X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fprivoxy-man-page.sgml;h=3cd29fe1c09719bbcb22dd5210d823579f65a062;hp=5b62dc80b6291e2f0c1ee74bcaebbb2152fbe3bf;hb=f4107f65b676b63a199fe4230e58695757f9f199;hpb=8e7ae1168258075fcf1a267ed40dc975347d606e diff --git a/doc/source/privoxy-man-page.sgml b/doc/source/privoxy-man-page.sgml index 5b62dc80..3cd29fe1 100644 --- a/doc/source/privoxy-man-page.sgml +++ b/doc/source/privoxy-man-page.sgml @@ -5,14 +5,10 @@ This file belongs into ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/ - $Id: privoxy-man-page.sgml,v 1.6 2002/04/12 01:55:43 hal9 Exp $ + $Id: privoxy-man-page.sgml,v 2.17 2008/01/19 15:03:05 hal9 Exp $ - Written by and Copyright (C) 2001 the SourceForge - Privoxy team. http://www.privoxy.org/ - - Based on the Internet Junkbuster originally written - by and Copyright (C) 1997 Anonymous Coders and - Junkbusters Corporation. http://www.junkbusters.com + Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/ + See LICENSE. ======================================================================== NOTE: Please read developer-manual/documentation.html before touching @@ -40,28 +36,31 @@ --> + + - - - - + + + + + ]> - 2002-04-11 + 2007-04-12 - privoxy 1 - Privoxy &p-version; + + Privoxy &p-version; + @@ -77,15 +76,11 @@ pidfile user[.group] + + hostname configfile - (UNIX) - - privoxy.exe - configfile - (Windows) - @@ -131,7 +126,7 @@ On startup, write the process ID to pidfile. Delete the pidfile on exit. - Failiure to create or delete the pidfile + Failure to create or delete the pidfile is non-fatal. If no --pidfile option is given, no PID file will be used. @@ -152,13 +147,35 @@ + + --chroot + + + Before changing to the user ID given in the --user option, chroot to + that user's home directory, i.e. make the kernel pretend to the + Privoxy process that the directory tree starts + there. If set up carefully, this can limit the impact of possible + vulnerabilities in Privoxy to the files contained in + that hierarchy. + + + + + --pre-chroot-nslookup hostname + + + Initialize the resolver library using hostname + before chroot'ing. On some systems this reduces the number of files + that must be copied into the chroot tree. + + + - + If the configfile is not specified on the command line, Privoxy will look for a file named - config in the current directory (except on Win32 where - it will try config.txt). If no + config in the current directory . If no configfile is found, Privoxy will fail to start. @@ -177,14 +194,23 @@ Installation and Usage - Browsers must be individually configured to use Privoxy as - a HTTP proxy. The default setting is for localhost, on port 8118 - (configurable in the main config file). To set the HTTP proxy in Netscape - and Mozilla, go through: Edit; + Browsers can either be individually configured to use + Privoxy as a HTTP proxy (recommended), + or Privoxy can be combined with a packet + filter to build an intercepting proxy + (see config). The default setting is for + localhost, on port 8118 (configurable in the main config file). To set the + HTTP proxy in Netscape and Mozilla, go through: Edit; Preferences; Advanced; Proxies; Manual Proxy Configuration; View. + + For Firefox, go through: Tools; + Options; General; + Connection Settings; + Manual Proxy Configuration. + For Internet Explorer, go through: Tools; Internet Properties; Connections; @@ -192,8 +218,12 @@ The Secure (SSL) Proxy should also be set to the same values, otherwise - https: URLs will not be proxied. + https: URLs will not be proxied. Note: Privoxy can only + proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols. + HTTPS presents some limitations, and not all features will work with HTTPS + connections. + For other browsers, check the documentation. @@ -205,25 +235,36 @@ Privoxy can be configured with the various configuration files. The default configuration files are: config, - default.action, and - default.filter. These are well commented. On Unix and - Unix-like systems, these are located in /etc/privoxy/ by - default. On Windows, OS/2 and AmigaOS, these files are in the same directory - as the Privoxy executable. + default.filter, and + default.action. user.action should + be used for locally defined exceptions to the default rules of + default.action, and user.filter for + locally defined filters. These are well commented. On Unix + and Unix-like systems, these are located in + /etc/privoxy/ by default. - - The name and number of configuration files has changed from previous - versions, and is subject to change as development progresses. In fact, the - configuration itself is changed and much more sophisticated. See the - user-manual for a - brief explanation of all configuration options. + + Privoxy uses the concept of actions + in order to manipulate the data stream between the browser and remote sites. + There are various actions available with specific functions for such things + as blocking web sites, managing cookies, etc. These actions can be invoked + individually or combined, and used against individual URLs, or groups of URLs + that can be defined using wildcards and regular expressions. The result is + that the user has greatly enhanced control and freedom. The actions list (ad blocks, etc) can also be configured with your - web browser at http://ijbswa.sourceforge.net/config. + web browser at http://config.privoxy.org/ + (assuming the configuration allows it). Privoxy's configuration parameters can also be viewed at the same page. In addition, Privoxy can be toggled on/off. - This is an internal page. + This is an internal page, and does not require Internet access. + + + See the User Manual for a detailed + explanation of installation, general usage, all configuration options, new + features and notes on upgrading. @@ -231,108 +272,107 @@ Sample Configuration - A brief example of what a default.action