2 File : $Source: /cvsroot/ijbswa/current/doc/source/privoxy-man-page.sgml,v $
6 ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
8 $Id: privoxy-man-page.sgml,v 2.8 2006/09/06 03:04:46 hal9 Exp $
10 Copyright (C) 2001-2006 Privoxy Developers http://privoxy.org
13 ========================================================================
14 NOTE: Please read developer-manual/documentation.html before touching
15 anything in this, or other Privoxy documentation.
16 ========================================================================
18 Doc NOTES: This is some tricky markup! There are some quirks
19 to how this markup is handled. It is not always so co-operative.
20 Please don't change the markup unless you can verify the changes
21 will improve finished output!
23 literallayout tags are particularly sensitive to where they are placed.
24 The 'replaceable' and 'command' tags are used here somewhat unconventionally,
25 since it seems to generate the proper formatting (at least for me :).
27 Create man page: 'make man'
29 Requires docbook2man (short perl script), see CVS
30 http://sources.redhat.com/docbook-tools/. Also requires openjade and SGMLSpm
33 For man page references, see:
34 http://www.linuxdoc.org/HOWTO/mini/DocBook-Install/using.html
35 http://docbook.org/tdg/en/html/ch02.html#making-refentry
38 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"[
39 <!entity % dummy "IGNORE">
40 <!entity p-intro SYSTEM "privoxy.sgml">
41 <!entity seealso SYSTEM "seealso.sgml">
42 <!entity copyright SYSTEM "copyright.sgml">
43 <!entity license SYSTEM "license.sgml">
44 <!entity authors SYSTEM "p-authors.sgml">
45 <!entity p-version "3.0.5">
46 <!entity p-status "BETA">
47 <!entity % p-not-stable "INCLUDE">
48 <!entity % p-stable "IGNORE">
49 <!entity % p-text "IGNORE"> <!-- define we are not a text only doc -->
50 <!entity % p-authors-formal "IGNORE"> <!-- exclude additional formating -->
51 <!entity my-copy "(C)"> <!-- db2man barfs on copyright symbol -->
54 <refentry id="privoxy">
56 <date>2006-08-24</date>
59 <refentrytitle>privoxy</refentrytitle>
60 <manvolnum>1</manvolnum>
62 Privoxy &p-version;<![%p-not-stable;[ &p-status;]]>
67 <refname><application>privoxy</application></refname>
68 <refpurpose>Privacy Enhancing Proxy</refpurpose>
73 <command>privoxy</command>
74 <arg><option>--help</option></arg>
75 <arg><option>--version</option></arg>
76 <arg><option>--no-daemon</option></arg>
77 <arg><option>--pidfile </option><replaceable class="parameter">pidfile</replaceable></arg>
78 <arg><option>--user </option><replaceable class="parameter">user[.group]</replaceable></arg>
79 <arg><option>--chroot</option></arg>
80 <arg><replaceable class="parameter">configfile</replaceable></arg>
86 <!-- ~~~~~ New section ~~~~~ -->
87 <refsect1><title>Options</title>
89 <command>Privoxy</command> may be invoked with the following command line
98 Print brief usage info and exit.
104 <term>--version</term>
107 Print version info and exit.
113 <term>--no-daemon</term>
116 Don't become a daemon, i.e. don't fork and become process group
117 leader, don't detach from controlling tty, and do all logging there.
123 <term>--pidfile <replaceable class="parameter">pidfile</replaceable></term>
126 On startup, write the process ID to <replaceable class="parameter">pidfile</replaceable>.
127 Delete the <replaceable class="parameter">pidfile</replaceable> on exit.
128 Failure to create or delete the <replaceable class="parameter">pidfile</replaceable>
129 is non-fatal. If no <command>--pidfile</command> option is given, no PID file will be used.
