privoxy.config 33 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179
  1. # Sample Configuration File for Privoxy v3.0.6
  2. #
  3. # $Id$
  4. #
  5. # Copyright (C) 2001-2006 Privoxy Developers http://privoxy.org
  6. #
  7. ####################################################################
  8. # #
  9. # Table of Contents #
  10. # #
  11. # I. INTRODUCTION #
  12. # II. FORMAT OF THE CONFIGURATION FILE #
  13. # #
  14. # 1. LOCAL SET-UP DOCUMENTATION #
  15. # 2. CONFIGURATION AND LOG FILE LOCATIONS #
  16. # 3. DEBUGGING #
  17. # 4. ACCESS CONTROL AND SECURITY #
  18. # 5. FORWARDING #
  19. # 6. WINDOWS GUI OPTIONS #
  20. # #
  21. ####################################################################
  22. #
  23. #
  24. # I. INTRODUCTION
  25. # ===============
  26. #
  27. # This file holds the Privoxy configuration. If you modify this file,
  28. # you will need to send a couple of requests (of any kind) to the
  29. # proxy before any changes take effect.
  30. #
  31. # When starting Privoxy on Unix systems, give the name of this file as
  32. # an argument. On Windows systems, Privoxy will look for this file
  33. # with the name 'config.txt' in the same directory where Privoxy
  34. # is installed.
  35. #
  36. #
  37. # II. FORMAT OF THE CONFIGURATION FILE
  38. # ====================================
  39. #
  40. # Configuration lines consist of an initial keyword followed by a
  41. # list of values, all separated by whitespace (any number of spaces
  42. # or tabs). For example,
  43. #
  44. # actionsfile default.action
  45. #
  46. # Indicates that the actionsfile is named 'default.action'.
  47. #
  48. # The '#' indicates a comment. Any part of a line following a '#'
  49. # is ignored, except if the '#' is preceded by a '\'.
  50. #
  51. # Thus, by placing a # at the start of an existing configuration line,
  52. # you can make it a comment and it will be treated as if it weren't
  53. # there. This is called "commenting out" an option and can be useful.
  54. #
  55. # Note that commenting out and option and leaving it at its default
  56. # are two completely different things! Most options behave very
  57. # differently when unset. See the the "Effect if unset" explanation
  58. # in each option's description for details.
  59. #
  60. # Long lines can be continued on the next line by using a `\' as the
  61. # last character.
  62. #
  63. #
  64. # 1. LOCAL SET-UP DOCUMENTATION
  65. # =============================
  66. #
  67. # If you intend to operate Privoxy for more users than just yourself,
  68. # it might be a good idea to let them know how to reach you, what
  69. # you block and why you do that, your policies, etc.
  70. #
  71. #
  72. # 1.1. user-manual
  73. # ================
  74. #
  75. # Specifies:
  76. #
  77. # Location of the Privoxy User Manual.
  78. #
  79. # Type of value:
  80. #
  81. # A fully qualified URI
  82. #
  83. # Default value:
  84. #
  85. # Unset
  86. #
  87. # Effect if unset:
  88. #
  89. # http://www.privoxy.org/version/user-manual/ will be used,
  90. # where version is the Privoxy version.
  91. #
  92. # Notes:
  93. #
  94. # The User Manual URI is the single best source of information on
  95. # Privoxy, and is used for help links from some of the internal
  96. # CGI pages. The manual itself is normally packaged with the
  97. # binary distributions, so you probably want to set this to
  98. # a locally installed copy. For multi-user setups, you could
  99. # provide a copy on a local webserver for all your users and use
  100. # the corresponding URL here.
  101. #
  102. # Examples:
  103. #
  104. # The best all purpose solution is simply to put the full local
  105. # PATH to where the User Manual is located:
  106. #
  107. # user-manual /usr/share/doc/privoxy/user-manual
  108. #
  109. # The User Manual is then available to anyone with
  110. # access to the proxy, by following the built-in URL:
  111. # http://config.privoxy.org/user-manual/ (or the shortcut:
  112. # http://p.p/user-manual/).
  113. #
  114. # If the documentation is not on the local system, it can be
  115. # accessed from a remote server, as:
  116. #
  117. # user-manual http://example.com/privoxy/user-manual/
  118. #
  119. # WARNING!!!
  120. #
  121. # If set, this option should be the first option in the config
  122. # file, because it is used while the config file is being read.
  123. #
  124. #user-manual http://www.privoxy.org/user-manual/
  125. #
  126. # 1.2. trust-info-url
  127. # ===================
  128. #
  129. # Specifies:
  130. #
  131. # A URL to be displayed in the error page that users will see if
  132. # access to an untrusted page is denied.