configuration - might look like: + A brief example of what a simple default.action + configuration might look like: - # Define a few useful custom aliases for later use {{alias}} - # Don't accept cookies - +no-cookies = +no-cookies-set +no-cookies-read - - # Do accept cookies - -no-cookies = -no-cookies-set -no-cookies-read - - # Treat these blocked URLs as images. - +imageblock = +block +image - - # Define page filters we want to use. - myfilters = +filter{html-annoyances} +filter{js-annoyances}\ - +filter{no-popups} +filter{webbugs} - - ## Default Policies (actions) ############################ - { \ - -block \ - -downgrade \ - +fast-redirects \ - myfilters \ - +no-compression \ - +hide-forwarded \ - +hide-from{block} \ - +hide-referer{forge} \ - -hide-user-agent \ - -image \ - +image-blocker{blank} \ - +no-cookies-keep \ - -no-cookies-read \ - -no-cookies-set \ - +no-popups \ - -vanilla-wafer \ - -wafer \ - } - / - - # Now set exceptions to the above defined policies ####### - - # Sites where we want persistant cookies - {-no-cookies -no-cookies-keep} + # Useful aliases that combine more than one action + +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies + -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies + +block-as-image = +block +handle-as-image + + # Fragile sites should have the minimum changes + fragile = -block -deanimate-gifs -fast-redirects -filter \ + -hide-referer -prevent-cookies + + ## Turn some actions on ################################ + ## NOTE: Actions are off by default, unless explictily turned on + ## otherwise with the '+' operator. + +{ \ ++deanimate-gifs{last} \ ++filter{refresh-tags} \ ++filter{img-reorder} \ ++filter{banners-by-size} \ ++filter{webbugs} \ ++filter{jumping-windows} \ ++filter{ie-exploits} \ ++hide-forwarded-for-headers \ ++hide-from-header{block} \ ++hide-referrer{conditional-block} \ ++session-cookies-only \ ++set-image-blocker{pattern} \ +} +/ # '/' Match *all* URL patterns + + + # Block all URLs that match these patterns + { +block } + ad. + ad[sv]. + .*ads. + banner?. + /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?) + .hitbox.com + media./.*(ads|banner) + + # Block, and treat these URL patterns as if they were 'images'. + # We would expect these to be ads. + { +block-as-image } + .ad.doubleclick.net + .a[0-9].yimg.com/(?:(?!/i/).)*$ + ad.*.doubleclick.net + + # Make exceptions for these harmless ones that would be + # caught by our +block patterns just above. + { -block } + adsl. + adobe. + advice. + .*downloads. + # uploads or downloads + /.*loads + + + + Then for a user.action, we would put local, + narrowly defined exceptions: + + + + # Re-define aliases as needed here + {{alias}} + + # Useful aliases + -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies + + # Set personal exceptions to the policies in default.action ####### + + # Sites where we want persistent cookies, so allow *all* cookies + { -crunch-cookies -session-cookies-only } .redhat.com .sun.com - .yahoo.com .msdn.microsoft.com + + # These sites break easily. Use our "fragile" alias here. + { fragile } + .forbes.com + mybank.example.com - # This site requires cookies AND 'fast-redirects' on - {-no-cookies -no-cookies-keep -fast-redirects} - .nytimes.com - - # Add custom headers, and turn off filtering of page source - {+add-header{X-Privacy: Yes please} #-add-header{*} \ - +add-header{X-User-Tracking: No thanks!} -filter} - privacy.net - - # Block, and treat these URLs as 'images'. - {+imageblock} - .adforce.imgis.com - .ad.preferences.com/image.* - .ads.web.aol.com - .ad-adex3.flycast.com - .ad.doubleclick.net - .ln.doubleclick.net - .ad.de.doubleclick.net - /.*/count\.cgi\?.*df= - 194.221.183.22[1-7] - a196.g.akamai.net/7/196/2670/000[12]/images.gmx.net/i4/images/.*/ - - # Block any URLs that match these patterns - {+block} - /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g)) - /.*/(plain|live|rotate)[-_.]?ads?/ - /.*/(sponsor)s?[0-9]?/ - /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe) - /.*/adbanners/ - /.*/adv((er)?ts?|ertis(ing|ements?))?/ - /.*/banners?/ - /.*/popupads/ - /.*/advert[0-9]+\.jpg - /ad_images/ - /.*/ads/ - /images/.*/.*_anim\.gif - /rotations/ - /.*(ms)?backoff(ice)?.*\.(gif|jpe?g) - 195.63.104.*/(inbox|log|meld|folderlu|folderru|log(in|out)[lmr]u|) - .images.nytimes.com - .images.yahoo.com/adv/ - /.*cnnstore\.gif + # Replace example.com's style sheet with one of my choosing + { +redirect{http://localhost/css-replacements/example.com.css} } + .example.com/stylesheet.css See the comments in the configuration files themselves, or the - user-manual - for explanations of the above syntax, and other Privoxy + User Manual + for full explanations of the above syntax, and other Privoxy configuration options. @@ -346,10 +386,10 @@ /usr/sbin/privoxy /etc/privoxy/config /etc/privoxy/default.action - /etc/privoxy/advanced.action - /etc/privoxy/basic.action - /etc/privoxy/intermediate.action + /etc/privoxy/standard.action + /etc/privoxy/user.action /etc/privoxy/default.filter + /etc/privoxy/user.filter /etc/privoxy/trust /etc/privoxy/templates/* /var/log/privoxy/logfile @@ -357,8 +397,8 @@ Various other files should be included, but may vary depending on platform - and build configuration. More documentation should be included in the local - documentation directory, though is not complete at this time. + and build configuration. Additional documentation should be included in the local + documentation directory. @@ -387,8 +427,8 @@ all features are well tested. ]]> - Please see the user-manual on how to contact the - developers for feature requests, reporting problems, and other questions. + Please see the User Manual on how to contact the + developers, for feature requests, reporting problems, and other questions. @@ -409,9 +449,18 @@ Copyright and License - + +Copyright + ©right; + + +License + + &license; + +