X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=privoxy.1;h=6081581cba994deffde87d35b7a4c45db1da7b53;hp=2debf532d398444b4df06f7becd14b3f5a86dd04;hb=626c4e6f0fea9286189d2487dada4c3263a7e238;hpb=55a9f2bd2e3b77f62e3eca2e24d5b18bcb2b5dfe diff --git a/privoxy.1 b/privoxy.1 index 2debf532..6081581c 100644 --- a/privoxy.1 +++ b/privoxy.1 @@ -1,332 +1,346 @@ -.\" Revised man page 10/13/01, for development version. -.\" Hal Burgiss -.\" for Privoxy developers: ijbswa-developers@lists.sourceforge.net -.\" -.TH PRIVOXY 1 "v2.9.11 (beta) Date: 2002/03/12" - +.\" This manpage has been automatically generated by docbook2man +.\" from a DocBook document. This tool can be found at: +.\" +.\" Please send any bug reports, improvements, comments, patches, +.\" etc. to Steve Cheng . +.TH "PRIVOXY" "1" "19 January 2008" "Privoxy 3.0.8" "" .SH NAME -\fBprivoxy\fP -- Privacy enhancing -Proxy -.\"\s-2(TM)\s+2 +privoxy \- Privacy Enhancing Proxy .SH SYNOPSIS -\fBprivoxy\fP -[--help] [--version] [--no-daemon] [--pidfile \fIpidfile\fP] [--user \fIuser\fP[.\fIgroup\fP]] -\fI\&[configfile]\fP (Unix) -.TP -\fBprivoxy.exe\fP \fI[configfile]\fP (Windows) -.br -.SH OPTIONS -\fBPrivoxy\fP may be invoked with the following command-line options: +\fBprivoxy\fR [\fB--help\fR ] [\fB--version\fR ] [\fB--no-daemon\fR ] [\fB--pidfile \fIpidfile\fB\fR ] [\fB--user \fIuser[.group]\fB\fR ] [\fB--chroot\fR ] [\fB--pre-chroot-nslookup \fIhostname\fB\fR ] [\fB\fIconfigfile\fB\fR ] + +.SH "OPTIONS" +.PP +\fBPrivoxy\fR may be invoked with the following command line +options: .TP -.BR --version " (unix only)" +\fB--help\fR +Print brief usage info and exit. +.TP +\fB--version\fR Print version info and exit. .TP -.BR --help " (unix only)" -Print a short usage info and exit. +\fB--no-daemon\fR +Don't become a daemon, i.e. don't fork and become process group +leader, don't detach from controlling tty, and do all logging there. .TP -.BR --no-daemon " (unix only)" -Don't become a daemon, i.e. don't fork and become process group -leader, don't detach from controlling tty, and do all logging -there. +\fB--pidfile \fIpidfile\fB\fR +On startup, write the process ID to \fIpidfile\fR. +Delete the \fIpidfile\fR on exit. +Failure to create or delete the \fIpidfile\fR +is non-fatal. If no \fB--pidfile\fR option is given, no PID file will be used. .TP -\fB --pidfile\fP \fIpidfile\fP (unix only) -On startup, write the process ID to \fIpidfile\fP. Delete the -\fIpidfile\fP on exit. Failiure to create or delete the -\fIpidfile\fP is non-fatal. If no \fB--pidfile\fP option -is given, no PID file will be used. +\fB--user \fIuser[.group]\fB\fR +After (optionally) writing the PID file, assume the user ID of +\fIuser\fR and the GID of +\fIgroup\fR, or, if the optional +\fIgroup\fR was not given, the default group of +\fIuser\fR. Exit if the privileges are not +sufficient to do so. .TP -\fB --user\fP \fIuser\fP[.\fIgroup\fP] (unix only) -After (optionally) writing the PID file, assume the user ID -of \fIuser\fP and the GID of \fIgroup\fP, or, if the optional -\fIgroup\fP was not given, the default group of \fIuser\fP. -Exit if the privileges are not sufficient to do so. - +\fB--chroot\fR +Before changing to the user ID given in the --user option, chroot to +that user's home directory, i.e. make the kernel pretend to the +\fBPrivoxy\fR process that the directory tree starts +there. If set up carefully, this can limit the impact of possible +vulnerabilities in \fBPrivoxy\fR to the files contained in +that hierarchy. +.TP +\fB--pre-chroot-nslookup \fIhostname\fB\fR +Initialize the resolver library using \fIhostname\fR +before chroot'ing. On some systems this reduces the number of files +that must be copied into the chroot tree. +.PP +If the \fIconfigfile\fR is not specified on the command line, +\fBPrivoxy\fR will look for a file named +\fIconfig\fR in the current directory . If no +\fIconfigfile\fR is found, \fBPrivoxy\fR will +fail to start. +.SH "DESCRIPTION" +.PP +Privoxy is a non-caching +web proxy +with advanced filtering capabilities for enhancing privacy, +modifying