X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=config;h=a7718731120f0f2ec94961e17a6367e000dfbba5;hp=56759df697f1224336f9ece7555fe53007f0e870;hb=60c5d95c4584689ec650b97a5adb706a55d7950d;hpb=854baf8951a31a8107e73ff9aed352079b65f159 diff --git a/config b/config index 56759df6..a7718731 100644 --- a/config +++ b/config @@ -1,24 +1,23 @@ -# Sample Configuration File for Privoxy v3.0.20 -# -# $Id: p-config.sgml,v 2.92 2013/01/06 11:05:37 fabiankeil Exp $ -# -# Copyright (C) 2001-2013 Privoxy Developers http://www.privoxy.org/ -# -#################################################################### -# # -# Table of Contents # -# # -# I. INTRODUCTION # -# II. FORMAT OF THE CONFIGURATION FILE # -# # -# 1. LOCAL SET-UP DOCUMENTATION # -# 2. CONFIGURATION AND LOG FILE LOCATIONS # -# 3. DEBUGGING # -# 4. ACCESS CONTROL AND SECURITY # -# 5. FORWARDING # -# 6. WINDOWS GUI OPTIONS # -# # -#################################################################### +# Sample Configuration File for Privoxy 3.0.27 +# +# Copyright (C) 2001-2018 Privoxy Developers https://www.privoxy.org/ +# +##################################################################### +# # +# Table of Contents # +# # +# I. INTRODUCTION # +# II. FORMAT OF THE CONFIGURATION FILE # +# # +# 1. LOCAL SET-UP DOCUMENTATION # +# 2. CONFIGURATION AND LOG FILE LOCATIONS # +# 3. DEBUGGING # +# 4. ACCESS CONTROL AND SECURITY # +# 5. FORWARDING # +# 6. MISCELLANEOUS # +# 7. WINDOWS GUI OPTIONS # +# # +##################################################################### # # # I. INTRODUCTION @@ -68,7 +67,6 @@ # last character. # # -# # 1. LOCAL SET-UP DOCUMENTATION # ============================== # @@ -77,7 +75,6 @@ # you, what you block and why you do that, your policies, etc. # # -# # 1.1. user-manual # ================= # @@ -95,7 +92,7 @@ # # Effect if unset: # -# http://www.privoxy.org/version/user-manual/ will be used, +# https://www.privoxy.org/version/user-manual/ will be used, # where version is the Privoxy version. # # Notes: @@ -129,8 +126,7 @@ # config file, because it is used while the config file is # being read. # -#user-manual http://www.privoxy.org/user-manual/ -# +#user-manual https://www.privoxy.org/user-manual/ # # 1.2. trust-info-url # ==================== @@ -168,7 +164,6 @@ #trust-info-url http://www.example.com/why_we_block.html #trust-info-url http://www.example.com/what_we_allow.html # -# # 1.3. admin-address # =================== # @@ -197,7 +192,6 @@ # #admin-address privoxy-admin@example.com # -# # 1.4. proxy-info-url # ==================== # @@ -229,7 +223,6 @@ # #proxy-info-url http://www.example.com/proxy-service.html # -# # 2. CONFIGURATION AND LOG FILE LOCATIONS # ======================================== # @@ -242,7 +235,6 @@ # be modified, such as log files and actions files. # # -# # 2.1. confdir # ============= # @@ -268,7 +260,6 @@ # confdir . # -# # 2.2. templdir # ============== # @@ -298,8 +289,37 @@ confdir . # #templdir . # +# 2.3. temporary-directory +# ========================= +# +# Specifies: +# +# A directory where Privoxy can create temporary files. +# +# Type of value: # -# 2.3. logdir +# Path name +# +# Default value: +# +# unset +# +# Effect if unset: +# +# No temporary files are created, external filters don't work. +# +# Notes: +# +# To execute external filters, Privoxy has to create temporary +# files. This directive specifies the directory the temporary +# files should be written to. +# +# It should be a directory only Privoxy (and trusted users) can +# access. +# +#temporary-directory . +# +# 2.4. logdir # ============ # # Specifies: @@ -325,8 +345,7 @@ confdir . # logdir . # -# -# 2.4. actionsfile +# 2.5. actionsfile # ================= # # Specifies: @@ -360,20 +379,13 @@ logdir . # # Actions files contain all the per site and per URL # configuration for ad blocking, cookie management, privacy -# considerations, etc. There is no point in using Privoxy -# without at least one actions file. -# -# Note that since Privoxy 3.0.7, the complete filename, -# including the ".action" extension has to be specified. The -# syntax change was necessary to be consistent with the other -# file options and to allow previously forbidden characters. +# considerations, etc. # -actionsfile match-all.action ## +actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on. actionsfile default.action # Main actions file actionsfile user.action # User customizations # -# -# 2.5. filterfile +# 2.6. filterfile # ================ # # Specifies: @@ -390,8 +402,8 @@ actionsfile user.action # User customizations # # Effect if unset: # -# No textual content filtering takes place, i.e. all +filter{ -# name} actions in the actions files are turned neutral. +# No textual content filtering takes place, i.e. all +filter{name} +# actions in the actions files are turned neutral. # # Notes: # @@ -418,8 +430,7 @@ actionsfile user.action # User customizations filterfile default.filter filterfile user.filter # User customizations # -# -# 2.6. logfile +# 2.7. logfile # ============= # # Specifies: @@ -450,23 +461,24 @@ filterfile user.filter # User customizations # # Depending on the debug options below, the logfile may be a # privacy risk if third parties can get access to it. As most -# users will never look at it, Privoxy 3.0.7 and later only log -# fatal errors by default. +# users will never look at it, Privoxy only logs fatal errors by +# default. # # For most troubleshooting purposes, you will have to change # that, please refer to the debugging section for details. # -# Your logfile will grow indefinitely, and you will probably -# want to periodically remove it. On Unix systems, you can do -# this with a cron job (see "man cron"). -# # Any log files must be writable by whatever user Privoxy is # being run as (on Unix, default user id is "privoxy"). # -logfile logfile +# To prevent the logfile from growing indefinitely, it is +# recommended to periodically rotate or shorten it. Many +# operating systems support log rotation out of the box, some +# require additional software to do it. For details, please +# refer to the documentation for your operating system. # +logfile logfile # -# 2.7. trustfile +# 2.8. trustfile # =============== # # Specifies: @@ -522,7 +534,6 @@ logfile logfile # #trustfile trust # -# # 3. DEBUGGING # ============= # @@ -531,7 +542,6 @@ logfile logfile # line option when debugging. # # -# # 3.1. debug # =========== # @@ -583,10 +593,6 @@ logfile logfile # down a specific problem. They can produce a hell of an output # (especially 16). # -# Privoxy used to ship with the debug levels recommended above -# enabled by default, but due to privacy concerns 3.0.7 and -# later are configured to only log fatal errors. -# # If you are used to the more verbose settings, simply enable # the debug lines below again. # @@ -602,12 +608,11 @@ logfile logfile # you read the log messages, you may even be able to solve the # problem on your own. # -#debug 1 ## -#debug 1024 ## +#debug 1 # Log the destination for each request Privoxy let through. See also debug 1024. +#debug 1024 # Log the destination for requests Privoxy didn't let through, and the reason why. #debug 4096 # Startup banner and warnings #debug 8192 # Non-fatal errors # -# # 3.2. single-threaded # ===================== # @@ -617,11 +622,11 @@ logfile logfile # # Type of value: # -# None +# 1 or 0 # # Default value: # -# Unset +# 0 # # Effect if unset: # @@ -633,8 +638,7 @@ logfile logfile # This option is only there for debugging purposes. It will # drastically reduce performance. # -#single-threaded -# +#single-threaded 1 # # 3.3. hostname # ============== @@ -671,7 +675,6 @@ logfile logfile # #hostname hostname.example.org # -# # 4. ACCESS CONTROL AND SECURITY # =============================== # @@ -679,7 +682,6 @@ logfile logfile # aspects of Privoxy's configuration. # # -# # 4.1. listen-address # ==================== # @@ -778,7 +780,6 @@ logfile logfile # listen-address 127.0.0.1:8118 # -# # 4.2. toggle # ============ # @@ -807,7 +808,6 @@ listen-address 127.0.0.1:8118 # toggle 1 # -# # 4.3. enable-remote-toggle # ========================== # @@ -850,7 +850,6 @@ toggle 1 # enable-remote-toggle 0 # -# # 4.4. enable-remote-http-toggle # =============================== # @@ -889,7 +888,6 @@ enable-remote-toggle 0 # enable-remote-http-toggle 0 # -# # 4.5. enable-edit-actions # ========================= # @@ -930,7 +928,6 @@ enable-remote-http-toggle 0 # enable-edit-actions 0 # -# # 4.6. enforce-blocks # ==================== # @@ -979,7 +976,6 @@ enable-edit-actions 0 # enforce-blocks 0 # -# # 4.7. ACLs: permit-access and deny-access # ========================================= # @@ -1091,7 +1087,6 @@ enforce-blocks 0 # permit-access [::ffff:192.0.2.0]/120 # # -# # 4.8. buffer-limit # ================== # @@ -1129,6 +1124,99 @@ enforce-blocks 0 # buffer-limit 4096 # +# 4.9. enable-proxy-authentication-forwarding +# ============================================ +# +# Specifies: +# +# Whether or not proxy authentication through Privoxy should +# work. +# +# Type of value: +# +# 0 or 1 +# +# Default value: +# +# 0 +# +# Effect if unset: +# +# Proxy authentication headers are removed. +# +# Notes: +# +# Privoxy itself does not support proxy authentication, but can +# allow clients to authenticate against Privoxy's parent proxy. +# +# By default Privoxy (3.0.21 and later) don't do that and remove +# Proxy-Authorization headers in requests and Proxy-Authenticate +# headers in responses to make it harder for malicious sites to +# trick inexperienced users into providing login information. +# +# If this option is enabled the headers are forwarded. +# +# Enabling this option is not recommended if there is no parent +# proxy that requires authentication or if the local network +# between Privoxy and the parent proxy isn't trustworthy. If +# proxy authentication is only required for some requests, it is +# recommended to use a client header filter to remove the +# authentication headers for requests where they aren't needed. +# +enable-proxy-authentication-forwarding 0 +# +# 4.10. trusted-cgi-referer +# ========================== +# +# Specifies: +# +# A trusted website or webpage whose links can be followed to +# reach sensitive CGI pages +# +# Type of value: +# +# URL or URL prefix +# +# Default value: +# +# Unset +# +# Effect if unset: +# +# No external pages are considered trusted referers. +# +# Notes: +# +# Before Privoxy accepts configuration changes through CGI pages +# like client-tags or the remote toggle, it checks the Referer +# header to see if the request comes from a trusted source. +# +# By default only the webinterface domains config.privoxy.org +# and p.p are considered trustworthy. Requests originating from +# other domains are rejected to prevent third-parties from +# modifiying Privoxy's state by e.g. embedding images that +# result in CGI requests. +# +# In some environments it may be desirable to embed links to CGI +# pages on external pages, for example on an Intranet homepage +# the Privoxy admin controls. +# +# The "trusted-cgi-referer" option can be used to add that page, +# or the whole domain, as trusted source so the resulting +# requests aren't rejected. Requests are accepted if the +# specified trusted-cgi-refer is the prefix of the Referer. +# +# +-----------------------------------------------------+ +# | Warning | +# |-----------------------------------------------------| +# |Declaring pages the admin doesn't control trustworthy| +# |may allow malicious third parties to modify Privoxy's| +# |internal state against the user's wishes and without | +# |the user's knowledge. | +# +-----------------------------------------------------+ +# +trusted-cgi-referer http://www.example.org/ +# # # 5. FORWARDING # ============== @@ -1153,7 +1241,6 @@ buffer-limit 4096 # 4 and SOCKS 4A protocols. # # -# # 5.1. forward # ============= # @@ -1221,10 +1308,8 @@ buffer-limit 4096 # forward <[2-3][0-9a-f][0-9a-f][0-9a-f]:*> . # # -# -# 5.2. forward-socks4, forward-socks4a, forward-socks5 and -# ========================================================= -# forward-socks5t +# 5.2. forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t +# ========================================================================= # # Specifies: # @@ -1299,7 +1384,12 @@ buffer-limit 4096 # To chain Privoxy and Tor, both running on the same system, you # would use something like: # -# forward-socks5 / 127.0.0.1:9050 . +# forward-socks5t / 127.0.0.1:9050 . +# +# Note that if you got Tor through one of the bundles, you may +# have to change the port from 9050 to 9150 (or even another +# one). For details, please check the documentation on the Tor +# website. # # The public Tor network can't be used to reach your local # network, if you need to access local servers you therefore @@ -1323,7 +1413,6 @@ buffer-limit 4096 # forward localhost/ . # # -# # 5.3. forwarded-connect-retries # =============================== # @@ -1372,11 +1461,9 @@ buffer-limit 4096 # forwarded-connect-retries 0 # -# # 6. MISCELLANEOUS # ================= # -# # 6.1. accept-intercepted-requests # ================================= # @@ -1403,19 +1490,26 @@ forwarded-connect-retries 0 # Privoxy, enable this option and configure your packet filter # to redirect outgoing HTTP connections into Privoxy. # +# Note that intercepting encrypted connections (HTTPS) isn't +# supported. +# # Make