  133. #
  134. # Type of value:
  135. #
  136. # URL
  137. #
  138. # Default value:
  139. #
  140. # Two example URL are provided
  141. #
  142. # Effect if unset:
  143. #
  144. # No links are displayed on the "untrusted" error page.
  145. #
  146. # Notes:
  147. #
  148. # The value of this option only matters if the experimental trust
  149. # mechanism has been activated. (See trustfile above.)
  150. #
  151. # If you use the trust mechanism, it is a good idea to write
  152. # up some on-line documentation about your trust policy and to
  153. # specify the URL(s) here. Use multiple times for multiple URLs.
  154. #
  155. # The URL(s) should be added to the trustfile as well, so users
  156. # don't end up locked out from the information on why they were
  157. # locked out in the first place!
  158. #
  159. trust-info-url http://www.example.com/why_we_block.html
  160. trust-info-url http://www.example.com/what_we_allow.html
  161. #
  162. # 1.3. admin-address
  163. # ==================
  164. #
  165. # Specifies:
  166. #
  167. # An email address to reach the proxy administrator.
  168. #
  169. # Type of value:
  170. #
  171. # Email address
  172. #
  173. # Default value:
  174. #
  175. # Unset
  176. #
  177. # Effect if unset:
  178. #
  179. # No email address is displayed on error pages and the CGI user
  180. # interface.
  181. #
  182. # Notes:
  183. #
  184. # If both admin-address and proxy-info-url are unset, the whole
  185. # "Local Privoxy Support" box on all generated pages will not
  186. # be shown.
  187. #
  188. #admin-address privoxy-admin@example.com
  189. #
  190. # 1.4. proxy-info-url
  191. # ===================
  192. #
  193. # Specifies:
  194. #
  195. # A URL to documentation about the local Privoxy setup,
  196. # configuration or policies.
  197. #
  198. # Type of value:
  199. #
  200. # URL
  201. #
  202. # Default value:
  203. #
  204. # Unset
  205. #
  206. # Effect if unset:
  207. #
  208. # No link to local documentation is displayed on error pages and
  209. # the CGI user interface.
  210. #
  211. # Notes:
  212. #
  213. # If both admin-address and proxy-info-url are unset, the whole
  214. # "Local Privoxy Support" box on all generated pages will not
  215. # be shown.
  216. #
  217. # This URL shouldn't be blocked ;-)
  218. #
  219. #proxy-info-url http://www.example.com/proxy-service.html
  220. #
  221. # 2. CONFIGURATION AND LOG FILE LOCATIONS
  222. # =======================================
  223. #
  224. # Privoxy can (and normally does) use a number of other files for
  225. # additional configuration, help and logging. This section of the
  226. # configuration file tells Privoxy where to find those other files.
  227. #
  228. # The user running Privoxy, must have read permission for all
  229. # configuration files, and write permission to any files that would
  230. # be modified, such as log files and actions files.
  231. #
  232. #
  233. # 2.1. confdir
  234. # ============
  235. #
  236. # Specifies:
  237. #
  238. # The directory where the other configuration files are located
  239. #
  240. # Type of value:
  241. #
  242. # Path name
  243. #
  244. # Default value:
  245. #
  246. # /etc/privoxy (Unix) or Privoxy installation dir (Windows)
  247. #
  248. # Effect if unset:
  249. #
  250. # Mandatory
  251. #
  252. # Notes:
  253. #
  254. # No trailing "/", please
  255. #
  256. # When development goes modular and multi-user, the blocker,
  257. # filter, and per-user config will be stored in subdirectories of
  258. # "confdir". For now, the configuration directory structure is
  259. # flat, except for confdir/templates, where the HTML templates
  260. # for CGI output reside (e.g. Privoxy's 404 error page).
  261. #
  262. confdir .
  263. #
  264. # 2.2. logdir
  265. # ===========
  266. #
  267. # Specifies:
  268. #
  269. # The directory where all logging takes place (i.e. where logfile
  270. # and jarfile are located)
  271. #
  272. # Type of value:
  273. #
  274. # Path name
  275. #
  276. # Default value:
  277. #
  278. # /var/log/privoxy (Unix) or Privoxy installation dir (Windows)
  279. #
  280. # Effect if unset:
  281. #
  282. # Mandatory
  283. #
  284. # Notes:
  285. #
  286. # No trailing "/", please
  287. #
  288. logdir .
  289. #
  290. # 2.3. actionsfile
  291. # ================
  292. #
  293. # Specifies:
  294. #
  295. # The actions file(s) to use
  296. #
  297. # Type of value:
  298. #
  299. # File name, relative to confdir, without the .action suffix
  300. #
  301. # Default values:
  302. #
  303. # standard # Internal purposes, no editing recommended
  304. #
  305. # default # Main actions file
  306. #
  307. # user # User customizations
  308. #
  309. # Effect if unset:
  310. #
  311. # No actions are taken at all. Simple neutral proxying.
