6 $Id: user-manual.sgml,v 1.57 2002/03/24 20:33:30 hal9 Exp $
8 The user manual gives users information on how to install, configure
9 and use Privoxy. Privoxy is a web proxy with advanced filtering
10 capabilities for protecting privacy, filtering web page content,
11 managing cookies, controlling access, and removing ads, banners,
12 pop-ups and other obnoxious Internet Junk. Privoxy has a very flexible
13 configuration and can be customized to suit individual needs and
14 tastes. Privoxy has application for both stand-alone systems and
17 You can find the latest version of the user manual at
18 [1]http://www.privoxy.org/user-manual/.
19 _________________________________________________________________
35 3. [11]Privoxy Configuration
37 3.1. [12]Controlling Privoxy with Your Web Browser
38 3.2. [13]Configuration Files Overview
39 3.3. [14]The Main Configuration File
41 3.3.1. [15]Defining Other Configuration Files
42 3.3.2. [16]Other Configuration Options
43 3.3.3. [17]Access Control List (ACL)
45 3.3.5. [19]Windows GUI Options
47 3.4. [20]The Actions File
49 3.4.1. [21]URL Domain and Path Syntax
53 3.5. [24]The Filter File
56 4. [26]Quickstart to Using Privoxy
58 4.1. [27]Command Line Options
60 5. [28]Contacting the Developers, Bug Reporting and Feature Requests
61 6. [29]Copyright and History
69 8.1. [34]Regular Expressions
81 8.2. [35]Privoxy's Internal Pages
82 8.3. [36]Anatomy of an Action
86 Privoxy is a web proxy with advanced filtering capabilities for
87 protecting privacy, filtering and modifying web page content, managing
88 cookies, controlling access, and removing ads, banners, pop-ups and
89 other obnoxious Internet Junk. Privoxy has a very flexible
90 configuration and can be customized to suit individual needs and
91 tastes. Privoxy has application for both stand-alone systems and
94 Privoxy is derived from Internet Junkbuster by Junkbusters
95 Corporation, which is no longer under development. Many enhancements
96 and new features have been added.
98 This documentation is included with the current BETA version of
99 Privoxy and is mostly complete at this point. The most up to date
100 reference for the time being is still the comments in the source files
101 and in the individual configuration files. Development of version 3.0
102 is currently nearing completion, and includes many significant changes
103 and enhancements over earlier versions. The target release date for
104 stable v3.0 is "soon" ;-)
106 Since this is a BETA version, not all new features are well tested.
107 This documentation may be slightly out of sync as a result (especially
108 with CVS sources). And there may be bugs, though hopefully not many!
109 _________________________________________________________________
113 In addition to Internet Junkbuster's traditional feature of ad and
114 banner blocking and cookie management, Privoxy provides new features,
115 some of them currently under development:
117 * Integrated browser based configuration and control utility
118 ([37]http://p.p). Browser-based tracing of rule and filter
120 * Blocking of annoying pop-up browser windows.
121 * HTTP/1.1 compliant (most, but not all 1.1 features are supported).
122 * Support for Perl Compatible Regular Expressions in the
123 configuration files, and generally a more sophisticated and
124 flexible configuration syntax over previous versions.
126 * Web page content filtering (removes banners based on size,
127 invisible "web-bugs", JavaScript, pop-ups, status bar abuse, etc.)
128 * Bypass many click-tracking scripts (avoids script redirection).
129 * Multi-threaded (POSIX and native threads).
130 * Auto-detection and re-reading of config file changes.
131 * User-customizable HTML templates (e.g. 404 error page).
132 * Improved cookie management features (e.g. session based cookies).
133 * Builds from source on most UNIX-like systems. Packages available
134 for: Linux (RedHat, SuSE, or Debian), Windows, Sun Solaris, Mac
135 OSX, OS/2, HP-UX 11 and AmigaOS.
136 * In addition, the configuration is much more powerful and versatile
138 _________________________________________________________________
142 Privoxy is available as raw source code, or pre-compiled binaries. See
143 the [38]Privoxy Home Page for binaries and current release info.
144 Privoxy is also available via [39]CVS. This is the recommended
145 approach at this time. But please be aware that CVS is constantly
146 changing, and it may break in mysterious ways.
147 _________________________________________________________________
151 For gzipped tar archives, unpack the source:
153 tar xzvf privoxy-2.9.13-beta-src* [.tgz or .tar.gz]
154 cd privoxy-2.9.13-beta
156 For retrieving the current CVS sources, you'll need the CVS package
157 installed first. To download CVS source:
159 cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
160 cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co cu
164 This will create a directory named current/, which will contain the
167 Then, in either case, to build from tarball/CVS source:
169 ./configure (--help to see options)
170 make (the make from gnu, gmake for *BSD)
172 make -n install (to see where all the files will go)
173 make install (to really install)
175 For Redhat and SuSE Linux RPM packages, see below.
176 _________________________________________________________________
180 To build Redhat RPM packages, install source as above. Then:
187 This will create both binary and src RPMs in the usual places.
190 /usr/src/redhat/RPMS/i686/privoxy-2.9.11-1.i686.rpm
192 /usr/src/redhat/SRPMS/privoxy-2.9.11-1.src.rpm
194 To install, of course:
196 rpm -Uvv /usr/src/redhat/RPMS/i686/privoxy-2.9.11-1.i686.rpm
198 This will place the Privoxy configuration files in /etc/privoxy/, and
199 log files in /var/log/privoxy/.
200 _________________________________________________________________
204 To build SuSE RPM packages, install source as above. Then:
211 This will create both binary and src RPMs in the usual places.
214 /usr/src/packages/RPMS/i686/privoxy-2.9.11-1.i686.rpm
216 /usr/src/packages/SRPMS/privoxy-2.9.11-1.src.rpm
218 To install, of course:
220 rpm -Uvv /usr/src/packages/RPMS/i686/privoxy-2.9.11-1.i686.rpm
222 This will place the Privoxy configuration files in /etc/privoxy/, and
223 log files in /var/log/privoxy/.
224 _________________________________________________________________
228 Privoxy is packaged in a WarpIN self- installing archive. The
229 self-installing program will be named depending on the release
230 version, something like: ijbos2_setup_1.2.3.exe. In order to install
231 it, simply run this executable or double-click on its icon and follow
232 the WarpIN installation panels. A shadow of the Privoxy executable
233 will be placed in your startup folder so it will start automatically
234 whenever OS/2 starts.
236 The directory you choose to install Privoxy into will contain all of
237 the configuration files.
239 If you would like to build binary images on OS/2 yourself, you will
240 need a few Unix-like tools: autoconf, autoheader and sh. These tools
241 will be used to create the required config.h file, which is not part
242 of the source distribution because it differs based on platform. You
243 will also need a compiler. The distribution has been created using IBM
244 VisualAge compilers, but you can use any compiler you like. GCC/EMX
245 has the disadvantage of needing to be single-threaded due to a
246 limitation of EMX's implementation of the select() socket call.
248 In addition to needing the source code distribution as outlined
249 earlier, you will want to extract the os2seutp directory from CVS:
250 cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
252 cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co os2
255 This will create a directory named os2setup/, which will contain the
256 Makefile.vac makefile and os2build.cmd which is used to completely
257 create the binary distribution. The sequence of events for building
258 the executable for yourself goes something like this:
264 nmake -f Makefile.vac
266 You will see this sequence laid out in os2build.cmd.
267 _________________________________________________________________
271 Click-click. (I need help on this. Not a clue here. Also for
272 configuration section below. HB.)
273 _________________________________________________________________
277 Some quick notes on other Operating Systems.
279 For FreeBSD (and other *BSDs?), the build will require gmake instead
280 of the included make. gmake is available from [40]http://www.gnu.org.
281 The rest should be the same as above for Linux/Unix.
282 _________________________________________________________________
284 3. Privoxy Configuration
286 All Privoxy configuration is kept in text files. These files can be
287 edited with a text editor. Many important aspects of Privoxy can also
288 be controlled easily with a web browser.
289 _________________________________________________________________
291 3.1. Controlling Privoxy with Your Web Browser
293 Privoxy can be reached by the special URL [41]http://p.p/ (or
294 alternately [42]http://www.privoxy.org/config/), which is an internal
295 page. You will see the following section:
297 Please choose from the following options:
299 * Show information about the current configuration
300 * Show the source code version numbers
301 * Show the client's request headers.
302 * Show which actions apply to a URL and why
303 * Toggle Privoxy on or off
304 * Edit the actions list
307 This should be self-explanatory. Note the last item is an editor for
308 the "actions list", which is where much of the ad, banner, cookie, and
309 URL blocking magic is configured as well as other advanced features of
310 Privoxy. This is an easy way to adjust various aspects of Privoxy
311 configuration. The actions file, and other configuration files, are
312 explained in detail below. Privoxy will automatically detect any
313 changes to these files.
