X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=privoxy.1;h=2046f66ba785c607a1ea0c6a7dfcdfc6fd62a0e7;hp=e52f6f4864b7db006f44e14b5dcd4a8b0d01ed40;hb=f3a37c457380fc507715cdce112786db4b97c337;hpb=822aef930c65c18fc8b75d9d7429d54191c1f6e1

diff --git a/privoxy.1 b/privoxy.1
index e52f6f48..2046f66b 100644
--- a/privoxy.1
+++ b/privoxy.1
@@ -3,15 +3,12 @@
 .\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> 
 .\" Please send any bug reports, improvements, comments, patches, 
 .\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "PRIVOXY" "1" "24 April 2002" "Privoxy 2.9.14 beta" ""
+.TH "PRIVOXY" "1" "14 August 2008" "Privoxy 3.0.10" ""
 .SH NAME
 privoxy \- Privacy Enhancing Proxy
 .SH SYNOPSIS
 
-\fBprivoxy\fR [\fB--help\fR]  [\fB--version\fR]  [\fB--no-daemon\fR]  [\fB--pidfile \fIpidfile\fB\fR]  [\fB--user \fIuser[.group]\fB\fR]  [\fB\fIconfigfile\fB\fR] \fB(UNIX)\fR
-
-
-\fBprivoxy.exe\fR [\fB\fIconfigfile\fB\fR] \fB(Windows)\fR
+\fBprivoxy\fR [\fB--help\fR ] [\fB--version\fR ] [\fB--no-daemon\fR ] [\fB--pidfile \fIpidfile\fB\fR ] [\fB--user \fIuser[.group]\fB\fR ] [\fB--chroot\fR ] [\fB--pre-chroot-nslookup \fIhostname\fB\fR ] [\fB\fIconfigfile\fB\fR ]
 
