other configuration files, are
308 explained in detail below. Privoxy will automatically detect any
309 changes to these files.
311 "Toggle Privoxy On or Off" is handy for sites that might have problems
312 with your current actions and filters, or just to test if a site
313 misbehaves, whether it is Privoxy causing the problem or not. Privoxy
314 continues to run as a proxy in this case, but all filtering is
316 _________________________________________________________________
318 3.2. Configuration Files Overview
320 For Unix, *BSD and Linux, all configuration files are located in
321 /etc/privoxy/ by default. For MS Windows, OS/2, and AmigaOS these are
322 all in the same directory as the Privoxy executable. The name and
323 number of configuration files has changed from previous versions, and
324 is subject to change as development progresses.
326 The installed defaults provide a reasonable starting point, though
327 possibly aggressive by some standards. For the time being, there are
328 only three default configuration files (this will change in time):
330 * The main configuration file is named config on Linux, Unix, BSD,
331 OS/2, and AmigaOS and config.txt on Windows.
332 * The default.action file is used to define various "actions"
333 relating to images, banners, pop-ups, access restrictions, banners
334 and cookies. There is a CGI based editor for this file that can be
335 accessed via [43]http://i.j.b. (Other actions files are included
336 as well with differing levels of filtering and blocking, e.g.
338 * The default.filter file can be used to re-write the raw page
339 content, including viewable text as well as embedded HTML and
340 JavaScript, and whatever else lurks on any given web page.
342 default.action and default.filter can use Perl style regular
343 expressions for maximum flexibility. All files use the "#" character
344 to denote a comment. Such lines are not processed by Privoxy. After
345 making any changes, there is no need to restart Privoxy in order for
346 the changes to take effect. Privoxy should detect such changes
349 While under development, the configuration content is subject to
350 change. The below documentation may not be accurate by the time you
351 read this. Also, what constitutes a "default" setting, may change, so
352 please check all your configuration files on important issues.
353 _________________________________________________________________
355 3.3. The Main Configuration File
357 Again, the main configuration file is named config on Linux/Unix/BSD
358 and OS/2, and config.txt on Windows. Configuration lines consist of an
359 initial keyword followed by a list of values, all separated by
360 whitespace (any number of spaces or tabs). For example:
362 blockfile blocklist.ini
364 Indicates that the blockfile is named "blocklist.ini". (A default
365 installation does not use this.)
367 A "#" indicates a comment. Any part of a line following a "#" is
368 ignored, except if the "#" is preceded by a "\".
370 Thus, by placing a "#" at the start of an existing configuration line,
371 you can make it a comment and it will be treated as if it weren't
372 there. This is called "commenting out" an option and can be useful to
373 turn off features: If you comment out the "logfile" line, Privoxy will
374 not log to a file at all. Watch for the "default:" section in each
375 explanation to see what happens if the option is left unset (or
378 Long lines can be continued on the next line by using a "\" as the
381 There are various aspects of Privoxy behavior that can be tuned.
382 _________________________________________________________________
384 3.3.1. Defining Other Configuration Files
386 Privoxy can use a number of other files to tell it what ads to block,
387 what cookies to accept, etc. This section of the configuration file
388 tells Privoxy where to find all those other files.
390 On Windows and AmigaOS, Privoxy looks for these files in the same
391 directory as the executable. On Unix and OS/2, Privoxy looks for these
392 files in the current working directory. In either case, an absolute
393 path name can be used to avoid problems.
395 When development goes modular and multi-user, the blocker, filter, and
396 per-user config will be stored in subdirectories of "confdir". For
397 now, only confdir/templates is used for storing HTML templates for CGI
400 The location of the configuration files:
402 confdir /etc/privoxy # No trailing /, please.
404 The directory where all logging (i.e. logfile and jarfile) takes
405 place. No trailing "/", please:
407 logdir /var/log/privoxy
409 Note that all file specifications below are relative to the above two
412 The "default.action" file contains patterns to specify the actions to
413 apply to requests for each site. Default: Cookies to and from all
414 destinations are kept only during the current browser session (i.e.
415 they are not saved to disk). Pop-ups are disabled for all sites. All
416 sites are filtered through selected sections of "default.filter". No
417 sites are blocked. The Privoxy logo is displayed for filtered ads and
418 other images. The syntax of this file is explained in detail
419 [44]below. Other "actions" files are included, and you are free to use
420 any of them. They have varying degrees of aggressiveness.
422 actionsfile default.action
424 The "default.filter" file contains content modification rules that use
425 "regular expressions". These rules permit powerful changes on the
426 content of Web pages, e.g., you could disable your favorite JavaScript
427 annoyances, re-write the actual displayed text, or just have some fun
428 replacing "Microsoft" with "MicroSuck" wherever it appears on a Web
429 page. Default: whatever the developers are playing with :-/
431 Filtering requires buffering the page content, which may appear to
432 slow down page rendering since nothing is displayed until all content
433 has passed the filters. (It does not really take longer, but seems
434 that way since the page is not incrementally displayed.) This effect
435 will be more noticeable on slower connections.
437 filterfile default.filter
439 The logfile is where all logging and error messages are written. The
440 logfile can be useful for tracking down a problem with Privoxy (e.g.,
441 it's not blocking an ad you think it should block) but in most cases
442 you probably will never look at it.
444 Your logfile will grow indefinitely, and you will probably want to
445 periodically remove it. On Unix systems, you can do this with a cron
446 job (see "man cron"). For Redhat, a logrotate script has been
449 On SuSE Linux systems, you can place a line like "/var/log/privoxy.*
450 +1024k 644 nobody.nogroup" in /etc/logfiles, with the effect that
451 cron.daily will automatically archive, gzip, and empty the log, when
454 Default: Log to the a file named logfile. Comment out to disable
459 The "jarfile" defines where Privoxy stores the cookies it intercepts.
460 Note that if you use a "jarfile", it may grow quite large. Default:
461 Don't store intercepted cookies.
465 If you specify a "trustfile", Privoxy will only allow access to sites
466 that are named in the trustfile. You can also mark sites as trusted
467 referrers, with the effect that access to untrusted sites will be
468 granted, if a link from a trusted referrer was used. The link target
469 will then be added to the "trustfile". This is a very restrictive
470 feature that typical users most probably want to leave disabled.
471 Default: Disabled, don't use the trust mechanism.
475 If you use the trust mechanism, it is a good idea to write up some
476 on-line documentation about your blocking policy and to specify the
477 URL(s) here. They will appear on the page that your users receive when
478 they try to access untrusted content. Use multiple times for multiple
479 URLs. Default: Don't display links on the "untrusted" info page.
481 trust-info-url http://www.your-site.com/why_we_block.html
482 trust-info-url http://www.your-site.com/what_we_allow.html
483 _________________________________________________________________
485 3.3.2. Other Configuration Options
487 This part of the configuration file contains options that control how
490 "Admin-address" should be set to the email address of the proxy
491 administrator. It is used in many of the proxy-generated pages.
492 Default: fill@me.in.please.
494 #admin-address fill@me.in.please
496 "Proxy-info-url" can be set to a URL that contains more info about
497 this Privoxy installation, it's configuration and policies. It is used
498 in many of the proxy-generated pages and its use is highly recommended
499 in multi-user installations, since your users will want to know why
500 certain content is blocked or modified. Default: Don't show a link to
501 on-line documentation.
503 proxy-info-url http://www.your-site.com/proxy.html
505 "Listen-address" specifies the address and port where Privoxy will
506 listen for connections from your Web browser. The default is to listen
507 on the localhost port 8118, and this is suitable for most users. (In
508 your web browser, under proxy configuration, list the proxy server as
509 "localhost" and the port as "8118").
