X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fuser-manual.sgml;h=716d685622b628fd93a8362b0cde33fbeb8e9e87;hp=9a82387be9eeaff249b2c89c55616f9beba5c046;hb=87d302855827404e449b725962accd92f5e720b2;hpb=b6619e83a3f38095ff7732bd765e601de26fb717 diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml index 9a82387b..716d6856 100644 --- a/doc/source/user-manual.sgml +++ b/doc/source/user-manual.sgml @@ -1,13 +1,12 @@ - + @@ -30,7 +28,7 @@ Hal Burgiss Junkbuster User Manual -$Id: user-manual.sgml,v 1.15 2001/10/14 23:46:24 hal9 Exp $ +$Id: user-manual.sgml,v 1.39 2002/03/06 16:19:28 hal9 Exp $ @@ -64,28 +62,29 @@ You can find the latest version of the user manual at Introduction Internet Junkbuster is a web proxy with advanced - filtering capabilities for protecting privacy, filtering web page content, - managing cookies, controlling access, and removing ads, banners, pop-ups and - other obnoxious Internet Junk. Junkbuster has a - very flexible configuration and can be customized to suit individual needs - and tastes. Internet Junkbuster has application - for both stand-alone systems and multi-user networks. + filtering capabilities for protecting privacy, filtering and modifying web + page content, managing cookies, controlling access, and removing ads, + banners, pop-ups and other obnoxious Internet Junk. + Junkbuster has a very flexible configuration and + can be customized to suit individual needs and tastes. Internet + Junkbuster has application for both stand-alone systems and + multi-user networks. - This documentation is included with the current development version of - Internet Junkbuster and is incomplete at this + This documentation is included with the current BETA version of + Internet Junkbuster and mostly complete at this point. The most up to date reference for the time being is still the comments in the source files and in the individual configuration files. Development - of version 3.0 is currently underway, and includes many significant changes and - enhancements over earlier verions. The target release date for stable v3.0 is - December 2001. + of version 3.0 is currently nearing completion, and includes many significant + changes and enhancements over earlier versions. The target release date for + stable v3.0 is soon ;-) - Since this is a development version, some features are in the process of - being implemented. This documentation may be slightly out of sync as a - result. And there are bugs, though hopefully not many! + Since this is a BETA version, not all new features are well tested. This + documentation may be slightly out of sync as a result. And there + may be bugs, though hopefully not many! @@ -103,49 +102,98 @@ You can find the latest version of the user manual at http://i.j.b). Browser-based tracing of rule + and filter effects. - A browser based GUI configuration utility (not finished). + Modularized configuration that will allow for system wide settings, and + individual user settings. (not implemented yet, probably a 3.1 feature) - Blocking of annoying pop-up browser windows (previously available as a - patch). + Blocking of annoying pop-up browser windows. - Partial support for HTTP/1.1. + HTTP/1.1 compliant (most, but not all 1.1 features are supported). Support for Perl Compatible Regular Expressions in the configuration files, and - generally a more sophisticated configuration syntax over previous versions. + generally a more sophisticated and flexible configuration syntax over + previous versions. - Web page content filtering. + GIF de-animation. + + + + + + Web page content filtering (removes banners based on size, + invisible web-bugs, JavaScript, pop-ups, status bar abuse, + etc.) - Multi-threaded. + Bypass many click-tracking scripts (avoids script redirection). + + + + + + + Multi-threaded (POSIX and native threads). + + + + + + Auto-detection and re-reading of config file changes. + + + + + + User-customizable HTML templates (e.g. 404 error page). + + + + + + Improved cookie management features (e.g. session based cookies). + + + + + + Builds from source on most UNIX-like systems. Packages available for: Linux + (RedHat, SuSE, or Debian), Windows, Sun Solaris, Mac OSX, OS/2. + + + + In addition, the configuration is much more powerful and versatile over-all. + + + @@ -177,8 +225,8 @@ You can find the latest version of the user manual at - Then, in either case, to build from source: + Then, in either case, to build from tarball/CVS source: - ./configure - make - su - make install + ./configure (--help to see options) + make (the make from gnu, gmake for *BSD) + su + make -n install (to see where all the files will go) + make install (to really install) @@ -228,6 +277,8 @@ You can find the latest version of the user manual at -    /usr/src/redhat/RPMS/i686/junkbuster-2.9.8-1.i686.rpm +    /usr/src/redhat/RPMS/i686/junkbuster-2.9.11-1.i686.rpm -    /usr/src/redhat/SRPMS/junkbuster-2.9.9-1.src.rpm +    /usr/src/redhat/SRPMS/junkbuster-2.9.11-1.src.rpm @@ -250,7 +301,7 @@ You can find the latest version of the user manual at + autoheader [suggested for CVS source] + autoconf [suggested for CVS source] ./configure make suse-dist @@ -280,10 +333,10 @@ You can find the latest version of the user manual at - rpm -Uvv /usr/src/suse/RPMS/i686/junkbuster-2.9.9-1.i686.rpm + rpm -Uvv /usr/src/packages/RPMS/i686/junkbuster-2.9.11-1.i686.rpm @@ -312,19 +365,12 @@ You can find the latest version of the user manual at http://hobbes.nmsu.edu/cgi-bin/h-search?sh=1&button=Search&key=emxrt.zip&stype=all&sort=type&dir=%2Fpub%2Fos2%2Fdev%2Femx%2Fv0.9d - - Junkbuster is packaged in a WarpIN self- installing archive. The self-installing program will be named depending on the release version, something like: - ijbos123.exe. In order to install it, simply run - this executable or double-click on its icon and follow the WarpIN + ijbos2_setup_1.2.3.exe. In order to install it, simply + run this executable or double-click on its icon and follow the WarpIN installation panels. A shadow of the Junkbuster executable will be placed in your startup folder so it will start automatically whenever OS/2 starts. @@ -337,22 +383,36 @@ Thanx David Schmidt! If you would like to build