  312. #
  313. # Notes:
  314. #
  315. # Multiple actionsfile lines are permitted, and are in fact
  316. # recommended!
  317. #
  318. # The default values include standard.action, which is used
  319. # for internal purposes and should be loaded, default.action,
  320. # which is the "main" actions file maintained by the developers,
  321. # and user.action, where you can make your personal additions.
  322. #
  323. # Actions files are where all the per site and per URL
  324. # configuration is done for ad blocking, cookie management,
  325. # privacy considerations, etc. There is no point in using Privoxy
  326. # without at least one actions file.
  327. #
  328. actionsfile standard # Internal purpose, recommended
  329. actionsfile default # Main actions file
  330. actionsfile user # User customizations
  331. #
  332. # 2.4. filterfile
  333. # ===============
  334. #
  335. # Specifies:
  336. #
  337. # The filter file(s) to use
  338. #
  339. # Type of value:
  340. #
  341. # File name, relative to confdir
  342. #
  343. # Default value:
  344. #
  345. # default.filter (Unix) or default.filter.txt (Windows)
  346. #
  347. # Effect if unset:
  348. #
  349. # No textual content filtering takes place, i.e. all +filter{name}
  350. # actions in the actions files are turned neutral.
  351. #
  352. # Notes:
  353. #
  354. # Multiple filterfile lines are permitted.
  355. #
  356. # The filter files contain content modification rules that use
  357. # regular expressions. These rules permit powerful changes on
  358. # the content of Web pages, and optionally the headers as well,
  359. # e.g., you could disable your favorite JavaScript annoyances,
  360. # re-write the actual displayed text, or just have some fun
  361. # playing buzzword bingo with web pages.
  362. #
  363. # The +filter{name} actions rely on the relevant filter (name)
  364. # to be defined in a filter file!
  365. #
  366. # A pre-defined filter file called default.filter that contains a
  367. # number of useful filters for common problems is included in the
  368. # distribution. See the section on the filter action for a list.
  369. #
  370. # It is recommended to place any locally adapted filters into a
  371. # separate file, such as user.filter.
  372. #
  373. filterfile default.filter
  374. #filterfile user.filter # User customizations
  375. #
  376. # 2.5. logfile
  377. # ============
  378. #
  379. # Specifies:
  380. #
  381. # The log file to use
  382. #
  383. # Type of value:
  384. #
  385. # File name, relative to logdir
  386. #
  387. # Default value:
  388. #
  389. # logfile (Unix) or privoxy.log (Windows)
  390. #
  391. # Effect if unset:
  392. #
  393. # No log file is used, all log messages go to the console (STDERR).
  394. #
  395. # Notes:
  396. #
  397. # The logfile is where all logging and error messages are
  398. # written. The level of detail and number of messages are set with
  399. # the debug option (see below). The logfile can be useful for
  400. # tracking down a problem with Privoxy (e.g., it's not blocking
  401. # an ad you think it should block) but in most cases you probably
  402. # will never look at it.
  403. #
  404. # Your logfile will grow indefinitely, and you will probably
  405. # want to periodically remove it. On Unix systems, you can do
  406. # this with a cron job (see "man cron"). For Red Hat, a logrotate
  407. # script has been included.
  408. #
  409. # On SuSE Linux systems, you can place a line like
  410. # "/var/log/privoxy.* +1024k 644 nobody.nogroup" in /etc/logfiles,
  411. # with the effect that cron.daily will automatically archive,
  412. # gzip, and empty the log, when it exceeds 1M size.
  413. #
  414. # Any log files must be writable by whatever user Privoxy is
  415. # being run as (default on UNIX, user id is "privoxy").
  416. #
  417. #logfile privoxy.log
  418. #
  419. # 2.6. jarfile
  420. # ============
  421. #
  422. # Specifies:
  423. #
  424. # The file to store intercepted cookies in
  425. #
  426. # Type of value:
  427. #
  428. # File name, relative to logdir
  429. #
  430. # Default value:
  431. #
  432. # Unset (commented out). When activated: jarfile (Unix) or
  433. # privoxy.jar (Windows)
  434. #
  435. # Effect if unset:
  436. #
  437. # Intercepted cookies are not stored in a dedicated log file.
  438. #
  439. # Notes:
  440. #
  441. # The jarfile may grow to ridiculous sizes over time.
  442. #
  443. # If debug 8 (show header parsing) is enabled, cookies are written
  444. # to the logfile with the rest of the headers.
