-.\" Revised man page 10/13/01, for development version.
-.\" Hal Burgiss <hal@foobox.net>
-.\" for Privoxy developers: ijbswa-developers@lists.sourceforge.net
-.\"
-.TH PRIVOXY 1 "v2.9.13 (beta) Date: 2002/03/24"
-
+.\" This manpage has been automatically generated by docbook2man
+.\" from a DocBook document. This tool can be found at:
+.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
+.\" Please send any bug reports, improvements, comments, patches,
+.\" etc. to Steve Cheng <steve@ggi-project.org>.
+.TH "PRIVOXY" "1" "19 January 2008" "Privoxy 3.0.8" ""
.SH NAME
-\fBprivoxy\fP
-- Privacy enhancing
-Proxy
-.\"\s-2(TM)\s+2
+privoxy \- Privacy Enhancing Proxy
.SH SYNOPSIS
-\fBprivoxy\fP
-[--help] [--version] [--no-daemon] [--pidfile \fIpidfile\fP] [--user \fIuser\fP[.\fIgroup\fP]]
-\fI\&[configfile]\fP (Unix)
-.TP
-\fBprivoxy.exe\fP \fI[configfile]\fP (Windows)
-.br
-.SH OPTIONS
-\fBPrivoxy\fP may be invoked with the following command-line options:
+\fBprivoxy\fR [\fB--help\fR ] [\fB--version\fR ] [\fB--no-daemon\fR ] [\fB--pidfile \fIpidfile\fB\fR ] [\fB--user \fIuser[.group]\fB\fR ] [\fB--chroot\fR ] [\fB--pre-chroot-nslookup \fIhostname\fB\fR ] [\fB\fIconfigfile\fB\fR ]
+
+.SH "OPTIONS"
+.PP
+\fBPrivoxy\fR may be invoked with the following command line
+options:
.TP
-.BR --version " (unix only)"
+\fB--help\fR
+Print brief usage info and exit.
+.TP
+\fB--version\fR
Print version info and exit.
.TP
-.BR --help " (unix only)"
-Print a short usage info and exit.
+\fB--no-daemon\fR
+Don't become a daemon, i.e. don't fork and become process group
+leader, don't detach from controlling tty, and do all logging there.
.TP
-.BR --no-daemon " (unix only)"
-Don't become a daemon, i.e. don't fork and become process group
-leader, don't detach from controlling tty, and do all logging
-there.
+\fB--pidfile \fIpidfile\fB\fR
+On startup, write the process ID to \fIpidfile\fR.
+Delete the \fIpidfile\fR on exit.
+Failure to create or delete the \fIpidfile\fR
+is non-fatal. If no \fB--pidfile\fR option is given, no PID file will be used.
.TP
-\fB --pidfile\fP \fIpidfile\fP (unix only)
-On startup, write the process ID to \fIpidfile\fP. Delete the
-\fIpidfile\fP on exit. Failiure to create or delete the
-\fIpidfile\fP is non-fatal. If no \fB--pidfile\fP option
-is given, no PID file will be used.
+\fB--user \fIuser[.group]\fB\fR
+After (optionally) writing the PID file, assume the user ID of
+\fIuser\fR and the GID of
+\fIgroup\fR, or, if the optional
+\fIgroup\fR was not given, the default group of
+\fIuser\fR. Exit if the privileges are not
+sufficient to do so.
.TP
-\fB --user\fP \fIuser\fP[.\fIgroup\fP] (unix only)
-After (optionally) writing the PID file, assume the user ID
-of \fIuser\fP and the GID of \fIgroup\fP, or, if the optional
-\fIgroup\fP was not given, the default group of \fIuser\fP.
-Exit if the privileges are not sufficient to do so.
-
+\fB--chroot\fR
+Before changing to the user ID given in the --user option, chroot to
+that user's home directory, i.e. make the kernel pretend to the
+\fBPrivoxy\fR process that the directory tree starts
+there. If set up carefully, this can limit the impact of possible
+vulnerabilities in \fBPrivoxy\fR to the files contained in
+that hierarchy.