binary images on OS/2 yourself, you will need - a working EMX/GCC environment, plus several Unix-like tools. The Hobbes - OS/2 archive is a good place to start when building such an environment. - A set of Unix-like tools named gnupack is located here: - http://hobbes.nmsu.edu/cgi-bin/h-search?sh=1&key=gnupack&stype=all&sort=type&dir=%2Fpub%2Fos2%2Fapps - - - Once you have the source code unpacked as above, you can build the binaries - from the current/ directory: + a few Unix-like tools: autoconf, autoheader and sh. These tools will be + used to create the required config.h file, which is not part of the + source distribution because it differs based on platform. You will also + need a compiler. + The distribution has been created using IBM VisualAge compilers, but you + can use any compiler you like. GCC/EMX has the disadvantage of needing + to be single-threaded due to a limitation of EMX's implementation of the + select() socket call. + In addition to needing the source code distribution as outlined earlier, + you will want to extract the os2seutp directory from CVS: + cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login + cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co os2setup + + This will create a directory named os2setup/, which will contain the + Makefile.vac makefile and os2build.cmd + which is used to completely create the binary distribution. The sequence + of events for building the executable for yourself goes something like this: + + cd current + autoheader autoconf sh configure - make + cd ..\os2setup + nmake -f Makefile.vac + You will see this sequence laid out in os2build.cmd. @@ -372,7 +432,7 @@ configuration section below. HB.) - For FreeBSD (and other *BSDs?), the build will need gmake + For FreeBSD (and other *BSDs?), the build will require gmake instead of the included make. gmake is available from http://www.gnu.org. The rest should be the same as above for Linux/Unix. @@ -386,20 +446,20 @@ configuration section below. HB.) -Junkbuster Configuration +Invoking and Configuring JunkBuster - For Unix, *BSD and Linux, all configuraton files are located in - /etc/junkbuster/ by default. For MS Windows and OS/2, - these are all in the same directory as the + For Unix, *BSD and Linux, all configuration files are located in + /etc/junkbuster/ by default. For MS Windows, OS/2, and + AmigaOS these are all in the same directory as the Junkbuster executable. The name and number of configuration files has changed from previous versions, and is subject to change as development progresses. - The installed defaults provide a reasonable starting point. For the - time being, there are only three default configuration files (this will - change in time): + The installed defaults provide a reasonable starting point, though possibly + aggressive by some standards. For the time being, there are only three + default configuration files (this will change in time): @@ -408,16 +468,21 @@ configuration section below. HB.) The main configuration file is named config - on Linux, Unix, BSD, and OS/2, and junkbustr.txt on - Windows. On Amiga, it is - AmiTCP:db/junkbuster/config. + on Linux, Unix, BSD, OS/2, and AmigaOS and config.txt + on Windows. - The actionsfile file is used to define various - actions relating to images, banners, pop-ups, banners and cookies. + The ijb.action file is used to define various + actions relating to images, banners, pop-ups, access + restrictions, banners and cookies. There is a CGI based editor for this + file that can be accessed via http://i.j.b. This is the easiest method of + configuring actions. (Other actions + files are included as well with differing levels of filtering + and blocking, e.g. ijb-basic.action.) @@ -432,22 +497,113 @@ configuration section below. HB.) - actionsfile and re_filterfile + ijb.action and re_filterfile can use Perl style regular expressions for maximum flexibility. All files use the # character to denote a comment. Such lines are not processed by Junkbuster. After - making any changes, restart Junkbuster in order - for the changes to take effect. + making any changes, there is no need to restart + Junkbuster in order for the changes to take + effect. Junkbuster should detect such changes + automatically. + + + + While under development, the configuration content is subject to change. + The below documentation may not be accurate by the time you read this. + Also, what constitutes a default setting, may change, so + please check all your configuration files on important issues. + + + + +Command Line Options + + JunkBuster may be invoked with the following + command-line options: + + + + + + + + --version + + + Print version info and exit, Unix only. + + + + + --help + + + Print a short usage info and exit, Unix only. + + + + + --no-daemon + + + Don't become a daemon, i.e. don't fork and become process group + leader, don't detach from controlling tty. Unix only. + + + + + --pidfile FILE + + + + On startup, write the process ID to FILE. Delete the + FILE on exit. Failiure to create or delete the + FILE is non-fatal. If no FILE + option is given, no PID file will be used. Unix only. + + + + + --user USER + + + + After (optionally) writing the PID file, assume the user ID of + USER. Exit if the privileges are not sufficient to do + so. Unix only. + + + + + configfile + + + If no configfile is included on the command line, + JunkBuster will look for a file named + config in the current directory (except on Win32 + where it will look for config.txt instead). Specify + full path to avoid confusion. + + + + + + + + + + + The Main Configuration File Again, the main configuration file is named config on - Linux/Unix/BSD and OS/2, and junkbustr.txt on Windows. + Linux/Unix/BSD and OS/2, and config.txt on Windows. Configuration lines consist of an initial keyword followed by a list of values, all separated by whitespace (any number of spaces or tabs). For example: @@ -455,11 +611,11 @@ configuration section below. HB.) - + blockfile blocklist.ini - + @@ -468,7 +624,7 @@ configuration section below. HB.) - The # indicates a comment. Any part of a + A # indicates a comment. Any part of a line following a # is ignored, except if the # is preceded by a \. @@ -492,7 +648,7 @@ configuration section below. HB.) There are various aspects of Junkbuster behavior - that can be adjusted. + that can be tuned. @@ -509,15 +665,16 @@ configuration section below. HB.) - On Windows, Junkbuster - looks for these files in the same directory as the executable. On Unix and - OS/2, Junkbuster looks for these files in the current - working directory. In either case, an absolute path name can be used to + On Windows and AmigaOS, + Junkbuster looks for these files in the same + directory as the executable. On Unix and OS/2, + Junkbuster looks for these files in the current + working directory. In either case, an absolute path name can be used to avoid problems. - When development goes modular and multiuser, the blocker, filter, and + When development goes modular and multi-user, the blocker, filter, and per-user config will be stored in subdirectories of confdir. For now, only confdir/templates is used for storing HTML templates for CGI results. @@ -529,11 +686,11 @@ configuration section below. HB.) - + confdir /etc/junkbuster # No trailing /, please. - + @@ -545,11 +702,11 @@ configuration section below. HB.) - + logdir /var/log/junkbuster - + @@ -559,41 +716,52 @@ configuration section below. HB.) - The actionsfile contains patterns to specify the actions to + The ijb.action file contains patterns to specify the actions to apply to requests for each site. Default: Cookies to and from all - destinations are filtered. Popups are disabled for all sites. All sites are - filtered if re_filterfile specified. No sites are blocked. An empty image is - displayed for filtered ads and other images (formerly - tinygif). The syntax of this file is explained in detail - below. + destinations are kept only during the current browser session (i.e. they + are not saved to disk). Pop-ups are disabled for all sites. All sites are + filtered if re_filterfile specified according to the + contents of re_filterfile. No sites are blocked. The + JunkBuster logo is displayed for filtered ads and other images . The syntax + of this file is explained in detail below. - + - actionsfile actionsfile + actionsfile ijb.action - + The re_filterfile file contains content modification rules. These rules permit powerful changes on the content of Web pages, e.g., you - could disable your favourite JavaScript annoyances, rewrite the actual + could disable your favorite JavaScript annoyances, rewrite the actual content, or just have some fun replacing Microsoft with MicroSuck wherever it appears on a Web page. Default: No content modification, or whatever the developers are playing with :-/ + + Filtering requires buffering the page content, which may appear to slow down + page rendering since nothing is displayed until all content has passed + the filters. (It does not really take longer, but seems that way since + the page is not incrementally displayed.) This effect will be more noticeable + on slower connections. + + + - + re_filterfile re_filterfile - + @@ -625,11 +793,11 @@ configuration section below. HB.) - + logfile logfile - + @@ -642,11 +810,11 @@ configuration section below. HB.) - + #jarfile jarfile - + @@ -657,22 +825,22 @@ configuration section below. HB.) with the effect that access to untrusted sites will be granted, if a link from a trusted referrer was used. The link target will then be added to the trustfile. This is a very restrictive feature that typical - users most propably want to leave disabled. Default: Disabled, don't use the + users most probably want to leave disabled. Default: Disabled, don't use the trust mechanism. - + #trustfile trust - + - If you use the trust mechanism, it is a good idea to write up some online + If you use the trust mechanism, it is a good idea to write up some on-line documentation about your blocking policy and to specify the URL(s) here. They will appear on the page that your users receive when they try to access untrusted content. Use multiple times for multiple URLs. Default: Don't @@ -681,12 +849,12 @@ configuration section below. HB.) - + trust-info-url http://www.your-site.com/why_we_block.html trust-info-url http://www.your-site.com/what_we_allow.html - + @@ -714,11 +882,11 @@ configuration section below. HB.) - + #admin-address fill@me.in.please - + @@ -728,37 +896,37 @@ configuration section below. HB.) configuration and policies. It is used in many of the proxy-generated pages and its use is highly recommended in multi-user installations, since your users will want to know why certain content is blocked or modified. Default: - Don't show a link to online documentation. + Don't show a link to on-line documentation. - + proxy-info-url http://www.your-site.com/proxy.html - + Listen-address specifies the address and port where Junkbuster will listen for connections from your - Web browser. The default is to listen on the localhost port 8000, and + Web browser. The default is to listen on the localhost port 8118, and this is suitable for most users. (In your web browser, under proxy configuration, list the proxy server as localhost and the - port as 8000). + port as 8118). - If you already have another service running on port 8000, or if you want to + If you already have another service running on port 8118, or if you want to serve requests from other machines (e.g. on your local network) as well, you will need to override the default. The syntax is listen-address [<ip-address>]:<port>. If you leave - out the IP adress, junkbuster will bind to all + out the IP address, junkbuster will bind to all interfaces (addresses) on your machine and may become reachable from the - internet. In that case, consider using access control lists (acl's) (see - aclfile above). + Internet. In that case, consider using access control lists (acl's) (see + aclfile above), or a firewall. @@ -770,11 +938,11 @@ configuration section below. HB.) - + - listen-address 192.168.0.1:8000 + listen-address 192.168.0.1:8118 - + @@ -785,18 +953,18 @@ configuration section below. HB.) - + - listen-address :8000 + listen-address :8118 - + If you do this, consider using ACLs (see aclfile above). Note: you will need to point your browser(s) to the address and