  445. #
  446. #jarfile jar.log
  447. #
  448. # 2.7. trustfile
  449. # ==============
  450. #
  451. # Specifies:
  452. #
  453. # The trust file to use
  454. #
  455. # Type of value:
  456. #
  457. # File name, relative to confdir
  458. #
  459. # Default value:
  460. #
  461. # Unset (commented out). When activated: trust (Unix) or trust.txt
  462. # (Windows)
  463. #
  464. # Effect if unset:
  465. #
  466. # The entire trust mechanism is turned off.
  467. #
  468. # Notes:
  469. #
  470. # The trust mechanism is an experimental feature for building
  471. # white-lists and should be used with care. It is NOT recommended
  472. # for the casual user.
  473. #
  474. # If you specify a trust file, Privoxy will only allow access to
  475. # sites that are specified in the trustfile. Sites can be listed
  476. # in one of two ways:
  477. #
  478. # Prepending a ~ character limits access to this site only (and
  479. # any sub-paths within this site), e.g. ~www.example.com.
  480. #
  481. # Or, you can designate sites as trusted referrers, by prepending
  482. # the name with a + character. The effect is that access to
  483. # untrusted sites will be granted -- but only if a link from this
  484. # trusted referrer was used. The link target will then be added
  485. # to the "trustfile" so that future, direct accesses will be
  486. # granted. Sites added via this mechanism do not become trusted
  487. # referrers themselves (i.e. they are added with a ~ designation).
  488. #
  489. # If you use the + operator in the trust file, it may grow
  490. # considerably over time.
  491. #
  492. # It is recommended that Privoxy be compiled with the
  493. # --disable-force, --disable-toggle and --disable-editor options,
  494. # if this feature is to be used.
  495. #
  496. # Possible applications include limiting Internet access for
  497. # children.
  498. #
  499. #trustfile trust
  500. #
  501. # 3. DEBUGGING
  502. # ============
  503. #
  504. # These options are mainly useful when tracing a problem. Note that
  505. # you might also want to invoke Privoxy with the --no-daemon command
  506. # line option when debugging.
  507. #
  508. #
  509. # 3.1. debug
  510. # ==========
  511. #
  512. # Specifies:
  513. #
  514. # Key values that determine what information gets logged to
  515. # the logfile.
  516. #
  517. # Type of value:
  518. #
  519. # Integer values
  520. #
  521. # Default value:
  522. #
  523. # 12289 (i.e.: URLs plus informational and warning messages)
  524. #
  525. # Effect if unset:
  526. #
  527. # Nothing gets logged.
  528. #
  529. # Notes:
  530. #
  531. # The available debug levels are:
  532. #
  533. # debug 1 # show each GET/POST/CONNECT request
  534. # debug 2 # show each connection status
  535. # debug 4 # show I/O status
  536. # debug 8 # show header parsing
  537. # debug 16 # log all data into the logfile
  538. # debug 32 # debug force feature
  539. # debug 64 # debug regular expression filter
  540. # debug 128 # debug fast redirects
  541. # debug 256 # debug GIF de-animation
  542. # debug 512 # Common Log Format
  543. # debug 1024 # debug kill pop-ups
  544. # debug 2048 # CGI user interface
  545. # debug 4096 # Startup banner and warnings.
  546. # debug 8192 # Non-fatal errors
  547. #
  548. # To select multiple debug levels, you can either add them or
  549. # use multiple debug lines.
  550. #
  551. # A debug level of 1 is informative because it will show you each
  552. # request as it happens. 1, 4096 and 8192 are highly recommended
  553. # so that you will notice when things go wrong. The other levels
  554. # are probably only of interest if you are hunting down a specific
  555. # problem. They can produce a hell of an output (especially 16).
  556. #
  557. # The reporting of fatal errors (i.e. ones which crash Privoxy)
  558. # is always on and cannot be disabled.
  559. #
  560. # If you want to use CLF (Common Log Format), you should set
  561. # "debug 512" ONLY and not enable anything else.
  562. #
  563. #debug 1 # show each GET/POST/CONNECT request
  564. debug 4096 # Startup banner and warnings
  565. debug 8192 # Errors - *we highly recommended enabling this*
  566. #
  567. # 3.2. single-threaded
  568. # ====================
  569. #
  570. # Specifies:
  571. #
  572. # Whether to run only one server thread
  573. #
  574. # Type of value:
  575. #
  576. # None
  577. #
  578. # Default value:
  579. #
  580. # Unset
  581. #
  582. # Effect if unset:
  583. #
  584. # Multi-threaded (or, where unavailable: forked) operation,
  585. # i.e. the ability to serve multiple requests simultaneously.
  586. #
  587. # Notes:
  588. #
  589. # This option is only there for debug purposes and you should
  590. # never need to use it. It will drastically reduce performance.
  591. #
  592. #single-threaded
  593. #
  594. # 4. ACCESS CONTROL AND SECURITY
  595. # ==============================
  596. #
  597. # This section of the config file controls the security-relevant
  598. # aspects of Privoxy's configuration.