511 If you already have another service running on port 8118, or if you
512 want to serve requests from other machines (e.g. on your local
513 network) as well, you will need to override the default. The syntax is
514 "listen-address [<ip-address>]:<port>". If you leave out the IP
515 address, Privoxy will bind to all interfaces (addresses) on your
516 machine and may become reachable from the Internet. In that case,
517 consider using access control lists (acl's) (see "aclfile" above), or
520 For example, suppose you are running Privoxy on a machine which has
521 the address 192.168.0.1 on your local private network (192.168.0.0)
522 and has another outside connection with a different address. You want
523 it to serve requests from inside only:
525 listen-address 192.168.0.1:8118
527 If you want it to listen on all addresses (including the outside
532 If you do this, consider using ACLs (see "aclfile" above). Note: you
533 will need to point your browser(s) to the address and port that you
534 have configured here. Default: localhost:8118 (127.0.0.1:8118).
536 The debug option sets the level of debugging information to log in the
537 logfile (and to the console in the Windows version). A debug level of
538 1 is informative because it will show you each request as it happens.
539 Higher levels of debug are probably only of interest to developers.
541 debug 1 # GPC = show each GET/POST/CONNECT request
542 debug 2 # CONN = show each connection status
543 debug 4 # IO = show I/O status
544 debug 8 # HDR = show header parsing
545 debug 16 # LOG = log all data into the logfile
546 debug 32 # FRC = debug force feature
547 debug 64 # REF = debug regular expression filter
548 debug 128 # = debug fast redirects
549 debug 256 # = debug GIF de-animation
550 debug 512 # CLF = Common Log Format
551 debug 1024 # = debug kill pop-ups
552 debug 4096 # INFO = Startup banner and warnings.
553 debug 8192 # ERROR = Non-fatal errors
555 It is highly recommended that you enable ERROR reporting (debug 8192),
556 at least until v3.0 is released.
558 The reporting of FATAL errors (i.e. ones which crash Privoxy) is
559 always on and cannot be disabled.
561 If you want to use CLF (Common Log Format), you should set "debug 512"
562 ONLY, do not enable anything else.
564 Multiple "debug" directives, are OK - they're logical-OR'd together.
566 debug 15 # same as setting the first 4 listed above
572 debug 8192 # Errors - *we highly recommended enabling this*
574 Privoxy normally uses "multi-threading", a software technique that
575 permits it to handle many different requests simultaneously. In some
576 cases you may wish to disable this -- particularly if you're trying to
577 debug a problem. The "single-threaded" option forces Privoxy to handle
578 requests sequentially. Default: Multi-threaded mode.
582 "toggle" allows you to temporarily disable all Privoxy's filtering.
585 The Windows version of Privoxy puts an icon in the system tray, which
586 also allows you to change this option. If you right-click on that icon
587 (or select the "Options" menu), one choice is "Enable". Clicking on
588 enable toggles Privoxy on and off. This is useful if you want to
589 temporarily disable Privoxy, e.g., to access a site that requires
590 cookies which you would otherwise have blocked. This can also be
591 toggled via a web browser at the Privoxy internal address of
592 [45]http://i.j.b on any platform.
594 "toggle 1" means Privoxy runs normally, "toggle 0" means that Privoxy
595 becomes a non-anonymizing non-blocking proxy. Default: 1 (on).
599 For content filtering, i.e. the "+filter" and "+deanimate-gif"
600 actions, it is necessary that Privoxy buffers the entire document
601 body. This can be potentially dangerous, since a server could just
602 keep sending data indefinitely and wait for your RAM to exhaust. With
605 The buffer-limit option lets you set the maximum size in Kbytes that
606 each buffer may use. When the documents buffer exceeds this size, it
607 is flushed to the client unfiltered and no further attempt to filter
608 the rest of it is made. Remember that there may multiple threads
609 running, which might require increasing the "buffer-limit" Kbytes
610 each, unless you have enabled "single-threaded" above.
614 To enable the web-based default.action file editor set
615 enable-edit-actions to 1, or 0 to disable. Note that you must have
616 compiled Privoxy with support for this feature, otherwise this option
617 has no effect. This internal page can be reached at [46]http://i.j.b.
619 Security note: If this is enabled, anyone who can use the proxy can
620 edit the actions file, and their changes will affect all users. For
621 shared proxies, you probably want to disable this. Default: enabled.
623 enable-edit-actions 1
625 Allow Privoxy to be toggled on and off remotely, using your web
626 browser. Set "enable-remote-toggle"to 1 to enable, and 0 to disable.
627 Note that you must have compiled Privoxy with support for this
628 feature, otherwise this option has no effect.
630 Security note: If this is enabled, anyone who can use the proxy can
631 toggle it on or off (see [47]http://i.j.b), and their changes will
632 affect all users. For shared proxies, you probably want to disable
633 this. Default: enabled.
635 enable-remote-toggle 1
636 _________________________________________________________________
638 3.3.3. Access Control List (ACL)
640 Access controls are included at the request of some ISPs and systems
641 administrators, and are not usually needed by individual users. Please
642 note the warnings in the FAQ that this proxy is not intended to be a
643 substitute for a firewall or to encourage anyone to defer addressing
644 basic security weaknesses.
646 If no access settings are specified, the proxy talks to anyone that
647 connects. If any access settings file are specified, then the proxy
648 talks only to IP addresses permitted somewhere in this file and not
649 denied later in this file.
651 Summary -- if using an ACL:
653 Client must have permission to receive service.
655 LAST match in ACL wins.
657 Default behavior is to deny service.
659 The syntax for an entry in the Access Control List is:
661 ACTION SRC_ADDR[/SRC_MASKLEN] [ DST_ADDR[/DST_MASKLEN] ]
663 Where the individual fields are:
665 ACTION = "permit-access" or "deny-access"
666 SRC_ADDR = client hostname or dotted IP address
667 SRC_MASKLEN = number of bits in the subnet mask for the source
668 DST_ADDR = server or forwarder hostname or dotted IP address
669 DST_MASKLEN = number of bits in the subnet mask for the target
671 The field separator (FS) is whitespace (space or tab).
673 IMPORTANT NOTE: If Privoxy is using a forwarder (see below) or a
674 gateway for a particular destination URL, the DST_ADDR that is
675 examined is the address of the forwarder or the gateway and NOT the
676 address of the ultimate target. This is necessary because it may be
677 impossible for the local Privoxy to determine the address of the
678 ultimate target (that's often what gateways are used for).
680 Here are a few examples to show how the ACL features work:
682 "localhost" is OK -- no DST_ADDR implies that ALL destination
685 permit-access localhost
687 A silly example to illustrate permitting any host on the class-C
688 subnet with Privoxy to go anywhere:
690 permit-access www.privoxy.com/24
692 Except deny one particular IP address from using it at all:
694 deny-access ident.privoxy.com
696 You can also specify an explicit network address and subnet mask.
697 Explicit addresses do not have to be resolved to be used.
699 permit-access 207.153.200.0/24
701 A subnet mask of 0 matches anything, so the next line permits
704 permit-access 0.0.0.0/0
706 Note, you cannot say:
710 to allow all *.org domains. Every IP address listed must resolve
713 An ISP may want to provide a Privoxy that is accessible by "the world"
714 and yet restrict use of some of their private content to hosts on its
715 internal network (i.e. its own subscribers). Say, for instance the ISP
716 owns the Class-B IP address block 123.124.0.0 (a 16 bit netmask). This
717 is how they could do it:
719 permit-access 0.0.0.0/0 0.0.0.0/0 # other clients can go anywhere
720 # with the following exceptions
723 deny-access 0.0.0.0/0 123.124.0.0/16 # block all external request
725 # sites on the ISP's network
726 permit 0.0.0.0/0 www.my_isp.com # except for the ISP's main
728 permit 123.124.0.0/16 0.0.0.0/0 # the ISP's clients can go
731 Note that if some hostnames are listed with multiple IP addresses, the
732 primary value returned by DNS (via gethostbyname()) is used. Default:
733 Anyone can access the proxy.
734 _________________________________________________________________
738 This feature allows chaining of HTTP requests via multiple proxies. It
739 can be used to better protect privacy and confidentiality when
740 accessing specific domains by routing requests to those domains to a
741 special purpose filtering proxy such as lpwa.com. Or to use a caching
742 proxy to speed up browsing.