port that you have - configured here. Default: localhost:8000 (127.0.0.1:8000). + configured here. Default: localhost:8118 (127.0.0.1:8118). @@ -806,10 +974,10 @@ configuration section below. HB.) levels of debug are probably only of interest to developers. - - - - + + + + debug 1 # GPC = show each GET/POST/CONNECT request debug 2 # CONN = show each connection status debug 4 # IO = show I/O status @@ -818,15 +986,15 @@ configuration section below. HB.) debug 32 # FRC = debug force feature debug 64 # REF = debug regular expression filter debug 128 # = debug fast redirects - debug 256 # = debug GIF deanimation + debug 256 # = debug GIF de-animation debug 512 # CLF = Common Log Format - debug 1024 # = debug kill popups + debug 1024 # = debug kill pop-ups debug 4096 # INFO = Startup banner and warnings. debug 8192 # ERROR = Non-fatal errors - - - - + + + + It is highly recommended that you enable ERROR @@ -850,11 +1018,11 @@ configuration section below. HB.) - + debug 15 # same as setting the first 4 listed above - + @@ -864,13 +1032,13 @@ configuration section below. HB.) - + debug 1 # URLs debug 4096 # Info debug 8192 # Errors - *we highly recommended enabling this* - + @@ -886,11 +1054,11 @@ configuration section below. HB.) - + #single-threaded - + @@ -902,29 +1070,109 @@ configuration section below. HB.) The Windows version of Junkbuster puts an icon in - the system tray, which allows you to change this option without having to - edit this file. If you right-click on that icon (or select the - Options menu), one choice is Enable. Clicking - on enable toggles Junkbuster on and off. This is - useful if you want to temporarily disable - Junkbuster, e.g., to access a site that requires - cookies which you normally have blocked. + the system tray, which also allows you to change this option. If you + right-click on that icon (or select the Options menu), one + choice is Enable. Clicking on enable toggles + Junkbuster on and off. This is useful if you want + to temporarily disable Junkbuster, e.g., to access + a site that requires cookies which you would otherwise have blocked. This can also + be toggled via a web browser at the Junkbuster + internal address of http://i.j.b on + any platform. toggle 1 means Junkbuster runs normally, toggle 0 means that Junkbuster becomes a non-anonymizing non-blocking - proxy. Default: 1. + proxy. Default: 1 (on). - + toggle 1 - + + + + + + For content filtering, i.e. the +filter and + +deanimate-gif actions, it is necessary that + Junkbuster buffers the entire document body. + This can be potentially dangerous, since a server could just keep sending + data indefinitely and wait for your RAM to exhaust. With nasty consequences. + + + + The buffer-limit option lets you set the maximum + size in Kbytes that each buffer may use. When the documents buffer exceeds + this size, it is flushed to the client unfiltered and no further attempt to + filter the rest of it is made. Remember that there may multiple threads + running, which might require increasing the buffer-limit + Kbytes each, unless you have enabled + single-threaded above. + + + + + + + buffer-limit 4069 + + + + + + + To enable the web-based ijb.action file editor set + enable-edit-actions to 1, or 0 to disable. Note + that you must have compiled JunkBuster with + support for this feature, otherwise this option has no effect. This + internal page can be reached at http://i.j.b. + + + + Security note: If this is enabled, anyone who can use the proxy + can edit the actions file, and their changes will affect all users. + For shared proxies, you probably want to disable this. Default: enabled. + + + + + + + enable-edit-actions 1 + + + + + + + Allow JunkBuster to be toggled on and off + remotely, using your web browser. Set enable-remote-toggleto + 1 to enable, and 0 to disable. Note that you must have compiled + JunkBuster with support for this feature, + otherwise this option has no effect. + + + + Security note: If this is enabled, anyone who can use the proxy can toggle + it on or off (see http://i.j.b), and + their changes will affect all users. For shared proxies, you probably want to + disable this. Default: enabled. + + + + + + + enable-remote-toggle 1 + + @@ -978,11 +1226,11 @@ configuration section below. HB.) - + ACTION SRC_ADDR[/SRC_MASKLEN] [ DST_ADDR[/DST_MASKLEN] ] - + @@ -992,7 +1240,7 @@ configuration section below. HB.) - + ACTION = permit-access or deny-access @@ -1002,7 +1250,7 @@ configuration section below. HB.) DST_ADDR = server or forwarder hostname or dotted IP address DST_MASKLEN = number of bits in the subnet mask for the target - + @@ -1032,11 +1280,11 @@ configuration section below. HB.) - + permit-access localhost - + @@ -1047,11 +1295,11 @@ configuration section below. HB.) - + permit-access www.junkbusters.com/24 - + @@ -1061,11 +1309,11 @@ configuration section below. HB.) - + deny-access ident.junkbusters.com - + @@ -1076,11 +1324,11 @@ configuration section below. HB.) - + permit-access 207.153.200.0/24 - + @@ -1090,11 +1338,11 @@ configuration section below. HB.) - + permit-access 0.0.0.0/0 - + @@ -1104,11 +1352,11 @@ configuration section below. HB.) - + permit-access .org - + @@ -1126,7 +1374,7 @@ configuration section below. HB.) - + permit-access 0.0.0.0/0 0.0.0.0/0 # other clients can go anywhere # with the following exceptions: @@ -1140,7 +1388,7 @@ configuration section below. HB.) permit 123.124.0.0/16 0.0.0.0/0 # the ISP's clients can go # anywhere - + @@ -1164,7 +1412,8 @@ configuration section below. HB.) This feature allows chaining of HTTP requests via multiple proxies. It can be used to better protect privacy and confidentiality when accessing specific domains by routing requests to those domains - to a special purpose filtering proxy such as lpwa.com. + to a special purpose filtering proxy such as lpwa.com. Or to use + a caching proxy to speed up browsing. @@ -1185,13 +1434,13 @@ configuration section below. HB.) - + forward target_domain[:port] http_proxy_host[:port] forward-socks4 target_domain[:port] socks_proxy_host[:port] http_proxy_host[:port] forward-socks4a target_domain[:port] socks_proxy_host[:port] http_proxy_host[:port] - + @@ -1212,11 +1461,11 @@ configuration section below. HB.) - + forward .