web page data, managing HTTP +cookies, +controlling access, and removing ads, banners, pop-ups and other obnoxious +Internet junk. Privoxy has a flexible configuration and can be +customized to suit individual needs and tastes. Privoxy has application for +both stand-alone systems and multi-user networks. +.PP +Privoxy is based on Internet Junkbuster (tm). +.SH "INSTALLATION AND USAGE" +.PP +Browsers can either be individually configured to use +\fBPrivoxy\fR as a HTTP proxy (recommended), +or \fBPrivoxy\fR can be combined with a packet +filter to build an intercepting proxy +(see \fIconfig\fR). The default setting is for +localhost, on port 8118 (configurable in the main config file). To set the +HTTP proxy in Netscape and Mozilla, go through: \fBEdit\fR; +\fBPreferences\fR; \fBAdvanced\fR; +\fBProxies\fR; \fBManual Proxy Configuration\fR; +\fBView\fR. +.PP +For Firefox, go through: \fBTools\fR; +\fBOptions\fR; \fBGeneral\fR; +\fBConnection Settings\fR; +\fBManual Proxy Configuration\fR. +.PP +For Internet Explorer, go through: \fBTools\fR; +\fBInternet Properties\fR; \fBConnections\fR; +\fBLAN Settings\fR. +.PP +The Secure (SSL) Proxy should also be set to the same values, otherwise +https: URLs will not be proxied. Note: \fBPrivoxy\fR can only +proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols. +HTTPS presents some limitations, and not all features will work with HTTPS +connections. .PP -If the \fIconfigfile\fP is not specified on the command line, -\fBPrivoxy\fP will look for a file named \fBconfig\fP in the -current directory (except on Win32 where it will try \fBconfig.txt\fP). - - -.SH DESCRIPTION -\fBPrivoxy\fP -is an instrumentable HTTP proxy that filters the -\s-2HTTP\s0 -data stream between -web servers and browsers. -\fBPrivoxy\fP can be used to protect privacy, manage cookies, filter web -page content, manage access restrictions, and to discard such annoying Internet -junk as ads, banners, and pop-ups. Or whatever other annoyances strike your -fancy. - -.SH INSTALLATION AND USE -Browsers must be configured to use -\fBPrivoxy\fP -(the default is localhost, -port 8118). -To set the -\s-2HTTP\s0 -proxy in Netscape and Mozilla, -go through: -\fB\&Edit\fP; -\fB\&Preferences\fP; -\fB\&Advanced\fP; -\fB\&Proxies\fP; -\fB\&Manual Proxy Configuration\fP; -\fB\&View\fP. -.P -For Internet Explorer, -go through: -\fB\&Tools\fP; -\fB\&Internet Properties\fP; -\fB\&Connections\fP; -\fB\&LAN Settings\fP. -.P -Set the HTTP proxy location for localhost, port 8118. -The -Secure (SSL) Proxy\" ijbfaq.html#security -should also be set to the same values, -otherwise -\fB\&https:\fP -\s-2URL\s0s -won't be proxied. -.P For other browsers, check the documentation. - -.SH CONFIGURATION -\fBPrivoxy\fP can be configured with the various configuration -files. The default configuration files are: \fIconfig\fP, -\fIdefault.action\fP, and \fIdefault.filter\fP. These are well commented. -On Unix and Unix-like systems, these are located in \fI/etc/privoxy/\fP -by default. On Windows, OS/2 and AmigaOS, these files are in the same directory -as the \fBPrivoxy\fP executable. -.P -The name and number of configuration files has changed from previous versions, -and is subject to change as development progresses. In fact, the configuration -itself is changed and much more sophisticated. See the user-manual for a brief -explanation of all configuration options. -.P -The actions list (ad blocks, etc) can also be configured with your -web browser at \fIhttp://ijbswa.sourceforge.net/config\fP. -\fBPrivoxy's\fP configuration parameters can also be viewed -at the same page. In addition, \fBPrivoxy\fP can be toggled on/off. -This is an internal page. - -.SH "SAMPLE CONFIGURATION" +.SH "CONFIGURATION" .PP -A brief example of what an \fIdefault.action\fP configuration might look like: +\fBPrivoxy\fR can be configured with the various configuration +files. The default configuration files are: \fIconfig\fR, +\fIdefault.filter\fR, and +\fIdefault.action\fR. \fIuser.action\fR should +be used for locally defined exceptions