744 It can also be used in an environment with multiple networks to route
745 requests via multiple gateways allowing transparent access to multiple
746 networks without having to modify browser configurations.
748 Also specified here are SOCKS proxies. Privoxy SOCKS 4 and SOCKS 4A.
749 The difference is that SOCKS 4A will resolve the target hostname using
750 DNS on the SOCKS server, not our local DNS client.
752 The syntax of each line is:
754 forward target_domain[:port] http_proxy_host[:port]
755 forward-socks4 target_domain[:port] socks_proxy_host[:port]
756 http_proxy_host[:port]
757 forward-socks4a target_domain[:port] socks_proxy_host[:port]
758 http_proxy_host[:port]
760 If http_proxy_host is ".", then requests are not forwarded to a HTTP
761 proxy but are made directly to the web servers.
763 Lines are checked in sequence, and the last match wins.
765 There is an implicit line equivalent to the following, which specifies
766 that anything not finding a match on the list is to go out without
767 forwarding or gateway protocol, like so:
769 forward .* . # implicit
771 In the following common configuration, everything goes to Lucent's
772 LPWA, except SSL on port 443 (which it doesn't handle):
774 forward .* lpwa.com:8000
777 Some users have reported difficulties related to LPWA's use of "." as
778 the last element of the domain, and have said that this can be fixed
781 forward lpwa. lpwa.com:8000
783 (NOTE: the syntax for specifying target_domain has changed since the
784 previous paragraph was written -- it will not work now. More
785 information is welcome.)
787 In this fictitious example, everything goes via an ISP's caching
788 proxy, except requests to that ISP:
790 forward .* caching.myisp.net:8000
793 For the @home network, we're told the forwarding configuration is
796 forward .* proxy:8080
798 Also, we're told they insist on getting cookies and JavaScript, so you
799 should allow cookies from home.com. We consider JavaScript a potential
800 security risk. Java need not be enabled.
802 In this example direct connections are made to all "internal" domains,
803 but everything else goes through Lucent's LPWA by way of the company's
804 SOCKS gateway to the Internet.
806 forward-socks4 .* lpwa.com:8000 firewall.my_company.com:1080
807 forward my_company.com .
809 This is how you could set up a site that always uses SOCKS but no
812 forward-socks4a .* . firewall.my_company.com:1080
814 An advanced example for network administrators:
816 If you have links to multiple ISPs that provide various special
817 content to their subscribers, you can configure forwarding to pass
818 requests to the specific host that's connected to that ISP so that
819 everybody can see all of the content on all of the ISPs.
821 This is a bit tricky, but here's an example:
823 host-a has a PPP connection to isp-a.com. And host-b has a PPP
824 connection to isp-b.com. host-a can run a Privoxy proxy with
825 forwarding like this:
828 forward isp-b.com host-b:8118
830 host-b can run a Privoxy proxy with forwarding like this:
833 forward isp-a.com host-a:8118
835 Now, anyone on the Internet (including users on host-a and host-b) can
836 set their browser's proxy to either host-a or host-b and be able to
837 browse the content on isp-a or isp-b.
839 Here's another practical example, for University of Kent at Canterbury
840 students with a network connection in their room, who need to use the
841 University's Squid web cache.
843 forward *. ssbcache.ukc.ac.uk:3128 # Use the proxy, except for:
844 forward .ukc.ac.uk . # Anything on the same domain as us
845 forward * . # Host with no domain specified
846 forward 129.12.*.* . # A dotted IP on our /16 network.
847 forward 127.*.*.* . # Loopback address
848 forward localhost.localdomain . # Loopback address
849 forward www.ukc.mirror.ac.uk . # Specific host
851 If you intend to chain Privoxy and squid locally, then chain as
852 browser -> squid -> privoxy is the recommended way.
854 Your squid configuration could then look like this:
856 # Define Privoxy as parent cache
858 cache_peer 127.0.0.1 parent 8118 0 no-query
860 # Define ACL for protocol FTP
862 # Do not forward ACL FTP to privoxy
863 always_direct allow FTP
864 # Do not forward ACL CONNECT (https) to privoxy
865 always_direct allow CONNECT
866 # Forward the rest to privoxy
867 never_direct allow all
868 _________________________________________________________________
870 3.3.5. Windows GUI Options
872 Privoxy has a number of options specific to the Windows GUI interface:
874 If "activity-animation" is set to 1, the Privoxy icon will animate
875 when "Privoxy" is active. To turn off, set to 0.
879 If "log-messages" is set to 1, Privoxy will log messages to the
884 If "log-buffer-size" is set to 1, the size of the log buffer, i.e. the
885 amount of memory used for the log messages displayed in the console
886 window, will be limited to "log-max-lines" (see below).
888 Warning: Setting this to 0 will result in the buffer to grow
889 infinitely and eat up all your memory!
893 log-max-lines is the maximum number of lines held in the log buffer.
898 If "log-highlight-messages" is set to 1, Privoxy will highlight
899 portions of the log messages with a bold-faced font:
901 log-highlight-messages 1
903 The font used in the console window:
905 log-font-name Comic Sans MS
907 Font size used in the console window:
911 "show-on-task-bar" controls whether or not Privoxy will appear as a
912 button on the Task bar when minimized:
916 If "close-button-minimizes" is set to 1, the Windows close button will
917 minimize Privoxy instead of closing the program (close with the exit
918 option on the File menu).
920 close-button-minimizes 1
922 The "hide-console" option is specific to the MS-Win console version of
923 Privoxy. If this option is used, Privoxy will disconnect from and hide
927 _________________________________________________________________
929 3.4. The Actions File
931 The "default.action" file (formerly actionsfile) is used to define
932 what actions Privoxy takes, and thus determines how images, cookies
933 and various other aspects of HTTP content and transactions are
934 handled. Images can be anything you want, including ads, banners, or
935 just some obnoxious URL that you would rather not see. Cookies can be
936 accepted or rejected, or accepted only during the current browser
937 session (i.e. not written to disk). Changes to default.action should
938 be immediately visible to Privoxy without the need to restart.
940 The easiest way to edit "actions" file is with a browser by loading
941 [48]http://i.j.b/, and then select "Edit Actions List". A text editor
944 To determine which actions apply to a request, the URL of the request
945 is compared to all patterns in this file. Every time it matches, the
946 list of applicable actions for the URL is incrementally updated. You
947 can trace this process by visiting [49]http://i.j.b/show-url-info.
949 There are four types of lines in this file: comments (begin with a "#"
950 character), actions, aliases and patterns, all of which are explained
951 below, as well as the configuration file syntax that Privoxy
953 _________________________________________________________________
955 3.4.1. URL Domain and Path Syntax
957 Generally, a pattern has the form <domain>/<path>, where both the
958 <domain> and <path> part are optional. If you only specify a domain
959 part, the "/" can be left out:
961 www.example.com - is a domain only pattern and will match any request
962 to "www.example.com".
964 www.example.com/ - means exactly the same.
966 www.example.com/index.html - matches only the single document
967 "/index.html" on "www.example.com".
969 /index.html - matches the document "/index.html", regardless of the
972 index.html - matches nothing, since it would be interpreted as a
973 domain name and there is no top-level domain called ".html".
975 The matching of the domain part offers some flexible options: if the
976 domain starts or ends with a dot, it becomes unanchored at that end.
979 .example.com - matches any domain that ENDS in ".example.com".
981 www. - matches any domain that STARTS with "www".
983 Additionally, there are wild-cards that you can use in the domain
984 names themselves. They work pretty similar to shell wild-cards: "*"
985 stands for zero or more arbitrary characters, "?" stands for any
986 single character. And you can define character classes in square
987 brackets and they can be freely mixed:
989 ad*.example.com - matches "adserver.example.com", "ads.example.com",
990 etc but not "sfads.example.com".