+.TP
+\fB--pre-chroot-nslookup \fIhostname\fB\fR
+Initialize the resolver library using \fIhostname\fR
+before chroot'ing. On some systems this reduces the number of files
+that must be copied into the chroot tree.
.PP
-If the \fIconfigfile\fP is not specified on the command line,
-\fBPrivoxy\fP will look for a file named \fBconfig\fP in the
-current directory (except on Win32 where it will try \fBconfig.txt\fP).
-
-
-.SH DESCRIPTION
-\fBPrivoxy\fP is a web proxy with advanced filtering capabilities for
-protecting privacy, filtering web page content, managing cookies,
-controlling access, and removing ads, banners, pop-ups and other
-obnoxious Internet junk. \fBPrivoxy\fP has a very flexible configuration and
-can be customized to suit individual needs and tastes. \fBPrivoxy\fP has
-application for both stand-alone systems and multi-user networks.
+If the \fIconfigfile\fR is not specified on the command line,
+\fBPrivoxy\fR will look for a file named
+\fIconfig\fR in the current directory . If no
+\fIconfigfile\fR is found, \fBPrivoxy\fR will
+fail to start.
+.SH "DESCRIPTION"
.PP
-\fBPrivoxy\fP is based on code of the \fBInternet Junkbuster (tm)\fP
-\fBJunkbuster\fP was originally written by JunkBusters Corporation, and was
-released as free open-source software under the GNU GPL. Stefan Waldherr made
-many improvements, and started the SourceForge project to continue
-development.
-
-.SH INSTALLATION AND USE
-Browsers must be individually configured to use
-\fBPrivoxy\fP as a HTTP proxy.
-The default setting is for localhost,
-on port 8118 (configurable in the main config file).
-To set the
-\s-2HTTP\s0
-proxy in Netscape and Mozilla,
-go through:
-\fB\&Edit\fP;
-\fB\&Preferences\fP;
-\fB\&Advanced\fP;
-\fB\&Proxies\fP;
-\fB\&Manual Proxy Configuration\fP;
-\fB\&View\fP.
+Privoxy is a non-caching
+web proxy
+with advanced filtering capabilities for enhancing privacy,
+modifying web page data, managing HTTP
+cookies,
+controlling access, and removing ads, banners, pop-ups and other obnoxious
+Internet junk. Privoxy has a flexible configuration and can be
+customized to suit individual needs and tastes. Privoxy has application for
+both stand-alone systems and multi-user networks.
+.PP
+Privoxy is based on Internet Junkbuster (tm).
+.SH "INSTALLATION AND USAGE"
+.PP
+Browsers can either be individually configured to use
+\fBPrivoxy\fR as a HTTP proxy (recommended),
+or \fBPrivoxy\fR can be combined with a packet
+filter to build an intercepting proxy
+(see \fIconfig\fR). The default setting is for
+localhost, on port 8118 (configurable in the main config file). To set the
+HTTP proxy in Netscape and Mozilla, go through: \fBEdit\fR;
+\fBPreferences\fR; \fBAdvanced\fR;
+\fBProxies\fR; \fBManual Proxy Configuration\fR;
+\fBView\fR.
+.PP
+For Firefox, go through: \fBTools\fR;
+\fBOptions\fR; \fBGeneral\fR;
+\fBConnection Settings\fR;
+\fBManual Proxy Configuration\fR.
.PP
-For Internet Explorer,
-go through:
-\fB\&Tools\fP;
-\fB\&Internet Properties\fP;
-\fB\&Connections\fP;
-\fB\&LAN Settings\fP.
+For Internet Explorer, go through: \fBTools\fR;
+\fBInternet Properties\fR; \fBConnections\fR;
+\fBLAN Settings\fR.
.PP
-The
-Secure (SSL) Proxy \" ijbfaq.html#security
-should also be set to the same values,
-otherwise
-\fB\&https:\fP
-\s-2URL\s0s
-will not be proxied.