sure that Privoxy's own requests aren't redirected as # well. Additionally take care that Privoxy can't intentionally # connect to itself, otherwise you could run into redirection # loops if Privoxy's listening port is reachable by the outside # or an attacker has access to the pages you visit. # +# If you are running Privoxy as intercepting proxy without being +# able to intercept all client requests you may want to adjust +# the CGI templates to make sure they don't reference content +# from config.privoxy.org. +# # Examples: # # accept-intercepted-requests 1 # accept-intercepted-requests 0 # -# # 6.2. allow-cgi-request-crunching # ================================= # @@ -1453,7 +1547,6 @@ accept-intercepted-requests 0 # allow-cgi-request-crunching 0 # -# # 6.3. split-large-forms # ======================= # @@ -1496,7 +1589,6 @@ allow-cgi-request-crunching 0 # split-large-forms 0 # -# # 6.4. keep-alive-timeout # ======================== # @@ -1553,7 +1645,6 @@ split-large-forms 0 # keep-alive-timeout 5 # -# # 6.5. tolerate-pipelining # ========================= # @@ -1597,7 +1688,6 @@ keep-alive-timeout 5 # tolerate-pipelining 1 # -# # 6.6. default-server-timeout # ============================ # @@ -1649,7 +1739,6 @@ tolerate-pipelining 1 # #default-server-timeout 60 # -# # 6.7. connection-sharing # ======================== # @@ -1720,7 +1809,6 @@ tolerate-pipelining 1 # #connection-sharing 1 # -# # 6.8. socket-timeout # ==================== # @@ -1753,7 +1841,6 @@ tolerate-pipelining 1 # socket-timeout 300 # -# # 6.9. max-client-connections # ============================ # @@ -1767,7 +1854,7 @@ socket-timeout 300 # # Default value: # -# None +# 128 # # Effect if unset: # @@ -1803,13 +1890,117 @@ socket-timeout 300 # Obviously using this option only makes sense if you choose a # limit below the one enforced by the operating system. # +# One most POSIX-compliant systems Privoxy can't properly deal +# with more than FD_SETSIZE file descriptors at the same time +# and has to reject connections if the limit is reached. This +# will likely change in a future version, but currently this +# limit can't be increased without recompiling Privoxy with a +# different FD_SETSIZE limit. +# # Examples: # # max-client-connections 256 # #max-client-connections 256 # -# 1.6.10. handle-as-empty-doc-returns-ok +# 6.10. listen-backlog +# ===================== +# +# Specifies: +# +# Connection queue length requested from the operating system. +# +# Type of value: +# +# Number. +# +# Default value: +# +# 128 +# +# Effect if unset: +# +# A connection queue length of 128 is requested from the +# operating system. +# +# Notes: +# +# Under high load incoming connection may queue up before +# Privoxy gets around to serve them. The queue length is +# limitted by the operating system. Once the queue is full, +# additional connections are dropped before Privoxy can accept +# and serve them. +# +# Increasing the queue length allows Privoxy to accept more +# incomming connections that arrive roughly at the same time. +# +# Note that Privoxy can only request a certain queue length, +# whether or not the requested length is actually used depends +# on the operating system which may use a different length +# instead. +# +# On many operating systems a limit of -1 can be specified to +# instruct the operating system to use the maximum queue length +# allowed. Check the listen man page to see if your platform +# allows this. +# +# On some platforms you can use "netstat -Lan -p tcp" to see the +# effective queue length. +# +# Effectively using a value above 128 usually requires changing +# the system configuration as well. On FreeBSD-based system the +# limit is controlled by the kern.ipc.soacceptqueue sysctl. +# +# Examples: +# +# listen-backlog 4096 +# +#listen-backlog -1 +# +# 6.11. enable-accept-filter +# =========================== +# +# Specifies: +# +# Whether or not Privoxy should use an accept filter +# +# Type of value: +# +# 0 or 1 +# +# Default value: +# +# 0 +# +# Effect if unset: +# +# No accept filter is enabled. +# +# Notes: +# +# Accept filters reduce the number of context switches by not +# passing sockets for new connections to Privoxy until a +# complete HTTP request is available. +# +# As a result, Privoxy can process the whole request right away +# without having to wait for additional data first. +# +# For this option to work, Privoxy has to be compiled with +# FEATURE_ACCEPT_FILTER and the operating