to the default rules of +\fIdefault.action\fR, and \fIuser.filter\fR for +locally defined filters. These are well commented. On Unix +and Unix-like systems, these are located in +\fI/etc/privoxy/\fR by default. .PP -.nf - -# Define a few useful custom aliases for later use -{{alias}} +\fBPrivoxy\fR uses the concept of \fBactions\fR +in order to manipulate the data stream between the browser and remote sites. +There are various actions available with specific functions for such things +as blocking web sites, managing cookies, etc. These actions can be invoked +individually or combined, and used against individual URLs, or groups of URLs +that can be defined using wildcards and regular expressions. The result is +that the user has greatly enhanced control and freedom. +.PP +The actions list (ad blocks, etc) can also be configured with your +web browser at http://config.privoxy.org/ +(assuming the configuration allows it). +\fBPrivoxy's\fR configuration parameters can also be viewed at +the same page. In addition, \fBPrivoxy\fR can be toggled on/off. +This is an internal page, and does not require Internet access. +.PP +See the \fIUser Manual\fR for a detailed +explanation of installation, general usage, all configuration options, new +features and notes on upgrading. +.SH "SAMPLE CONFIGURATION" +.PP +A brief example of what a simple \fIdefault.action\fR +configuration might look like: -# Don't accept cookies -+no-cookies = +no-cookies-set +no-cookies-read +.nf + # Define a few useful custom aliases for later use + {{alias}} -# Do accept cookies --no-cookies = -no-cookies-set -no-cookies-read + # Useful aliases that combine more than one action + +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies + -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies + +block-as-image = +block +handle-as-image -# Treat these blocked URLs as images. -+imageblock = +block +image + # Fragile sites should have the minimum changes + fragile = -block -deanimate-gifs -fast-redirects -filter \\ + -hide-referer -prevent-cookies -kill-popups -# Define page filters we want to use. -myfilters = +filter{html-annoyances} +filter{js-annoyances}\\ - +filter{no-popups} +filter{webbugs} + ## Turn some actions on ################################ + ## NOTE: Actions are off by default, unless explictily turned on + ## otherwise with the '+' operator. -## Default Policies (actions) ############################ { \\ - -block \\ - -downgrade \\ - +fast-redirects \\ - myfilters \\ - +no-compression \\ - +hide-forwarded \\ - +hide-from{block} \\ - +hide-referer{forge} \\ - -hide-user-agent \\ - -image \\ - +image-blocker{blank} \\ - +no-cookies-keep \\ - -no-cookies-read \\ - -no-cookies-set \\ - +no-popups \\ - -vanilla-wafer \\ - -wafer \\ ++deanimate-gifs{last} \\ ++filter{refresh-tags} \\ ++filter{img-reorder} \\ ++filter{banners-by-size} \\ ++filter{webbugs} \\ ++filter{jumping-windows} \\ ++filter{ie-exploits} \\ ++hide-forwarded-for-headers \\ ++hide-from-header{block} \\ ++hide-referrer{conditional-block} \\ ++session-cookies-only \\ ++set-image-blocker{pattern} \\ } -/ +/ # '/' Match *all* URL patterns -# Now set exceptions to the above defined policies ####### + + # Block all URLs that match these patterns + { +block } + ad. + ad[sv]. + .*ads. + banner?. + /.*count(er)?\\.(pl|cgi|exe|dll|asp|php[34]?) + .hitbox.com + media./.*(ads|banner) -# Sites where we want persistant cookies -{-no-cookies -no-cookies-keep} - .redhat.com - .sun.com - .yahoo.com - .msdn.microsoft.com + # Block, and treat these URL patterns as if they were 'images'. + # We would expect these to be ads. + { +block-as-image } + .ad.doubleclick.net + .a[0-9].yimg.com/(?:(?!/i/).)*$ + ad.*.doubleclick.net -# This site requires cookies AND 'fast-redirects' on -{-no-cookies -no-cookies-keep -fast-redirects} - .nytimes.com + # Make exceptions for these harmless ones that would be + # caught by our +block patterns just above. + { -block } + adsl. + adobe. + advice. + .*downloads. + # uploads or downloads + /.