+The Secure (SSL) Proxy should also be set to the same values, otherwise
+https: URLs will not be proxied. Note: \fBPrivoxy\fR can only
+proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
+HTTPS presents some limitations, and not all features will work with HTTPS
+connections.
.PP
For other browsers, check the documentation.
-
-.SH CONFIGURATION
-\fBPrivoxy\fP can be configured with the various configuration
-files. The default configuration files are: \fIconfig\fP,
-\fIdefault.action\fP, and \fIdefault.filter\fP. These are well commented.
-On Unix and Unix-like systems, these are located in \fI/etc/privoxy/\fP
-by default. On Windows, OS/2 and AmigaOS, these files are in the same directory
-as the \fBPrivoxy\fP executable.
+.SH "CONFIGURATION"
.PP
-The name and number of configuration files has changed from previous versions,
-and is subject to change as development progresses. In fact, the configuration
-itself is changed and much more sophisticated. See the user-manual for a brief
-explanation of all configuration options.
+\fBPrivoxy\fR can be configured with the various configuration
+files. The default configuration files are: \fIconfig\fR,
+\fIdefault.filter\fR, and
+\fIdefault.action\fR. \fIuser.action\fR should
+be used for locally defined exceptions to the default rules of
+\fIdefault.action\fR, and \fIuser.filter\fR for
+locally defined filters. These are well commented. On Unix
+and Unix-like systems, these are located in
+\fI/etc/privoxy/\fR by default.
.PP
-The actions list (ad blocks, etc) can also be configured with your
-web browser at \fIhttp://www.privoxy.org/config\fP.
-\fBPrivoxy's\fP configuration parameters can also be viewed
-at the same page. In addition, \fBPrivoxy\fP can be toggled on/off.
-This is an internal page.
-
-.SH "SAMPLE CONFIGURATION"
+\fBPrivoxy\fR uses the concept of \fBactions\fR
+in order to manipulate the data stream between the browser and remote sites.
+There are various actions available with specific functions for such things
+as blocking web sites, managing cookies, etc. These actions can be invoked
+individually or combined, and used against individual URLs, or groups of URLs
+that can be defined using wildcards and regular expressions. The result is
+that the user has greatly enhanced control and freedom.
.PP
-A brief example of what a \fIdefault.action\fP configuration might look like:
+The actions list (ad blocks, etc) can also be configured with your
+web browser at http://config.privoxy.org/
+(assuming the configuration allows it).
+\fBPrivoxy's\fR configuration parameters can also be viewed at
+the same page. In addition, \fBPrivoxy\fR can be toggled on/off.
+This is an internal page, and does not require Internet access.
.PP
-.nf
-
-# Define a few useful custom aliases for later use
-{{alias}}
+See the \fIUser Manual\fR for a detailed
+explanation of installation, general usage, all configuration options, new
+features and notes on upgrading.
+.SH "SAMPLE CONFIGURATION"
+.PP
+A brief example of what a simple \fIdefault.action\fR
+configuration might look like:
-# Don't accept cookies
-+no-cookies = +no-cookies-set +no-cookies-read
+.nf
+ # Define a few useful custom aliases for later use
+ {{alias}}
-# Do accept cookies
--no-cookies = -no-cookies-set -no-cookies-read
+ # Useful aliases that combine more than one action
+ +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+ -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ +block-as-image = +block +handle-as-image
-# Treat these blocked URLs as images.
-+imageblock = +block +image
+ # Fragile sites should have the minimum changes
+ fragile = -block -deanimate-gifs -fast-redirects -filter \\
+ -hide-referer -prevent-cookies -kill-popups
-# Define page filters we want to use.
-myfilters = +filter{html-annoyances} +filter{js-annoyances}\\
- +filter{no-popups} +filter{webbugs}
+ ## Turn some actions on ################################
+ ## NOTE: Actions are off by default, unless explictily turned on
+ ## otherwise with the '+' operator.