315 "Toggle Privoxy On or Off" is handy for sites that might have problems
316 with your current actions and filters, or just to test if a site
317 misbehaves, whether it is Privoxy causing the problem or not. Privoxy
318 continues to run as a proxy in this case, but all filtering is
320 _________________________________________________________________
322 3.2. Configuration Files Overview
324 For Unix, *BSD and Linux, all configuration files are located in
325 /etc/privoxy/ by default. For MS Windows, OS/2, and AmigaOS these are
326 all in the same directory as the Privoxy executable. The name and
327 number of configuration files has changed from previous versions, and
328 is subject to change as development progresses.
330 The installed defaults provide a reasonable starting point, though
331 possibly aggressive by some standards. For the time being, there are
332 only three default configuration files (this will change in time):
334 * The main configuration file is named config on Linux, Unix, BSD,
335 OS/2, and AmigaOS and config.txt on Windows.
336 * The default.action file is used to define various "actions"
337 relating to images, banners, pop-ups, access restrictions, banners
338 and cookies. There is a CGI based editor for this file that can be
339 accessed via [43]http://p.p. (Other actions files are included as
340 well with differing levels of filtering and blocking, e.g.
342 * The default.filter file can be used to re-write the raw page
343 content, including viewable text as well as embedded HTML and
344 JavaScript, and whatever else lurks on any given web page.
346 default.action and default.filter can use Perl style regular
347 expressions for maximum flexibility. All files use the "#" character
348 to denote a comment. Such lines are not processed by Privoxy. After
349 making any changes, there is no need to restart Privoxy in order for
350 the changes to take effect. Privoxy should detect such changes
353 While under development, the configuration content is subject to
354 change. The below documentation may not be accurate by the time you
355 read this. Also, what constitutes a "default" setting, may change, so
356 please check all your configuration files on important issues.
357 _________________________________________________________________
359 3.3. The Main Configuration File
361 Again, the main configuration file is named config on Linux/Unix/BSD
362 and OS/2, and config.txt on Windows. Configuration lines consist of an
363 initial keyword followed by a list of values, all separated by
364 whitespace (any number of spaces or tabs). For example:
366 blockfile blocklist.ini
368 Indicates that the blockfile is named "blocklist.ini". (A default
369 installation does not use this.)
371 A "#" indicates a comment. Any part of a line following a "#" is
372 ignored, except if the "#" is preceded by a "\".
374 Thus, by placing a "#" at the start of an existing configuration line,
375 you can make it a comment and it will be treated as if it weren't
376 there. This is called "commenting out" an option and can be useful to
377 turn off features: If you comment out the "logfile" line, Privoxy will
378 not log to a file at all. Watch for the "default:" section in each
379 explanation to see what happens if the option is left unset (or
382 Long lines can be continued on the next line by using a "\" as the
385 There are various aspects of Privoxy behavior that can be tuned.
386 _________________________________________________________________
388 3.3.1. Defining Other Configuration Files
390 Privoxy can use a number of other files to tell it what ads to block,
391 what cookies to accept, etc. This section of the configuration file
392 tells Privoxy where to find all those other files.
394 On Windows and AmigaOS, Privoxy looks for these files in the same
395 directory as the executable. On Unix and OS/2, Privoxy looks for these
396 files in the current working directory. In either case, an absolute
397 path name can be used to avoid problems.
399 When development goes modular and multi-user, the blocker, filter, and
400 per-user config will be stored in subdirectories of "confdir". For
401 now, only confdir/templates is used for storing HTML templates for CGI
404 The location of the configuration files:
406 confdir /etc/privoxy # No trailing /, please.
408 The directory where all logging (i.e. logfile and jarfile) takes
409 place. No trailing "/", please:
411 logdir /var/log/privoxy
413 Note that all file specifications below are relative to the above two
416 The "default.action" file contains patterns to specify the actions to
417 apply to requests for each site. Default: Cookies to and from all
418 destinations are kept only during the current browser session (i.e.
419 they are not saved to disk). Pop-ups are disabled for all sites. All
420 sites are filtered through selected sections of "default.filter". No
421 sites are blocked. Privoxy displays a checkboard type pattern for
422 filtered ads and other images. The syntax of this file is explained in
423 detail [44]below. Other "actions" files are included, and you are free
424 to use any of them. They have varying degrees of aggressiveness.
426 actionsfile default.action
428 The "default.filter" file contains content modification rules that use
429 "regular expressions". These rules permit powerful changes on the
430 content of Web pages, e.g., you could disable your favorite JavaScript
431 annoyances, re-write the actual displayed text, or just have some fun
432 replacing "Microsoft" with "MicroSuck" wherever it appears on a Web
433 page. Default: whatever the developers are playing with :-/
435 Filtering requires buffering the page content, which may appear to
436 slow down page rendering since nothing is displayed until all content
437 has passed the filters. (It does not really take longer, but seems
438 that way since the page is not incrementally displayed.) This effect
439 will be more noticeable on slower connections.
441 filterfile default.filter
443 The logfile is where all logging and error messages are written. The
444 logfile can be useful for tracking down a problem with Privoxy (e.g.,
445 it's not blocking an ad you think it should block) but in most cases
446 you probably will never look at it.
448 Your logfile will grow indefinitely, and you will probably want to
449 periodically remove it. On Unix systems, you can do this with a cron
450 job (see "man cron"). For Redhat, a logrotate script has been
453 On SuSE Linux systems, you can place a line like "/var/log/privoxy.*
454 +1024k 644 nobody.nogroup" in /etc/logfiles, with the effect that
455 cron.daily will automatically archive, gzip, and empty the log, when
458 Default: Log to the a file named logfile. Comment out to disable
463 The "jarfile" defines where Privoxy stores the cookies it intercepts.
464 Note that if you use a "jarfile", it may grow quite large. Default:
465 Don't store intercepted cookies.
469 If you specify a "trustfile", Privoxy will only allow access to sites
470 that are named in the trustfile. You can also mark sites as trusted
471 referrers, with the effect that access to untrusted sites will be
472 granted, if a link from a trusted referrer was used. The link target
473 will then be added to the "trustfile". This is a very restrictive
474 feature that typical users most probably want to leave disabled.
475 Default: Disabled, don't use the trust mechanism.
479 If you use the trust mechanism, it is a good idea to write up some
480 on-line documentation about your blocking policy and to specify the
481 URL(s) here. They will appear on the page that your users receive when
482 they try to access untrusted content. Use multiple times for multiple
483 URLs. Default: Don't display links on the "untrusted" info page.
485 trust-info-url http://www.your-site.com/why_we_block.html
486 trust-info-url http://www.your-site.com/what_we_allow.html
487 _________________________________________________________________
489 3.3.2. Other Configuration Options
491 This part of the configuration file contains options that control how
494 "Admin-address" should be set to the email address of the proxy
495 administrator. It is used in many of the proxy-generated pages.
496 Default: fill@me.in.please.
498 #admin-address fill@me.in.please
500 "Proxy-info-url" can be set to a URL that contains more info about
501 this Privoxy installation, it's configuration and policies. It is used
502 in many of the proxy-generated pages and its use is highly recommended
503 in multi-user installations, since your users will want to know why
504 certain content is blocked or modified. Default: Don't show a link to
505 on-line documentation.
507 proxy-info-url http://www.your-site.com/proxy.html
509 "Listen-address" specifies the address and port where Privoxy will
510 listen for connections from your Web browser. The default is to listen
511 on the localhost port 8118, and this is suitable for most users. (In
512 your web browser, under proxy configuration, list the proxy server as
513 "localhost" and the port as "8118").
515 If you already have another service running on port 8118, or if you
516 want to serve requests from other machines (e.g. on your local
517 network) as well, you will need to override the default. The syntax is
518 "listen-address [<ip-address>]:<port>". If you leave out the IP
519 address, Privoxy will bind to all interfaces (addresses) on your
520 machine and may become reachable from the Internet. In that case,
521 consider using access control lists (acl's) (see "aclfile" above), or
524 For example, suppose you are running Privoxy on a machine which has
525 the address 192.168.0.1 on your local private network (192.168.0.0)
526 and has another outside connection with a different address. You want
527 it to serve requests from inside only:
529 listen-address 192.168.0.1:8118
531 If you want it to listen on all addresses (including the outside
536 If you do this, consider using ACLs (see "aclfile" above). Note: you
537 will need to point your browser(s) to the address and port that you
538 have configured here. Default: localhost:8118 (127.0.0.1:8118).
540 The debug option sets the level of debugging information to log in the
541 logfile (and to the console in the Windows version). A debug level of
542 1 is informative because it will show you each request as it happens.
543 Higher levels of debug are probably only of interest to developers.
545 debug 1 # GPC = show each GET/POST/CONNECT request
546 debug 2 # CONN = show each connection status
547 debug 4 # IO = show I/O status
548 debug 8 # HDR = show header parsing
549 debug 16 # LOG = log all data into the logfile
550 debug 32 # FRC = debug force feature
551 debug 64 # REF = debug regular expression filter
552 debug 128 # = debug fast redirects
553 debug 256 # = debug GIF de-animation
554 debug 512 # CLF = Common Log Format
555 debug 1024 # = debug kill pop-ups
556 debug 4096 # INFO = Startup banner and warnings.
