2 File : $Source: /cvsroot/ijbswa/current/doc/source/privoxy-man-page.sgml,v $
6 ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
8 $Id: privoxy-man-page.sgml,v 2.21 2008/08/30 15:37:35 fabiankeil Exp $
10 Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
13 ========================================================================
14 NOTE: Please read developer-manual/documentation.html before touching
15 anything in this, or other Privoxy documentation.
16 ========================================================================
18 Doc NOTES: This is some tricky markup! There are some quirks
19 to how this markup is handled. It is not always so co-operative.
20 Please don't change the markup unless you can verify the changes
21 will improve finished output!
23 literallayout tags are particularly sensitive to where they are placed.
24 The 'replaceable' and 'command' tags are used here somewhat unconventionally,
25 since it seems to generate the proper formatting (at least for me :).
27 Create man page: 'make man'
29 Requires docbook2man (short perl script), see CVS
30 http://sources.redhat.com/docbook-tools/. Also requires openjade and SGMLSpm
33 For man page references, see:
34 http://www.linuxdoc.org/HOWTO/mini/DocBook-Install/using.html
35 http://docbook.org/tdg/en/html/ch02.html#making-refentry
38 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"[
39 <!entity % dummy "IGNORE">
40 <!entity p-intro SYSTEM "privoxy.sgml">
41 <!entity seealso SYSTEM "seealso.sgml">
42 <!entity copyright SYSTEM "copyright.sgml">
43 <!entity license SYSTEM "license.sgml">
44 <!entity authors SYSTEM "p-authors.sgml">
45 <!entity p-version "3.0.11">
46 <!entity p-status "UNRELEASED">
47 <!entity % p-not-stable "INCLUDE">
48 <!entity % p-stable "IGNORE">
49 <!entity % p-text "IGNORE"> <!-- define we are not a text only doc -->
50 <!entity % p-authors-formal "IGNORE"> <!-- exclude additional formating -->
51 <!entity my-copy "(C)"> <!-- db2man barfs on copyright symbol -->
54 <refentry id="privoxy">
56 <date>2007-04-12</date>
59 <refentrytitle>privoxy</refentrytitle>
60 <manvolnum>1</manvolnum>
62 Privoxy &p-version;<![%p-not-stable;[ &p-status;]]>
67 <refname><application>privoxy</application></refname>
68 <refpurpose>Privacy Enhancing Proxy</refpurpose>
73 <command>privoxy</command>
74 <arg><option>--help</option></arg>
75 <arg><option>--version</option></arg>
76 <arg><option>--no-daemon</option></arg>
77 <arg><option>--pidfile </option><replaceable class="parameter">pidfile</replaceable></arg>
78 <arg><option>--user </option><replaceable class="parameter">user[.group]</replaceable></arg>
79 <arg><option>--chroot</option></arg>
80 <arg><option>--pre-chroot-nslookup </option><replaceable class="parameter">hostname</replaceable></arg>
81 <arg><replaceable class="parameter">configfile</replaceable></arg>
87 <!-- ~~~~~ New section ~~~~~ -->
88 <refsect1><title>Options</title>
90 <command>Privoxy</command> may be invoked with the following command line
99 Print brief usage info and exit.
105 <term>--version</term>
108 Print version info and exit.
114 <term>--no-daemon</term>
117 Don't become a daemon, i.e. don't fork and become process group
118 leader, don't detach from controlling tty, and do all logging there.
124 <term>--pidfile <replaceable class="parameter">pidfile</replaceable></term>
127 On startup, write the process ID to <replaceable class="parameter">pidfile</replaceable>.
128 Delete the <replaceable class="parameter">pidfile</replaceable> on exit.
129 Failure to create or delete the <replaceable class="parameter">pidfile</replaceable>
130 is non-fatal. If no <command>--pidfile</command> option is given, no PID file will be used.