992 *ad*.example.com - matches all of the above, and then some.
994 .?pix.com - matches "www.ipix.com", "pictures.epix.com",
995 "a.b.c.d.e.upix.com", etc.
997 www[1-9a-ez].example.com - matches "www1.example.com",
998 "www4.example.com", "wwwd.example.com", "wwwz.example.com", etc., but
999 not "wwww.example.com".
1001 If Privoxy was compiled with "pcre" support (default), Perl compatible
1002 regular expressions can be used. See the pcre/docs/ directory or "man
1003 perlre" (also available on
1004 [50]http://www.perldoc.com/perl5.6/pod/perlre.html) for details. A
1005 brief discussion of regular expressions is in the [51]Appendix. For
1008 /.*/advert[0-9]+\.jpe?g - would match a URL from any domain, with any
1009 path that includes "advert" followed immediately by one or more
1010 digits, then a "." and ending in either "jpeg" or "jpg". So we match
1011 "example.com/ads/advert2.jpg", and
1012 "www.example.com/ads/banners/advert39.jpeg", but not
1013 "www.example.com/ads/banners/advert39.gif" (no gifs in the example
1016 Please note that matching in the path is case INSENSITIVE by default,
1017 but you can switch to case sensitive at any point in the pattern by
1018 using the "(?-i)" switch:
1020 www.example.com/(?-i)PaTtErN.* - will match only documents whose path
1021 starts with "PaTtErN" in exactly this capitalization.
1022 _________________________________________________________________
1026 Actions are enabled if preceded with a "+", and disabled if preceded
1027 with a "-". Actions are invoked by enclosing the action name in curly
1028 braces (e.g. {+some_action}), followed by a list of URLs to which the
1029 action applies. There are three classes of actions:
1031 * Boolean (e.g. "+/-block"):
1032 {+name} # enable this action
1033 {-name} # disable this action
1035 * parameterized (e.g. "+/-hide-user-agent"):
1036 {+name{param}} # enable action and set parameter to "param"
1037 {-name} # disable action
1039 * Multi-value (e.g. "{+/-add-header{Name: value}}",
1040 "{+/-wafer{name=value}}"):
1041 {+name{param}} # enable action and add parameter "param"
1042 {-name{param}} # remove the parameter "param"
1043 {-name} # disable this action totally
1045 If nothing is specified in this file, no "actions" are taken. So in
1046 this case Privoxy would just be a normal, non-blocking,
1047 non-anonymizing proxy. You must specifically enable the privacy and
1048 blocking features you need (although the provided default
1049 default.action file will give a good starting point).
1051 Later defined actions always over-ride earlier ones. For multi-valued
1052 actions, the actions are applied in the order they are specified.
1054 The list of valid Privoxy "actions" are:
1056 * Add the specified HTTP header, which is not checked for validity.
1057 You may specify this many times to specify many different headers:
1058 +add-header{Name: value}
1060 * Block this URL totally. In a default installation, a "blocked" URL
1061 will result in bright red banner that says "BLOCKED", with a
1062 reason why it is being blocked.
1065 * De-animate all animated GIF images, i.e. reduce them to their last
1066 frame. This will also shrink the images considerably (in bytes,
1067 not pixels!). If the option "first" is given, the first frame of
1068 the animation is used as the replacement. If "last" is given, the
1069 last frame of the animation is used instead, which probably makes
1070 more sense for most banner animations, but also has the risk of
1071 not showing the entire last frame (if it is only a delta to an
1073 +deanimate-gifs{last}
1074 +deanimate-gifs{first}
1076 * "+downgrade" will downgrade HTTP/1.1 client requests to HTTP/1.0
1077 and downgrade the responses as well. Use this action for servers
1078 that use HTTP/1.1 protocol features that Privoxy doesn't handle
1079 well yet. HTTP/1.1 is only partially implemented. Default is not
1080 to downgrade requests.
1083 * Many sites, like yahoo.com, don't just link to other sites.
1084 Instead, they will link to some script on their own server, giving
1085 the destination as a parameter, which will then redirect you to
1086 the final target. URLs resulting from this scheme typically look
1087 like: http://some.place/some_script?http://some.where-else.
1088 Sometimes, there are even multiple consecutive redirects encoded
1089 in the URL. These redirections via scripts make your web browsing
1090 more traceable, since the server from which you follow such a link
1091 can see where you go to. Apart from that, valuable bandwidth and
1092 time is wasted, while your browser ask the server for one redirect
1093 after the other. Plus, it feeds the advertisers.
1094 The "+fast-redirects" option enables interception of these
1095 requests by Privoxy, who will cut off all but the last valid URL
1096 in the request and send a local redirect back to your browser
1097 without contacting the remote site.
1100 * Apply the filters in the section_header section of the
1101 default.filter file to the site(s). default.filter sections are
1102 grouped according to like functionality.
1103 +filter{section_header}
1105 Filter sections that are pre-defined in the supplied
1106 default.filter include:
1108 html-annoyances: Get rid of particularly annoying HTML abuse.
1110 js-annoyances: Get rid of particularly annoying JavaScript abuse
1112 no-poups: Kill all popups in JS and HTML
1114 frameset-borders: Give frames a border
1116 webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
1118 no-refresh: Automatic refresh sucks on auto-dialup lines
1120 fun: Text replacements for subversive browsing fun!
1122 nimda: Remove (virus) Nimda code.
1124 banners-by-size: Kill banners by size
1126 crude-parental: Kill all web pages that contain the words "sex" or
1129 * Block any existing X-Forwarded-for header, and do not add a new
1133 * If the browser sends a "From:" header containing your e-mail
1134 address, this either completely removes the header ("block"), or
1135 changes it to the specified e-mail address.
1137 +hide-from{spam@sittingduck.xqq}
1139 * Don't send the "Referer:" (sic) header to the web site. You can
1140 block it, forge a URL to the same server as the request (which is
1141 preferred because some sites will not send images otherwise) or
1142 set it to a constant string of your choice.
1143 +hide-referer{block}
1144 +hide-referer{forge}
1145 +hide-referer{http://nowhere.com}
1147 * Alternative spelling of "+hide-referer". It has the same
1148 parameters, and can be freely mixed with, "+hide-referer".
1149 ("referrer" is the correct English spelling, however the HTTP
1150 specification has a bug - it requires it to be spelled "referer".)
1153 * Change the "User-Agent:" header so web servers can't tell your
1154 browser type. Warning! This breaks many web sites. Specify the
1155 user-agent value you want. Example, pretend to be using Netscape
1157 +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
1159 * Treat this URL as an image. This only matters if it's also
1160 "+block"ed, in which case a "blocked" image can be sent rather
1161 than a HTML page. See "+image-blocker{}" below for the control
1162 over what is actually sent. If you want invisible ads, they should
1163 be defined as images and blocked. And also, "image-blocker" should
1167 * Decides what to do with URLs that end up tagged with "{+block
1168 +image}", e.g an advertizement. There are five options.
1169 "-image-blocker" will send a HTML "blocked" page, usually
1170 resulting in a "broken image" icon. "+image-blocker{logo}" will
1171 send a Privoxy logo image. "+image-blocker{blank}" will send a 1x1
1172 transparent GIF image. And finally,
1173 "+image-blocker{http://xyz.com}" will send a HTTP temporary
1174 redirect to the specified image. This has the advantage of the
1175 icon being being cached by the browser, which will speed up the
1176 display. "+image-blocker{pattern}" will send a checkboard type
1177 pattern, which scales better than the logo (which can get blocky
1178 if the browser enlarges it too much).