* . # implicit - + @@ -1227,12 +1476,12 @@ configuration section below. HB.) - + forward .* lpwa.com:8000 forward :443 . - + @@ -1245,16 +1494,16 @@ configuration section below. HB.) - + forward lpwa. lpwa.com:8000 - + - (NOTE: the syntax for specifiying target_domain has changed since the + (NOTE: the syntax for specifying target_domain has changed since the previous paragraph was written -- it will not work now. More information is welcome.) @@ -1266,12 +1515,12 @@ configuration section below. HB.) - + forward .* caching.myisp.net:8000 forward myisp.net . - + @@ -1282,17 +1531,17 @@ configuration section below. HB.) - + forward .* proxy:8080 - + - Also, we're told they insist on getting cookies and JavaScript, so you need - to add home.com to the cookie file. We consider JavaScript a security risk. + Also, we're told they insist on getting cookies and JavaScript, so you should + add home.com to the cookie file. We consider JavaScript a security risk. Java need not be enabled. @@ -1304,12 +1553,12 @@ configuration section below. HB.) - + - forward_socks4 .* lpwa.com:8000 firewall.my_company.com:1080 + forward-socks4 .* lpwa.com:8000 firewall.my_company.com:1080 forward my_company.com . - + @@ -1319,11 +1568,11 @@ configuration section below. HB.) - + - forward_socks4a .* . firewall.my_company.com:1080 + forward-socks4a .* . firewall.my_company.com:1080 - + @@ -1351,12 +1600,12 @@ configuration section below. HB.) - + forward .* . - forward isp-b.com host-b:8000 + forward isp-b.com host-b:8118 - + @@ -1367,12 +1616,12 @@ configuration section below. HB.) - + forward .* . - forward isp-a.com host-a:8000 + forward isp-a.com host-a:8118 - + @@ -1390,7 +1639,7 @@ configuration section below. HB.) - + forward *. ssbcache.ukc.ac.uk:3128 # Use the proxy, except for: forward .ukc.ac.uk . # Anything on the same domain as us @@ -1400,7 +1649,7 @@ configuration section below. HB.) forward localhost.localdomain . # Loopback address forward www.ukc.mirror.ac.uk . # Specific host - + @@ -1416,13 +1665,13 @@ configuration section below. HB.) - + # Define junkbuster as parent cache - cache_peer 127.0.0.1 parent 8000 0 no-query + cache_peer 127.0.0.1 parent 8118 0 no-query # Define ACL for protocol FTP acl FTP proto FTP @@ -1436,7 +1685,7 @@ configuration section below. HB.) # Forward the rest to junkbuster never_direct allow all - + @@ -1465,11 +1714,11 @@ Removed references to Win32. HB 09/23/01 - + activity-animation 1 - + @@ -1481,11 +1730,11 @@ Removed references to Win32. HB 09/23/01 - + log-messages 1 - + @@ -1502,11 +1751,11 @@ Removed references to Win32. HB 09/23/01 - + log-buffer-size 1 - + @@ -1517,11 +1766,11 @@ Removed references to Win32. HB 09/23/01 - + log-max-lines 200 - + @@ -1533,11 +1782,11 @@ Removed references to Win32. HB 09/23/01 - + log-highlight-messages 1 - + @@ -1547,11 +1796,11 @@ Removed references to Win32. HB 09/23/01 - + log-font-name Comic Sans MS - + @@ -1561,11 +1810,11 @@ Removed references to Win32. HB 09/23/01 - + log-font-size 8 - + @@ -1577,11 +1826,11 @@ Removed references to Win32. HB 09/23/01 - + show-on-task-bar 0 - + @@ -1593,11 +1842,11 @@ Removed references to Win32. HB 09/23/01 - + close-button-minimizes 1 - + @@ -1610,11 +1859,11 @@ Removed references to Win32. HB 09/23/01 - + #hide-console - + @@ -1629,12 +1878,16 @@ Removed references to Win32. HB 09/23/01 The Actions File - The actionsfile is used to define what actions + The ijb.action file (formerly + actionsfile) is used to define what actions Junkbuster takes, and thus determines how images, cookies and various other aspects of HTTP content and transactions are handled. Images can be anything you want, including ads, banners, or just some obnoxious image that you would rather not see. Cookies can be accepted - or rejected. The default file is in fact named actionsfile. + or rejected, or accepted only during the current browser session (i.e. + not written to disk). Changes to ijb.action should + be immediately visible to Junkbuster without + the need to restart. @@ -1645,10 +1898,18 @@ Removed references to Win32. HB 09/23/01 url="http://i.j.b/show-url-info">http://i.j.b/show-url-info. + + The actions file can be edited with a browser by loading + http://i.j.b/, and then select + Edit Actions. + + There are four types of lines in this file: comments (begin with a # character), actions, aliases and patterns, all of which are - explained below. + explained below, as well as the configuration file syntax that + Junkbuster understands. + @@ -1703,10 +1964,10 @@ Removed references to Win32. HB 09/23/01 - Additionally, there are wildcards that you can use in the domain names - themselves. They work pretty similar to shell wildcards: * + Additionally, there are wild-cards that you can use in the domain names + themselves. They work pretty similar to shell wild-cards: * stands for zero or more arbitrary characters, ? stands for - any single character. And you can define charachter classes in square + any single character. And you can define character classes in square brackets and they can be freely mixed: @@ -1734,7 +1995,7 @@ Removed references to Win32. HB 09/23/01 If Junkbuster was compiled with pcre support (default), Perl compatible regular expressions - can be used. See the pcre/docs/ direcory or man + can be used. See the pcre/docs/ directory or man perlre (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for details. A brief discussion of regular expressions is in the @@ -1791,12 +2052,12 @@ Removed references to Win32. HB 09/23/01 - + {+name} # enable this action {-name} # disable this action - + @@ -1804,16 +2065,16 @@ Removed references to Win32. HB 09/23/01 - Parameterized (e.g. +/-hide-user-agent): + parameterized (e.g. +/-hide-user-agent): - + {+name{param}} # enable action and set parameter to param {-name} # disable action - + @@ -1824,13 +2085,13 @@ Removed references to Win32. HB 09/23/01 - + {+name{param}} # enable action and add parameter param {-name{param}} # remove the parameter param {-name} # disable this action totally - + @@ -1843,7 +2104,7 @@ Removed references to Win32. HB 09/23/01 So in this case JunkBuster would just be a