NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
-TITLE="Privoxy 3.0.7 User Manual"
+TITLE="Privoxy 3.0.10 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Privoxy Configuration"
HREF="actions-file.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
-HREF="../p_doc.css">
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
</head
><BODY
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 3.0.7 User Manual</TH
+>Privoxy 3.0.10 User Manual</TH
></TR
><TR
><TD
>trustfile</I
></SPAN
></A
-> above.)
+> below.)
</P
><P
> If you use the trust mechanism, it is a good idea to write up some on-line
>Specifies:</DT
><DD
><P
->The directory where the other configuration files are located</P
+>The directory where the other configuration files are located.</P
></DD
><DT
>Type of value:</DT
CLASS="LITERAL"
>/</TT
>"</SPAN
->, please
+>, please.
</P
></DD
></DL
>Specifies:</DT
><DD
><P
->An alternative directory where the templates are loaded from</P
+>An alternative directory where the templates are loaded from.</P
></DD
><DT
>Type of value:</DT
>Notes:</DT
><DD
><P
-> Privoxy's original templates are usually overwritten
- with each update. Use this option to relocate customized templates
- that should be kept. Note that template variables might change
- between updates and templates are not guaranteed to work with
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> original templates are usually
+ overwritten with each update. Use this option to relocate customized
+ templates that should be kept. As template variables might change
+ between updates, you shouldn't expect templates to work with
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> releases other than the one
- they were part of.
+ they were part of, though.
</P
></DD
></DL
>Specifies:</DT
><DD
><P
-> The directory where all logging takes place (i.e. where <TT
+> The directory where all logging takes place
+ (i.e. where <TT
CLASS="FILENAME"
>logfile</TT
-> and
+> and
<TT
CLASS="FILENAME"
>jarfile</TT
-> are located)
+> are located).
</P
></DD
><DT
CLASS="LITERAL"
>/</TT
>"</SPAN
->, please
+>, please.
</P
></DD
></DL
</P
><P
>
- The default values include standard.action, which is used for internal
- purposes and should be loaded, default.action, which is the
- <SPAN
+ The default values include <TT
+CLASS="FILENAME"
+>standard.action</TT
+>, which is used
+ for internal purposes and should be loaded, <TT
+CLASS="FILENAME"
+>default.action</TT
+>,
+ which is the <SPAN
CLASS="QUOTE"
>"main"</SPAN
> actions file maintained by the developers, and
</P
><P
>
- Actions files are where all the per site and per URL configuration is done for
+ Actions files contain all the per site and per URL configuration for
ad blocking, cookie management, privacy considerations, etc.
There is no point in using <SPAN
CLASS="APPLICATION"
CLASS="EMPHASIS"
>or</I
></SPAN
-> privoxy.log (Windows)</P
+> privoxy.log (Windows).</P
></DD
><DT
>Effect if unset:</DT
><DD
><P
-> Logging is disabled unless <TT
-CLASS="LITERAL"
->--no-daemon</TT
-> mode is used.
+> No logfile is written.
</P
></DD
><DT
is doing.
</P
><P
-> Many users will never look at it, however, and it's a privacy risk
- if third parties can get access to it. It is therefore disabled by
- default in <SPAN
+> Depending on the debug options below, the logfile may be a privacy risk
+ if third parties can get access to it. As most users will never look
+ at it, <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> 3.0.7 and later.
- </P
+> 3.0.7 and later only log fatal
+ errors by default.
+ </P
><P
-> For troubleshooting purposes, you will have to explicitly enable it.
- Please don't file any support requests without trying to reproduce
- the problem with logging enabled first. Once you read the log messages,
- you may even be able to solve the problem on your own.
+> For most troubleshooting purposes, you will have to change that,
+ please refer to the debugging section for details.
</P
><P
> Your logfile will grow indefinitely, and you will probably want to
CLASS="EMPHASIS"
>or</I
></SPAN
-> privoxy.jar (Windows)</P
+> privoxy.jar (Windows).</P
></DD
><DT
>Effect if unset:</DT
>Specifies:</DT
><DD
><P
-> Key values that determine what information gets logged to the
- <A
-HREF="config.html#LOGFILE"
-><SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->logfile</I
-></SPAN
-></A
->.
+> Key values that determine what information gets logged.
</P
></DD
><DT
>Default value:</DT
><DD
><P
->12289 (i.e.: URLs plus informational and warning messages)</P
+>0 (i.e.: only fatal errors (that cause Privoxy to exit) are logged)</P
></DD
><DT
>Effect if unset:</DT
><DD
><P
-> Nothing gets logged.
+> Default value is used (see above).
