<!entity history SYSTEM "history.sgml">
<!entity copyright SYSTEM "copyright.sgml">
<!entity license SYSTEM "license.sgml">
-<!entity p-version "3.0.24">
-<!entity p-status "stable">
-<!entity % p-not-stable "IGNORE">
-<!entity % p-stable "INCLUDE">
+<!entity p-version "3.0.25">
+<!entity p-status "UNRELEASED">
+<!entity % p-not-stable "INCLUDE">
+<!entity % p-stable "IGNORE">
<!entity % p-text "IGNORE"> <!-- define we are not a text only doc -->
<!entity % p-doc "INCLUDE"> <!-- and we are a formal doc -->
<!entity % p-supp-userman "INCLUDE"> <!-- Include all from supported.sgml -->
This file belongs into
ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- $Id: faq.sgml,v 2.111 2016/01/21 15:55:49 fabiankeil Exp $
+ $Id: faq.sgml,v 2.117 2016/03/04 13:21:33 fabiankeil Exp $
Copyright (C) 2001-2014 Privoxy Developers http://www.privoxy.org/
See LICENSE.
</subscript>
</pubdate>
-<pubdate>$Id: faq.sgml,v 2.111 2016/01/21 15:55:49 fabiankeil Exp $</pubdate>
+<pubdate>$Id: faq.sgml,v 2.117 2016/03/04 13:21:33 fabiankeil Exp $</pubdate>
<!--
</sect2>
-<sect2 renderas="sect3">
-<title id="whyprivoxy">Why <quote>Privoxy</quote>? Why change the name from
+<sect2 renderas="sect3" id="whyprivoxy">
+<title>Why <quote>Privoxy</quote>? Why change the name from
Junkbuster at all?</title>
<para>
Though outdated, Junkbusters Corporation continued to offer their original
</sect2>
<sect2 renderas="sect3" id="whatsanad">
-<title id="knows">How does Privoxy know what is
-an ad, and what is not?</title>
+<title>How does Privoxy know what is an ad, and what is not?</title>
<para>
<application>Privoxy</application>'s approach to blocking ads is twofold:
</para>
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="mistakes">Can Privoxy make mistakes?
+<sect2 renderas="sect3" id="mistakes">
+<title>Can Privoxy make mistakes?
This does not sound very scientific.</title>
<para>
Actually, it's a black art ;-) And yes, it is always possible to have a broad
</sect2>
-<sect2 renderas="sect3">
-<title id="configornot">Will I have to configure Privoxy
+<sect2 renderas="sect3" id="configornot">
+<title>Will I have to configure Privoxy
before I can use it?</title>
<para>
That depends on your expectations.
</para>
</sect2>
-<sect2 renderas="sect3" id="help-the-developers"><title id="jointeam">I would like to help you, what can I do?</title>
+<sect2 renderas="sect3" id="help-the-developers"><title>I would like to help you, what can I do?</title>
-<sect3 renderas="sect4" id="participate"><title id="jointeam-work">Would you like to participate?</title>
+<sect3 renderas="sect4" id="participate"><title>Would you like to participate?</title>
<para>
Well, we <emphasis>always</emphasis> need help. There is something for
everybody who wants to help us. We welcome new developers, packagers,
</para>
<para>
- Note that donations done through Zwiebelfreunde e.V. currently can't be checked
+ Note that donations made through Zwiebelfreunde e.V. currently can't be checked
automatically so you may not get credited right away. The credits currently
- reflect donations done before 2016-01-14.
+ reflect donations received before 2016-01-14.
</para>
<para>
<!-- ~~~~~ New section ~~~~~ -->
<sect1 id="configuration"><title>Configuration</title>
-<sect2 renderas="sect3">
-<title id="actionsfile">What exactly is an <quote>actions</quote> file?</title>
+<sect2 renderas="sect3" id="actionsfile">
+<title>What exactly is an <quote>actions</quote> file?</title>
<para>
&my-app; utilizes the concept of <quote>
</sect2>
-<sect2 renderas="sect3">
-<title id="actconfig">How are actions files configured? What is the easiest
+<sect2 renderas="sect3" id="actconfig">
+<title>How are actions files configured? What is the easiest
way to do this?</title>
<para>
</sect2>
-<sect2 renderas="sect3">
-<title id="filterfile">What is the <filename>default.filter</filename> file? What is a <quote>filter</quote>?</title>
+<sect2 renderas="sect3" id="filterfile">
+<title>What is the <filename>default.filter</filename> file? What is a <quote>filter</quote>?</title>
<para>
The <ulink url="../user-manual/filter-file.html"><filename>default.filter</filename></ulink>
file is where <emphasis>filters</emphasis> as supplied by the developers are defined.
</sect2>
-<sect2 renderas="sect3">
-<title id="noseeum">Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</title>
+<sect2 renderas="sect3" id="noseeum">
+<title>Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</title>
<para>
The replacement for blocked images can be controlled with the <ulink
url="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"><literal>set-image-blocker</literal>
</sect2>
-<sect2 renderas="sect3">
-<title id="whyseeum">Why would anybody want to see a checkerboard pattern?</title>
+<sect2 renderas="sect3" id="whyseeum">
+<title>Why would anybody want to see a checkerboard pattern?</title>
<para>
Remember that <link linkend="whatsanad">telling which image is an ad and which
isn't</link>, is an educated guess. While we hope that the standard configuration
</sect2>
-<sect2 renderas="sect3">
-<title id="blockedbytext">I see some images being replaced with text
+<sect2 renderas="sect3" id="blockedbytext">
+<title>I see some images being replaced with text
instead of the checkerboard image. Why and how do I get rid of this?</title>
<para>
This happens when the banners are not embedded in the HTML code of the
<sect1 id="misc"><title>Miscellaneous</title>
-<sect2 renderas="sect3">
-<title id="slowsme">How much does Privoxy slow my browsing down? This
+<sect2 renderas="sect3" id="slowsme">
+<title>How much does Privoxy slow my browsing down? This
has to add extra time to browsing.</title>
<para>
How much of an impact depends on many things, including the CPU of the host
hence it could not be intercepted, and you have accessed the <emphasis>real</emphasis>
web site at config.privoxy.org.