normal, non-blocking, non-anonymizing proxy. You must specifically enable the privacy and blocking features you need (although the - provided default actionsfile file will + provided default ijb.action file will give a good starting point). @@ -1866,11 +2127,11 @@ Removed references to Win32. HB 09/23/01 - + +add-header{Name: value} - + @@ -1882,11 +2143,11 @@ Removed references to Win32. HB 09/23/01 - + +block - + @@ -1898,18 +2159,18 @@ Removed references to Win32. HB 09/23/01 This will also shrink the images considerably (in bytes, not pixels!). If the option first is given, the first frame of the animation is used as the replacement. If last is given, the last frame - of the animation is used instead, which propably makes more sense for most + of the animation is used instead, which probably makes more sense for most banner animations, but also has the risk of not showing the entire last frame (if it is only a delta to an earlier frame). - + +deanimate-gifs{last} +deanimate-gifs{first} - + @@ -1924,11 +2185,11 @@ Removed references to Win32. HB 09/23/01 - + +downgrade - + @@ -1943,7 +2204,7 @@ Removed references to Win32. HB 09/23/01 Sometimes, there are even multiple consecutive redirects encoded in the - URL. These redirections via scripts make your web browing more traceable, + URL. These redirections via scripts make your web browsing more traceable, since the server from which you follow such a link can see where you go to. Apart from that, valuable bandwidth and time is wasted, while your browser ask the server for one redirect after the other. Plus, it feeds the @@ -1957,11 +2218,11 @@ Removed references to Win32. HB 09/23/01 - + +fast-redirects - + @@ -1972,11 +2233,11 @@ Removed references to Win32. HB 09/23/01 - + +filter{filename} - + @@ -1987,11 +2248,11 @@ Removed references to Win32. HB 09/23/01 - + +hide-forwarded - + @@ -2004,12 +2265,12 @@ Removed references to Win32. HB 09/23/01 - + +hide-from{block} +hide-from{spam@sittingduck.xqq} - + @@ -2023,13 +2284,13 @@ Removed references to Win32. HB 09/23/01 - + +hide-referer{block} +hide-referer{forge} +hide-referer{http://nowhere.com} - + @@ -2043,11 +2304,11 @@ Removed references to Win32. HB 09/23/01 - + +hide-referrer{...} - + @@ -2061,11 +2322,11 @@ Removed references to Win32. HB 09/23/01 - + +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)} - + @@ -2104,11 +2365,11 @@ Removed references to Win32. HB 09/23/01 - + +image - + @@ -2127,13 +2388,13 @@ Removed references to Win32. HB 09/23/01 - + +image-blocker{logo} +image-blocker{blank} +image-blocker{http://i.j.b/send-banner} - + @@ -2164,14 +2425,14 @@ Removed references to Win32. HB 09/23/01 - + +limit-connect{443} # This is the default and need no be specified. +limit-connect{80,443} # Ports 80 and 443 are OK. +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100 #and above 500 are OK. - + @@ -2189,26 +2450,44 @@ Removed references to Win32. HB 09/23/01 - + +nocompression - + + + + If the website sets cookies, no-cookies-keep will make sure + they are erased when you exit and restart your web browser. This makes + profiling cookies useless, but won't break sites which require cookies so + that you can log in for transactions. Default: on. + + + + + + +no-cookies-keep + + + + + + Prevent the website from reading cookies: - + +no-cookies-read - + @@ -2219,11 +2498,11 @@ Removed references to Win32. HB 09/23/01 - + +no-cookies-set - + @@ -2236,12 +2515,12 @@ Removed references to Win32. HB 09/23/01 - + +no-popup +no-popups - + @@ -2256,11 +2535,11 @@ Removed references to Win32. HB 09/23/01 - + +vanilla-wafer - + @@ -2272,11 +2551,11 @@ Removed references to Win32. HB 09/23/01 - + +wafer{name=value} - + @@ -2299,15 +2578,18 @@ Removed references to Win32. HB 09/23/01 - + - # Turn off all cookies + # Turn off all persistent cookies { +no-cookies-read } { +no-cookies-set } + # Allow cookies for this browser session ONLY + { +no-cookies-keep } - # Execeptions to the above, sites that need cookies + # Exceptions to the above, sites that benefit from persistent cookies { -no-cookies-read } { -no-cookies-set } + { -no-cookies-keep } .javasoft.com .sun.com .yahoo.com @@ -2315,11 +2597,11 @@ Removed references to Win32. HB 09/23/01 .redhat.com # Alternative way of saying the same thing - {-no-cookies-set -no-cookies-read} + {-no-cookies-set -no-cookies-read -no-cookies-keep} .sourceforge.net .sf.net - + @@ -2329,7 +2611,7 @@ Removed references to Win32. HB 09/23/01 - + # Turn them off! {+fast-redirects} @@ -2339,7 +2621,7 @@ Removed references to Win32. HB 09/23/01 www.ukc.ac.uk/cgi-bin/wac\.cgi\? login.yahoo.com - + @@ -2349,7 +2631,7 @@ Removed references to Win32. HB 09/23/01 - + # Run everything through the default filter file (re_filterfile): {+filter} @@ -2358,7 +2640,7 @@ Removed references to Win32. HB 09/23/01 {-filter} .cvs.sourceforge.net - + @@ -2370,7 +2652,7 @@ Removed references to Win32. HB 09/23/01 - + # Blocklist: {+block} @@ -2418,7 +2700,7 @@ Removed references to Win32. HB 09/23/01 /.*/adlib/server\.cgi /autoads/ - + @@ -2438,9 +2720,9 @@ Removed references to Win32. HB 09/23/01 { or }. But please use only a- z, 0-9, +, and -. Alias names are not case sensitive, and - must be defined before anything else in - actionsfile! And there can only be one set of - aliases of defined. + must be defined before anything else in the + ijb.actionfile ! And there can only be one set of + aliases defined. @@ -2449,7 +2731,7 @@ Removed references to Win32. HB 09/23/01 - + # Useful customer aliases we can use later. These must come first! {{alias}} @@ -2466,7 +2748,7 @@ Removed references to Win32. HB 09/23/01 c3 = +no-cookies-set -no-cookies-read #... etc. Customize to your heart's content. - + @@ -2477,7 +2759,7 @@ Removed references to Win32. HB 09/23/01 - + # These sites are very complex and require # minimal interference. @@ -2498,7 +2780,7 @@ Removed references to Win32. HB 09/23/01 .dabs.com .overclockers.co.uk - + @@ -2531,13 +2813,13 @@ Removed references to Win32. HB 09/23/01 - + # The status bar is for displaying link targets, not pointless buzzwords. # Again, check it out on http://www.airport-cgn.de/. s/status='.