1179 +image-blocker{logo}
1180 +image-blocker{blank}
1181 +image-blocker{pattern}
1182 +image-blocker{http://i.j.b/send-banner}
1184 * By default (i.e. in the absence of a "+limit-connect" action),
1185 Privoxy will only allow CONNECT requests to port 443, which is the
1186 standard port for https as a precaution.
1187 The CONNECT methods exists in HTTP to allow access to secure
1188 websites (https:// URLs) through proxies. It works very simply:
1189 the proxy connects to the server on the specified port, and then
1190 short-circuits its connections to the client and to the remote
1191 proxy. This can be a big security hole, since CONNECT-enabled
1192 proxies can be abused as TCP relays very easily.
1193 If you want to allow CONNECT for more ports than this, or want to
1194 forbid CONNECT altogether, you can specify a comma separated list
1195 of ports and port ranges (the latter using dashes, with the
1196 minimum defaulting to 0 and max to 65K):
1197 +limit-connect{443} # This is the default and need no be
1199 +limit-connect{80,443} # Ports 80 and 443 are OK.
1200 +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to
1202 #and above 500 are OK.
1204 * "+no-compression" prevents the website from compressing the data.
1205 Some websites do this, which can be a problem for Privoxy, since
1206 "+filter", "+no-popup" and "+gif-deanimate" will not work on
1207 compressed data. This will slow down connections to those
1208 websites, though. Default is "nocompression" is turned on.
1211 * If the website sets cookies, "no-cookies-keep" will make sure they
1212 are erased when you exit and restart your web browser. This makes
1213 profiling cookies useless, but won't break sites which require
1214 cookies so that you can log in for transactions. Default: on.
1217 * Prevent the website from reading cookies:
1220 * Prevent the website from setting cookies:
1223 * Filter the website through a built-in filter to disable those
1224 obnoxious JavaScript pop-up windows via window.open(), etc. The
1225 two alternative spellings are equivalent.
1229 * This action only applies if you are using a jarfile for saving
1230 cookies. It sends a cookie to every site stating that you do not
1231 accept any copyright on cookies sent to you, and asking them not
1232 to track you. Of course, this is a (relatively) unique header they
1233 could use to track you.
1236 * This allows you to add an arbitrary cookie. It can be specified
1237 multiple times in order to add as many cookies as you like.
1240 The meaning of any of the above is reversed by preceding the action
1241 with a "-", in place of the "+".
1245 Turn off cookies by default, then allow a few through for specified
1248 # Turn off all persistent cookies
1249 { +no-cookies-read }
1251 # Allow cookies for this browser session ONLY
1252 { +no-cookies-keep }
1253 # Exceptions to the above, sites that benefit from persistent cookies
1254 { -no-cookies-read }
1256 { -no-cookies-keep }
1262 # Alternative way of saying the same thing
1263 {-no-cookies-set -no-cookies-read -no-cookies-keep}
1267 Now turn off "fast redirects", and then we allow two exceptions:
1272 # Reverse it for these two sites, which don't work right without it.
1274 www.ukc.ac.uk/cgi-bin/wac\.cgi\?
1277 Turn on page filtering according to rules in the defined sections of
1278 refilterfile, and make one exception for sourceforge:
1280 # Run everything through the filter file, using only the
1281 # specified sections:
1282 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\
1283 +filter{webbugs} +filter{nimda} +filter{banners-by-size}
1285 # Then disable filtering of code from sourceforge!
1287 .cvs.sourceforge.net
1289 Now some URLs that we want "blocked", ie we won't see them. Many of
1290 these use regular expressions that will expand to match multiple URLs:
1294 /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))
1295 /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])
1296 /.*/(ng)?adclient\.cgi
1297 /.*/(plain|live|rotate)[-_.]?ads?/
1298 /.*/(sponsor)s?[0-9]?/
1299 /.*/_?(plain|live)?ads?(-banners)?/
1301 /.*/ad(sdna_image|gifs?)/
1302 /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)
1306 /.*/adv((er)?ts?|ertis(ing|ements?))?/
1310 /.*/cgi-bin/centralad/getimage
1311 /.*/images/addver\.gif
1312 /.*/images/marketing/.*\.(gif|jpe?g)
1316 /.*/sponsors?[0-9]?/
1317 /.*/advert[0-9]+\.jpg
1324 /graphics/defaultAd/
1326 /image\.ng/transactionID
1327 /images/.*/.*_anim\.gif # alvin brattli
1328 /ip_img/.*\.(gif|jpe?g)
1332 /cgi-bin/nph-adclick.exe/
1333 /.*/Image/BannerAdvertising/
1335 /.*/adlib/server\.cgi
1338 Note that many of these actions have the potential to cause a page to
1339 misbehave, possibly even not to display at all. There are many ways a
1340 site designer may choose to design his site, and what HTTP header
1341 content he may depend on. There is no way to have hard and fast rules
1342 for all sites. See the [52]Appendix for a brief example on
1343 troubleshooting actions.
1344 _________________________________________________________________
1348 Custom "actions", known to Privoxy as "aliases", can be defined by
1349 combining other "actions". These can in turn be invoked just like the
1350 built-in "actions". Currently, an alias can contain any character
1351 except space, tab, "=", "{" or "}". But please use only "a"- "z",
1352 "0"-"9", "+", and "-". Alias names are not case sensitive, and must be
1353 defined before anything else in the default.actionfile ! And there can
1354 only be one set of "aliases" defined.
1356 Now let's define a few aliases:
1358 # Useful customer aliases we can use later. These must come first!
1360 +no-cookies = +no-cookies-set +no-cookies-read
1361 -no-cookies = -no-cookies-set -no-cookies-read
1362 fragile = -block -no-cookies -filter -fast-redirects -hide-refere
1364 shop = -no-cookies -filter -fast-redirects
1365 +imageblock = +block +image
1366 #For people who don't like to type too much: ;-)
1369 c2 = -no-cookies-set +no-cookies-read
1370 c3 = +no-cookies-set -no-cookies-read
1371 #... etc. Customize to your heart's content.
1373 Some examples using our "shop" and "fragile" aliases from above:
1375 # These sites are very complex and require
1376 # minimal interference.
1378 .office.microsoft.com
1379 .windowsupdate.microsoft.com
1381 # Shopping sites - still want to block ads.
1384 .worldpay.com # for quietpc.com
1387 # These shops require pop-ups
1391 _________________________________________________________________
1393 3.5. The Filter File
1395 Any web page can be dynamically modified with the filter file. This
1396 modification can be removal, or re-writing, of any web page content,
1397 including tags and non-visible content. The default filter file is
1398 default.filter, located in the config directory.
1400 The included example file is divided into sections. Each section
1401 begins with the FILTER keyword, followed by the identifier for that
1402 section, e.g. "FILTER: webbugs". Each section performs a similar type
1403 of filtering, such as "html-annoyances".
1405 This file uses regular expressions to alter or remove any string in
1406 the target page. The expressions can only operate on one line at a
1407 time. Some examples from the included default default.filter:
1409 Stop web pages from displaying annoying messages in the status bar by
1410 deleting such references:
1412 FILTER: html-annoyances
1413 # New browser windows should be resizeable and have a location and st
1417 s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig
1418 s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig
1419 s/scrolling="?(no|0|Auto)"?/scrolling=1/ig
1420 s/menubar="?(no|0)"?/menubar=1/ig
1421 # The <BLINK> tag was a crime!
1423 s*<blink>|</blink>**ig
1426 #s/framespacing="?(no|0)"?//ig
1427 #s/margin(height|width)=[0-9]*//gi
1429 Just for kicks, replace any occurrence of "Microsoft" with
1430 "MicroSuck", and have a little fun with topical buzzwords:
1433 s/microsoft(?!.com)/MicroSuck/ig
1436 s/industry-leading|cutting-edge|award-winning/<font color=red><b>BING
1439 Kill those pesky little web-bugs:
1441 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
1443 s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\
1444 s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig
1445 _________________________________________________________________
1449 When Privoxy displays one of its internal pages, such as a 404 Not
1450 Found error page, it uses the appropriate template. On Linux, BSD, and
1451 Unix, these are located in /etc/privoxy/templates by default. These
1452 may be customized, if desired.