</para>
+<para>
+ Note that config.privoxy.org resolves to a public IP address.
+ If you use config.privoxy.org as ping or traceroute target you will
+ reach the system on the Internet (Privoxy can't intercept ICMP requests).
+ If you want to ping the system Privoxy runs on,
+ you should use its IP address or local DNS name (if it has got one).
+</para>
</sect2>
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="anonforsure">Can Privoxy guarantee I am anonymous?</title>
+<sect2 renderas="sect3" id="anonforsure">
+<title>Can Privoxy guarantee I am anonymous?</title>
<para>
No. Your chances of remaining anonymous are improved, but unless you
<ulink url="#TOR">chain <application>Privoxy</application> with <application>Tor</application></ulink>
</sect2>
-<sect2 renderas="sect3">
-<title id="proxytest">A test site says I am not using a Proxy.</title>
+<sect2 renderas="sect3" id="proxytest">
+<title>A test site says I am not using a Proxy.</title>
<para>
Good! Actually, they are probably testing for some other kinds of proxies.
Hiding yourself completely would require additional steps.
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="sitebreak">Might some things break because header information or
+<sect2 renderas="sect3" id="sitebreak">
+<title>Might some things break because header information or
content is being altered?</title>
<para>
</sect2>
-<sect2 renderas="sect3">
-<title id="caching">Can Privoxy act as a <quote>caching</quote> proxy to
+<sect2 renderas="sect3" id="caching">
+<title>Can Privoxy act as a <quote>caching</quote> proxy to
speed up web browsing?</title>
<para>
No, it does not have this ability at all. You want something like
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="firewall">What about as a firewall? Can Privoxy protect me?</title>
+<sect2 renderas="sect3" id="firewall">
+<title>What about as a firewall? Can Privoxy protect me?</title>
<para>
Not in the way you mean, or in the way some firewall vendors claim they can.
<application>Privoxy</application> can help protect your privacy, but can't
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="wasted">I have large empty spaces / a checkerboard pattern now where
+<sect2 renderas="sect3" id="wasted">
+<title>I have large empty spaces / a checkerboard pattern now where
ads used to be. Why?</title>
<para>
It is technically possible to eliminate banners and ads in a way that frees
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="ssl">How can Privoxy filter Secure (HTTPS) URLs?</title>
+<sect2 renderas="sect3" id="ssl">
+<title>How can Privoxy filter Secure (HTTPS) URLs?</title>
<para>
Since secure HTTP connections are encrypted SSL sessions between your browser
and the secure site, and are meant to be reliably <emphasis>secure</emphasis>,
</sect2>
-<sect2 renderas="sect3">
-<title id="secure">Privoxy runs as a <quote>server</quote>. How
+<sect2 renderas="sect3" id="secure">
+<title>Privoxy runs as a <quote>server</quote>. How
secure is it? Do I need to take any special precautions?</title>
<para>
On Unix-like systems, <application>Privoxy</application> can run as a non-privileged
<sect1 id="trouble">
<title>Troubleshooting</title>
-<sect2 renderas="sect3">
-<title id="refused">I cannot connect to any websites. Or, I am getting
+<sect2 renderas="sect3" id="refused">
+<title>I cannot connect to any websites. Or, I am getting
<quote>connection refused</quote> message with every web page. Why?</title>
<para>
There are several possibilities:
</para>
</sect2>
-<sect2 renderas="sect3">
-<title id="flushit">I just added a new rule, but the steenkin ad is
+<sect2 renderas="sect3" id="flushit">
+<title>I just added a new rule, but the steenkin ad is
still getting through. How?</title>
<para>
If the ad had been displayed before you added its URL, it will probably be
</sect2>
-<sect2 id="badsite" renderas="sect3">
-<title >One of my favorite sites does not work with Privoxy.
+<sect2 renderas="sect3" id="badsite">
+<title>One of my favorite sites does not work with Privoxy.
What can I do?</title>
<para>
</para>
</sect2>
+<sect2 renderas="sect3" id="tainted-sockets">
+<title>What are tainted sockets and how do I prevent them?</title>
+<para>
+ &my-app; marks sockets as tainted when it can't use them to
+ serve additional requests.
+ This does not necessarily mean that something went wrong and
+ information about tainted sockets is only logged if connection
+ debugging is enabled (debug 2).
+</para>
+<para>
+ For example server sockets that were used for CONNECT requests
+ (which are used to tunnel https:// requests) are considered tainted
+ once the client closed its connection to &my-app;.
+ Technically &my-app; could keep the connection to the server open,
+ but the server would not accept requests that do not belong to the
+ previous TLS/SSL session (and the client may even have terminated
+ the session).
+</para>
+<para>
+ Server sockets are also marked tainted when a client requests a
+ resource, but closes the connection before &my-app; has completely
+ received (and forwarded) the resource to the client.
+ In this case the server would (probably) accept additional requests,
+ but &my-app; could not get the response without completely reading
+ the leftovers from the previous response.
+</para>
+<para>
+ These are just two examples, there are currently a bit more than
+ 25 scenarios in which a socket is considered tainted.
+</para>
+<para>
+ While sockets can also be marked tainted as a result of a technical
+ problem that may be worth fixing, the problem will be explicitly
+ logged as error.
+</para>
+</sect2>
</sect1>
projects / privoxy.git / blobdiff