</P
></DD
><DT
><TD
><PRE
CLASS="PROGRAMLISTING"
-> debug 1 # show each GET/POST/CONNECT request
- debug 2 # show each connection status
- debug 4 # show I/O status
- debug 8 # show header parsing
- debug 16 # log all data written to the network into the logfile
- debug 32 # debug force feature
- debug 64 # debug regular expression filters
- debug 128 # debug redirects
- debug 256 # debug GIF de-animation
- debug 512 # Common Log Format
- debug 1024 # debug kill pop-ups
- debug 2048 # CGI user interface
- debug 4096 # Startup banner and warnings.
- debug 8192 # Non-fatal errors</PRE
+> debug 1 # log each request destination (and the crunch reason if <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> intercepted the request)
+ debug 2 # show each connection status
+ debug 4 # show I/O status
+ debug 8 # show header parsing
+ debug 16 # log all data written to the network into the logfile
+ debug 32 # debug force feature
+ debug 64 # debug regular expression filters
+ debug 128 # debug redirects
+ debug 256 # debug GIF de-animation
+ debug 512 # Common Log Format
+ debug 2048 # CGI user interface
+ debug 4096 # Startup banner and warnings.
+ debug 8192 # Non-fatal errors</PRE
></TD
></TR
></TABLE
CLASS="emphasis"
><I
CLASS="EMPHASIS"
->1, 4096 and 8192 are highly recommended</I
+>1, 4096 and 8192 are recommended</I
></SPAN
>
- so that you will notice when things go wrong. The other levels are probably
- only of interest if you are hunting down a specific problem. They can produce
- a hell of an output (especially 16).
+ so that you will notice when things go wrong. The other levels are
+ probably only of interest if you are hunting down a specific problem.
+ They can produce a hell of an output (especially 16).
</P
><P
-> The reporting of <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->fatal</I
-></SPAN
-> errors (i.e. ones which causes
- <SPAN
+> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> to exit) is always on and cannot be disabled.
+> used to ship with the debug levels recommended above enabled by
+ default, but due to privacy concerns 3.0.7 and later are configured to
+ only log fatal errors.
+ </P
+><P
+> If you are used to the more verbose settings, simply enable the debug lines
+ below again.
</P
><P
-> If you want to use CLF (Common Log Format), you should set <SPAN
+> If you want to use pure CLF (Common Log Format), you should set <SPAN
CLASS="QUOTE"
>"debug
512"</SPAN
>"... [too long, truncated]"</SPAN
>.
</P
+><P
+> Please don't file any support requests without trying to reproduce
+ the problem with increased debug level first. Once you read the log
+ messages, you may even be able to solve the problem on your own.
+ </P
></DD
></DL
></DIV
>Specifies:</DT
><DD
><P
-> Whether to run only one server thread
+> Whether to run only one server thread.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> This option is only there for debugging purposes and you should never
- need to use it. <SPAN
+> This option is only there for debugging purposes.
+ <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
></DL
></DIV
></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HOSTNAME"
+>7.3.3. hostname</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> The hostname shown on the CGI pages.
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Text</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> The hostname provided by the operating system is used.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> On some misconfigured systems resolving the hostname fails or
+ takes too much time and slows Privoxy down. Setting a fixed hostname
+ works around the problem.
+ </P
+><P
+> In other circumstances it might be desirable to show a hostname
+ other than the one returned by the operating system. For example
+ if the system has several different hostnames and you don't want
+ to use the first one.
+ </P
+><P
+> Note that Privoxy does not validate the specified hostname value.
+ </P
+></DD
+></DL
+></DIV
+></DIV
></DIV
><DIV
CLASS="SECT2"
CLASS="APPLICATION"
>Privoxy</SPAN
> users don't read
- documentation, this feature has been disabled by default.
+ documentation, this feature is disabled by default.
</P
><P
> Note that you must have compiled <SPAN
side code (e.g Java) is also capable of using this feature.
</P
><P
-> This option may be removed in future releases as it has been obsoleted
+> This option will be removed in future releases as it has been obsoleted
by the more general header taggers.
</P
></DD
>not recommended</I
></SPAN
> for environments
- with untrusted users and is therefore disabled by default.
+ with untrusted users and as a lot of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ users don't read documentation, this feature is disabled by default.
</P
><P
> Note that malicious client side code (e.g Java) is also
sure your browser is configured correctly.
</P
><P
-> As a lot of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> users don't read
- documentation, this feature has been disabled by default.
- </P
-><P
> Note that you must have compiled <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
option.
</P
><P
-> Please see the warnings in the FAQ that this proxy is not intended to be a substitute
- for a firewall or to encourage anyone to defer addressing basic security
- weaknesses.