 .SH "OPTIONS"
 .PP
@@ -31,7 +28,7 @@ leader, don't detach from controlling tty, and do all logging there.
 \fB--pidfile \fIpidfile\fB\fR
 On startup, write the process ID to \fIpidfile\fR.
 Delete the \fIpidfile\fR on exit.
-Failiure to create or delete the \fIpidfile\fR
+Failure to create or delete the \fIpidfile\fR
 is non-fatal. If no \fB--pidfile\fR option is given, no PID file will be used.
 .TP
 \fB--user \fIuser[.group]\fB\fR
@@ -41,180 +38,195 @@ After (optionally) writing the PID file, assume the user ID of
 \fIgroup\fR was not given, the default group of
 \fIuser\fR. Exit if the privileges are not
 sufficient to do so.
+.TP
+\fB--chroot\fR
+Before changing to the user ID given in the --user option, chroot to
+that user's home directory, i.e. make the kernel pretend to the
+\fBPrivoxy\fR process that the directory tree starts
+there. If set up carefully, this can limit the impact of possible
+vulnerabilities in \fBPrivoxy\fR to the files contained in
+that hierarchy. 
+.TP
+\fB--pre-chroot-nslookup \fIhostname\fB\fR
+Initialize the resolver library using \fIhostname\fR
+before chroot'ing. On some systems this reduces the number of files
+that must be copied into the chroot tree.
 .PP
 If the \fIconfigfile\fR is not specified on  the  command  line,
 \fBPrivoxy\fR  will  look for a file named
-\fIconfig\fR in the current directory (except on Win32 where
-it will try \fIconfig.txt\fR). If no
+\fIconfig\fR in the current directory . If no
 \fIconfigfile\fR is found, \fBPrivoxy\fR will 
 fail to start.
 .SH "DESCRIPTION"
 .PP
-\fBPrivoxy\fR is a web proxy with advanced filtering
-capabilities for protecting privacy, filtering web page content, managing
-cookies, controlling access, and removing ads, banners, pop-ups and other
-obnoxious Internet junk. \fBPrivoxy\fR has a very
-flexible configuration and can be customized to suit individual needs and
-tastes. \fBPrivoxy\fR has application for both
-stand-alone systems and multi-user networks.
+Privoxy is a non-caching
+web proxy
+with advanced filtering capabilities for enhancing privacy,
+modifying web page data, managing HTTP
+cookies, 
+controlling access, and removing ads, banners, pop-ups and other obnoxious
+Internet junk. Privoxy has a flexible configuration and can be
+customized to suit individual needs and tastes. Privoxy has application for
+both stand-alone systems and multi-user networks.
 .PP
-\fBPrivoxy\fR is based on \fBInternet
-Junkbuster\fR (tm).
+Privoxy is based on Internet Junkbuster (tm).
 .SH "INSTALLATION AND USAGE"
 .PP
-Browsers must be individually configured to use \fBPrivoxy\fR as
-a HTTP proxy.  The default setting is  for  localhost,  on port  8118
-(configurable in the main config file).  To set the HTTP proxy in Netscape
-and Mozilla, go through:  \fBEdit\fR;
+Browsers can either be individually configured to use
+\fBPrivoxy\fR as a HTTP proxy (recommended),
+or \fBPrivoxy\fR can be combined with a packet
+filter to build an intercepting proxy
+(see \fIconfig\fR).  The default setting is  for
+localhost,  on port  8118 (configurable in the main config file).  To set the
+HTTP proxy in Netscape and Mozilla, go through:  \fBEdit\fR;
 \fBPreferences\fR;  \fBAdvanced\fR;
 \fBProxies\fR;  \fBManual Proxy Configuration\fR;
 \fBView\fR. 
 .PP
+For Firefox, go through: \fBTools\fR; 
+\fBOptions\fR; \fBGeneral\fR;
+\fBConnection Settings\fR;
+\fBManual Proxy Configuration\fR. 
+.PP
 For Internet Explorer, go through: \fBTools\fR; 
 \fBInternet Properties\fR; \fBConnections\fR;
 \fBLAN Settings\fR. 
 .PP
 The Secure (SSL) Proxy should also be set to the same values, otherwise
-https: URLs will not be proxied. 
+https: URLs will not be proxied. Note: \fBPrivoxy\fR can only
+proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
+HTTPS presents some limitations, and not all features will work with HTTPS 
+connections.
 .PP
 For other browsers, check the documentation.
 .SH "CONFIGURATION"
 .PP
 \fBPrivoxy\fR can be configured with the various configuration
 files. The default configuration files are: \fIconfig\fR,
-\fIdefault.action\fR, and
-\fIdefault.filter\fR. These are well commented.  On Unix and
-Unix-like systems, these are located in \fI/etc/privoxy/\fR by
-default. On Windows, OS/2 and AmigaOS, these files are in the same directory
-as the \fBPrivoxy\fR executable.
+\fIdefault.filter\fR, and
+\fIdefault.action\fR. \fIuser.action\fR should 
+be used for locally defined exceptions to the default rules of
+\fIdefault.action\fR, and \fIuser.filter\fR for 
+locally defined filters. These are well commented.  On Unix
+and Unix-like systems, these are located in
+\fI/etc/privoxy/\fR by default. 
 .PP
-The name and number of configuration files has changed from previous
-versions, and is subject to change as development progresses. In fact, the
-configuration itself is changed  and  much more sophisticated. See the
-user-manual for a
-brief explanation of all configuration options. 
+\fBPrivoxy\fR uses the concept of \fBactions\fR 
+in order to manipulate the data stream between the browser and remote sites.
+There are various actions available with specific functions for such things 
+as blocking web sites, managing cookies, etc. These actions can be invoked
+individually or combined, and used against individual URLs, or groups of URLs 
+that can be defined using wildcards and regular expressions. The result is
+that the user has greatly enhanced control and freedom.
 .PP
 The actions list (ad blocks, etc) can also be configured with your
-web browser at http://ijbswa.sourceforge.net/config.
+web browser at http://config.privoxy.org/ 
+(assuming the configuration allows it).
 \fBPrivoxy's\fR configuration parameters  can also  be viewed at
 the same page. In addition, \fBPrivoxy\fR can be toggled on/off.
-This is an internal page.
+This is an internal page, and does not require Internet access.
+.PP
+See the \fIUser Manual\fR for a detailed
+explanation of installation, general usage, all configuration options, new
+features and notes on upgrading.
 .SH "SAMPLE CONFIGURATION"
 .PP
-A brief example of what a \fIdefault.action\fR configuration
-might look like:
+A brief example of what a simple \fIdefault.action\fR
+configuration might look like:
 