1453 _________________________________________________________________
1455 4. Quickstart to Using Privoxy
1457 Install package, then run and enjoy! Privoxy is typically started by
1458 specifying the main configuration file to be used on the command line.
1459 Example Unix startup command:
1462 # /usr/sbin/privoxy /etc/privoxy/config
1465 An init script is provided for SuSE and Redhat.
1467 For for SuSE: /etc/rc.d/privoxy start
1469 For RedHat: /etc/rc.d/init.d/privoxy start
1471 If no configuration file is specified on the command line, Privoxy
1472 will look for a file named config in the current directory. Except on
1473 Win32 where it will try config.txt. If no file is specified on the
1474 command line and no default configuration file can be found, Privoxy
1477 Be sure your browser is set to use the proxy which is by default at
1478 localhost, port 8118. With Netscape (and Mozilla), this can be set
1479 under Edit -> Preferences -> Advanced -> Proxies -> HTTP Proxy. For
1480 Internet Explorer: Tools > Internet Properties -> Connections -> LAN
1481 Setting. Then, check "Use Proxy" and fill in the appropriate info
1482 (Address: localhost, Port: 8118). Include if HTTPS proxy support too.
1484 The included default configuration files should give a reasonable
1485 starting point, though may be somewhat aggressive in blocking junk.
1486 You will probably want to keep an eye out for sites that require
1487 persistent cookies, and add these to default.action as needed. By
1488 default, most of these will be accepted only during the current
1489 browser session, until you add them to the configuration. If you want
1490 the browser to handle this instead, you will need to edit
1491 default.action and disable this feature. If you use more than one
1492 browser, it would make more sense to let Privoxy handle this. In which
1493 case, the browser(s) should be set to accept all cookies.
1495 If a particular site shows problems loading properly, try adding it to
1496 the {fragile} section of default.action. This will turn off most
1497 actions for this site.
1499 Privoxy is HTTP/1.1 compliant, but not all 1.1 features are as yet
1500 implemented. If browsers that support HTTP/1.1 (like Mozilla or recent
1501 versions of I.E.) experience problems, you might try to force HTTP/1.0
1502 compatibility. For Mozilla, look under Edit -> Preferences -> Debug ->
1503 Networking. Or set the "+downgrade" config option in default.action.
1505 After running Privoxy for a while, you can start to fine tune the
1506 configuration to suit your personal, or site, preferences and
1507 requirements. There are many, many aspects that can be customized.
1508 "Actions" (as specified in default.action) can be adjusted by pointing
1509 your browser to [53]http://i.j.b/, and then follow the link to "edit
1510 the actions list". (This is an internal page and does not require
1513 In fact, various aspects of Privoxy configuration can be viewed from
1514 this page, including current configuration parameters, source code
1515 version numbers, the browser's request headers, and "actions" that
1516 apply to a given URL. In addition to the default.action file editor
1517 mentioned above, Privoxy can also be turned "on" and "off" from this
1520 If you encounter problems, please verify it is a Privoxy bug, by
1521 disabling Privoxy, and then trying the same page. Also, try another
1522 browser if possible to eliminate browser or site problems. Before
1523 reporting it as a bug, see if there is not a configuration option that
1524 is enabled that is causing the page not to load. You can then add an
1525 exception for that page or site. If a bug, please report it to the
1526 developers (see below).
1527 _________________________________________________________________
1529 4.1. Command Line Options
1531 Privoxy may be invoked with the following command-line options:
1534 Print version info and exit, Unix only.
1536 Print a short usage info and exit, Unix only.
1538 Don't become a daemon, i.e. don't fork and become process group
1539 leader, don't detach from controlling tty. Unix only.
1541 On startup, write the process ID to FILE. Delete the FILE on exit.
1542 Failiure to create or delete the FILE is non-fatal. If no FILE
1543 option is given, no PID file will be used. Unix only.
1544 * --user USER[.GROUP]
1545 After (optionally) writing the PID file, assume the user ID of
1546 USER, and if included the GID of GROUP. Exit if the privileges are
1547 not sufficient to do so. Unix only.
1549 If no configfile is included on the command line, Privoxy will
1550 look for a file named "config" in the current directory (except on
1551 Win32 where it will look for "config.txt" instead). Specify full
1552 path to avoid confusion.
1553 _________________________________________________________________
1555 5. Contacting the Developers, Bug Reporting and Feature Requests
1557 We value your feedback. However, to provide you with the best support,
1560 * Use the [54]Sourceforge support forum to get help.
1561 * Submit bugs only thru our [55]Sourceforge bug forum. Make sure
1562 that the bug has not already been submitted. Please try to verify
1563 that it is a Privoxy bug, and not a browser or site bug first. If
1564 you are using your own custom configuration, please try the stock
1565 configs to see if the problem is a configuration related bug. And
1566 if not using the latest development snapshot, please try the
1567 latest one. Or even better, CVS sources.
1568 * Submit feature requests only thru our [56]Sourceforge feature
1571 For any other issues, feel free to use the [57]mailing lists.
1573 Anyone interested in actively participating in development and related
1574 discussions can join the appropriate mailing list [58]here. Archives
1575 are available here too.
1576 _________________________________________________________________
1578 6. Copyright and History
1582 Privoxy is free software; you can redistribute it and/or modify it
1583 under the terms of the GNU General Public License as published by the
1584 Free Software Foundation; either version 2 of the License, or (at your
1585 option) any later version.
1587 This program is distributed in the hope that it will be useful, but
1588 WITHOUT ANY WARRANTY; without even the implied warranty of
1589 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1590 General Public License for more details, which is available from
1591 [59]the Free Software Foundation, Inc, 59 Temple Place - Suite 330,
1592 Boston, MA 02111-1307, USA.
1593 _________________________________________________________________
1597 Junkbuster was originally written by Anonymous Coders and
1598 [60]Junkbuster's Corporation, and was released as free open-source
1599 software under the GNU GPL. [61]Stefan Waldherr made many
1600 improvements, and started the [62]SourceForge project Privoxy to
1601 rekindle development. There are now several active developers
1602 contributing. The last stable release was v2.0.2, which has now grown
1604 _________________________________________________________________
1608 [63]http://sourceforge.net/projects/ijbswa
1610 [64]http://ijbswa.sourceforge.net/
1614 [66]http://www.junkbusters.com/ht/en/cookies.html
1616 [67]http://www.waldherr.org/junkbuster/
1618 [68]http://privacy.net/analyze/
1620 [69]http://www.squid-cache.org/
1621 _________________________________________________________________
1625 8.1. Regular Expressions
1627 Privoxy can use "regular expressions" in various config files.
1628 Assuming support for "pcre" (Perl Compatible Regular Expressions) is
1629 compiled in, which is the default. Such configuration directives do
1630 not require regular expressions, but they can be used to increase
1631 flexibility by matching a pattern with wild-cards against URLs.
1633 If you are reading this, you probably don't understand what "regular
1634 expressions" are, or what they can do. So this will be a very brief
1635 introduction only. A full explanation would require a book ;-)
1637 "Regular expressions" is a way of matching one character expression
1638 against another to see if it matches or not. One of the "expressions"
1639 is a literal string of readable characters (letter, numbers, etc), and
1640 the other is a complex string of literal characters combined with
1641 wild-cards, and other special characters, called meta-characters. The
1642 "meta-characters" have special meanings and are used to build the
1643 complex pattern to be matched against. Perl Compatible Regular
1644 Expressions is an enhanced form of the regular expression language
1645 with backward compatibility.
1647 To make a simple analogy, we do something similar when we use
1648 wild-card characters when listing files with the dir command in DOS.