557 debug 8192 # ERROR = Non-fatal errors
559 It is highly recommended that you enable ERROR reporting (debug 8192),
560 at least until v3.0 is released.
562 The reporting of FATAL errors (i.e. ones which crash Privoxy) is
563 always on and cannot be disabled.
565 If you want to use CLF (Common Log Format), you should set "debug 512"
566 ONLY, do not enable anything else.
568 Multiple "debug" directives, are OK - they're logical-OR'd together.
570 debug 15 # same as setting the first 4 listed above
576 debug 8192 # Errors - *we highly recommended enabling this*
578 Privoxy normally uses "multi-threading", a software technique that
579 permits it to handle many different requests simultaneously. In some
580 cases you may wish to disable this -- particularly if you're trying to
581 debug a problem. The "single-threaded" option forces Privoxy to handle
582 requests sequentially. Default: Multi-threaded mode.
586 "toggle" allows you to temporarily disable all Privoxy's filtering.
589 The Windows version of Privoxy puts an icon in the system tray, which
590 also allows you to change this option. If you right-click on that icon
591 (or select the "Options" menu), one choice is "Enable". Clicking on
592 enable toggles Privoxy on and off. This is useful if you want to
593 temporarily disable Privoxy, e.g., to access a site that requires
594 cookies which you would otherwise have blocked. This can also be
595 toggled via a web browser at the Privoxy internal address of
596 [45]http://p.p on any platform.
598 "toggle 1" means Privoxy runs normally, "toggle 0" means that Privoxy
599 becomes a non-anonymizing non-blocking proxy. Default: 1 (on).
603 For content filtering, i.e. the "+filter" and "+deanimate-gif"
604 actions, it is necessary that Privoxy buffers the entire document
605 body. This can be potentially dangerous, since a server could just
606 keep sending data indefinitely and wait for your RAM to exhaust. With
609 The buffer-limit option lets you set the maximum size in Kbytes that
610 each buffer may use. When the documents buffer exceeds this size, it
611 is flushed to the client unfiltered and no further attempt to filter
612 the rest of it is made. Remember that there may multiple threads
613 running, which might require increasing the "buffer-limit" Kbytes
614 each, unless you have enabled "single-threaded" above.
618 To enable the web-based default.action file editor set
619 enable-edit-actions to 1, or 0 to disable. Note that you must have
620 compiled Privoxy with support for this feature, otherwise this option
621 has no effect. This internal page can be reached at [46]http://p.p.
623 Security note: If this is enabled, anyone who can use the proxy can
624 edit the actions file, and their changes will affect all users. For
625 shared proxies, you probably want to disable this. Default: enabled.
627 enable-edit-actions 1
629 Allow Privoxy to be toggled on and off remotely, using your web
630 browser. Set "enable-remote-toggle"to 1 to enable, and 0 to disable.
631 Note that you must have compiled Privoxy with support for this
632 feature, otherwise this option has no effect.
634 Security note: If this is enabled, anyone who can use the proxy can
635 toggle it on or off (see [47]http://p.p), and their changes will
636 affect all users. For shared proxies, you probably want to disable
637 this. Default: enabled.
639 enable-remote-toggle 1
640 _________________________________________________________________
642 3.3.3. Access Control List (ACL)
644 Access controls are included at the request of some ISPs and systems
645 administrators, and are not usually needed by individual users. Please
646 note the warnings in the FAQ that this proxy is not intended to be a
647 substitute for a firewall or to encourage anyone to defer addressing
648 basic security weaknesses.
650 If no access settings are specified, the proxy talks to anyone that
651 connects. If any access settings file are specified, then the proxy
652 talks only to IP addresses permitted somewhere in this file and not
653 denied later in this file.
655 Summary -- if using an ACL:
657 Client must have permission to receive service.
659 LAST match in ACL wins.
661 Default behavior is to deny service.
663 The syntax for an entry in the Access Control List is:
665 ACTION SRC_ADDR[/SRC_MASKLEN] [ DST_ADDR[/DST_MASKLEN] ]
667 Where the individual fields are:
669 ACTION = "permit-access" or "deny-access"
670 SRC_ADDR = client hostname or dotted IP address
671 SRC_MASKLEN = number of bits in the subnet mask for the source
672 DST_ADDR = server or forwarder hostname or dotted IP address
673 DST_MASKLEN = number of bits in the subnet mask for the target
675 The field separator (FS) is whitespace (space or tab).
677 IMPORTANT NOTE: If Privoxy is using a forwarder (see below) or a
678 gateway for a particular destination URL, the DST_ADDR that is
679 examined is the address of the forwarder or the gateway and NOT the
680 address of the ultimate target. This is necessary because it may be
681 impossible for the local Privoxy to determine the address of the
682 ultimate target (that's often what gateways are used for).
684 Here are a few examples to show how the ACL features work:
686 "localhost" is OK -- no DST_ADDR implies that ALL destination
689 permit-access localhost
691 A silly example to illustrate permitting any host on the class-C
692 subnet with Privoxy to go anywhere:
694 permit-access www.privoxy.com/24
696 Except deny one particular IP address from using it at all:
698 deny-access ident.privoxy.com
700 You can also specify an explicit network address and subnet mask.
701 Explicit addresses do not have to be resolved to be used.
703 permit-access 207.153.200.0/24
705 A subnet mask of 0 matches anything, so the next line permits
708 permit-access 0.0.0.0/0
710 Note, you cannot say:
714 to allow all *.org domains. Every IP address listed must resolve
717 An ISP may want to provide a Privoxy that is accessible by "the world"
718 and yet restrict use of some of their private content to hosts on its
719 internal network (i.e. its own subscribers). Say, for instance the ISP
720 owns the Class-B IP address block 123.124.0.0 (a 16 bit netmask). This
721 is how they could do it:
723 permit-access 0.0.0.0/0 0.0.0.0/0 # other clients can go anywhere
724 # with the following exceptions
727 deny-access 0.0.0.0/0 123.124.0.0/16 # block all external request
729 # sites on the ISP's network
730 permit 0.0.0.0/0 www.my_isp.com # except for the ISP's main
732 permit 123.124.0.0/16 0.0.0.0/0 # the ISP's clients can go
735 Note that if some hostnames are listed with multiple IP addresses, the
736 primary value returned by DNS (via gethostbyname()) is used. Default:
737 Anyone can access the proxy.
738 _________________________________________________________________
742 This feature allows chaining of HTTP requests via multiple proxies. It
743 can be used to better protect privacy and confidentiality when
744 accessing specific domains by routing requests to those domains to a
745 special purpose filtering proxy such as lpwa.com. Or to use a caching
746 proxy to speed up browsing.
748 It can also be used in an environment with multiple networks to route
749 requests via multiple gateways allowing transparent access to multiple
750 networks without having to modify browser configurations.
752 Also specified here are SOCKS proxies. Privoxy SOCKS 4 and SOCKS 4A.
753 The difference is that SOCKS 4A will resolve the target hostname using
754 DNS on the SOCKS server, not our local DNS client.
756 The syntax of each line is:
758 forward target_domain[:port] http_proxy_host[:port]
759 forward-socks4 target_domain[:port] socks_proxy_host[:port]
760 http_proxy_host[:port]
761 forward-socks4a target_domain[:port] socks_proxy_host[:port]
762 http_proxy_host[:port]
764 If http_proxy_host is ".", then requests are not forwarded to a HTTP
765 proxy but are made directly to the web servers.
767 Lines are checked in sequence, and the last match wins.
769 There is an implicit line equivalent to the following, which specifies
770 that anything not finding a match on the list is to go out without
771 forwarding or gateway protocol, like so:
773 forward .* . # implicit
775 In the following common configuration, everything goes to Lucent's
776 LPWA, except SSL on port 443 (which it doesn't handle):
778 forward .* lpwa.com:8000
781 Some users have reported difficulties related to LPWA's use of "." as
782 the last element of the domain, and have said that this can be fixed
785 forward lpwa. lpwa.com:8000
787 (NOTE: the syntax for specifying target_domain has changed since the
788 previous paragraph was written -- it will not work now. More
789 information is welcome.)
791 In this fictitious example, everything goes via an ISP's caching
792 proxy, except requests to that ISP:
794 forward .* caching.myisp.net:8000
797 For the @home network, we're told the forwarding configuration is
800 forward .* proxy:8080
802 Also, we're told they insist on getting cookies and JavaScript, so you
803 should allow cookies from home.com. We consider JavaScript a potential
804 security risk. Java need not be enabled.
806 In this example direct connections are made to all "internal" domains,
807 but everything else goes through Lucent's LPWA by way of the company's
808 SOCKS gateway to the Internet.
810 forward-socks4 .* lpwa.com:8000 firewall.my_company.com:1080
811 forward my_company.com .