  599. #
  600. #
  601. # 4.1. listen-address
  602. # ===================
  603. #
  604. # Specifies:
  605. #
  606. # The IP address and TCP port on which Privoxy will listen for
  607. # client requests.
  608. #
  609. # Type of value:
  610. #
  611. # [IP-Address]:Port
  612. #
  613. # Default value:
  614. #
  615. # 127.0.0.1:8118
  616. #
  617. # Effect if unset:
  618. #
  619. # Bind to 127.0.0.1 (localhost), port 8118. This is suitable and
  620. # recommended for home users who run Privoxy on the same machine
  621. # as their browser.
  622. #
  623. # Notes:
  624. #
  625. # You will need to configure your browser(s) to this proxy address
  626. # and port.
  627. #
  628. # If you already have another service running on port 8118, or
  629. # if you want to serve requests from other machines (e.g. on your
  630. # local network) as well, you will need to override the default.
  631. #
  632. # If you leave out the IP address, Privoxy will bind to all
  633. # interfaces (addresses) on your machine and may become reachable
  634. # from the Internet. In that case, consider using access control
  635. # lists (ACL's, see below), and/or a firewall.
  636. #
  637. # If you open Privoxy to untrusted users, you will also want
  638. # to turn off the enable-edit-actions and enable-remote-toggle
  639. # options!
  640. #
  641. # Example:
  642. #
  643. # Suppose you are running Privoxy on a machine which has the
  644. # address 192.168.0.1 on your local private network (192.168.0.0)
  645. # and has another outside connection with a different address. You
  646. # want it to serve requests from inside only:
  647. #
  648. # listen-address 192.168.0.1:8118
  649. #
  650. listen-address 127.0.0.1:8118
  651. #
  652. # 4.2. toggle
  653. # ===========
  654. #
  655. # Specifies:
  656. #
  657. # Initial state of "toggle" status
  658. #
  659. # Type of value:
  660. #
  661. # 1 or 0
  662. #
  663. # Default value:
  664. #
  665. # 1
  666. #
  667. # Effect if unset:
  668. #
  669. # Act as if toggled on
  670. #
  671. # Notes:
  672. #
  673. # If set to 0, Privoxy will start in "toggled off" mode,
  674. # i.e. behave like a normal, content-neutral proxy where all ad
  675. # blocking, filtering, etc are disabled. See enable-remote-toggle
  676. # below. This is not really useful anymore, since toggling is
  677. # much easier via the web interface than via editing the conf file.
  678. #
  679. # The windows version will only display the toggle icon in the
  680. # system tray if this option is present.
  681. #
  682. toggle 1
  683. #
  684. # 4.3. enable-remote-toggle
  685. # =========================
  686. #
  687. # Specifies:
  688. #
  689. # Whether or not the web-based toggle feature may be used
  690. #
  691. # Type of value:
  692. #
  693. # 0 or 1
  694. #
  695. # Default value:
  696. #
  697. # 1
  698. #
  699. # Effect if unset:
  700. #
  701. # The web-based toggle feature is disabled.
  702. #
  703. # Notes:
  704. #
  705. # When toggled off, Privoxy acts like a normal, content-neutral
  706. # proxy, i.e. it acts as if none of the actions applied to
  707. # any URL.
  708. #
  709. # For the time being, access to the toggle feature can not be
  710. # controlled separately by "ACLs" or HTTP authentication, so that
  711. # everybody who can access Privoxy (see "ACLs" and listen-address
  712. # above) can toggle it for all users. So this option is not
  713. # recommended for multi-user environments with untrusted users.
  714. #
  715. # Note that you must have compiled Privoxy with support for this
  716. # feature, otherwise this option has no effect.
  717. #
  718. enable-remote-toggle 0
  719. #
  720. # 4.4. enable-remote-http-toggle
  721. # ==============================
  722. #
  723. # Specifies:
  724. #
  725. # Whether or not Privoxy recognizes special HTTP headers to change
  726. # its behaviour.
  727. #
  728. # Type of value:
  729. #
  730. # 0 or 1
  731. #
  732. # Default value:
  733. #
  734. # 1
  735. #
  736. # Effect if unset:
  737. #
  738. # Privoxy ignores special HTTP headers.
  739. #
  740. # Notes:
  741. #
  742. # When toggled on, the client can change Privoxy's behaviour by
  743. # setting special HTTP headers. Currently the only supported
  744. # special header is "X-Filter: No", to disable filtering for
  745. # the ongoing request, even if it is enabled in one of the
  746. # action files.
  747. #
  748. # If you are using Privoxy in a multi-user environment or with
  749. # untrustworthy clients and want to enforce filtering, you will
  750. # have to disable this option, otherwise you can ignore it.