*loads +.fi +.PP +Then for a \fIuser.action\fR, we would put local, +narrowly defined exceptions: -# Add custom headers, and turn off filtering of page source -{+add-header{X-Privacy: Yes please} #-add-header{*} \\ - +add-header{X-User-Tracking: No thanks!} -filter} - privacy.net +.nf + # Re-define aliases as needed here + {{alias}} -# Block, and treat these URLs as 'images'. -{+imageblock} - .adforce.imgis.com - .ad.preferences.com/image.* - .ads.web.aol.com - .ad-adex3.flycast.com - .ad.doubleclick.net - .ln.doubleclick.net - .ad.de.doubleclick.net - /.*/count\\.cgi\\?.*df= - 194.221.183.22[1-7] - a196.g.akamai.net/7/196/2670/000[12]/images.gmx.net/i4/images/.*/ + # Useful aliases + -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies + + # Set personal exceptions to the policies in default.action ####### -# Block any URLs that match these patterns -{+block} - /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\\.(gif|jpe?g)) - /.*/(plain|live|rotate)[-_.]?ads?/ - /.*/(sponsor)s?[0-9]?/ - /.*/ad(server|stream|juggler)\\.(cgi|pl|dll|exe) - /.*/adbanners/ - /.*/adv((er)?ts?|ertis(ing|ements?))?/ - /.*/banners?/ - /.*/popupads/ - /.*/advert[0-9]+\\.jpg - /ad_images/ - /.*/ads/ - /images/.*/.*_anim\\.gif - /rotations/ - /.*(ms)?backoff(ice)?.*\\.(gif|jpe?g) - 195.63.104.*/(inbox|log|meld|folderlu|folderru|log(in|out)[lmr]u|) - .images.nytimes.com - .images.yahoo.com/adv/ - /.*cnnstore\\.gif + # Sites where we want persistent cookies, so allow *all* cookies + { -crunch-cookies -session-cookies-only } + .redhat.com + .sun.com + .msdn.microsoft.com + + # These sites break easily. Use our "fragile" alias here. + { fragile } + .forbes.com + mybank.example.com + # Replace example.com's style sheet with one of my choosing + { +redirect{http://localhost/css-replacements/example.com.css} } + .example.com/stylesheet.css .fi -.sp .PP -See the comments in the configuration files themselves, or the user-manual -for explanations of the above syntax, and other \fBPrivoxy\fP configuration -options. - +See the comments in the configuration files themselves, or the +\fIUser Manual\fR +for full explanations of the above syntax, and other \fBPrivoxy\fR +configuration options. .SH "FILES" -\fI/usr/sbin/privoxy\fP -.br -\fI/etc/privoxy/config\fP -.br -\fI/etc/privoxy/default.action\fP -.br -\fI/etc/privoxy/advanced.action\fP -.br -\fI/etc/privoxy/basic.action\fP -.br -\fI/etc/privoxy/intermediate.action\fP -.br -\fI/etc/privoxy/default.filter\fP -.br -\fI/etc/privoxy/trust\fP -.br -\fI/etc/privoxy/templates/*\fP -.br -\fI/var/log/privoxy/logfile\fP - -.P -Various other files should be included, but may vary depending on platform -and build configuration. More documentation should be included in the local -documentation directory, though is not complete at this time. -.SH SIGNALS -\fBPrivoxy\fP terminates on the \fBSIGINT\fP, \fBSIGTERM\fP and \fBSIGABRT\fP -signals. Log rotation scripts may cause a re-opening of the logfile by sending -a \fBSIGHUP\fP to \fBPrivoxy\fP. Note that unlike other daemons, \fBPrivoxy\fP -does not need to be made aware of config file changes by \fBSIGHUP\fP -- it will -detect them automatically. +.nf -.SH NOTES -This is a \fBBETA\fP version of \fBPrivoxy\fP. Not all features are -complete. -.br -Please see the user-maual on how to contact the developers for -feature requests, reporting problems, and other questions. + \fI/usr/sbin/privoxy\fR + \fI/etc/privoxy/config\fR + \fI/etc/privoxy/default.action\fR + \fI/etc/privoxy/standard.action\fR + \fI/etc/privoxy/user.action\fR + \fI/etc/privoxy/default.filter\fR + \fI/etc/privoxy/user.filter\fR + \fI/etc/privoxy/trust\fR + \fI/etc/privoxy/templates/*\fR + \fI/var/log/privoxy/logfile\fR +.fi +.PP +Various other files should be included, but may vary depending on platform +and build configuration. Additional documentation should be included in the local +documentation directory. +.SH "SIGNALS" +.PP +\fBPrivoxy\fR terminates on the \fBSIGINT\fR, +\fBSIGTERM\fR and \fBSIGABRT\fR signals. Log +rotation scripts may cause a re-opening of the logfile by sending a +\fBSIGHUP\fR to \fBPrivoxy\fR. Note