X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fconfig.html;h=a1df796c7b5571b8f7eebd70c72e63e50af99570;hp=f672f6c33e3061c0be39ca8114c885ce67ed4c89;hb=521b46fe672fed762b385560f350fbe59d32b6cf;hpb=d5bba1fd0bce2185b191b7a8280cae9a62c829d6 diff --git a/doc/webserver/user-manual/config.html b/doc/webserver/user-manual/config.html index f672f6c3..a1df796c 100644 --- a/doc/webserver/user-manual/config.html +++ b/doc/webserver/user-manual/config.html @@ -689,7 +689,9 @@
If the address for the hostname isn't already known on the system (for example because it's in /etc/hostname), this may result in DNS traffic.
If the specified address isn't available on the system, or if the hostname can't be resolved, - Privoxy will fail to start.
+ Privoxy will fail to start. On GNU/Linux, and other platforms that can + listen on not yet assigned IP addresses, Privoxy will start and will listen on the specified address + whenever the IP address is assigned to the systemIPv6 addresses containing colons have to be quoted by brackets. They can only be used if Privoxy has been compiled with IPv6 support. If you aren't sure if your version supports it, have a look at http://config.privoxy.org/show-status.
@@ -1330,7 +1332,8 @@target_pattern target_pattern [user:pass@]socks_proxy[:port] http_parent[:port]
where target_pattern is a http_parent may be "." to denote "no HTTP forwarding"), and the optional port - parameters are TCP ports, i.e. integer values from 1 to 65535
+ parameters are TCP ports, i.e. integer values from 1 to 65535. user + and pass can be used for SOCKS5 authentication if required.
- - forward-socks4a / socks-gw.example.com:1080 www-cache.isp.example.net:8080 +forward-socks4a / socks-gw.example.com:1080 www-cache.isp.example.net:8080 forward .example.com . |
To connect SOCKS5 proxy which requires username/password authentication:
+
+ forward-socks5 / user:pass@socks-gw.example.com:1080 .+ |
+
To chain Privoxy and Tor, both running on the same system, you would use something like:
Directory with the CA key, the CA certificate and the trusted CAs file.
+Text
+Empty string
+Default value is used.
+This directive specifies the directory where the CA key, the CA certificate and the trusted CAs file + are located.
+ca-directory /usr/local/etc/privoxy/CA
+The CA certificate file in ".crt" format.
+Text
+cacert.crt
+Default value is used.
+This directive specifies the name of the CA certificate file in ".crt" format.
+It can be generated with: openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt + -days 3650
+ca-cert-file root.crt
+The CA key file in ".pem" format.
+Text
+cacert.pem
+Default value is used.
+This directive specifies the name of the CA key file in ".pem" format. See the ca-cert-file for a command to generate it.
+ca-key-file cakey.pem
+The password for the CA keyfile.
+Text
+Empty string
+Default value is used.
+This directive specifies the password for the CA keyfile that is used when Privoxy generates + certificates for intercepted requests.
+Note that the password is shown on the CGI page so don't reuse an important one.
+ca-password blafasel
+Directory to safe generated keys and certificates.
+Text
+./certs
+Default value is used.
+This directive specifies the directory where generated TLS/SSL keys and certificates are saved.
+certificate-directory /usr/local/var/privoxy/certs
+The trusted CAs file in ".pem" format.
+File name relative to ca-directory
+trustedCAs.pem
+Default value is used.
+This directive specifies the trusted CAs file that is used when validating certificates for + intercepted TLS/SSL request.
+An example file can be downloaded from https://curl.haxx.se/ca/cacert.pem.
+trusted-cas-file trusted_cas_file.pem
+Privoxy has a number of options specific to the Windows GUI interface:
If "activity-animation" is set to 1, the Privoxy