+> Please see the warnings in the FAQ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is not intended to be a substitute for a firewall or to encourage anyone
+ to defer addressing basic security weaknesses.
</P
><P
> Multiple ACL lines are OK.
><TD
><PRE
CLASS="SCREEN"
-> forward / caching-proxy.example-isp.net:8000
- forward .example-isp.net .</PRE
+> forward / caching-proxy.isp.example.net:8000
+ forward .isp.example.net .</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="SOCKS"
->7.5.2. forward-socks4 and forward-socks4a</A
+>7.5.2. forward-socks4, forward-socks4a and forward-socks5</A
></H4
><A
NAME="FORWARD-SOCKS4"
><I
>target_pattern</I
></TT
-> is a <A
+> is a
+ <A
HREF="actions-file.html#AF-PATTERNS"
>URL pattern</A
->
- that specifies to which requests (i.e. URLs) this forward rule shall apply. Use <TT
+> that specifies to which
+ requests (i.e. URLs) this forward rule shall apply. Use <TT
CLASS="LITERAL"
>/</TT
> to
denote <SPAN
CLASS="QUOTE"
>"all URLs"</SPAN
->.
- <TT
+>. <TT
CLASS="REPLACEABLE"
><I
>http_parent</I
></TT
-> and <TT
+>
+ and <TT
CLASS="REPLACEABLE"
><I
>socks_proxy</I
></TT
>
- are IP addresses in dotted decimal notation or valid DNS names (<TT
+ are IP addresses in dotted decimal notation or valid DNS names
+ (<TT
CLASS="REPLACEABLE"
><I
>http_parent</I
><I
>port</I
></TT
-> parameters are TCP ports, i.e. integer values from 1 to 64535
+> parameters are TCP ports,
+ i.e. integer values from 1 to 65535
</P
></DD
><DT
server, while in SOCKS 4 it happens locally.
</P
><P
+> With <TT
+CLASS="LITERAL"
+>forward-socks5</TT
+> the DNS resolution will happen on the remote server as well.
+ </P
+><P
> If <TT
CLASS="REPLACEABLE"
><I
><TD
><PRE
CLASS="SCREEN"
-> forward-socks4a / socks-gw.example.com:1080 www-cache.example-isp.net:8080
+> forward-socks4a / socks-gw.example.com:1080 www-cache.isp.example.net:8080
forward .example.com .</PRE
></TD
></TR
>
</P
><P
-> To chain Privoxy and Tor, both running on the same system, you should use
- the rule:
+> To chain Privoxy and Tor, both running on the same system, you would use
+ something like:
</P
><P
> <TABLE
CLASS="APPLICATION"
>Privoxy</SPAN
>
- at all.
+ at all. Of course this may actually be desired and there is no reason
+ to make these exceptions if you aren't sure you need them.
</P
><P
> If you also want to be able to reach servers in your local network by
></SPAN
> users can see the internal content of all ISPs.</P
><P
-> Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
- isp-b.net. Both run <SPAN
+> Assume that host-a has a PPP connection to isp-a.example.net. And host-b has a PPP connection to
+ isp-b.example.org. Both run <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>. Their forwarding
><PRE
CLASS="SCREEN"
> forward / .
- forward .isp-b.net host-b:8118</PRE
+ forward .isp-b.example.net host-b:8118</PRE
></TD
></TR
></TABLE
><PRE
CLASS="SCREEN"
> forward / .
- forward .isp-a.net host-a:8118</PRE
+ forward .isp-a.example.org host-a:8118</PRE
></TD
></TR
></TABLE
<SPAN
CLASS="APPLICATION"
>squid</SPAN
-> locally, then chain as
+> locally, then chaining as
<TT
CLASS="LITERAL"
>browser -> squid -> privoxy</TT
>squid.conf</TT
>.</P
><P
-> You could just as well decide to only forward requests for Windows executables through
- a virus-scanning parent proxy, say, on <TT
+> You could just as well decide to only forward requests you suspect
+ of leading to Windows executables through a virus-scanning parent proxy,
+ say, on <TT
CLASS="LITERAL"
>antivir.example.com</TT
>, port 8010:</P
> CGI forms can lead to
rather long URLs. This isn't a problem as far as the HTTP
standard is concerned, but it can confuse clients with arbitrary
- URL lenght limitations.
+ URL length limitations.
</P
><P
> Enabling split-large-forms causes <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>
- to devide big forms into smaller ones to keep the URL length down.
+ to divide big forms into smaller ones to keep the URL length down.
It makes editing a lot less convenient and you can no longer
submit all changes at once, but at least it works around this
browser bug.
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> will disconnect from and hide the
+> will disconnect from and hide the
command console.</P
><P
> <TT