-## Default Policies (actions) ############################
{ \\
- -block \\
- -downgrade \\
- +fast-redirects \\
- myfilters \\
- +no-compression \\
- +hide-forwarded \\
- +hide-from{block} \\
- +hide-referer{forge} \\
- -hide-user-agent \\
- -image \\
- +image-blocker{blank} \\
- +no-cookies-keep \\
- -no-cookies-read \\
- -no-cookies-set \\
- +no-popups \\
- -vanilla-wafer \\
- -wafer \\
++deanimate-gifs{last} \\
++filter{refresh-tags} \\
++filter{img-reorder} \\
++filter{banners-by-size} \\
++filter{webbugs} \\
++filter{jumping-windows} \\
++filter{ie-exploits} \\
++hide-forwarded-for-headers \\
++hide-from-header{block} \\
++hide-referrer{conditional-block} \\
++session-cookies-only \\
++set-image-blocker{pattern} \\
}
-/
+/ # '/' Match *all* URL patterns
-# Now set exceptions to the above defined policies #######
+
+ # Block all URLs that match these patterns
+ { +block }
+ ad.
+ ad[sv].
+ .*ads.
+ banner?.
+ /.*count(er)?\\.(pl|cgi|exe|dll|asp|php[34]?)
+ .hitbox.com
+ media./.*(ads|banner)
-# Sites where we want persistant cookies
-{-no-cookies -no-cookies-keep}
- .redhat.com
- .sun.com
- .yahoo.com
- .msdn.microsoft.com
+ # Block, and treat these URL patterns as if they were 'images'.
+ # We would expect these to be ads.
+ { +block-as-image }
+ .ad.doubleclick.net
+ .a[0-9].yimg.com/(?:(?!/i/).)*$
+ ad.*.doubleclick.net
-# This site requires cookies AND 'fast-redirects' on
-{-no-cookies -no-cookies-keep -fast-redirects}
- .nytimes.com
+ # Make exceptions for these harmless ones that would be
+ # caught by our +block patterns just above.
+ { -block }
+ adsl.
+ adobe.
+ advice.
+ .*downloads.
+ # uploads or downloads
+ /.*loads
+.fi
+.PP
+Then for a \fIuser.action\fR, we would put local,
+narrowly defined exceptions:
-# Add custom headers, and turn off filtering of page source
-{+add-header{X-Privacy: Yes please} #-add-header{*} \\
- +add-header{X-User-Tracking: No thanks!} -filter}
- privacy.net
+.nf
+ # Re-define aliases as needed here
+ {{alias}}
-# Block, and treat these URLs as 'images'.
-{+imageblock}
- .adforce.imgis.com
- .ad.preferences.com/image.*
- .ads.web.aol.com
- .ad-adex3.flycast.com
- .ad.doubleclick.net
- .ln.doubleclick.net
- .ad.de.doubleclick.net
- /.*/count\\.cgi\\?.*df=
- 194.221.183.22[1-7]
- a196.g.akamai.net/7/196/2670/000[12]/images.gmx.net/i4/images/.*/
+ # Useful aliases
+ -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+
+ # Set personal exceptions to the policies in default.action #######
-# Block any URLs that match these patterns
-{+block}
- /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\\.(gif|jpe?g))
- /.*/(plain|live|rotate)[-_.]?ads?/
- /.*/(sponsor)s?[0-9]?/
- /.*/ad(server|stream|juggler)\\.(cgi|pl|dll|exe)
- /.*/adbanners/
- /.*/adv((er)?ts?|ertis(ing|ements?))?/
- /.*/banners?/
- /.*/popupads/
- /.*/advert[0-9]+\\.jpg
- /ad_images/
- /.*/ads/
- /images/.*/.*_anim\\.gif
- /rotations/
- /.*(ms)?backoff(ice)?.*\\.(gif|jpe?g)
- 195.63.104.*/(inbox|log|meld|folderlu|folderru|log(in|out)[lmr]u|)
- .images.nytimes.com
- .images.yahoo.com/adv/
- /.*cnnstore\\.gif
+ # Sites where we want persistent cookies, so allow *all* cookies
+ { -crunch-cookies -session-cookies-only }
+ .redhat.com
+ .sun.com
+ .msdn.microsoft.com
+
+ # These sites break easily. Use our "fragile" alias here.