813 This is how you could set up a site that always uses SOCKS but no
816 forward-socks4a .* . firewall.my_company.com:1080
818 An advanced example for network administrators:
820 If you have links to multiple ISPs that provide various special
821 content to their subscribers, you can configure forwarding to pass
822 requests to the specific host that's connected to that ISP so that
823 everybody can see all of the content on all of the ISPs.
825 This is a bit tricky, but here's an example:
827 host-a has a PPP connection to isp-a.com. And host-b has a PPP
828 connection to isp-b.com. host-a can run a Privoxy proxy with
829 forwarding like this:
832 forward isp-b.com host-b:8118
834 host-b can run a Privoxy proxy with forwarding like this:
837 forward isp-a.com host-a:8118
839 Now, anyone on the Internet (including users on host-a and host-b) can
840 set their browser's proxy to either host-a or host-b and be able to
841 browse the content on isp-a or isp-b.
843 Here's another practical example, for University of Kent at Canterbury
844 students with a network connection in their room, who need to use the
845 University's Squid web cache.
847 forward *. ssbcache.ukc.ac.uk:3128 # Use the proxy, except for:
848 forward .ukc.ac.uk . # Anything on the same domain as us
849 forward * . # Host with no domain specified
850 forward 129.12.*.* . # A dotted IP on our /16 network.
851 forward 127.*.*.* . # Loopback address
852 forward localhost.localdomain . # Loopback address
853 forward www.ukc.mirror.ac.uk . # Specific host
855 If you intend to chain Privoxy and squid locally, then chain as
856 browser -> squid -> privoxy is the recommended way.
858 Your squid configuration could then look like this:
860 # Define Privoxy as parent cache
862 cache_peer 127.0.0.1 parent 8118 0 no-query
864 # Define ACL for protocol FTP
866 # Do not forward ACL FTP to privoxy
867 always_direct allow FTP
868 # Do not forward ACL CONNECT (https) to privoxy
869 always_direct allow CONNECT
870 # Forward the rest to privoxy
871 never_direct allow all
872 _________________________________________________________________
874 3.3.5. Windows GUI Options
876 Privoxy has a number of options specific to the Windows GUI interface:
878 If "activity-animation" is set to 1, the Privoxy icon will animate
879 when "Privoxy" is active. To turn off, set to 0.
883 If "log-messages" is set to 1, Privoxy will log messages to the
888 If "log-buffer-size" is set to 1, the size of the log buffer, i.e. the
889 amount of memory used for the log messages displayed in the console
890 window, will be limited to "log-max-lines" (see below).
892 Warning: Setting this to 0 will result in the buffer to grow
893 infinitely and eat up all your memory!
897 log-max-lines is the maximum number of lines held in the log buffer.
902 If "log-highlight-messages" is set to 1, Privoxy will highlight
903 portions of the log messages with a bold-faced font:
905 log-highlight-messages 1
907 The font used in the console window:
909 log-font-name Comic Sans MS
911 Font size used in the console window:
915 "show-on-task-bar" controls whether or not Privoxy will appear as a
916 button on the Task bar when minimized:
920 If "close-button-minimizes" is set to 1, the Windows close button will
921 minimize Privoxy instead of closing the program (close with the exit
922 option on the File menu).
924 close-button-minimizes 1
926 The "hide-console" option is specific to the MS-Win console version of
927 Privoxy. If this option is used, Privoxy will disconnect from and hide
931 _________________________________________________________________
933 3.4. The Actions File
935 The "default.action" file (formerly actionsfile or ijb.action) is used
936 to define what actions Privoxy takes, and thus determines how images,
937 cookies and various other aspects of HTTP content and transactions are
938 handled. Images can be anything you want, including ads, banners, or
939 just some obnoxious URL that you would rather not see. Cookies can be
940 accepted or rejected, or accepted only during the current browser
941 session (i.e. not written to disk). Changes to default.action should
942 be immediately visible to Privoxy without the need to restart.
944 The easiest way to edit "actions" file is with a browser by loading
945 [48]http://p.p/, and then select "Edit Actions List". A text editor
948 To determine which actions apply to a request, the URL of the request
949 is compared to all patterns in this file. Every time it matches, the
950 list of applicable actions for the URL is incrementally updated. You
951 can trace this process by visiting [49]http://p.p/show-url-info.
953 There are four types of lines in this file: comments (begin with a "#"
954 character), actions, aliases and patterns, all of which are explained
955 below, as well as the configuration file syntax that Privoxy
957 _________________________________________________________________
959 3.4.1. URL Domain and Path Syntax
961 Generally, a pattern has the form <domain>/<path>, where both the
962 <domain> and <path> part are optional. If you only specify a domain
963 part, the "/" can be left out:
965 www.example.com - is a domain only pattern and will match any request
966 to "www.example.com".
968 www.example.com/ - means exactly the same.
970 www.example.com/index.html - matches only the single document
971 "/index.html" on "www.example.com".
973 /index.html - matches the document "/index.html", regardless of the
976 index.html - matches nothing, since it would be interpreted as a
977 domain name and there is no top-level domain called ".html".
979 The matching of the domain part offers some flexible options: if the
980 domain starts or ends with a dot, it becomes unanchored at that end.
983 .example.com - matches any domain that ENDS in ".example.com".
985 www. - matches any domain that STARTS with "www".
987 Additionally, there are wild-cards that you can use in the domain
988 names themselves. They work pretty similar to shell wild-cards: "*"
989 stands for zero or more arbitrary characters, "?" stands for any
990 single character. And you can define character classes in square
991 brackets and they can be freely mixed:
993 ad*.example.com - matches "adserver.example.com", "ads.example.com",
994 etc but not "sfads.example.com".
996 *ad*.example.com - matches all of the above, and then some.
998 .?pix.com - matches "www.ipix.com", "pictures.epix.com",
999 "a.b.c.d.e.upix.com", etc.
1001 www[1-9a-ez].example.com - matches "www1.example.com",
1002 "www4.example.com", "wwwd.example.com", "wwwz.example.com", etc., but
1003 not "wwww.example.com".
1005 If Privoxy was compiled with "pcre" support (default), Perl compatible
1006 regular expressions can be used. See the pcre/docs/ directory or "man
1007 perlre" (also available on
1008 [50]http://www.perldoc.com/perl5.6/pod/perlre.html) for details. A
1009 brief discussion of regular expressions is in the [51]Appendix. For
1012 /.*/advert[0-9]+\.jpe?g - would match a URL from any domain, with any
1013 path that includes "advert" followed immediately by one or more
1014 digits, then a "." and ending in either "jpeg" or "jpg". So we match
1015 "example.com/ads/advert2.jpg", and
1016 "www.example.com/ads/banners/advert39.jpeg", but not
1017 "www.example.com/ads/banners/advert39.gif" (no gifs in the example
1020 Please note that matching in the path is case INSENSITIVE by default,
1021 but you can switch to case sensitive at any point in the pattern by
1022 using the "(?-i)" switch:
1024 www.example.com/(?-i)PaTtErN.* - will match only documents whose path
1025 starts with "PaTtErN" in exactly this capitalization.
1026 _________________________________________________________________
1030 Actions are enabled if preceded with a "+", and disabled if preceded
1031 with a "-". Actions are invoked by enclosing the action name in curly
1032 braces (e.g. {+some_action}), followed by a list of URLs to which the
1033 action applies. There are three classes of actions:
1035 * Boolean (e.g. "+/-block"):
1036 {+name} # enable this action
1037 {-name} # disable this action
1039 * parameterized (e.g. "+/-hide-user-agent"):
1040 {+name{param}} # enable action and set parameter to "param"
1041 {-name} # disable action
1043 * Multi-value (e.g. "{+/-add-header{Name: value}}",
1044 "{+/-wafer{name=value}}"):
1045 {+name{param}} # enable action and add parameter "param"
1046 {-name{param}} # remove the parameter "param"
1047 {-name} # disable this action totally
1049 If nothing is specified in this file, no "actions" are taken. So in
1050 this case Privoxy would just be a normal, non-blocking,
1051 non-anonymizing proxy. You must specifically enable the privacy and
1052 blocking features you need (although the provided default
1053 default.action file will give a good starting point).
1055 Later defined actions always over-ride earlier ones. For multi-valued
1056 actions, the actions are applied in the order they are specified.
1058 The list of valid Privoxy "actions" are:
1060 * Add the specified HTTP header, which is not checked for validity.
1061 You may specify this many times to specify many different headers:
1062 +add-header{Name: value}
1064 * Block this URL totally. In a default installation, a "blocked" URL
1065 will result in bright red banner that says "BLOCKED", with a
1066 reason why it is being blocked.