system has to support +# it (which may require loading a kernel module). +# +# Currently accept filters are only supported on FreeBSD-based +# systems. Check the accf_http(9) man page to learn how to +# enable the support in the operating system. +# +# Examples: +# +# enable-accept-filter 1 +# +#enable-accept-filter 1 +# +# 6.12. handle-as-empty-doc-returns-ok +# ===================================== # # Specifies: # @@ -1836,17 +2027,18 @@ socket-timeout 300 # # Notes: # -# This is a work-around for Firefox bug 492459: " Websites are -# no longer rendered if SSL requests for JavaScripts are blocked -# by a proxy. " (https://bugzilla.mozilla.org/show_bug.cgi?id= -# 492459) As the bug has been fixed for quite some time this -# option should no longer be needed and will be removed in a -# future release. Please speak up if you have a reason why the -# option should be kept around. +# This directive was added as a work-around for Firefox bug +# 492459: "Websites are no longer rendered if SSL requests for +# JavaScripts are blocked by a proxy." +# (https://bugzilla.mozilla.org/show_bug.cgi?id=492459), the bug +# has been fixed for quite some time, but this directive is also +# useful to make it harder for websites to detect whether or not +# resources are being blocked. # #handle-as-empty-doc-returns-ok 1 # -# 1.6.11. enable-compression +# 6.13. enable-compression +# ========================= # # Specifies: # @@ -1886,7 +2078,8 @@ socket-timeout 300 # #enable-compression 1 # -# 1.6.12. compression-level +# 6.14. compression-level +# ======================== # # Specifies: # @@ -1917,8 +2110,10 @@ socket-timeout 300 # # # Best speed (compared to the other levels) # compression-level 1 +# # # Best compression # compression-level 9 +# # # No compression. Only useful for testing as the added header # # slightly increases the amount of data that has to be sent. # # If your benchmark shows that using this compression level @@ -1929,7 +2124,8 @@ socket-timeout 300 # #compression-level 1 # -# 1.6.13. client-header-order +# 6.15. client-header-order +# ========================== # # Specifies: # @@ -1966,14 +2162,223 @@ socket-timeout 300 # Accept \ # Accept-Language \ # Accept-Encoding \ -# Proxy-Connection,\ -# Referer,Cookie \ +# Proxy-Connection \ +# Referer \ +# Cookie \ +# DNT \ # If-Modified-Since \ # Cache-Control \ # Content-Length \ # Content-Type # # +# 6.16. client-specific-tag +# ========================== +# +# Specifies: +# +# The name of a tag that will always be set for clients that +# requested it through the webinterface. +# +# Type of value: +# +# Tag name followed by a description that will be shown in the +# webinterface +# +# Default value: +# +# None +# +# Notes: +# +# +-----------------------------------------------------+ +# | Warning | +# |-----------------------------------------------------| +# |This is an experimental feature. The syntax is likely| +# |to change in future versions. | +# +-----------------------------------------------------+ +# +# Client-specific tags allow Privoxy admins to create different +# profiles and let the users chose which one they want without +# impacting other users. +# +# One use case is allowing users to circumvent certain blocks +# without having to allow them to circumvent all blocks. This is +# not possible with the enable-remote-toggle feature because it +# would bluntly disable all blocks for all users and also affect +# other actions like filters. It also is set globally which +# renders it useless in most multi-user setups. +# +# After a client-specific tag has been defined with the +# client-specific-tag directive, action sections can be +# activated based on the tag by using a CLIENT-TAG pattern. The +# CLIENT-TAG pattern is evaluated at the same priority as URL +# patterns, as a result the last matching pattern wins. Tags +# that are created based on client or server headers are +# evaluated later on and can overrule CLIENT-TAG and URL +# patterns! +# +# The tag is set for all requests that come from clients that +# requested it to be set. Note that "clients" are differentiated +# by IP address, if the IP address changes the tag has to be +# requested again. +# +# Clients can request tags to be set by using the CGI interface +# http://config.privoxy.org/client-tags. The specific tag +# description is only used on the web page and should be phrased +# in away that the user understand the effect of the tag. +# +# Examples: +# +# # Define