+ { fragile }
+ .forbes.com
+ mybank.example.com
+ # Replace example.com's style sheet with one of my choosing
+ { +redirect{http://localhost/css-replacements/example.com.css} }
+ .example.com/stylesheet.css
.fi
-.sp
.PP
-See the comments in the configuration files themselves, or the user-manual
-for explanations of the above syntax, and other \fBPrivoxy\fP configuration
-options.
-
+See the comments in the configuration files themselves, or the
+\fIUser Manual\fR
+for full explanations of the above syntax, and other \fBPrivoxy\fR
+configuration options.
.SH "FILES"
-\fI/usr/sbin/privoxy\fP
-.br
-\fI/etc/privoxy/config\fP
-.br
-\fI/etc/privoxy/default.action\fP
-.br
-\fI/etc/privoxy/advanced.action\fP
-.br
-\fI/etc/privoxy/basic.action\fP
-.br
-\fI/etc/privoxy/intermediate.action\fP
-.br
-\fI/etc/privoxy/default.filter\fP
-.br
-\fI/etc/privoxy/trust\fP
-.br
-\fI/etc/privoxy/templates/*\fP
-.br
-\fI/var/log/privoxy/logfile\fP
-
-.PP
-Various other files should be included, but may vary depending on platform
-and build configuration. More documentation should be included in the local
-documentation directory, though is not complete at this time.
-.SH SIGNALS
-\fBPrivoxy\fP terminates on the \fBSIGINT\fP, \fBSIGTERM\fP and \fBSIGABRT\fP
-signals. Log rotation scripts may cause a re-opening of the logfile by sending
-a \fBSIGHUP\fP to \fBPrivoxy\fP. Note that unlike other daemons, \fBPrivoxy\fP
-does not need to be made aware of config file changes by \fBSIGHUP\fP -- it will
-detect them automatically.
+.nf
-.SH NOTES
-This is a \fBBETA\fP version of \fBPrivoxy\fP. Not all features are
-complete or well tested.
+ \fI/usr/sbin/privoxy\fR
+ \fI/etc/privoxy/config\fR
+ \fI/etc/privoxy/default.action\fR
+ \fI/etc/privoxy/standard.action\fR
+ \fI/etc/privoxy/user.action\fR
+ \fI/etc/privoxy/default.filter\fR
+ \fI/etc/privoxy/user.filter\fR
+ \fI/etc/privoxy/trust\fR
+ \fI/etc/privoxy/templates/*\fR
+ \fI/var/log/privoxy/logfile\fR
+.fi
+.PP
+Various other files should be included, but may vary depending on platform
+and build configuration. Additional documentation should be included in the local
+documentation directory.
+.SH "SIGNALS"
+.PP
+\fBPrivoxy\fR terminates on the \fBSIGINT\fR,
+\fBSIGTERM\fR and \fBSIGABRT\fR signals. Log
+rotation scripts may cause a re-opening of the logfile by sending a
+\fBSIGHUP\fR to \fBPrivoxy\fR. Note that unlike
+other daemons, \fBPrivoxy\fR does not need to be made aware of
+config file changes by \fBSIGHUP\fR -- it will detect them
+automatically.
+.SH "NOTES"
+.PP
+Please see the \fIUser Manual\fR on how to contact the
+developers, for feature requests, reporting problems, and other questions.
+.SH "SEE ALSO"
+.PP
+Other references and sites of interest to \fBPrivoxy\fR
+users:
.PP
-Please see the user-maual on how to contact the developers for
-feature requests, reporting problems, and other questions.
-.SH BUGS
-Probably. Please see the user-manual for how and where to report bugs.
+http://www.privoxy.org/,
+the \fBPrivoxy\fR Home page.