*?';*//ig - + @@ -2548,11 +2830,11 @@ Removed references to Win32. HB 09/23/01 - + s/microsoft(?!.com)/MicroSuck/ig - + @@ -2562,7 +2844,7 @@ Removed references to Win32. HB 09/23/01 - + # Kill refresh tags. I like to refresh myself. Manually. # check it out on http://www.airport-cgn.de/ and go to the arrivals page. @@ -2570,18 +2852,40 @@ Removed references to Win32. HB 09/23/01 s/<meta[^>]*http-equiv[^>]*refresh.*URL=([^>]*?)"?>/<link rev="x-refresh" href=$1>/i s/<meta[^>]*http-equiv="?page-enter"?[^>]*content=[^>]*>/<!--no page enter for me-->/i - + + + + + + + + +Templates + + When Junkbuster displays one of its internal + pages, such as a 404 Not Found error page, it uses the appropriate template. + On Linux, BSD, and Unix, these are locate in + /etc/junkbuster/templates by default. These may be + customized, if desired. + + + + + + + + Quickstart to Using Junkbuster - Install package, then run and enjoy! Junbuster + Install package, then run and enjoy! JunkBuster accepts only one command line option -- the configuration file to be used. Example Unix startup command: @@ -2589,42 +2893,53 @@ Removed references to Win32. HB 09/23/01 - # /usr/sbin/junkbuster /etc/junkbuster/config & + # /usr/sbin/junkbuster /etc/junkbuster/config + + An init script is provided for SuSE and Redhat. + + + +For for SuSE: /etc/rc.d/junkbuster start + + + +For RedHat: /etc/rc.d/init.d/junkbuster start + + + If no configuration file is specified on the command line, Junkbuster will look for a file named - config in the current directory. Except on Amiga where - it will look for AmiTCP:db/junkbuster/config and Win32 - where it will try junkbstr.txt. If no file is specified - on the command line and no default configuration file can be found, + config in the current directory. Except on Win32 where + it will try config.txt. If no file is specified on the + command line and no default configuration file can be found, Junkbuster will fail to start. - Be sure your browser is set to use - the proxy which is by default at localhost, port 8000. With - Netscape (and Mozilla), - this can be set under Edit -> Preferences -> Advanced -> - Proxies -> HTTP Proxy. For Internet - Explorer: Tools > Internet Properties -> - Connections -> LAN Setting. Then, check Use Proxy - and fill in the appropriate info (Address: localhost, Port: 8000). - Include if HTTPS proxy support too. + Be sure your browser is set to use the proxy which is by default at + localhost, port 8118. With Netscape (and + Mozilla), this can be set under Edit + -> Preferences -> Advanced -> Proxies -> HTTP Proxy. + For Internet Explorer: Tools > + Internet Properties -> Connections -> LAN Setting. Then, + check Use Proxy and fill in the appropriate info (Address: + localhost, Port: 8118). Include if HTTPS proxy support too. The included default configuration files should give a reasonable starting point, though may be somewhat aggressive in blocking junk. You will probably - want to keep an eye out for sites that require cookies, and add these to - actionsfile as needed. By default, most of these will - be blocked until you add them to the configuration. If you want the browser - to handle this instead, you will need to edit - actionsfile and disable this feature. If you use more - than one browser, it would make more sense to let + want to keep an eye out for sites that require persistent cookies, and add these to + ijb.action as needed. By default, most of these will + be accepted only during the current browser session, until you add them to + the configuration. If you want the browser to handle this instead, you will + need to edit ijb.action and disable this feature. If you + use more than one browser, it would make more sense to let Junkbuster handle this. In which case, the browser(s) should be set to accept all cookies. @@ -2632,24 +2947,39 @@ Removed references to Win32. HB 09/23/01 If a particular site shows problems loading properly, try adding it to the {fragile} section of - actionsfile. This will turn off most actions for + ijb.action. This will turn off most actions for this site. - HTTP/1.1 support is not fully implemented. If browsers that - support HTTP/1.1 (like Mozilla or recent versions - of I.E.) experience problems, you might try to force HTTP/1.0 compatiblity. - For Mozilla, look under Edit -> Preferences -> Debug -> - Networking. Or set the +downgrade config option in - actionsfile. + Junkbuster is HTTP/1.1 compliant, but not all 1.1 + features are as yet implemented. If browsers that support HTTP/1.1 (like + Mozilla or recent versions of I.E.) experience + problems, you might try to force HTTP/1.0 compatibility. For Mozilla, look + under Edit -> Preferences -> Debug -> Networking. + Or set the +downgrade config option in + ijb.action. After running Junkbuster for a while, you can start to fine tune the configuration to suit your personal, or site, preferences and requirements. There are many, many aspects that can - be customized. + be customized. Actions (as specified in ijb.action) + can be adjusted by pointing your browser to + http://i.j.b/, + and then follow the link to edit the actions list. + (This is an internal page and does not require Internet access.) + + + + In fact, various aspects of Junkbuster + configuration can be viewed from this page, including + current configuration parameters, source code version numbers, + the browser's request headers, and actions that apply + to a given URL. In addition to the ijb.action file + editor mentioned above, Junkbuster can also + be turned on and off from this page. @@ -2667,15 +2997,32 @@ Removed references to Win32. HB 09/23/01 -Contact the Developers +Contacting the Developers, Bug Reporting and Feature +Requests - - Feature requests and other questions should be posted to the Feature - request page at SourceForge. There is also an archive there. +We value your feedback. However, to provide you with the best support, +please note: + + Use the support forum to get + help. + Submit bugs only thru our bug + forum. +Make sure that the bug has not yet been submitted. Please try to +verify that it is a Junkbuster bug, and not +a browser or site bug first. Also, check to make sure this is not +already a known bug. If you are using your own custom