  751. #
  752. enable-remote-http-toggle 0
  753. #
  754. # 4.5. enable-edit-actions
  755. # ========================
  756. #
  757. # Specifies:
  758. #
  759. # Whether or not the web-based actions file editor may be used
  760. #
  761. # Type of value:
  762. #
  763. # 0 or 1
  764. #
  765. # Default value:
  766. #
  767. # 1
  768. #
  769. # Effect if unset:
  770. #
  771. # The web-based actions file editor is disabled.
  772. #
  773. # Notes:
  774. #
  775. # For the time being, access to the editor can not be controlled
  776. # separately by "ACLs" or HTTP authentication, so that everybody
  777. # who can access Privoxy (see "ACLs" and listen-address above)
  778. # can modify its configuration for all users. So this option is
  779. # not recommended for multi-user environments with untrusted users.
  780. #
  781. # Note that you must have compiled Privoxy with support for this
  782. # feature, otherwise this option has no effect.
  783. #
  784. enable-edit-actions 0
  785. #
  786. # 4.6. ACLs: permit-access and deny-access
  787. # ========================================
  788. #
  789. # Specifies:
  790. #
  791. # Who can access what.
  792. #
  793. # Type of value:
  794. #
  795. # src_addr[/src_masklen] [dst_addr[/dst_masklen]]
  796. #
  797. # Where src_addr and dst_addr are IP addresses in dotted decimal
  798. # notation or valid DNS names, and src_masklen and dst_masklen are
  799. # subnet masks in CIDR notation, i.e. integer values from 2 to 30
  800. # representing the length (in bits) of the network address. The
  801. # masks and the whole destination part are optional.
  802. #
  803. # Default value:
  804. #
  805. # Unset
  806. #
  807. # Effect if unset:
  808. #
  809. # Don't restrict access further than implied by listen-address
  810. #
  811. # Notes:
  812. #
  813. # Access controls are included at the request of ISPs and systems
  814. # administrators, and are not usually needed by individual
  815. # users. For a typical home user, it will normally suffice to
  816. # ensure that Privoxy only listens on the localhost (127.0.0.1)
  817. # or internal (home) network address by means of the listen-address
  818. # option.
  819. #
  820. # Please see the warnings in the FAQ that this proxy is not
  821. # intended to be a substitute for a firewall or to encourage
  822. # anyone to defer addressing basic security weaknesses.
  823. #
  824. # Multiple ACL lines are OK. If any ACLs are specified, then
  825. # the Privoxy talks only to IP addresses that match at least one
  826. # permit-access line and don't match any subsequent deny-access
  827. # line. In other words, the last match wins, with the default
  828. # being deny-access.
  829. #
  830. # If Privoxy is using a forwarder (see forward below) for a
  831. # particular destination URL, the dst_addr that is examined is
  832. # the address of the forwarder and NOT the address of the ultimate
  833. # target. This is necessary because it may be impossible for the
  834. # local Privoxy to determine the IP address of the ultimate target
  835. # (that's often what gateways are used for).
  836. #
  837. # You should prefer using IP addresses over DNS names, because
  838. # the address lookups take time. All DNS names must resolve! You
  839. # can not use domain patterns like "*.org" or partial domain
  840. # names. If a DNS name resolves to multiple IP addresses, only
  841. # the first one is used.
  842. #
  843. # Denying access to particular sites by ACL may have undesired
  844. # side effects if the site in question is hosted on a machine
  845. # which also hosts other sites.
  846. #
  847. # Examples:
  848. #
  849. # Explicitly define the default behavior if no ACL and
  850. # listen-address are set: "localhost" is OK. The absence of a
  851. # dst_addr implies that all destination addresses are OK:
  852. #
  853. # permit-access localhost
  854. #
  855. # Allow any host on the same class C subnet as www.privoxy.org
  856. # access to nothing but www.example.com:
  857. #
  858. # permit-access www.privoxy.org/24 www.example.com/32
  859. #
  860. # Allow access from any host on the 26-bit subnet 192.168.45.64
  861. # to anywhere, with the exception that 192.168.45.73 may not
  862. # access www.dirty-stuff.example.com:
  863. #
  864. # permit-access 192.168.45.64/26
  865. # deny-access 192.168.45.73 www.dirty-stuff.example.com
  866. #
  867. #
  868. # 4.7. buffer-limit
  869. # =================
  870. #
  871. # Specifies:
  872. #
  873. # Maximum size of the buffer for content filtering.
  874. #
  875. # Type of value:
  876. #
  877. # Size in Kbytes
  878. #
  879. # Default value:
  880. #
  881. # 4096
  882. #
  883. # Effect if unset:
  884. #
  885. # Use a 4MB (4096 KB) limit.