1069 * De-animate all animated GIF images, i.e. reduce them to their last
1070 frame. This will also shrink the images considerably (in bytes,
1071 not pixels!). If the option "first" is given, the first frame of
1072 the animation is used as the replacement. If "last" is given, the
1073 last frame of the animation is used instead, which probably makes
1074 more sense for most banner animations, but also has the risk of
1075 not showing the entire last frame (if it is only a delta to an
1077 +deanimate-gifs{last}
1078 +deanimate-gifs{first}
1080 * "+downgrade" will downgrade HTTP/1.1 client requests to HTTP/1.0
1081 and downgrade the responses as well. Use this action for servers
1082 that use HTTP/1.1 protocol features that Privoxy doesn't handle
1083 well yet. HTTP/1.1 is only partially implemented. Default is not
1084 to downgrade requests.
1087 * Many sites, like yahoo.com, don't just link to other sites.
1088 Instead, they will link to some script on their own server, giving
1089 the destination as a parameter, which will then redirect you to
1090 the final target. URLs resulting from this scheme typically look
1091 like: http://some.place/some_script?http://some.where-else.
1092 Sometimes, there are even multiple consecutive redirects encoded
1093 in the URL. These redirections via scripts make your web browsing
1094 more traceable, since the server from which you follow such a link
1095 can see where you go to. Apart from that, valuable bandwidth and
1096 time is wasted, while your browser ask the server for one redirect
1097 after the other. Plus, it feeds the advertisers.
1098 The "+fast-redirects" option enables interception of these
1099 requests by Privoxy, who will cut off all but the last valid URL
1100 in the request and send a local redirect back to your browser
1101 without contacting the remote site.
1104 * Apply the filters in the section_header section of the
1105 default.filter file to the site(s). default.filter sections are
1106 grouped according to like functionality.
1107 +filter{section_header}
1109 Filter sections that are pre-defined in the supplied
1110 default.filter include:
1112 html-annoyances: Get rid of particularly annoying HTML abuse.
1114 js-annoyances: Get rid of particularly annoying JavaScript abuse
1116 no-poups: Kill all popups in JS and HTML
1118 frameset-borders: Give frames a border
1120 webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
1122 no-refresh: Automatic refresh sucks on auto-dialup lines
1124 fun: Text replacements for subversive browsing fun!
1126 nimda: Remove (virus) Nimda code.
1128 banners-by-size: Kill banners by size
1130 crude-parental: Kill all web pages that contain the words "sex" or
1133 * Block any existing X-Forwarded-for header, and do not add a new
1137 * If the browser sends a "From:" header containing your e-mail
1138 address, this either completely removes the header ("block"), or
1139 changes it to the specified e-mail address.
1141 +hide-from{spam@sittingduck.xqq}
1143 * Don't send the "Referer:" (sic) header to the web site. You can
1144 block it, forge a URL to the same server as the request (which is
1145 preferred because some sites will not send images otherwise) or
1146 set it to a constant string of your choice.
1147 +hide-referer{block}
1148 +hide-referer{forge}
1149 +hide-referer{http://nowhere.com}
1151 * Alternative spelling of "+hide-referer". It has the same
1152 parameters, and can be freely mixed with, "+hide-referer".
1153 ("referrer" is the correct English spelling, however the HTTP
1154 specification has a bug - it requires it to be spelled "referer".)
1157 * Change the "User-Agent:" header so web servers can't tell your
1158 browser type. Warning! This breaks many web sites. Specify the
1159 user-agent value you want. Example, pretend to be using Netscape
1161 +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
1163 * Treat this URL as an image. This only matters if it's also
1164 "+block"ed, in which case a "blocked" image can be sent rather
1165 than a HTML page. See "+image-blocker{}" below for the control
1166 over what is actually sent. If you want invisible ads, they should
1167 be defined as images and blocked. And also, "image-blocker" should
1171 * Decides what to do with URLs that end up tagged with "{+block
1172 +image}", e.g an advertizement. There are five options.
1173 "-image-blocker" will send a HTML "blocked" page, usually
1174 resulting in a "broken image" icon. "+image-blocker{blank}" will
1175 send a 1x1 transparent GIF image. And finally,
1176 "+image-blocker{http://xyz.com}" will send a HTTP temporary
1177 redirect to the specified image. This has the advantage of the
1178 icon being being cached by the browser, which will speed up the
1179 display. "+image-blocker{pattern}" will send a checkboard type
1181 +image-blocker{blank}
1182 +image-blocker{pattern}
1183 +image-blocker{http://p.p/send-banner}
1185 * By default (i.e. in the absence of a "+limit-connect" action),
1186 Privoxy will only allow CONNECT requests to port 443, which is the
1187 standard port for https as a precaution.
1188 The CONNECT methods exists in HTTP to allow access to secure
1189 websites (https:// URLs) through proxies. It works very simply:
1190 the proxy connects to the server on the specified port, and then
1191 short-circuits its connections to the client and to the remote
1192 proxy. This can be a big security hole, since CONNECT-enabled
1193 proxies can be abused as TCP relays very easily.
1194 If you want to allow CONNECT for more ports than this, or want to
1195 forbid CONNECT altogether, you can specify a comma separated list
1196 of ports and port ranges (the latter using dashes, with the
1197 minimum defaulting to 0 and max to 65K):
1198 +limit-connect{443} # This is the default and need no be
1200 +limit-connect{80,443} # Ports 80 and 443 are OK.
1201 +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to
1203 #and above 500 are OK.
1205 * "+no-compression" prevents the website from compressing the data.
1206 Some websites do this, which can be a problem for Privoxy, since
1207 "+filter", "+no-popup" and "+gif-deanimate" will not work on
1208 compressed data. This will slow down connections to those
1209 websites, though. Default is "nocompression" is turned on.
1212 * If the website sets cookies, "no-cookies-keep" will make sure they
1213 are erased when you exit and restart your web browser. This makes
1214 profiling cookies useless, but won't break sites which require
1215 cookies so that you can log in for transactions. Default: on.
1218 * Prevent the website from reading cookies:
1221 * Prevent the website from setting cookies:
1224 * Filter the website through a built-in filter to disable those
1225 obnoxious JavaScript pop-up windows via window.open(), etc. The
1226 two alternative spellings are equivalent.
1230 * This action only applies if you are using a jarfile for saving
1231 cookies. It sends a cookie to every site stating that you do not
1232 accept any copyright on cookies sent to you, and asking them not
1233 to track you. Of course, this is a (relatively) unique header they
1234 could use to track you.
1237 * This allows you to add an arbitrary cookie. It can be specified
1238 multiple times in order to add as many cookies as you like.
1241 The meaning of any of the above is reversed by preceding the action
1242 with a "-", in place of the "+".
1246 Turn off cookies by default, then allow a few through for specified
1249 # Turn off all persistent cookies
1250 { +no-cookies-read }
1252 # Allow cookies for this browser session ONLY
1253 { +no-cookies-keep }
1254 # Exceptions to the above, sites that benefit from persistent cookies
1255 { -no-cookies-read }
1257 { -no-cookies-keep }
1263 # Alternative way of saying the same thing
1264 {-no-cookies-set -no-cookies-read -no-cookies-keep}
1268 Now turn off "fast redirects", and then we allow two exceptions:
1273 # Reverse it for these two sites, which don't work right without it.
1275 www.ukc.ac.uk/cgi-bin/wac\.cgi\?
1278 Turn on page filtering according to rules in the defined sections of
1279 refilterfile, and make one exception for sourceforge:
1281 # Run everything through the filter file, using only the
1282 # specified sections:
1283 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\
1284 +filter{webbugs} +filter{nimda} +filter{banners-by-size}
1286 # Then disable filtering of code from sourceforge!
1288 .cvs.sourceforge.net
1290 Now some URLs that we want "blocked", ie we won't see them. Many of
1291 these use regular expressions that will expand to match multiple URLs:
1295 /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))
1296 /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])
1297 /.*/(ng)?adclient\.cgi
1298 /.*/(plain|live|rotate)[-_.]?ads?/
1299 /.*/(sponsor)s?[0-9]?/
1300 /.*/_?(plain|live)?ads?(-banners)?/
1302 /.*/ad(sdna_image|gifs?)/
1303 /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)
1307 /.*/adv((er)?ts?|ertis(ing|ements?))?/
1311 /.*/cgi-bin/centralad/getimage
1312 /.*/images/addver\.gif
1313 /.*/images/marketing/.*\.(gif|jpe?g)
1317 /.*/sponsors?[0-9]?/
1318 /.*/advert[0-9]+\.jpg
1325 /graphics/defaultAd/
1327 /image\.ng/transactionID
1328 /images/.*/.*_anim\.gif # alvin brattli
1329 /ip_img/.*\.(gif|jpe?g)
1333 /cgi-bin/nph-adclick.exe/
1334 /.*/Image/BannerAdvertising/
1336 /.*/adlib/server\.cgi
1339 Note that many of these actions have the potential to cause a page to
1340 misbehave, possibly even not to display at all. There are many ways a
1341 site designer may choose to design his site, and what HTTP header
1342 content he may depend on. There is no way to have hard and fast rules
1343 for all sites. See the [52]Appendix for a brief example on
1344 troubleshooting actions.
