X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=config;h=9d9795481966bc1990e4c114ee77a29792568b5f;hp=6c9466d9a9d7178fca8db948b5ee70c4df86f779;hb=260ad9899c2ad02c0f584ed00b60b3e03987f7fa;hpb=48838cd08e13bf038e82e7a2ca7350a5826217d6 diff --git a/config b/config index 6c9466d9..9d979548 100644 --- a/config +++ b/config @@ -1,7 +1,7 @@ -# Sample Configuration file for the Internet Junkbuster 2.0 +# Sample Configuration file for the Internet Junkbuster 2.9.x # -# $Id: config,v 1.13 2001/06/04 18:31:58 swa Exp $ +# $Id: config,v 1.26 2001/11/05 21:31:09 steudten Exp $ # # Table of Contents @@ -40,14 +40,12 @@ # you can make it a comment and it will be treated as if it weren't there. # This is called "commenting out" an option and can be useful to turn # off features: If you comment out the "logfile" line, junkbuster will -# not log at all. Watch for the "default:" section in each explanation -# to see what happens if the option is left unset (or commented out). +# not log to a file at all. Watch for the "default:" section in each +# explanation to see what happens if the option is left unset (or +# commented out). # # Long lines can be continued on the next line by using a `\' as -# the last character. This also works if comments are present in -# between. -# - +# the last character. # # 3. OTHER CONFIGURATION FILES # @@ -61,45 +59,42 @@ # files in the current working directory. In either case, an # absolute path name can be used to avoid problems. -# While we go modular and multiuser, the blocker, filter, and -# per-user config will be stored in subdirectories of confdir. -# Now, only confdir/templates is used for storing HTML templates -# for CGI results. +# While we go modular and multiuser, the blocker, filter, and +# per-user config will be stored in subdirectories of confdir. +# Now, only confdir/templates is used for storing HTML templates +# for CGI results. # -# No trailing /, please. +# No trailing /, please. confdir . # -# The directory where all logging (i.e. logfile and jarfile) takes place -# No trailing /, please. +# The directory where all logging (i.e. logfile and jarfile) takes place +# No trailing /, please. # logdir . -# -# Note that all file specifications below are relative to -# the above two directories!!! -# +# Note that all file specifications below are relative to +# the above two directories!!! -# The permissions file contains patterns to specify the -# filtering rules to apply to each site. +# The actions file contains patterns to specify the +# actions to apply to requests for each site. # # Default: Cookies to and from all destinations are filtered. # Popups are disabled for all sites. # All sites are filtered if re_filterfile specified. # No sites are blocked. Nothing is an image. # -permissionsfile permissionsfile +actionsfile ijb.action -# # The re_filterfile contains content modification rules. These rules # permit powerful changes on the content of Web pages, e.g., you # could disable your favourite JavaScript annoyances, rewrite the # actual content, or just have some fun replacing "Microsoft" # with "Microsuck" wherever it appears on a Web page. # -# Default: No content modification. +# Default: content modification. (see '+-filter' in actionsfile) # -re_filterfile re_filterfile +re_filterfile re_filterfile # # The logfile is where all logging and error messages are written. @@ -118,7 +113,7 @@ re_filterfile re_filterfile # # Default: Log to the standard error channel, not to a file # -logfile logfile +logfile logfile # # The jarfile defines where Junkbuster stores the cookies it @@ -127,16 +122,58 @@ logfile logfile # # Default: Don't store intercepted cookies # -#jarfile jarfile +jarfile jarfile +# +# If you specify a trustfile, Junkbuster will only allow access +# to sites that are named in the trustfile. You can also mark +# sites as trusted referrers, with the effect that access to +# untrusted sites will be granted, if a link from a trusted +# referrer was used. The link target will then be added to the +# trustfile. +# Note that this is a very restrictive feature that typical users +# most propably want to leave disabled. +# +# Default: Don't use the trust mechanism +# +#trustfile trust # +# If you use the trust mechanism, it is a good idea to write up +# some online documentation about your blocking policy and to +# specify the URL(s) here. They will appear on the page that +# your users receive when they try to access untrusted content. +# Use multiple times for multiple URLs. +# +# Default: Don't display links on the "untrusted" info page. +# +trust-info-url http://www.your-site.com/why_we_block.html +trust-info-url http://www.your-site.com/what_we_allow.html + # 4. OPTIONS # # This part of the configuration file contains options that control # how Junkbuster operates. # +# Admin-address should be set to the email address of the proxy +# administrator. It is used in many of the proxy-generated pages. +# +# Default: fill@me.in.please +# +admin-address fill@me.in.please + +# +# Proxy-info-url can be set to a URL that contains more info about +# this junkbuster installation, it's configuration and policies. +# It is used in many of the proxy-generated pages and its use is +# highly recommended, since your users will want to know why certain +# content is blocked or modified. +# +# Default: Don't show a link to online documentation +# +proxy-info-url http://www.your-site.com/proxy.html + # # Listen-address specifies the address and port where Junkbuster will # listen for connections from your Web browser. The default is to @@ -188,8 +225,10 @@ logfile logfile # debug 16 # LOG = log all data into the logfile # debug 32 # FRC = debug force feature # debug 64 # REF = debug regular expression filter -# debug 128 # RED = debug fast redirects -# debug 256 # CLF = Common Log Format +# debug 128 # = debug fast redirects +# debug 256 # = debug GIF deanimation +# debug 512 # CLF = Common Log Format +# debug 1024 # = debug kill popups # debug 4096 # INFO = Startup banner and warnings. # debug 8192 # ERROR = Non-fatal errors # @@ -199,7 +238,7 @@ logfile logfile # The reporting of FATAL errors (i.e. ones which crash # JunkBuster) is always on and cannot be disabled. # -# If you want to use CLF, you should set "debug 256" ONLY, +# If you want to use CLF, you should set "debug 512" ONLY, # do not enable anything else. # # Multiple "debug" directives, are OK - they're logical-OR'd @@ -244,6 +283,53 @@ debug 8192 # Errors - *we highly recommended enabling this* # toggle 1 +# +# For content filtering, i.e. the +filter and +deanimate-gif +# actions, it is neccessary that Junkbuster buffers up the +# whole document body. This can be potentially dangerous, since +# a server could just keep sending data indefinitely and wait +# for your RAM to exhaust. +# The buffer-limit option lets you set the size in Kbytes that +# each buffer may use at maximum. When the documents buffer +# exceeds that size, it is flushed to the client unfiltered and +# no further attempt to filter the rest of it is taken. +# Remember that there may multiple threads running, which might +# require up to buffer-limit Kbytes *each*, unless you have set +# single-threaded below. +# +# Default: 4069, i.e. 4 MB +# +buffer-limit 4069 + + +# +# Enable the web-based actionsfile editor. Set to 1 to enable, +# 0 to disable. Note that you must have compiled JunkBuster +# with support for this feature, otherwise this option has no +# effect. +# +# Security note: If this is enabled, anyone who can use the proxy +# can edit the actions file, and their changes will affect all users. +# For shared proxies, you probably want to disable this. +# +# Default: Disabled +# +enable-edit-actions 1 + + +# +# Allow JunkBuster to be toggled on and off remotely, using your +# web browser. Set to 1 to enable, 0 to disable. Note that you +# must have compiled JunkBuster with support for this feature, +# otherwise this option has no effect. +# +# Security note: If this is enabled, anyone who can use the proxy +# can toggle it on or off, and their changes will affect all users. +# For shared proxies, you probably want to disable this. +# +# Default: Disabled +# +enable-remote-toggle 1 ############################################################################# # Access Control List @@ -378,7 +464,7 @@ toggle 1 # There is an implicit line equivalent to the following, which specifies that # anything not finding a match on the list is to go out without forwarding # or gateway protocol; like so: -# forward .* . # implicit +# forward .* . # implicit # # In the following common configuration, everything goes to Lucent's LPWA, # except SSL on port 443 (which it doesn't handle) @@ -449,11 +535,31 @@ toggle 1 # forward .ukc.ac.uk . # Anything on the same domain as us # forward * . # Host with no domain specified # forward 129.12.*.* . # A dotted IP on our /16 network. -# forward 128.*.*.* . # Loopback address +# forward 127.*.*.* . # Loopback address # forward localhost.localdomain . # Loopback address # forward www.ukc.mirror.ac.uk . # Specific host # - +# +# Note: If you intend to chain junkbuster and squid locally, the chain +# broswer -> squid -> junkbuster is the recommended way. +# +# Your squid configuration could then look like this: +# +# # Define junkbuster as parent cache +# cache_peer 127.0.0.1 8000 parent 0 no-query +# +# # Define ACL for protocol FTP +# acl FTP proto FTP +# +# # Do not forward ACL FTP to junkbuster +# always_direct allow FTP +# +# # Do not forward ACL CONNECT (https) to junkbuster +# always_direct allow CONNECT +# +# # Forward the rest to junkbuster +# never_direct allow all +# ############################################################################# # 5. WINDOWS GUI OPTIONS