 .nf
-
  # Define a few useful custom aliases for later use
  {{alias}}
 
- # Useful aliases
- +prevent-cookies = +prevent-setting-cookies +prevent-reading-cookies
- -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies
- +imageblock      = +block +handle-as-image
+ # Useful aliases that combine more than one action
+ +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+ -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ +block-as-image = +block +handle-as-image
 
  # Fragile sites should have the minimum changes
  fragile     = -block -deanimate-gifs -fast-redirects -filter \\
-               -hide-referer -prevent-cookies -kill-popups
+               -hide-referer -prevent-cookies
 
- # Shops should be allowed to set persistent cookies
- shop        = -filter -prevent-cookies -prevent-keeping-cookies
+ ## Turn some actions on ################################
+ ## NOTE: Actions are off by default, unless explictily turned on 
+ ## otherwise with the '+' operator.
 
- # Your favourite blend of filters:
- #
- myfilters   = +filter{html-annoyances} +filter{js-annoyances} \\
-               +filter{popups} +filter{webbugs} +filter{banners-by-size} 
+{ \\
++deanimate-gifs{last} \\
++filter{refresh-tags} \\
++filter{img-reorder} \\
++filter{banners-by-size} \\
++filter{webbugs} \\
++filter{jumping-windows} \\
++filter{ie-exploits} \\
++hide-forwarded-for-headers \\
++hide-from-header{block} \\
++hide-referrer{conditional-block} \\
++session-cookies-only \\
++set-image-blocker{pattern} \\
+}
+/ # '/' Match *all* URL patterns
 
- ## Default Policies (actions) ############################
- { \\
- -add-header \\
- -block \\
- +deanimate-gifs{last} \\
- -downgrade-http-version \\
- -fast-redirects \\
- +filter{html-annoyances} \\
- +filter{js-annoyances} \\
- +filter{content-cookies} \\
- -filter{popups} \\
- +filter{webbugs} \\
- +filter{refresh-tags} \\
- -filter{fun} \\
- +filter{nimda} \\
- +filter{banners-by-size} \\
- -filter{shockwave-flash} \\
- -filter{crude-prental} \\
- +hide-forwarded-for-headers \\
- +hide-from-header{block} \\
- +hide-referrer{forge} \\
- -hide-user-agent \\
- -handle-as-image \\
- +set-image-blocker{pattern} \\
- -limit-connect \\
- +prevent-compression \\
- +session-cookies-only \\
- +prevent-reading-cookies \\
- +prevent-setting-cookies \\
- -kill-popups \\
- -send-vanilla-wafer \\
- -send-wafer \\
- }
- /
- # Now set exceptions to the above defined policies #######
+ 
+ # Block all URLs that match these patterns
+ { +block }
+  ad.
+  ad[sv].
+  .*ads.
+  banner?.
+  /.*count(er)?\\.(pl|cgi|exe|dll|asp|php[34]?)
+  .hitbox.com 
+  media./.*(ads|banner)
 
- # Sites where we want persistant cookies
- {-prevent-reading-cookies -prevent-setting-cookies}
-  .redhat.com
-  .sun.com
-  .yahoo.com
-  .msdn.microsoft.com
+ # Block, and treat these URL patterns as if they were 'images'.
+ # We would expect these to be ads.
+ { +block-as-image }
+  .ad.doubleclick.net
+  .a[0-9].yimg.com/(?:(?!/i/).)*$
+  ad.*.doubleclick.net
 