  886. #
  887. # Notes:
  888. #
  889. # For content filtering, i.e. the +filter and +deanimate-gif
  890. # actions, it is necessary that Privoxy buffers the entire document
  891. # body. This can be potentially dangerous, since a server could
  892. # just keep sending data indefinitely and wait for your RAM to
  893. # exhaust -- with nasty consequences. Hence this option.
  894. #
  895. # When a document buffer size reaches the buffer-limit, it is
  896. # flushed to the client unfiltered and no further attempt to filter
  897. # the rest of the document is made. Remember that there may be
  898. # multiple threads running, which might require up to buffer-limit
  899. # Kbytes each, unless you have enabled "single-threaded" above.
  900. #
  901. buffer-limit 4096
  902. #
  903. # 5. FORWARDING
  904. # =============
  905. #
  906. # This feature allows routing of HTTP requests through a chain
  907. # of multiple proxies. It can be used to better protect privacy
  908. # and confidentiality when accessing specific domains by routing
  909. # requests to those domains through an anonymous public proxy.
  910. # Or to use a caching proxy to speed up browsing. Or chaining to
  911. # a parent proxy may be necessary because the machine that Privoxy
  912. # runs on has no direct Internet access.
  913. #
  914. # Also specified here are SOCKS proxies. Privoxy supports the SOCKS
  915. # 4 and SOCKS 4A protocols.
  916. #
  917. #
  918. # 5.1. forward
  919. # ============
  920. #
  921. # Specifies:
  922. #
  923. # To which parent HTTP proxy specific requests should be routed.
  924. #
  925. # Type of value:
  926. #
  927. # target_pattern http_parent[:port]
  928. #
  929. # where target_pattern is a URL pattern that specifies to which
  930. # requests (i.e. URLs) this forward rule shall apply. Use /
  931. # to denote "all URLs". http_parent[:port] is the DNS name or
  932. # IP address of the parent HTTP proxy through which the requests
  933. # should be forwarded, optionally followed by its listening port
  934. # (default: 8080). Use a single dot (.) to denote "no forwarding".
  935. #
  936. # Default value:
  937. #
  938. # Unset
  939. #
  940. # Effect if unset:
  941. #
  942. # Don't use parent HTTP proxies.
  943. #
  944. # Notes:
  945. #
  946. # If http_parent is ".", then requests are not forwarded to
  947. # another HTTP proxy but are made directly to the web servers.
  948. #
  949. # Multiple lines are OK, they are checked in sequence, and the
  950. # last match wins.
  951. #
  952. # Examples:
  953. #
  954. # Everything goes to an example anonymizing proxy, except SSL on
  955. # port 443 (which it doesn't handle):
  956. #
  957. # forward / anon-proxy.example.org:8080
  958. # forward :443 .
  959. #
  960. # Everything goes to our example ISP's caching proxy, except for
  961. # requests to that ISP's sites:
  962. #
  963. # forward / caching-proxy.example-isp.net:8000
  964. # forward .example-isp.net .
  965. #
  966. #
  967. # 5.2. forward-socks4 and forward-socks4a
  968. # =======================================
  969. #
  970. # Specifies:
  971. #
  972. # Through which SOCKS proxy (and to which parent HTTP proxy)
  973. # specific requests should be routed.
  974. #
  975. # Type of value:
  976. #
  977. # target_pattern socks_proxy[:port] http_parent[:port]
  978. #
  979. # where target_pattern is a URL pattern that specifies to which
  980. # requests (i.e. URLs) this forward rule shall apply. Use / to
  981. # denote "all URLs". http_parent and socks_proxy are IP addresses
  982. # in dotted decimal notation or valid DNS names (http_parent may
  983. # be "." to denote "no HTTP forwarding"), and the optional port
  984. # parameters are TCP ports, i.e. integer values from 1 to 64535
  985. #
  986. # Default value:
  987. #
  988. # Unset
  989. #
  990. # Effect if unset:
  991. #
  992. # Don't use SOCKS proxies.
  993. #
  994. # Notes:
  995. #
  996. # Multiple lines are OK, they are checked in sequence, and the
  997. # last match wins.
  998. #
  999. # The difference between forward-socks4 and forward-socks4a
  1000. # is that in the SOCKS 4A protocol, the DNS resolution of the
  1001. # target hostname happens on the SOCKS server, while in SOCKS 4
  1002. # it happens locally.
  1003. #
  1004. # If http_parent is ".", then requests are not forwarded to another
  1005. # HTTP proxy but are made (HTTP-wise) directly to the web servers,
  1006. # albeit through a SOCKS proxy.
  1007. #
  1008. # Examples:
  1009. #
  1010. # From the company example.com, direct connections are made to all
  1011. # "internal" domains, but everything outbound goes through their
  1012. # ISP's proxy by way of example.com's corporate SOCKS 4A gateway
  1013. # to the Internet.