135 <term>--user <replaceable class="parameter">user[.group]</replaceable></term>
138 <!-- Note: replaceable is maybe the wrong tag, but generates -->
139 <!-- correct looking man output. -->
140 After (optionally) writing the PID file, assume the user ID of
141 <replaceable class="parameter">user</replaceable> and the GID of
142 <replaceable class="parameter">group</replaceable>, or, if the optional
143 <replaceable class="parameter">group</replaceable> was not given, the default group of
144 <replaceable class="parameter">user</replaceable>. Exit if the privileges are not
150 <term>--chroot</term>
153 Before changing to the user ID given in the --user option, chroot to
154 that user's home directory, i.e. make the kernel pretend to the
155 <command>Privoxy</command> process that the directory tree starts
156 there. If set up carefully, this can limit the impact of possible
157 vulnerabilities in <command>Privoxy</command> to the files contained in
165 If the <filename>configfile</filename> is not specified on the command line,
166 <command>Privoxy</command> will look for a file named
167 <filename>config</filename> in the current directory . If no
168 <filename>configfile</filename> is found, <command>Privoxy</command> will
175 <!-- ~~~~~ New section ~~~~~ -->
176 <refsect1><title>Description</title>
177 <!-- Include privoxy.sgml boilerplate: -->
179 <!-- end boilerplate -->
183 <!-- ~~~~~ New section ~~~~~ -->
184 <refsect1><title>Installation and Usage</title>
186 Browsers must be individually configured to use <command>Privoxy</command> as
187 a HTTP proxy. The default setting is for localhost, on port 8118
188 (configurable in the main config file). To set the HTTP proxy in Netscape
189 and Mozilla, go through: <command>Edit</command>;
190 <command>Preferences</command>; <command>Advanced</command>;
191 <command>Proxies</command>; <command>Manual Proxy Configuration</command>;
192 <command>View</command>.
195 For Firefox, go through: <command>Tools</command>;
196 <command>Options</command>; <command>General</command>;
197 <command>Connection Settings</command>;
198 <command>Manual Proxy Configuration</command>.
201 For Internet Explorer, go through: <command>Tools</command>;
202 <command>Internet Properties</command>; <command>Connections</command>;
203 <command>LAN Settings</command>.
206 The Secure (SSL) Proxy should also be set to the same values, otherwise
207 https: URLs will not be proxied. Note: <command>Privoxy</command> can only
208 proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
209 HTTPS presents some limitations, and not all features will work with HTTPS
214 For other browsers, check the documentation.
219 <!-- ~~~~~ New section ~~~~~ -->
220 <refsect1><title>Configuration</title>
222 <command>Privoxy</command> can be configured with the various configuration
223 files. The default configuration files are: <filename>config</filename>,
224 <filename>default.filter</filename>, and
225 <filename>default.action</filename>. <filename>user.action</filename> should
226 be used for locally defined exceptions to the default rules of
227 <filename>default.action</filename>, and <filename>user.filter</filename> for
228 locally defined filters. These are well commented. On Unix
229 and Unix-like systems, these are located in
230 <filename>/etc/privoxy/</filename> by default.
233 <command>Privoxy</command> uses the concept of <command>actions</command>
234 in order to manipulate the data stream between the browser and remote sites.
235 There are various actions available with specific functions for such things
236 as blocking web sites, managing cookies, etc. These actions can be invoked
237 individually or combined, and used against individual URLs, or groups of URLs
238 that can be defined using wildcards and regular expressions. The result is
239 that the user has greatly enhanced control and freedom.
242 The actions list (ad blocks, etc) can also be configured with your
243 web browser at <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>.
244 <command>Privoxy's</command> configuration parameters can also be viewed at
245 the same page. In addition, <command>Privoxy</command> can be toggled on/off.
246 This is an internal page, and does not require Internet access.
250 url="http://www.privoxy.org/user-manual/"><citetitle>User Manual</citetitle></ulink> for a detailed
251 explanation of installation, general usage, all configuration options, new
252 features and notes on upgrading.
257 <!-- ~~~~~ New section ~~~~~ -->
258 <refsect1><title>Sample Configuration</title>
260 A brief example of what a simple <filename>default.action</filename>
261 configuration might look like:
265 # Define a few useful custom aliases for later use
268 # Useful aliases that combine more than one action
269 +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
270 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
271 +block-as-image = +block +handle-as-image
273 # Fragile sites should have the minimum changes
274 fragile = -block -deanimate-gifs -fast-redirects -filter \
275 -hide-referer -prevent-cookies -kill-popups
277 ## Turn some actions on ################################
278 ## NOTE: Actions are off by default, unless explictily turned on
279 ## otherwise with the '+' operator.