136 <term>--user <replaceable class="parameter">user[.group]</replaceable></term>
139 <!-- Note: replaceable is maybe the wrong tag, but generates -->
140 <!-- correct looking man output. -->
141 After (optionally) writing the PID file, assume the user ID of
142 <replaceable class="parameter">user</replaceable> and the GID of
143 <replaceable class="parameter">group</replaceable>, or, if the optional
144 <replaceable class="parameter">group</replaceable> was not given, the default group of
145 <replaceable class="parameter">user</replaceable>. Exit if the privileges are not
151 <term>--chroot</term>
154 Before changing to the user ID given in the --user option, chroot to
155 that user's home directory, i.e. make the kernel pretend to the
156 <command>Privoxy</command> process that the directory tree starts
157 there. If set up carefully, this can limit the impact of possible
158 vulnerabilities in <command>Privoxy</command> to the files contained in
164 <term>--pre-chroot-nslookup <replaceable class="parameter">hostname</replaceable></term>
167 Initialize the resolver library using <replaceable class="parameter">hostname</replaceable>
168 before chroot'ing. On some systems this reduces the number of files
169 that must be copied into the chroot tree.
176 If the <filename>configfile</filename> is not specified on the command line,
177 <command>Privoxy</command> will look for a file named
178 <filename>config</filename> in the current directory . If no
179 <filename>configfile</filename> is found, <command>Privoxy</command> will
186 <!-- ~~~~~ New section ~~~~~ -->
187 <refsect1><title>Description</title>
188 <!-- Include privoxy.sgml boilerplate: -->
190 <!-- end boilerplate -->
194 <!-- ~~~~~ New section ~~~~~ -->
195 <refsect1><title>Installation and Usage</title>
197 Browsers can either be individually configured to use
198 <command>Privoxy</command> as a HTTP proxy (recommended),
199 or <command>Privoxy</command> can be combined with a packet
200 filter to build an intercepting proxy
201 (see <filename>config</filename>). The default setting is for
202 localhost, on port 8118 (configurable in the main config file). To set the
203 HTTP proxy in Netscape and Mozilla, go through: <command>Edit</command>;
204 <command>Preferences</command>; <command>Advanced</command>;
205 <command>Proxies</command>; <command>Manual Proxy Configuration</command>;
206 <command>View</command>.
209 For Firefox, go through: <command>Tools</command>;
210 <command>Options</command>; <command>General</command>;
211 <command>Connection Settings</command>;
212 <command>Manual Proxy Configuration</command>.
215 For Internet Explorer, go through: <command>Tools</command>;
216 <command>Internet Properties</command>; <command>Connections</command>;
217 <command>LAN Settings</command>.
220 The Secure (SSL) Proxy should also be set to the same values, otherwise
221 https: URLs will not be proxied. Note: <command>Privoxy</command> can only
222 proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
223 HTTPS presents some limitations, and not all features will work with HTTPS
228 For other browsers, check the documentation.
233 <!-- ~~~~~ New section ~~~~~ -->
234 <refsect1><title>Configuration</title>
236 <command>Privoxy</command> can be configured with the various configuration
237 files. The default configuration files are: <filename>config</filename>,
238 <filename>default.filter</filename>, and
239 <filename>default.action</filename>. <filename>user.action</filename> should
240 be used for locally defined exceptions to the default rules of
241 <filename>default.action</filename>, and <filename>user.filter</filename> for
242 locally defined filters. These are well commented. On Unix
243 and Unix-like systems, these are located in
244 <filename>/etc/privoxy/</filename> by default.
247 <command>Privoxy</command> uses the concept of <command>actions</command>
248 in order to manipulate the data stream between the browser and remote sites.
249 There are various actions available with specific functions for such things
250 as blocking web sites, managing cookies, etc. These actions can be invoked
251 individually or combined, and used against individual URLs, or groups of URLs
252 that can be defined using wildcards and regular expressions. The result is
253 that the user has greatly enhanced control and freedom.
256 The actions list (ad blocks, etc) can also be configured with your
257 web browser at <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
258 (assuming the configuration allows it).
259 <command>Privoxy's</command> configuration parameters can also be viewed at
260 the same page. In addition, <command>Privoxy</command> can be toggled on/off.
261 This is an internal page, and does not require Internet access.
265 url="http://www.privoxy.org/user-manual/"><citetitle>User Manual</citetitle></ulink> for a detailed
266 explanation of installation, general usage, all configuration options, new
267 features and notes on upgrading.
272 <!-- ~~~~~ New section ~~~~~ -->
273 <refsect1><title>Sample Configuration</title>
275 A brief example of what a simple <filename>default.action</filename>
276 configuration might look like:
280 # Define a few useful custom aliases for later use
283 # Useful aliases that combine more than one action
284 +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
285 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
286 +block-as-image = +block +handle-as-image
288 # Fragile sites should have the minimum changes
289 fragile = -block -deanimate-gifs -fast-redirects -filter \
290 -hide-referer -prevent-cookies
292 ## Turn some actions on ################################
293 ## NOTE: Actions are off by default, unless explictily turned on
294 ## otherwise with the '+' operator.