that unlike +other daemons, \fBPrivoxy\fR does not need to be made aware of +config file changes by \fBSIGHUP\fR -- it will detect them +automatically. +.SH "NOTES" +.PP +Please see the \fIUser Manual\fR on how to contact the +developers, for feature requests, reporting problems, and other questions. +.SH "SEE ALSO" +.PP +Other references and sites of interest to \fBPrivoxy\fR +users: +.PP -.SH BUGS -Probably. Please see the user-manual for how and where to report bugs. +http://www.privoxy.org/, +the \fBPrivoxy\fR Home page. -.SH SEE ALSO -.br -http://ijbswa.sourceforge.net/config -.br -http://ijbswa.sourceforge.net/ -.br -http://sourceforge.net/projects/ijbswa -.br -http://www.waldherr.org/junkbuster/\" waldherr.org# -.br -http://www.junkbusters.com/ht/en/cookies.html\" cookies.html# -.br -http://privacy.net/analyze/ -.br -http://www.squid-cache.org/ -.br -http://linuxalpha.ch/packages/ +http://www.privoxy.org/faq/, +the \fBPrivoxy\fR FAQ. -.SH DEVELOPMENT TEAM -.br - Stefan Waldherr -.br - Andreas Oesterhelt -.br - Jon Foster -.br - Markus Breitenbach -.br - Thomas Steudten -.br - David Schmidt -.br - Haroon Rafique -.br - Joerg Strohmayer -.br - Shamim Mohamed -.br - Sarantis Paskalis -.br - Gabriel L. Somlo -.br - John Venvertloh -.br - Hal Burgiss -.br - Rodrigo Barbosa +http://sourceforge.net/projects/ijbswa/, +the Project Page for \fBPrivoxy\fR on +SourceForge. + +http://config.privoxy.org/, +the web-based user interface. \fBPrivoxy\fR must be +running for this to work. Shortcut: http://p.p/ + +http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit ``misses'' and other +configuration related suggestions to the developers. + +http://www.junkbusters.com/ht/en/cookies.html, +an explanation how cookies are used to track web users. -.SH COPYRIGHT AND LICENSE -Orginally written by, and copyrighted by, the Anonymous Coders and Junkbusters -Corporation. -.P -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. -.P -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. -.P -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -.P -Internet Junkbuster -Proxy -is a -trademark\" legal.html#marks -of Junkbusters Corporation. +http://www.junkbusters.com/ijb.html, +the original Internet Junkbuster. + +http://privacy.net/, a useful site +to check what information about you is leaked while you browse the web. + +http://www.squid-cache.org/, a popular +caching proxy, which is often used together with \fBPrivoxy\fR. + +http://www.pps.jussieu.fr/~jch/software/polipo/, +\fBPolipo\fR is a caching proxy with advanced features +like pipelining, multiplexing and caching of partial instances. In many setups +it can be used as \fBSquid\fR replacement. + +http://tor.eff.org/, +\fBTor\fR can help anonymize web browsing, +web publishing, instant messaging, IRC, SSH, and other applications. + +http://www.privoxy.org/developer-manual/, +the \fBPrivoxy\fR developer manual. +.SH "DEVELOPMENT TEAM" + +.nf + Fabian Keil, lead developer + David Schmidt, developer + + Hal Burgiss + Gerry Murphy + Roland Rosenfeld + Jörg Strohmayer +.fi +.SH "COPYRIGHT AND LICENSE" +.SS "COPYRIGHT" +.PP +Copyright (C) 2001-2008 by Privoxy Developers +.PP +Some source code is based on code Copyright (C) 1997 by Anonymous Coders +and Junkbusters, Inc. and licensed under the \fIGNU General Public +License\fR. +.SS "LICENSE" +.PP +\fBPrivoxy\fR is free software; you can +redistribute it and/or modify it under the terms of the +\fIGNU General Public +License\fR, version 2, as published by the Free Software Foundation. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT +ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +FITNESS FOR A PARTICULAR PURPOSE. See the +\fIGNU General Public License\fR for +more details, which is available from the Free Software Foundation, Inc, +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +.PP +You should have received a copy of the \fIGNU General Public License\fR +along with this program; if not, write to the Free Software +Foundation, Inc. 51 Franklin Street, Fifth Floor +Boston, MA 02110-1301 +USA