1345 _________________________________________________________________
1349 Custom "actions", known to Privoxy as "aliases", can be defined by
1350 combining other "actions". These can in turn be invoked just like the
1351 built-in "actions". Currently, an alias can contain any character
1352 except space, tab, "=", "{" or "}". But please use only "a"- "z",
1353 "0"-"9", "+", and "-". Alias names are not case sensitive, and must be
1354 defined before anything else in the default.actionfile ! And there can
1355 only be one set of "aliases" defined.
1357 Now let's define a few aliases:
1359 # Useful customer aliases we can use later. These must come first!
1361 +no-cookies = +no-cookies-set +no-cookies-read
1362 -no-cookies = -no-cookies-set -no-cookies-read
1363 fragile = -block -no-cookies -filter -fast-redirects -hide-refere
1365 shop = -no-cookies -filter -fast-redirects
1366 +imageblock = +block +image
1367 #For people who don't like to type too much: ;-)
1370 c2 = -no-cookies-set +no-cookies-read
1371 c3 = +no-cookies-set -no-cookies-read
1372 #... etc. Customize to your heart's content.
1374 Some examples using our "shop" and "fragile" aliases from above:
1376 # These sites are very complex and require
1377 # minimal interference.
1379 .office.microsoft.com
1380 .windowsupdate.microsoft.com
1382 # Shopping sites - still want to block ads.
1385 .worldpay.com # for quietpc.com
1388 # These shops require pop-ups
1392 _________________________________________________________________
1394 3.5. The Filter File
1396 Any web page can be dynamically modified with the filter file. This
1397 modification can be removal, or re-writing, of any web page content,
1398 including tags and non-visible content. The default filter file is
1399 default.filter, located in the config directory.
1401 The included example file is divided into sections. Each section
1402 begins with the FILTER keyword, followed by the identifier for that
1403 section, e.g. "FILTER: webbugs". Each section performs a similar type
1404 of filtering, such as "html-annoyances".
1406 This file uses regular expressions to alter or remove any string in
1407 the target page. The expressions can only operate on one line at a
1408 time. Some examples from the included default default.filter:
1410 Stop web pages from displaying annoying messages in the status bar by
1411 deleting such references:
1413 FILTER: html-annoyances
1414 # New browser windows should be resizeable and have a location and st
1418 s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig
1419 s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig
1420 s/scrolling="?(no|0|Auto)"?/scrolling=1/ig
1421 s/menubar="?(no|0)"?/menubar=1/ig
1422 # The <BLINK> tag was a crime!
1424 s*<blink>|</blink>**ig
1427 #s/framespacing="?(no|0)"?//ig
1428 #s/margin(height|width)=[0-9]*//gi
1430 Just for kicks, replace any occurrence of "Microsoft" with
1431 "MicroSuck", and have a little fun with topical buzzwords:
1434 s/microsoft(?!.com)/MicroSuck/ig
1437 s/industry-leading|cutting-edge|award-winning/<font color=red><b>BING
1440 Kill those pesky little web-bugs:
1442 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
1444 s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\
1445 s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig
1446 _________________________________________________________________
1450 When Privoxy displays one of its internal pages, such as a 404 Not
1451 Found error page, it uses the appropriate template. On Linux, BSD, and
1452 Unix, these are located in /etc/privoxy/templates by default. These
1453 may be customized, if desired.
1454 _________________________________________________________________
1456 4. Quickstart to Using Privoxy
1458 Install package, then run and enjoy! Privoxy is typically started by
1459 specifying the main configuration file to be used on the command line.
1460 Example Unix startup command:
1463 # /usr/sbin/privoxy /etc/privoxy/config
1466 An init script is provided for SuSE and Redhat.
1468 For for SuSE: /etc/rc.d/privoxy start
1470 For RedHat: /etc/rc.d/init.d/privoxy start
1472 If no configuration file is specified on the command line, Privoxy
1473 will look for a file named config in the current directory. Except on
1474 Win32 where it will try config.txt. If no file is specified on the
1475 command line and no default configuration file can be found, Privoxy
1478 Be sure your browser is set to use the proxy which is by default at
1479 localhost, port 8118. With Netscape (and Mozilla), this can be set
1480 under Edit -> Preferences -> Advanced -> Proxies -> HTTP Proxy. For
1481 Internet Explorer: Tools > Internet Properties -> Connections -> LAN
1482 Setting. Then, check "Use Proxy" and fill in the appropriate info
1483 (Address: localhost, Port: 8118). Include if HTTPS proxy support too.
1485 The included default configuration files should give a reasonable
1486 starting point, though may be somewhat aggressive in blocking junk.
1487 You will probably want to keep an eye out for sites that require
1488 persistent cookies, and add these to default.action as needed. By
1489 default, most of these will be accepted only during the current
1490 browser session, until you add them to the configuration. If you want
1491 the browser to handle this instead, you will need to edit
1492 default.action and disable this feature. If you use more than one
1493 browser, it would make more sense to let Privoxy handle this. In which
1494 case, the browser(s) should be set to accept all cookies.
1496 If a particular site shows problems loading properly, try adding it to
1497 the {fragile} section of default.action. This will turn off most
1498 actions for this site.
1500 Privoxy is HTTP/1.1 compliant, but not all 1.1 features are as yet
1501 implemented. If browsers that support HTTP/1.1 (like Mozilla or recent
1502 versions of I.E.) experience problems, you might try to force HTTP/1.0
1503 compatibility. For Mozilla, look under Edit -> Preferences -> Debug ->
1504 Networking. Or set the "+downgrade" config option in default.action.
1506 After running Privoxy for a while, you can start to fine tune the
1507 configuration to suit your personal, or site, preferences and
1508 requirements. There are many, many aspects that can be customized.
1509 "Actions" (as specified in default.action) can be adjusted by pointing
1510 your browser to [53]http://p.p/, and then follow the link to "edit the
1511 actions list". (This is an internal page and does not require Internet
1514 In fact, various aspects of Privoxy configuration can be viewed from
1515 this page, including current configuration parameters, source code
1516 version numbers, the browser's request headers, and "actions" that
1517 apply to a given URL. In addition to the default.action file editor
1518 mentioned above, Privoxy can also be turned "on" and "off" from this
1521 If you encounter problems, please verify it is a Privoxy bug, by
1522 disabling Privoxy, and then trying the same page. Also, try another
1523 browser if possible to eliminate browser or site problems. Before
1524 reporting it as a bug, see if there is not a configuration option that
1525 is enabled that is causing the page not to load. You can then add an
1526 exception for that page or site. If a bug, please report it to the
1527 developers (see below).
1528 _________________________________________________________________
1530 4.1. Command Line Options
1532 Privoxy may be invoked with the following command-line options:
1535 Print version info and exit, Unix only.
1537 Print a short usage info and exit, Unix only.
1539 Don't become a daemon, i.e. don't fork and become process group
1540 leader, don't detach from controlling tty. Unix only.
1542 On startup, write the process ID to FILE. Delete the FILE on exit.
1543 Failiure to create or delete the FILE is non-fatal. If no FILE
1544 option is given, no PID file will be used. Unix only.
1545 * --user USER[.GROUP]
1546 After (optionally) writing the PID file, assume the user ID of
1547 USER, and if included the GID of GROUP. Exit if the privileges are
1548 not sufficient to do so. Unix only.
1550 If no configfile is included on the command line, Privoxy will
1551 look for a file named "config" in the current directory (except on
1552 Win32 where it will look for "config.txt" instead). Specify full
1553 path to avoid confusion.
1554 _________________________________________________________________
1556 5. Contacting the Developers, Bug Reporting and Feature Requests
1558 We value your feedback. However, to provide you with the best support,
1561 * Use the [54]Sourceforge support forum to get help.
1562 * Submit bugs only thru our [55]Sourceforge bug forum. Make sure
1563 that the bug has not already been submitted. Please try to verify
1564 that it is a Privoxy bug, and not a browser or site bug first. If
1565 you are using your own custom configuration, please try the stock
1566 configs to see if the problem is a configuration related bug. And
1567 if not using the latest development snapshot, please try the
1568 latest one. Or even better, CVS sources.
1569 * Submit feature requests only thru our [56]Sourceforge feature
1572 For any other issues, feel free to use the [57]mailing lists.
1574 Anyone interested in actively participating in development and related
1575 discussions can join the appropriate mailing list [58]here. Archives
1576 are available here too.
1577 _________________________________________________________________
1579 6. Copyright and History
1583 Privoxy is free software; you can redistribute it and/or modify it
1584 under the terms of the GNU General Public License as published by the
1585 Free Software Foundation; either version 2 of the License, or (at your
1586 option) any later version.