-.SH SEE ALSO
-.br
-http://www.privoxy.org/config
-.br
-http://www.privoxy.org/
-.br
-http://sourceforge.net/projects/ijbswa
-.br
-http://www.waldherr.org/junkbuster/\" waldherr.org#
-.br
-http://www.junkbusters.com/ht/en/cookies.html\" cookies.html#
-.br
-http://privacy.net/analyze/
-.br
-http://www.squid-cache.org/
-.br
-http://linuxalpha.ch/packages/
+http://www.privoxy.org/faq/,
+the \fBPrivoxy\fR FAQ.
-.SH DEVELOPMENT TEAM
-.br
- Stefan Waldherr
-.br
- Andreas Oesterhelt
-.br
- Jon Foster
-.br
- Markus Breitenbach
-.br
- Thomas Steudten
-.br
- David Schmidt
-.br
- Haroon Rafique
-.br
- Joerg Strohmayer
-.br
- Shamim Mohamed
-.br
- Sarantis Paskalis
-.br
- Gabriel L. Somlo
-.br
- John Venvertloh
-.br
- Hal Burgiss
-.br
- Rodrigo Barbosa
+http://sourceforge.net/projects/ijbswa/,
+the Project Page for \fBPrivoxy\fR on
+SourceForge.
+
+http://config.privoxy.org/,
+the web-based user interface. \fBPrivoxy\fR must be
+running for this to work. Shortcut: http://p.p/
+
+http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit ``misses'' and other
+configuration related suggestions to the developers.
-.SH COPYRIGHT AND LICENSE
-\"Orginally written by, and copyrighted by, the Anonymous Coders and Junkbusters
-\"Corporation.
-\".PP
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
+http://www.junkbusters.com/ht/en/cookies.html,
+an explanation how cookies are used to track web users.
+
+http://www.junkbusters.com/ijb.html,
+the original Internet Junkbuster.
+
+http://privacy.net/, a useful site
+to check what information about you is leaked while you browse the web.
+
+http://www.squid-cache.org/, a popular
+caching proxy, which is often used together with \fBPrivoxy\fR.
+
+http://www.pps.jussieu.fr/~jch/software/polipo/,
+\fBPolipo\fR is a caching proxy with advanced features
+like pipelining, multiplexing and caching of partial instances. In many setups
+it can be used as \fBSquid\fR replacement.
+
+http://tor.eff.org/,
+\fBTor\fR can help anonymize web browsing,
+web publishing, instant messaging, IRC, SSH, and other applications.
+
+http://www.privoxy.org/developer-manual/,
+the \fBPrivoxy\fR developer manual.
+.SH "DEVELOPMENT TEAM"
+
+.nf
+ Fabian Keil, lead developer
+ David Schmidt, developer
+
+ Hal Burgiss
+ Gerry Murphy
+ Roland Rosenfeld
+ Jörg Strohmayer
+.fi
+.SH "COPYRIGHT AND LICENSE"
+.SS "COPYRIGHT"
+.PP
+Copyright (C) 2001-2007 by Privoxy Developers <ijbswa-developers@lists.sourceforge.net>
+.PP
+Some source code is based on code Copyright (C) 1997 by Anonymous Coders
+and Junkbusters, Inc. and licensed under the \fIGNU General Public
+License\fR.
+.SS "LICENSE"
.PP
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
+\fBPrivoxy\fR is free software; you can
+redistribute it and/or modify it under the terms of the
+\fIGNU General Public
+License\fR, version 2, as published by the Free Software Foundation.
.PP
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+FITNESS FOR A PARTICULAR PURPOSE. See the
+\fIGNU General Public License\fR for
+more details, which is available from the Free Software Foundation, Inc,
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
.PP
-Internet Junkbuster
-Proxy
-is a
-trademark \" legal.html#marks
-of Junkbusters Corporation.
+You should have received a copy of the \fIGNU General Public License\fR
+along with this program; if not, write to the Free Software
+Foundation, Inc. 51 Franklin Street, Fifth Floor
+Boston, MA 02110-1301
+USA
projects / privoxy.git / blobdiff