a couple of tags, the described effect requires action sections +# # that are enabled based on CLIENT-TAG patterns. +# client-specific-tag circumvent-blocks Overrule blocks but do not affect other actions +# disable-content-filters Disable content-filters but do not affect other actions +# +# +# +# 6.17. client-tag-lifetime +# ========================== +# +# Specifies: +# +# How long a temporarily enabled tag remains enabled. +# +# Type of value: +# +# Time in seconds. +# +# Default value: +# +# 60 +# +# Notes: +# +# +-----------------------------------------------------+ +# | Warning | +# |-----------------------------------------------------| +# |This is an experimental feature. The syntax is likely| +# |to change in future versions. | +# +-----------------------------------------------------+ +# +# In case of some tags users may not want to enable them +# permanently, but only for a short amount of time, for example +# to circumvent a block that is the result of an overly-broad +# URL pattern. +# +# The CGI interface http://config.privoxy.org/client-tags +# therefore provides a "enable this tag temporarily" option. If +# it is used, the tag will be set until the client-tag-lifetime +# is over. +# +# Examples: +# +# # Increase the time to life for temporarily enabled tags to 3 minutes +# client-tag-lifetime 180 +# +# +# +# 6.18. trust-x-forwarded-for +# ============================ +# +# Specifies: +# +# Whether or not Privoxy should use IP addresses specified with +# the X-Forwarded-For header +# +# Type of value: +# +# 0 or one +# +# Default value: +# +# 0 +# +# Notes: +# +# +-----------------------------------------------------+ +# | Warning | +# |-----------------------------------------------------| +# |This is an experimental feature. The syntax is likely| +# |to change in future versions. | +# +-----------------------------------------------------+ +# +# If clients reach Privoxy through another proxy, for example a +# load balancer, Privoxy can't tell the client's IP address from +# the connection. If multiple clients use the same proxy, they +# will share the same client tag settings which is usually not +# desired. +# +# This option lets Privoxy use the X-Forwarded-For header value +# as client IP address. If the proxy sets the header, multiple +# clients using the same proxy do not share the same client tag +# settings. +# +# This option should only be enabled if Privoxy can only be +# reached through a proxy and if the proxy can be trusted to set +# the header correctly. It is recommended that ACL are used to +# make sure only trusted systems can reach Privoxy. +# +# If access to Privoxy isn't limited to trusted systems, this +# option would allow malicious clients to change the client tags +# for other clients or increase Privoxy's memory requirements by +# registering lots of client tag settings for clients that don't +# exist. +# +# Examples: +# +# # Allow systems that can reach Privoxy to provide the client +# # IP address with a X-Forwarded-For header. +# trust-x-forwarded-for 1 +# +# +# +# 6.19. receive-buffer-size +# ========================== +# +# Specifies: +# +# The size of the buffer Privoxy uses to receive data from the +# server. +# +# Type of value: +# +# Size in bytes +# +# Default value: +# +# 5000 +# +# Notes: +# +# Increasing the receive-buffer-size increases Privoxy's memory +# usage but can lower the number of context switches and thereby +# reduce the cpu usage and potentially increase the throughput. +# +# This is mostly relevant for fast network connections and large +# downloads that don't require filtering. +# +# Reducing the buffer size reduces the amount of memory Privoxy +# needs to handle the request but increases the number of +# systemcalls and may reduce the throughput. +# +# A dtrace command like: "sudo dtrace -n 'syscall::read:return / +# execname == "privoxy"/ { @[execname] = llquantize(arg0, 10, 0, +# 5, 20); @m = max(arg0)}'" can be used to properly tune the +# receive-buffer-size. On systems without dtrace, strace or +# truss may be used as less convenient alternatives. +# +# If the buffer is too large it will increase Privoxy's memory +# footprint without any benefit. As the memory is (currently) +# cleared before using it, a buffer that is too large can +# actually reduce the throughput. +# +# Examples: +# +# # Increase the receive buffer size +# receive-buffer-size 32768 +# +# # # 7. WINDOWS GUI OPTIONS # =======================