- # This site requires cookies AND 'fast-redirects' on
- {-prevent-reading-cookies -prevent-setting-cookies -fast-redirects}
-  .nytimes.com
+ # Make exceptions for these harmless ones that would be 
+ # caught by our +block patterns just above.
+ { -block }
+  adsl.
+  adobe.
+  advice.
+  .*downloads.
+  # uploads or downloads
+  /.*loads
+.fi
+.PP
+Then for a \fIuser.action\fR, we would put local,
+narrowly defined exceptions:
 
- # Add custom headers, and turn off filtering of page source
- {+add-header{X-Privacy: Yes please} #-add-header{*} \\
-  +add-header{X-User-Tracking: No thanks!} -filter}
-  privacy.net
+.nf
+ # Re-define aliases as needed here
+ {{alias}}
 
- # Block, and treat these URLs as 'images'.
- {+imageblock}
- ar.atwola.com 
- .ad.doubleclick.net
- .a.yimg.com/(?:(?!/i/).)*$
- .a[0-9].yimg.com/(?:(?!/i/).)*$
- bs*.gsanet.com
- bs*.einets.com
- .qkimg.net
- ad.*.doubleclick.net
+ # Useful aliases
+ -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ 
+ # Set personal exceptions to the policies in default.action #######
 
- # Block any URLs that match these patterns
- {+block}
- ad*.
- .*ads.
- banner?.
- count*.
- /(?:.*/)?(ads(erver?|tream)?|.*?ads|adv(ert(s|enties|is(ing|e?ments)?)?)?|(ad)?[-_]?banner(s|ads?|farm)?)/
- /.*count(er)?\\.(pl|cgi|exe|dll|asp|php[34]?)
- /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
- .hitbox.com 
+ # Sites where we want persistent cookies, so allow *all* cookies
+ { -crunch-cookies -session-cookies-only }
+  .redhat.com
+  .sun.com
+  .msdn.microsoft.com
+ 
+ # These sites break easily. Use our "fragile" alias here.
+ { fragile }
+  .forbes.com
+  mybank.example.com
 
- # Make exceptions for these harmless ones that would be 
- # caught by +block.
- {-block}
- include.ebay.com
- adsl.
- advice.
- .edu
- .ac.uk
- .uni-*.de
- .*downloads.
+ # Replace example.com's style sheet with one of my choosing
+ { +redirect{http://localhost/css-replacements/example.com.css} }
+  .example.com/stylesheet.css
 .fi
 .PP
 See the comments in the configuration files themselves, or the 
-\fIuser-manual\fR
-for explanations of the above syntax, and other \fBPrivoxy\fR
+\fIUser Manual\fR
+for full explanations of the above syntax, and other \fBPrivoxy\fR
 configuration options.
 .SH "FILES"
 
@@ -226,14 +238,15 @@ configuration options.
  \fI/etc/privoxy/standard.action\fR
  \fI/etc/privoxy/user.action\fR
  \fI/etc/privoxy/default.filter\fR
+ \fI/etc/privoxy/user.filter\fR
  \fI/etc/privoxy/trust\fR
  \fI/etc/privoxy/templates/*\fR
  \fI/var/log/privoxy/logfile\fR
 .fi
 .PP
 Various other files should be included, but may vary depending on platform
-and build configuration. More documentation should be included in the local
-documentation directory, though is not complete at this time.
+and build configuration. Additional documentation should be included in the local
+documentation directory.
 .SH "SIGNALS"
 .PP
 \fBPrivoxy\fR terminates on the \fBSIGINT\fR,
@@ -245,11 +258,8 @@ config file changes by \fBSIGHUP\fR -- it will detect them
 automatically. 
 .SH "NOTES"
 .PP
-This is a beta version of \fBPrivoxy\fR. Not 
-all features are well tested.
-.PP
-Please see the \fIuser-manual\fR on how to contact the
-developers for feature requests, reporting problems, and other questions.
+Please see the \fIUser Manual\fR on how to contact the
+developers, for feature requests, reporting problems, and other questions.
 .SH "SEE ALSO"
 .PP
 Other references and sites of interest to \fBPrivoxy\fR
@@ -257,58 +267,79 @@ users:
 .PP
 
 http://www.privoxy.org/, 
-The \fBPrivoxy\fR Home page. 
+the \fBPrivoxy\fR Home page. 
+
+http://www.privoxy.org/faq/, 
+the \fBPrivoxy\fR FAQ. 
 