1649 *.* matches all filenames. The "special" character here is the
1650 asterisk which matches any and all characters. We can be more specific
1651 and use ? to match just individual characters. So "dir file?.text"
1652 would match "file1.txt", "file2.txt", etc. We are pattern matching,
1653 using a similar technique to "regular expressions"!
1655 Regular expressions do essentially the same thing, but are much, much
1656 more powerful. There are many more "special characters" and ways of
1657 building complex patterns however. Let's look at a few of the common
1658 ones, and then some examples:
1660 . - Matches any single character, e.g. "a", "A", "4", ":", or "@".
1662 ? - The preceding character or expression is matched ZERO or ONE
1665 + - The preceding character or expression is matched ONE or MORE
1668 * - The preceding character or expression is matched ZERO or MORE
1671 \ - The "escape" character denotes that the following character should
1672 be taken literally. This is used where one of the special characters
1673 (e.g. ".") needs to be taken literally and not as a special
1676 [] - Characters enclosed in brackets will be matched if any of the
1677 enclosed characters are encountered.
1679 () - parentheses are used to group a sub-expression, or multiple
1682 | - The "bar" character works like an "or" conditional statement. A
1683 match is successful if the sub-expression on either side of "|"
1686 s/string1/string2/g - This is used to rewrite strings of text.
1687 "string1" is replaced by "string2" in this example.
1689 These are just some of the ones you are likely to use when matching
1690 URLs with Privoxy, and is a long way from a definitive list. This is
1691 enough to get us started with a few simple examples which may be more
1694 /.*/banners/.* - A simple example that uses the common combination of
1695 "." and "*" to denote any character, zero or more times. In other
1696 words, any string at all. So we start with a literal forward slash,
1697 then our regular expression pattern (".*") another literal forward
1698 slash, the string "banners", another forward slash, and lastly another
1699 ".*". We are building a directory path here. This will match any file
1700 with the path that has a directory named "banners" in it. The ".*"
1701 matches any characters, and this could conceivably be more forward
1702 slashes, so it might expand into a much longer looking path. For
1703 example, this could match:
1704 "/eye/hate/spammers/banners/annoy_me_please.gif", or just
1705 "/banners/annoying.html", or almost an infinite number of other
1706 possible combinations, just so it has "banners" in the path somewhere.
1708 A now something a little more complex:
1710 /.*/adv((er)?ts?|ertis(ing|ements?))?/ - We have several literal
1711 forward slashes again ("/"), so we are building another expression
1712 that is a file path statement. We have another ".*", so we are
1713 matching against any conceivable sub-path, just so it matches our
1714 expression. The only true literal that must match our pattern is adv,
1715 together with the forward slashes. What comes after the "adv" string
1716 is the interesting part.
1718 Remember the "?" means the preceding expression (either a literal
1719 character or anything grouped with "(...)" in this case) can exist or
1720 not, since this means either zero or one match. So
1721 "((er)?ts?|ertis(ing|ements?))" is optional, as are the individual
1722 sub-expressions: "(er)", "(ing|ements?)", and the "s". The "|" means
1723 "or". We have two of those. For instance, "(ing|ements?)", can expand
1724 to match either "ing" OR "ements?". What is being done here, is an
1725 attempt at matching as many variations of "advertisement", and
1726 similar, as possible. So this would expand to match just "adv", or
1727 "advert", or "adverts", or "advertising", or "advertisement", or
1728 "advertisements". You get the idea. But it would not match
1729 "advertizements" (with a "z"). We could fix that by changing our
1730 regular expression to: "/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/",
1731 which would then match either spelling.
1733 /.*/advert[0-9]+\.(gif|jpe?g) - Again another path statement with
1734 forward slashes. Anything in the square brackets "[]" can be matched.
1735 This is using "0-9" as a shorthand expression to mean any digit one
1736 through nine. It is the same as saying "0123456789". So any digit
1737 matches. The "+" means one or more of the preceding expression must be
1738 included. The preceding expression here is what is in the square
1739 brackets -- in this case, any digit one through nine. Then, at the
1740 end, we have a grouping: "(gif|jpe?g)". This includes a "|", so this
1741 needs to match the expression on either side of that bar character
1742 also. A simple "gif" on one side, and the other side will in turn
1743 match either "jpeg" or "jpg", since the "?" means the letter "e" is
1744 optional and can be matched once or not at all. So we are building an
1745 expression here to match image GIF or JPEG type image file. It must
1746 include the literal string "advert", then one or more digits, and a
1747 "." (which is now a literal, and not a special character, since it is
1748 escaped with "\"), and lastly either "gif", or "jpeg", or "jpg". Some
1749 possible matches would include: "//advert1.jpg",
1750 "/nasty/ads/advert1234.gif", "/banners/from/hell/advert99.jpg". It
1751 would not match "advert1.gif" (no leading slash), or "/adverts232.jpg"
1752 (the expression does not include an "s"), or "/advert1.jsp" ("jsp" is
1753 not in the expression anywhere).
1755 s/microsoft(?!.com)/MicroSuck/i - This is a substitution. "MicroSuck"
1756 will replace any occurrence of "microsoft". The "i" at the end of the
1757 expression means ignore case. The "(?!.com)" means the match should
1758 fail if "microsoft" is followed by ".com". In other words, this acts
1759 like a "NOT" modifier. In case this is a hyperlink, we don't want to
1762 We are barely scratching the surface of regular expressions here so
1763 that you can understand the default Privoxy configuration files, and
1764 maybe use this knowledge to customize your own installation. There is
1765 much, much more that can be done with regular expressions. Now that
1766 you know enough to get started, you can learn more on your own :/
1768 More reading on Perl Compatible Regular expressions:
1769 [70]http://www.perldoc.com/perl5.6/pod/perlre.html
1770 _________________________________________________________________
1772 8.2. Privoxy's Internal Pages
1774 Since Privoxy proxies each requested web page, it is easy for Privoxy
1775 to trap certain URLs. In this way, we can talk directly to Privoxy,
1776 and see how it is configured, see how our rules are being applied,
1777 change these rules and other configuration options, and even turn
1778 Privoxy's filtering off, all with a web browser.
1780 The URLs listed below are the special ones that allow direct access to
1781 Privoxy. Of course, Privoxy must be running to access these. If not,
1782 you will get a friendly error message. Internet access is not
1785 * Privoxy main page:
1787 [71]http://ijbswa.sourceforge.net/config/
1788 Alternately, this may be reached at [72]http://i.j.b/, but this
1789 variation may not work as reliably as the above in some
1791 * Show information about the current configuration:
1793 [73]http://ijbswa.sourceforge.net/config/show-status
1794 * Show the source code version numbers:
1796 [74]http://ijbswa.sourceforge.net/config/show-version
1797 * Show the client's request headers:
1799 [75]http://ijbswa.sourceforge.net/config/show-request
1800 * Show which actions apply to a URL and why:
1802 [76]http://ijbswa.sourceforge.net/config/show-url-info
1803 * Toggle Privoxy on or off:
1805 [77]http://ijbswa.sourceforge.net/config/toggle
1806 Short cuts. Turn off, then on:
1808 [78]http://ijbswa.sourceforge.net/config/toggle?set=disable
1810 [79]http://ijbswa.sourceforge.net/config/toggle?set=enable
1811 * Edit the actions list file:
1813 [80]http://ijbswa.sourceforge.net/config/edit-actions
1815 These may be bookmarked for quick reference.
1816 _________________________________________________________________
1818 8.3. Anatomy of an Action
1820 The way Privoxy applies "actions" to any given URL can be complex, and
1821 not always so easy to understand what is happening. And sometimes we
1822 need to be able to see just what Privoxy is doing. Especially, if
1823 something Privoxy is doing is causing us a problem inadvertantly. It
1824 can be a little daunting to look at the actions files themselves,
1825 since they tend to be filled with "regular expressions" whose
1826 consequences are not always so obvious. Privoxy provides the
1827 [81]http://ijbswa.sourceforge.net/config/show-url-info page that can
1828 show us very specifically how actions are being applied to any given
1829 URL. This is a big help for troubleshooting.
1831 First, enter one URL (or partial URL) at the prompt, and then Privoxy
1832 will tell us how current configuration will handle it. This will not
1833 help with filtering effects from the default.filter! It also will not
1834 tell you about any other URLs that may be embedded within the URL you
1835 are testing. For instance, images such as ads are expressed as URLs
1836 within the raw page source of HTML pages. So you will only get info
1837 for the actual URL that is pasted into the prompt area -- not any
1838 sub-URLs. If you want to know about embedded URLs like ads, you will
1839 have to dig those out of the HTML source. Use your browser's "View
1840 Page Source" option for this.
1842 Let's look at an example, [82]google.com, one section at a time:
1844 System default actions:
1846 { -add-header -block -deanimate-gifs -downgrade -fast-redirects -filter
1847 -hide-forwarded -hide-from -hide-referer -hide-user-agent -image
1848 -image-blocker -limit-connect -no-compression -no-cookies-keep
1849 -no-cookies-read -no-cookies-set -no-popups -vanilla-wafer -wafer }
1852 This is the top section, and only tells us of the compiled in
1853 defaults. This is basically what Privoxy would do if there were not
1854 any "actions" defined, i.e. it does nothing. Every action is disabled.
1855 This is not particularly informative for our purposes here. OK, next
1858 Matches for http://google.com:
1860 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
1861 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1862 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1863 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1864 -hide-user-agent -image +image-blocker{blank} +no-compression
1865 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
1866 -vanilla-wafer -wafer }
1869 { -no-cookies-keep -no-cookies-read -no-cookies-set }
1876 This is much more informative, and tells us how we have defined our
1877 "actions", and which ones match for our example, "google.com". The
1878 first grouping shows our default settings, which would apply to all
1879 URLs. If you look at your "actions" file, this would be the section
1880 just below the "aliases" section near the top. This applies to all
1881 URLs as signified by the single forward slash -- "/".
1883 These are the default actions we have enabled. But we can define
1884 additional actions that would be exceptions to these general rules,
1885 and then list specific URLs that these exceptions would apply to. Last
1886 match wins. Just below this then are two explict matches for
1887 ".google.com". The first is negating our various cookie blocking
1888 actions (i.e. we will allow cookies here). The second is allowing
1889 "fast-redirects". Note that there is a leading dot here --
1890 ".google.com". This will match any hosts and sub-domains, in the
1891 google.com domain also, such as "www.google.com". So, apparently, we
1892 have these actions defined somewhere in the lower part of our actions
1893 file, and "google.com" is referenced in these sections.
1895 And now we pull it altogether in the bottom section and summarize how
1896 Privoxy is appying all its "actions" to "google.com":
1900 -add-header -block -deanimate-gifs -downgrade -fast-redirects
1901 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1902 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1903 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1904 -hide-user-agent -image +image-blocker{blank} -limit-connect +no-compression
1905 -no-cookies-keep -no-cookies-read -no-cookies-set +no-popups -vanilla-wafer
1909 Now another example, "ad.doubleclick.net":
1921 We'll just show the interesting part here, the explicit matches. It is
1922 matched three different times. Each as an "+block +image", which is
1923 the expanded form of one of our aliases that had been defined as:
1924 "+imageblock". ("Aliases" are defined in the first section of the
1925 actions file and typically used to combine more than one action.)
1927 Any one of these would have done the trick and blocked this as an
1928 unwanted image. This is unnecessarily redundant since the last case
1929 effectively would also cover the first. No point in taking chances
1930 with these guys though ;-) Note that if you want an ad or obnoxious
1931 URL to be invisible, it should be defined as "ad.doubleclick.net" is
1932 done here -- as both a "+block" and an "+image". The custom alias
1933 "+imageblock" does this for us.
1935 One last example. Let's try "http://www.rhapsodyk.net/adsl/HOWTO/".
1936 This one is giving us problems. We are getting a blank page. Hmmm...
1938 Matches for http://www.rhapsodyk.net/adsl/HOWTO/:
1940 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
1941 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1942 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1943 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1944 -hide-user-agent -image +image-blocker{blank} +no-compression
1945 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
1946 -vanilla-wafer -wafer }
1953 Ooops, the "/adsl/" is matching "/ads"! But we did not want this at
1954 all! Now we see why we get the blank page. We could now add a new
1955 action below this that explictly does not block (-block) pages with
1956 "adsl". There are various ways to handle such exceptions. Example:
1962 Now the page displays ;-)
1967 1. http://ijbswa.sourceforge.net/user-manual/
1968 2. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INTRODUCTION
1969 3. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN28
1970 4. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION
1971 5. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-SOURCE
1972 6. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-RH
1973 7. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-SUSE
1974 8. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-OS2
1975 9. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-WIN
1976 10. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-OTHER
1977 11. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#CONFIGURATION
1978 12. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN147
1979 13. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN165
1980 14. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN196
1981 15. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN229
1982 16. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN322
1983 17. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN459
1984 18. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN547
1985 19. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN656
1986 20. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSFILE
1987 21. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN754
1988 22. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN828
1989 23. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1148
1990 24. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#FILTERFILE
1991 25. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1207
1992 26. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#QUICKSTART
1993 27. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1263
1994 28. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#CONTACT
1995 29. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#COPYRIGHT
1996 30. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1322
1997 31. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1328
1998 32. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#SEEALSO
1999 33. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#APPENDIX
2000 34. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#REGEX
2001 35. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1512
2002 36. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSANAT
2004 38. http://sourceforge.net/projects/ijbswa/
2005 39. http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/current/
2006 40. http://www.gnu.org/
2008 42. http://ijbswa.sourceforge.net/config/
2010 44. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSFILE
2015 49. http://i.j.b/show-url-info
2016 50. http://www.perldoc.com/perl5.6/pod/perlre.html
2017 51. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#REGEX
2018 52. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSANAT
2020 54. http://sourceforge.net/tracker/?group_id=11118&atid=211118
2021 55. http://sourceforge.net/tracker/?group_id=11118&atid=111118
2022 56. http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
2023 57. http://sourceforge.net/mail/?group_id=11118
2024 58. http://sourceforge.net/mail/?group_id=11118
2025 59. http://www.gnu.org/copyleft/gpl.html
2026 60. http://www.junkbusters.com/ht/en/ijbfaq.html
2027 61. http://www.waldherr.org/junkbuster/
2028 62. http://sourceforge.net/projects/ijbswa/
2029 63. http://sourceforge.net/projects/ijbswa
2030 64. http://ijbswa.sourceforge.net/
2032 66. http://www.junkbusters.com/ht/en/cookies.html
2033 67. http://www.waldherr.org/junkbuster/
2034 68. http://privacy.net/analyze/
2035 69. http://www.squid-cache.org/
2036 70. http://www.perldoc.com/perl5.6/pod/perlre.html
2037 71. http://ijbswa.sourceforge.net/config/
2039 73. http://ijbswa.sourceforge.net/config/show-status
2040 74. http://ijbswa.sourceforge.net/config/show-version
2041 75. http://ijbswa.sourceforge.net/config/show-request
2042 76. http://ijbswa.sourceforge.net/config/show-url-info
2043 77. http://ijbswa.sourceforge.net/config/toggle
2044 78. http://ijbswa.sourceforge.net/config/toggle?set=disable
2045 79. http://ijbswa.sourceforge.net/config/toggle?set=enable
2046 80. http://ijbswa.sourceforge.net/config/edit-actions
2047 81. http://ijbswa.sourceforge.net/config/show-url-info
2048 82. http://google.com/
2051 83. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1384
2052 84. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1392
2053 85. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1395
2054 86. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1398
2055 87. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1401
2056 88. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1406
2057 89. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1409
2058 90. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1412
2059 91. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1418