1588 This program is distributed in the hope that it will be useful, but
1589 WITHOUT ANY WARRANTY; without even the implied warranty of
1590 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1591 General Public License for more details, which is available from
1592 [59]the Free Software Foundation, Inc, 59 Temple Place - Suite 330,
1593 Boston, MA 02111-1307, USA.
1594 _________________________________________________________________
1598 Privoxy is derived from the Internet Junkbuster, with many improvments
1599 and enhancements over the original.
1601 Junkbuster was originally written by Anonymous Coders and
1602 [60]Junkbuster's Corporation, and was released as free open-source
1603 software under the GNU GPL. [61]Stefan Waldherr made many
1604 improvements, and started the [62]SourceForge project Privoxy to
1605 rekindle development. There are now several active developers
1606 contributing. The last stable release of Junkbuster was v2.0.2, which
1607 has now grown whiskers ;-).
1608 _________________________________________________________________
1612 [63]http://sourceforge.net/projects/ijbswa
1614 [64]http://www.privoxy.org/
1618 [66]http://www.junkbusters.com/ht/en/cookies.html
1620 [67]http://www.waldherr.org/junkbuster/
1622 [68]http://privacy.net/analyze/
1624 [69]http://www.squid-cache.org/
1625 _________________________________________________________________
1629 8.1. Regular Expressions
1631 Privoxy can use "regular expressions" in various config files.
1632 Assuming support for "pcre" (Perl Compatible Regular Expressions) is
1633 compiled in, which is the default. Such configuration directives do
1634 not require regular expressions, but they can be used to increase
1635 flexibility by matching a pattern with wild-cards against URLs.
1637 If you are reading this, you probably don't understand what "regular
1638 expressions" are, or what they can do. So this will be a very brief
1639 introduction only. A full explanation would require a book ;-)
1641 "Regular expressions" is a way of matching one character expression
1642 against another to see if it matches or not. One of the "expressions"
1643 is a literal string of readable characters (letter, numbers, etc), and
1644 the other is a complex string of literal characters combined with
1645 wild-cards, and other special characters, called meta-characters. The
1646 "meta-characters" have special meanings and are used to build the
1647 complex pattern to be matched against. Perl Compatible Regular
1648 Expressions is an enhanced form of the regular expression language
1649 with backward compatibility.
1651 To make a simple analogy, we do something similar when we use
1652 wild-card characters when listing files with the dir command in DOS.
1653 *.* matches all filenames. The "special" character here is the
1654 asterisk which matches any and all characters. We can be more specific
1655 and use ? to match just individual characters. So "dir file?.text"
1656 would match "file1.txt", "file2.txt", etc. We are pattern matching,
1657 using a similar technique to "regular expressions"!
1659 Regular expressions do essentially the same thing, but are much, much
1660 more powerful. There are many more "special characters" and ways of
1661 building complex patterns however. Let's look at a few of the common
1662 ones, and then some examples:
1664 . - Matches any single character, e.g. "a", "A", "4", ":", or "@".
1666 ? - The preceding character or expression is matched ZERO or ONE
1669 + - The preceding character or expression is matched ONE or MORE
1672 * - The preceding character or expression is matched ZERO or MORE
1675 \ - The "escape" character denotes that the following character should
1676 be taken literally. This is used where one of the special characters
1677 (e.g. ".") needs to be taken literally and not as a special
1680 [] - Characters enclosed in brackets will be matched if any of the
1681 enclosed characters are encountered.
1683 () - parentheses are used to group a sub-expression, or multiple
1686 | - The "bar" character works like an "or" conditional statement. A
1687 match is successful if the sub-expression on either side of "|"
1690 s/string1/string2/g - This is used to rewrite strings of text.
1691 "string1" is replaced by "string2" in this example.
1693 These are just some of the ones you are likely to use when matching
1694 URLs with Privoxy, and is a long way from a definitive list. This is
1695 enough to get us started with a few simple examples which may be more
1698 /.*/banners/.* - A simple example that uses the common combination of
1699 "." and "*" to denote any character, zero or more times. In other
1700 words, any string at all. So we start with a literal forward slash,
1701 then our regular expression pattern (".*") another literal forward
1702 slash, the string "banners", another forward slash, and lastly another
1703 ".*". We are building a directory path here. This will match any file
1704 with the path that has a directory named "banners" in it. The ".*"
1705 matches any characters, and this could conceivably be more forward
1706 slashes, so it might expand into a much longer looking path. For
1707 example, this could match:
1708 "/eye/hate/spammers/banners/annoy_me_please.gif", or just
1709 "/banners/annoying.html", or almost an infinite number of other
1710 possible combinations, just so it has "banners" in the path somewhere.
1712 A now something a little more complex:
1714 /.*/adv((er)?ts?|ertis(ing|ements?))?/ - We have several literal
1715 forward slashes again ("/"), so we are building another expression
1716 that is a file path statement. We have another ".*", so we are
1717 matching against any conceivable sub-path, just so it matches our
1718 expression. The only true literal that must match our pattern is adv,
1719 together with the forward slashes. What comes after the "adv" string
1720 is the interesting part.
1722 Remember the "?" means the preceding expression (either a literal
1723 character or anything grouped with "(...)" in this case) can exist or
1724 not, since this means either zero or one match. So
1725 "((er)?ts?|ertis(ing|ements?))" is optional, as are the individual
1726 sub-expressions: "(er)", "(ing|ements?)", and the "s". The "|" means
1727 "or". We have two of those. For instance, "(ing|ements?)", can expand
1728 to match either "ing" OR "ements?". What is being done here, is an
1729 attempt at matching as many variations of "advertisement", and
1730 similar, as possible. So this would expand to match just "adv", or
1731 "advert", or "adverts", or "advertising", or "advertisement", or
1732 "advertisements". You get the idea. But it would not match
1733 "advertizements" (with a "z"). We could fix that by changing our
1734 regular expression to: "/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/",
1735 which would then match either spelling.
1737 /.*/advert[0-9]+\.(gif|jpe?g) - Again another path statement with
1738 forward slashes. Anything in the square brackets "[]" can be matched.
1739 This is using "0-9" as a shorthand expression to mean any digit one
1740 through nine. It is the same as saying "0123456789". So any digit
1741 matches. The "+" means one or more of the preceding expression must be
1742 included. The preceding expression here is what is in the square
1743 brackets -- in this case, any digit one through nine. Then, at the
1744 end, we have a grouping: "(gif|jpe?g)". This includes a "|", so this
1745 needs to match the expression on either side of that bar character
1746 also. A simple "gif" on one side, and the other side will in turn
1747 match either "jpeg" or "jpg", since the "?" means the letter "e" is
1748 optional and can be matched once or not at all. So we are building an
1749 expression here to match image GIF or JPEG type image file. It must
1750 include the literal string "advert", then one or more digits, and a
1751 "." (which is now a literal, and not a special character, since it is
1752 escaped with "\"), and lastly either "gif", or "jpeg", or "jpg". Some
1753 possible matches would include: "//advert1.jpg",
1754 "/nasty/ads/advert1234.gif", "/banners/from/hell/advert99.jpg". It
1755 would not match "advert1.gif" (no leading slash), or "/adverts232.jpg"
1756 (the expression does not include an "s"), or "/advert1.jsp" ("jsp" is
1757 not in the expression anywhere).
1759 s/microsoft(?!.com)/MicroSuck/i - This is a substitution. "MicroSuck"
1760 will replace any occurrence of "microsoft". The "i" at the end of the
1761 expression means ignore case. The "(?!.com)" means the match should
1762 fail if "microsoft" is followed by ".com". In other words, this acts
1763 like a "NOT" modifier. In case this is a hyperlink, we don't want to
1766 We are barely scratching the surface of regular expressions here so
1767 that you can understand the default Privoxy configuration files, and
1768 maybe use this knowledge to customize your own installation. There is
1769 much, much more that can be done with regular expressions. Now that
1770 you know enough to get started, you can learn more on your own :/
1772 More reading on Perl Compatible Regular expressions:
1773 [70]http://www.perldoc.com/perl5.6/pod/perlre.html
1774 _________________________________________________________________
1776 8.2. Privoxy's Internal Pages
1778 Since Privoxy proxies each requested web page, it is easy for Privoxy
1779 to trap certain URLs. In this way, we can talk directly to Privoxy,
1780 and see how it is configured, see how our rules are being applied,
1781 change these rules and other configuration options, and even turn
1782 Privoxy's filtering off, all with a web browser.
1784 The URLs listed below are the special ones that allow direct access to
1785 Privoxy. Of course, Privoxy must be running to access these. If not,
1786 you will get a friendly error message. Internet access is not
1789 * Privoxy main page:
1791 [71]http://www.privoxy.org/config/
1792 Alternately, this may be reached at [72]http://p.p/, but this
1793 variation may not work as reliably as the above in some
1795 * Show information about the current configuration:
1797 [73]http://www.privoxy.org/config/show-status
1798 * Show the source code version numbers:
1800 [74]http://www.privoxy.org/config/show-version
1801 * Show the client's request headers:
1803 [75]http://www.privoxy.org/config/show-request
1804 * Show which actions apply to a URL and why:
1806 [76]http://www.privoxy.org/config/show-url-info
1807 * Toggle Privoxy on or off:
1809 [77]http://www.privoxy.org/config/toggle
1810 Short cuts. Turn off, then on:
1812 [78]http://www.privoxy.org/config/toggle?set=disable
1814 [79]http://www.privoxy.org/config/toggle?set=enable
1815 * Edit the actions list file:
1817 [80]http://www.privoxy.org/config/edit-actions
1819 These may be bookmarked for quick reference.
1820 _________________________________________________________________
1822 8.3. Anatomy of an Action
1824 The way Privoxy applies "actions" to any given URL can be complex, and
1825 not always so easy to understand what is happening. And sometimes we
1826 need to be able to see just what Privoxy is doing. Especially, if
1827 something Privoxy is doing is causing us a problem inadvertantly. It
1828 can be a little daunting to look at the actions files themselves,
1829 since they tend to be filled with "regular expressions" whose
1830 consequences are not always so obvious. Privoxy provides the
1831 [81]http://www.privoxy.org/config/show-url-info page that can show us
1832 very specifically how actions are being applied to any given URL. This
1833 is a big help for troubleshooting.