configuration, +please try the stock configs to see if the problem is a configuration +related bug. And if not using the latest development snapshot, please +try the latest one. Or even better, CVS sources. + + Submit feature requests only thru our feature request forum. + + + + +For any other issues, feel free to use the mailing lists. @@ -2685,14 +3032,6 @@ communication (bugs, feature requests, etc.) Archives are available here too. - - Please report bugs, using the form at - Sourceforge. - Please try to verify that it is a Junkbuster bug, - and not a browser or site bug first. Also, check to make sure this is not - already a known bug. - - @@ -2729,13 +3068,13 @@ communication (bugs, feature requests, etc.) Junkbuster was originally written by Anonymous Coders and JunkBusters + url="http://www.junkbusters.com/ht/en/ijbfaq.html">Junkbuster's Corporation, and was released as free open-source software under the GNU GPL. Stefan Waldherr made many improvements, and started the SourceForge project to - rekindle development. The last stable release was v2.0.2, which has now - grown whiskers ;-). + rekindle development. There are now several active developers contributing. + The last stable release was v2.0.2, which has now grown whiskers ;-). @@ -2758,7 +3097,7 @@ communication (bugs, feature requests, etc.) -   http://ijbswa.sourceforge.net/config/ +   http://i.j.b/ @@ -2799,7 +3138,7 @@ communication (bugs, feature requests, etc.) in various config files. Assuming support for pcre (Perl Compatible Regular Expressions) is compiled in, which is the default. Such configuration directives do not require regular expressions, but they can be - used to increase flexibility by matching a pattern with wildcards against + used to increase flexibility by matching a pattern with wild-cards against URLs. @@ -2814,18 +3153,18 @@ communication (bugs, feature requests, etc.) expression against another to see if it matches or not. One of the expressions is a literal string of readable characters (letter, numbers, etc), and the other is a complex string of literal - characters combined with wildcards, and other special characters, called - metacharacters. The metacharacters have special meanings and + characters combined with wild-cards, and other special characters, called + meta-characters. The meta-characters have special meanings and are used to build the complex pattern to be matched against. Perl Compatible Regular Expressions is an enhanced form of the regular expression language with backward compatibility. - To make a simple analogy, we do something similar when we use wildcard + To make a simple analogy, we do something similar when we use wild-card characters when listing files with the dir command in DOS. *.* matches all filenames. The special - character here is the asterik which matches any and all characters. We can be + character here is the asterisk which matches any and all characters. We can be more specific and use ? to match just individual characters. So dir file?.text would match file1.txt, file2.txt, etc. We are pattern @@ -2872,7 +3211,7 @@ communication (bugs, feature requests, etc.) \ - The escape character denotes that the following character should be taken literally. This is used where one of the special characters (e.g. .) needs to be taken literally and - not as a special metacharacter. + not as a special meta-character. @@ -2885,7 +3224,7 @@ communication (bugs, feature requests, etc.) - () - Pararentheses are used to group a sub-expression, + () - parentheses are used to group a sub-expression, or multiple sub-expressions. @@ -2997,7 +3336,7 @@ communication (bugs, feature requests, etc.) s/microsoft(?!.com)/MicroSuck/i - This is - a substitution. MicroSuck will replace any occurence of + a substitution. MicroSuck will replace any occurrence of microsoft. The i at the end of the expression means ignore case. The (?!.com) means the match should fail if microsoft is followed by @@ -3044,6 +3383,75 @@ communication (bugs, feature requests, etc.) Temple Place - Suite 330, Boston, MA 02111-1307, USA. $Log: user-manual.sgml,v $ + Revision 1.39 2002/03/06 16:19:28 hal9 + Note on perceived filtering slowdown per FR. + + Revision 1.38 2002/03/05 23:55:14 hal9 + Stupid I did it again. Double hyphen in comment breaks jade. + + Revision 1.37 2002/03/05 23:53:49 hal9 + jade barfs on '- -' embedded in comments. - -user option broke it. + + Revision 1.36 2002/03/05 22:53:28 hal9 + Add new - - user option. + + Revision 1.35 2002/03/05 00:17:27 hal9 + Added section on command line options. + + Revision 1.34 2002/03/04 19:32:07 oes + Changed default port to 8118 + + Revision 1.33 2002/03/03 19:46:13 hal9 + Emphasis on where/how to report bugs, etc + + Revision 1.32 2002/03/03 09:26:06 joergs + AmigaOS changes, config is now loaded from PROGDIR: instead of + AmiTCP:db/junkbuster/ if no configuration file is specified on the + command line. + + Revision 1.31 2002/03/02 22:45:52 david__schmidt + Just tweaking + + Revision 1.30 2002/03/02 22:00:14 hal9 + Updated 'New Features' list. Ran through spell-checker. + + Revision 1.29 2002/03/02 20:34:07 david__schmidt + Update OS/2 build section + + Revision 1.28 2002/02/24 14:34:24 jongfoster + Formatting changes. Now changing the doctype to DocBook XML 4.1 + will work - no other changes are needed. + + Revision 1.27 2002/01/11 14:14:32 hal9 + Added a very short section on Templates + + Revision 1.26 2002/01/09 20:02:50 hal9 + Fix bug re: auto-detect config file changes. + + Revision 1.25 2002/01/09 18:20:30 hal9 + Touch ups for *.action files. + + Revision 1.24 2001/12/02 01:13:42 hal9 + Fix typo. + + Revision 1.23 2001/12/02 00:20:41 hal9 + Updates for recent changes. + + Revision 1.22 2001/11/05 23:57:51 hal9 + Minor update for startup now daemon mode. + + Revision 1.21 2001/10/31 21:11:03 hal9 + Correct 2 minor errors + + Revision 1.18 2001/10/24 18:45:26 hal9 + *** empty log message *** + + Revision 1.17 2001/10/24 17:10:55 hal9 + Catching up with Jon's recent work, and a few other things. + + Revision 1.16 2001/10/21 17:19:21 swa + wrong url in documentation + Revision 1.15 2001/10/14 23:46:24 hal9 Various minor changes. Fleshed out SEE ALSO section.