  1014. #
  1015. # forward-socks4a / socks-gw.example.com:1080 www-cache.example-isp.net:8080
  1016. # forward .example.com .
  1017. #
  1018. # A rule that uses a SOCKS 4 gateway for all destinations but no
  1019. # HTTP parent looks like this:
  1020. #
  1021. # forward-socks4 / socks-gw.example.com:1080 .
  1022. #
  1023. # To chain Privoxy and Tor, both running on the same system,
  1024. # you should use the rule:
  1025. #
  1026. forward-socks4a / 127.0.0.1:9050 .
  1027. #
  1028. # The public Tor network can't be used to reach your local network,
  1029. # therefore it's a good idea to make some exceptions:
  1030. #
  1031. # forward 192.168.*.*/ .
  1032. # forward 10.*.*.*/ .
  1033. # forward 127.*.*.*/ .
  1034. #
  1035. # Unencrypted connections to systems in these address ranges will
  1036. # be as (un)secure as the local network is, but the alternative is
  1037. # that you can't reach the network at all.
  1038. #
  1039. # If you also want to be able to reach servers in your local
  1040. # network by using their names, you will need additional
  1041. # exceptions that look like this:
  1042. #
  1043. # forward localhost/ .
  1044. #
  1045. #
  1046. # 5.3. forwarded-connect-retries
  1047. # ==============================
  1048. #
  1049. # Specifies:
  1050. #
  1051. # How often Privoxy retries if a forwarded connection request
  1052. # fails.
  1053. #
  1054. # Type of value:
  1055. #
  1056. # Number of retries.
  1057. #
  1058. # Default value:
  1059. #
  1060. # 0
  1061. #
  1062. # Effect if unset:
  1063. #
  1064. # Forwarded connections are treated like direct connections and
  1065. # no retry attempts are made.
  1066. #
  1067. # Notes:
  1068. #
  1069. # forwarded-connect-retries is mainly interesting for socks4a
  1070. # connections, where Privoxy can't detect why the connections
  1071. # failed. The connection might have failed because of a DNS timeout
  1072. # in which case a retry makes sense, but it might also have failed
  1073. # because the server doesn't exist or isn't reachable. In this
  1074. # case the retry will just delay the appearance of Privoxy's
  1075. # error message.
  1076. #
  1077. # Only use this option, if you are getting many forwarding related
  1078. # error messages, that go away when you try again manually. Start
  1079. # with a small value and check Privoxy's logfile from time to time,
  1080. # to see how many retries are usually needed.
  1081. #
  1082. # Examples:
  1083. #
  1084. # forwarded-connect-retries 1
  1085. #
  1086. forwarded-connect-retries 0
  1087. #
  1088. # 6. WINDOWS GUI OPTIONS
  1089. # ======================
  1090. #
  1091. # Privoxy has a number of options specific to the Windows GUI
  1092. # interface:
  1093. #
  1094. # If "activity-animation" is set to 1, the Privoxy icon will animate
  1095. # when "Privoxy" is active. To turn off, set to 0.
  1096. #
  1097. #activity-animation 1
  1098. # If "log-messages" is set to 1, Privoxy will log messages to the
  1099. # console window:
  1100. #
  1101. log-messages 0
  1102. # If "log-buffer-size" is set to 1, the size of the log buffer,
  1103. # i.e. the amount of memory used for the log messages displayed in
  1104. # the console window, will be limited to "log-max-lines" (see below).
  1105. #
  1106. # Warning: Setting this to 0 will result in the buffer to grow
  1107. # infinitely and eat up all your memory!
  1108. #
  1109. #log-buffer-size 1
  1110. # log-max-lines is the maximum number of lines held in the log
  1111. # buffer. See above.
  1112. #
  1113. #log-max-lines 200
  1114. # If "log-highlight-messages" is set to 1, Privoxy will highlight
  1115. # portions of the log messages with a bold-faced font:
  1116. #
  1117. #log-highlight-messages 1
  1118. # The font used in the console window:
  1119. #
  1120. #log-font-name Comic Sans MS
  1121. # Font size used in the console window:
  1122. #
  1123. #log-font-size 8
  1124. # "show-on-task-bar" controls whether or not Privoxy will appear as
  1125. # a button on the Task bar when minimized:
  1126. #
  1127. #show-on-task-bar 0
  1128. # If "close-button-minimizes" is set to 1, the Windows close button
  1129. # will minimize Privoxy instead of closing the program (close with
  1130. # the exit option on the File menu).
  1131. #
  1132. #close-button-minimizes 1
  1133. # The "hide-console" option is specific to the MS-Win console version
  1134. # of Privoxy. If this option is used, Privoxy will disconnect from
  1135. # and hide the command console.
  1136. #
  1137. #hide-console
  1138. #