1835 First, enter one URL (or partial URL) at the prompt, and then Privoxy
1836 will tell us how the current configuration will handle it. This will
1837 not help with filtering effects from the default.filter file! It also
1838 will not tell you about any other URLs that may be embedded within the
1839 URL you are testing. For instance, images such as ads are expressed as
1840 URLs within the raw page source of HTML pages. So you will only get
1841 info for the actual URL that is pasted into the prompt area -- not any
1842 sub-URLs. If you want to know about embedded URLs like ads, you will
1843 have to dig those out of the HTML source. Use your browser's "View
1844 Page Source" option for this.
1846 Let's look at an example, [82]google.com, one section at a time:
1848 System default actions:
1850 { -add-header -block -deanimate-gifs -downgrade -fast-redirects -filter
1851 -hide-forwarded -hide-from -hide-referer -hide-user-agent -image
1852 -image-blocker -limit-connect -no-compression -no-cookies-keep
1853 -no-cookies-read -no-cookies-set -no-popups -vanilla-wafer -wafer }
1856 This is the top section, and only tells us of the compiled in
1857 defaults. This is basically what Privoxy would do if there were not
1858 any "actions" defined, i.e. it does nothing. Every action is disabled.
1859 This is not particularly informative for our purposes here. OK, next
1862 Matches for http://google.com:
1864 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
1865 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1866 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1867 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1868 -hide-user-agent -image +image-blocker{blank} +no-compression
1869 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
1870 -vanilla-wafer -wafer }
1873 { -no-cookies-keep -no-cookies-read -no-cookies-set }
1880 This is much more informative, and tells us how we have defined our
1881 "actions", and which ones match for our example, "google.com". The
1882 first grouping shows our default settings, which would apply to all
1883 URLs. If you look at your "actions" file, this would be the section
1884 just below the "aliases" section near the top. This applies to all
1885 URLs as signified by the single forward slash -- "/".
1887 These are the default actions we have enabled. But we can define
1888 additional actions that would be exceptions to these general rules,
1889 and then list specific URLs that these exceptions would apply to. Last
1890 match wins. Just below this then are two explict matches for
1891 ".google.com". The first is negating our various cookie blocking
1892 actions (i.e. we will allow cookies here). The second is allowing
1893 "fast-redirects". Note that there is a leading dot here --
1894 ".google.com". This will match any hosts and sub-domains, in the
1895 google.com domain also, such as "www.google.com". So, apparently, we
1896 have these actions defined somewhere in the lower part of our actions
1897 file, and "google.com" is referenced in these sections.
1899 And now we pull it altogether in the bottom section and summarize how
1900 Privoxy is appying all its "actions" to "google.com":
1904 -add-header -block -deanimate-gifs -downgrade -fast-redirects
1905 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1906 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1907 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1908 -hide-user-agent -image +image-blocker{blank} -limit-connect +no-compression
1909 -no-cookies-keep -no-cookies-read -no-cookies-set +no-popups -vanilla-wafer
1913 Now another example, "ad.doubleclick.net":
1925 We'll just show the interesting part here, the explicit matches. It is
1926 matched three different times. Each as an "+block +image", which is
1927 the expanded form of one of our aliases that had been defined as:
1928 "+imageblock". ("Aliases" are defined in the first section of the
1929 actions file and typically used to combine more than one action.)
1931 Any one of these would have done the trick and blocked this as an
1932 unwanted image. This is unnecessarily redundant since the last case
1933 effectively would also cover the first. No point in taking chances
1934 with these guys though ;-) Note that if you want an ad or obnoxious
1935 URL to be invisible, it should be defined as "ad.doubleclick.net" is
1936 done here -- as both a "+block" and an "+image". The custom alias
1937 "+imageblock" does this for us.
1939 One last example. Let's try "http://www.rhapsodyk.net/adsl/HOWTO/".
1940 This one is giving us problems. We are getting a blank page. Hmmm...
1942 Matches for http://www.rhapsodyk.net/adsl/HOWTO/:
1944 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
1945 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
1946 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
1947 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
1948 -hide-user-agent -image +image-blocker{blank} +no-compression
1949 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
1950 -vanilla-wafer -wafer }
1957 Ooops, the "/adsl/" is matching "/ads"! But we did not want this at
1958 all! Now we see why we get the blank page. We could now add a new
1959 action below this that explictly does not block (-block) pages with
1960 "adsl". There are various ways to handle such exceptions. Example:
1966 Now the page displays ;-)
1971 1. http://www.privoxy.org/user-manual/
1972 2. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INTRODUCTION
1973 3. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN31
1974 4. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION
1975 5. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-SOURCE
1976 6. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-RH
1977 7. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-SUSE
1978 8. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-OS2
1979 9. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-WIN
1980 10. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#INSTALLATION-OTHER
1981 11. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#CONFIGURATION
1982 12. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN150
1983 13. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN168
1984 14. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN199
1985 15. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN232
1986 16. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN325
1987 17. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN462
1988 18. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN550
1989 19. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN659
1990 20. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSFILE
1991 21. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN758
1992 22. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN832
1993 23. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1149
1994 24. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#FILTERFILE
1995 25. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1208
1996 26. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#QUICKSTART
1997 27. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1264
1998 28. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#CONTACT
1999 29. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#COPYRIGHT
2000 30. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1323
2001 31. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1329
2002 32. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#SEEALSO
2003 33. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#APPENDIX
2004 34. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#REGEX
2005 35. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1517
2006 36. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSANAT
2008 38. http://sourceforge.net/projects/ijbswa/
2009 39. http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/current/
2010 40. http://www.gnu.org/
2012 42. http://www.privoxy.org/config/
2014 44. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSFILE
2019 49. http://p.p/show-url-info
2020 50. http://www.perldoc.com/perl5.6/pod/perlre.html
2021 51. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#REGEX
2022 52. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#ACTIONSANAT
2024 54. http://sourceforge.net/tracker/?group_id=11118&atid=211118
2025 55. http://sourceforge.net/tracker/?group_id=11118&atid=111118
2026 56. http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
2027 57. http://sourceforge.net/mail/?group_id=11118
2028 58. http://sourceforge.net/mail/?group_id=11118
2029 59. http://www.gnu.org/copyleft/gpl.html
2030 60. http://www.junkbusters.com/ht/en/ijbfaq.html
2031 61. http://www.waldherr.org/junkbuster/
2032 62. http://sourceforge.net/projects/ijbswa/
2033 63. http://sourceforge.net/projects/ijbswa
2034 64. http://www.privoxy.org/
2036 66. http://www.junkbusters.com/ht/en/cookies.html
2037 67. http://www.waldherr.org/junkbuster/
2038 68. http://privacy.net/analyze/
2039 69. http://www.squid-cache.org/
2040 70. http://www.perldoc.com/perl5.6/pod/perlre.html
2041 71. http://www.privoxy.org/config/
2043 73. http://www.privoxy.org/config/show-status
2044 74. http://www.privoxy.org/config/show-version
2045 75. http://www.privoxy.org/config/show-request
2046 76. http://www.privoxy.org/config/show-url-info
2047 77. http://www.privoxy.org/config/toggle
2048 78. http://www.privoxy.org/config/toggle?set=disable
2049 79. http://www.privoxy.org/config/toggle?set=enable
2050 80. http://www.privoxy.org/config/edit-actions
2051 81. http://www.privoxy.org/config/show-url-info
2052 82. http://google.com/
2055 83. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1389
2056 84. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1397
2057 85. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1400
2058 86. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1403
2059 87. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1406
2060 88. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1411
2061 89. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1414
2062 90. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1417
2063 91. file://localhost/home/swa/sf/current-org/doc/source/tmp.html#AEN1423