297 +change-x-forwarded-for{block} \
298 +deanimate-gifs{last} \
299 +filter{refresh-tags} \
300 +filter{img-reorder} \
301 +filter{banners-by-size} \
303 +filter{jumping-windows} \
304 +filter{ie-exploits} \
305 +hide-from-header{block} \
306 +hide-referrer{conditional-block} \
307 +session-cookies-only \
308 +set-image-blocker{pattern} \
310 / # '/' Match *all* URL patterns
313 # Block all URLs that match these patterns
319 /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
321 media./.*(ads|banner)
323 # Block, and treat these URL patterns as if they were 'images'.
324 # We would expect these to be ads.
327 .a[0-9].yimg.com/(?:(?!/i/).)*$
330 # Make exceptions for these harmless ones that would be
331 # caught by our +block patterns just above.
337 # uploads or downloads
342 Then for a <filename>user.action</filename>, we would put local,
343 narrowly defined exceptions:
347 # Re-define aliases as needed here
351 -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
353 # Set personal exceptions to the policies in default.action #######
355 # Sites where we want persistent cookies, so allow *all* cookies
356 { -crunch-cookies -session-cookies-only }
361 # These sites break easily. Use our "fragile" alias here.
366 # Replace example.com's style sheet with one of my choosing
367 { +redirect{http://localhost/css-replacements/example.com.css} }
368 .example.com/stylesheet.css
373 See the comments in the configuration files themselves, or the
374 <citetitle>User Manual</citetitle>
375 for full explanations of the above syntax, and other <command>Privoxy</command>
376 configuration options.
382 <!-- ~~~~~ New section ~~~~~ -->
383 <refsect1><title>Files</title>
384 <!-- this is a cheesy way to do this, but WTF. -->
386 <filename>/usr/sbin/privoxy</filename>
387 <filename>/etc/privoxy/config</filename>
388 <filename>/etc/privoxy/default.action</filename>
389 <filename>/etc/privoxy/standard.action</filename>
390 <filename>/etc/privoxy/user.action</filename>
391 <filename>/etc/privoxy/default.filter</filename>
392 <filename>/etc/privoxy/user.filter</filename>
393 <filename>/etc/privoxy/trust</filename>
394 <filename>/etc/privoxy/templates/*</filename>
395 <filename>/var/log/privoxy/logfile</filename>
399 Various other files should be included, but may vary depending on platform
400 and build configuration. Additional documentation should be included in the local
401 documentation directory.
407 <!-- ~~~~~ New section ~~~~~ -->
408 <refsect1><title>Signals</title>
410 <!-- command tag is used here to get proper looking format -->
411 <command>Privoxy</command> terminates on the <command>SIGINT</command>,
412 <command>SIGTERM</command> and <command>SIGABRT</command> signals. Log
413 rotation scripts may cause a re-opening of the logfile by sending a
414 <command>SIGHUP</command> to <command>Privoxy</command>. Note that unlike
415 other daemons, <command>Privoxy</command> does not need to be made aware of
416 config file changes by <command>SIGHUP</command> -- it will detect them
422 <!-- ~~~~~ New section ~~~~~ -->
423 <refsect1><title>Notes</title>
426 This is a &p-status; version of <command>Privoxy</command>. Not
427 all features are well tested.
430 Please see the <citetitle>User Manual</citetitle> on how to contact the
431 developers, for feature requests, reporting problems, and other questions.
436 <!-- ~~~~~ New section ~~~~~ -->
437 <refsect1><title>See Also</title>
438 <!-- Include seealso.sgml boilerplate: -->
440 <!-- end boilerplate -->
443 <!-- ~~~~~ New section ~~~~~ -->
444 <refsect1><title>Development Team</title>
445 <!-- Include p-authors.sgml boilerplate: -->
447 <!-- end boilerplate -->
450 <!-- ~~~~~ New section ~~~~~ -->
451 <refsect1><title>Copyright and License</title>
453 <refsect2><title>Copyright</title>
454 <!-- Include copyright.sgml boilerplate: -->
456 <!-- end boilerplate -->
459 <refsect2><title>License</title>
460 <!-- Include license.sgml boilerplate: -->
462 <!-- end boilerplate -->