284 -content-type-overwrite \
285 -crunch-client-header \
286 -crunch-if-none-match \
287 -crunch-outgoing-cookies \
288 -crunch-incoming-cookies \
289 -crunch-server-header \
290 +deanimate-gifs{last} \
291 -downgrade-http-version \
293 -filter{js-annoyances} \
295 -filter{html-annoyances} \
296 -filter{content-cookies} \
297 +filter{refresh-tags} \
298 -filter{unsolicited-popups} \
299 -filter{all-popups} \
300 +filter{img-reorder} \
301 +filter{banners-by-size} \
302 -filter{banners-by-link} \
304 -filter{tiny-textforms} \
305 +filter{jumping-windows} \
306 -filter{frameset-borders} \
307 -filter{demoronizer} \
308 -filter{shockwave-flash} \
309 -filter{quicktime-kioskmode} \
311 -filter{crude-parental} \
312 +filter{ie-exploits} \
313 -filter{site-specifics} \
314 -filter-client-headers \
315 -filter-server-headers \
317 -handle-as-empty-document
319 -hide-accept-language \
320 -hide-content-disposition \
321 -hide-if-modified-since \
322 +hide-forwarded-for-headers \
323 +hide-from-header{block} \
324 +hide-referrer{forge} \
329 -overwrite-last-modified \
331 +prevent-compression \
332 -send-vanilla-wafer \
334 +session-cookies-only \
335 +set-image-blocker{pattern} \
336 -treat-forbidden-connects-like-blocks \
338 / # '/' Match *all* URL patterns
341 # Block, and treat these URL patterns as if they were 'images'.
342 # We would expect these to be ads.
345 .a[0-9].yimg.com/(?:(?!/i/).)*$
348 # Block all URLs that match these patterns
353 /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
355 media./.*(ads|banner)
357 # Make exceptions for these harmless ones that would be
358 # caught by our +block patterns just above.
367 Then for a <filename>user.action</filename>, we would put local,
368 narrowly defined exceptions:
372 # Re-define aliases as needed here
376 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
378 # Set personal exceptions to the policies in default.action #######
380 # Sites where we want persistent cookies, so allow *all* cookies
381 { -crunch-cookies -session-cookies-only }
386 # These sites breaks easily. Use our "fragile" alias here.
391 # Replace example.com's style sheet with one of my choosing
392 { +redirect{http://localhost/css-replacements/example.com.css} }
393 example.com/stylesheet.css
398 See the comments in the configuration files themselves, or the
399 <citetitle>User Manual</citetitle>
400 for full explanations of the above syntax, and other <command>Privoxy</command>
401 configuration options.
407 <!-- ~~~~~ New section ~~~~~ -->
408 <refsect1><title>Files</title>
409 <!-- this is a cheesy way to do this, but WTF. -->
411 <filename>/usr/sbin/privoxy</filename>
412 <filename>/etc/privoxy/config</filename>
413 <filename>/etc/privoxy/default.action</filename>
414 <filename>/etc/privoxy/standard.action</filename>
415 <filename>/etc/privoxy/user.action</filename>
416 <filename>/etc/privoxy/default.filter</filename>
417 <filename>/etc/privoxy/user.filter</filename>
418 <filename>/etc/privoxy/trust</filename>
419 <filename>/etc/privoxy/templates/*</filename>
420 <filename>/var/log/privoxy/logfile</filename>
424 Various other files should be included, but may vary depending on platform
425 and build configuration. Additional documentation should be included in the local
426 documentation directory.
432 <!-- ~~~~~ New section ~~~~~ -->
433 <refsect1><title>Signals</title>
435 <!-- command tag is used here to get proper looking format -->
436 <command>Privoxy</command> terminates on the <command>SIGINT</command>,
437 <command>SIGTERM</command> and <command>SIGABRT</command> signals. Log
438 rotation scripts may cause a re-opening of the logfile by sending a
439 <command>SIGHUP</command> to <command>Privoxy</command>. Note that unlike
440 other daemons, <command>Privoxy</command> does not need to be made aware of
441 config file changes by <command>SIGHUP</command> -- it will detect them
447 <!-- ~~~~~ New section ~~~~~ -->
448 <refsect1><title>Notes</title>
451 This is a &p-status; version of <command>Privoxy</command>. Not
452 all features are well tested.
455 Please see the <citetitle>User Manual</citetitle> on how to contact the
456 developers, for feature requests, reporting problems, and other questions.
461 <!-- ~~~~~ New section ~~~~~ -->
462 <refsect1><title>See Also</title>
463 <!-- Include seealso.sgml boilerplate: -->
465 <!-- end boilerplate -->
468 <!-- ~~~~~ New section ~~~~~ -->
469 <refsect1><title>Development Team</title>
470 <!-- Include p-authors.sgml boilerplate: -->
472 <!-- end boilerplate -->
475 <!-- ~~~~~ New section ~~~~~ -->
476 <refsect1><title>Copyright and License</title>
478 <refsect2><title>Copyright</title>
479 <!-- Include copyright.sgml boilerplate: -->
481 <!-- end boilerplate -->
484 <refsect2><title>License</title>
485 <!-- Include license.sgml boilerplate: -->
487 <!-- end boilerplate -->