-http://sourceforge.net/projects/ijbswa, 
+http://sourceforge.net/projects/ijbswa/, 
 the Project Page for \fBPrivoxy\fR on 
-Sourceforge.
+SourceForge.
+
+http://config.privoxy.org/,
+the web-based user interface. \fBPrivoxy\fR must be
+running for this to work. Shortcut: http://p.p/
+
+http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit ``misses'' and other
+configuration related suggestions to the developers. 
 
-http://p.p/, access
-\fBPrivoxy\fR from your browser. Alternately, 
-http://config.privoxy.org
-may work in some situations where the first does not.
+http://www.junkbusters.com/ht/en/cookies.html,
+an explanation how cookies are used to track web users.
 
-http://p.p/  
-to submit ``misses'' to the developers. 
+http://www.junkbusters.com/ijb.html,
+the original Internet Junkbuster.
 
-http://www.junkbusters.com/ht/en/cookies.html
+http://privacy.net/, a useful site
+to check what information about you is leaked while you browse the web.
 
-http://www.waldherr.org/junkbuster/
+http://www.squid-cache.org/, a popular
+caching proxy, which is often used together with \fBPrivoxy\fR.
 
-http://privacy.net/analyze/
+http://www.pps.jussieu.fr/~jch/software/polipo/,
+\fBPolipo\fR is a caching proxy with advanced features
+like pipelining, multiplexing and caching of partial instances. In many setups
+it can be used as \fBSquid\fR replacement.
 
-http://www.squid-cache.org/
+http://tor.eff.org/, 
+\fBTor\fR can help anonymize web browsing, 
+web publishing, instant messaging, IRC, SSH, and other applications.
+
+http://www.privoxy.org/developer-manual/, 
+the \fBPrivoxy\fR developer manual. 
 .SH "DEVELOPMENT TEAM"
 
 .nf
- Jon Foster
- Andreas Oesterhelt
- Stefan Waldherr
- Thomas Steudten
- Rodney Stromlund
- Rodrigo Barbosa (RPM specfiles)
- Hal Burgiss (docs)
- Alexander Lazic
- Gábor Lipták
- Guy
- Haroon Rafique
- David Schmidt (OS/2, Mac OSX ports)
- Joerg Strohmayer
- Sarantis Paskalis
+ Fabian Keil, lead developer
+ David Schmidt, developer
+ 
+ Hal Burgiss
+ Mark Miller
+ Gerry Murphy
+ Lee Rian
+ Roland Rosenfeld
+ Jörg Strohmayer
 .fi
 .SH "COPYRIGHT AND LICENSE"
+.SS "COPYRIGHT"
+.PP
+Copyright (C) 2001-2008 by Privoxy Developers <ijbswa-developers@lists.sourceforge.net>
+.PP
+Some source code is based on code Copyright (C) 1997 by Anonymous Coders
+and Junkbusters, Inc. and licensed under the \fIGNU General Public
+License\fR.
+.SS "LICENSE"
 .PP
 \fBPrivoxy\fR is free software; you can
-redistribute it and/or modify it under the terms of the GNU General Public
-License as published by the Free Software Foundation; either version 2 of the
-License, or (at your option) any later version.
+redistribute it and/or modify it under the terms of the 
+\fIGNU General Public License\fR, version 2,
+as published by the Free Software Foundation.
 .PP
 This program is distributed in the hope that it will be useful, but WITHOUT
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
-more details, which is available from the Free Software Foundation, Inc, 59
-Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+FITNESS FOR A PARTICULAR PURPOSE.  See the  \fIGNU General Public License\fR for details.
 .PP
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software Foundation, Inc.,
-59 Temple Place, Suite 330, Boston, MA  02111-1307  USA.
+You should have received a copy of the \fIGNU GPL\fR
+along with this program; if not, write to the  Free Software
+Foundation, Inc. 51 Franklin Street, Fifth Floor
+Boston, MA 02110-1301
+USA