Index: Makefile =================================================================== RCS file: /home/ncvs/ports/www/tinyproxy/Makefile,v retrieving revision 1.35 diff -u -r1.35 Makefile --- Makefile 8 Apr 2011 07:28:09 -0000 1.35 +++ Makefile 22 Oct 2011 11:52:39 -0000 @@ -6,8 +6,7 @@ # PORTNAME= tinyproxy -PORTVERSION= 1.8.2 -PORTREVISION= 2 +PORTVERSION= 1.8.3 PORTEPOCH= 1 CATEGORIES= www MASTER_SITES= https://banu.com/pub/tinyproxy/1.8/ @@ -15,10 +14,13 @@ MAINTAINER= marquis@roble.com COMMENT= A small, efficient HTTP proxy server -BUILD_DEPENDS= asciidoc:${PORTSDIR}/textproc/asciidoc\ - xsltproc:${PORTSDIR}/textproc/libxslt\ - xmllint:${PORTSDIR}/textproc/libxml2 \ - ${LOCALBASE}/share/xsl/docbook/lib/lib.xsl:${PORTSDIR}/textproc/docbook-xsl +LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/COPYING + +#BUILD_DEPENDS= asciidoc:${PORTSDIR}/textproc/asciidoc\ +# xsltproc:${PORTSDIR}/textproc/libxslt\ +# xmllint:${PORTSDIR}/textproc/libxml2 \ +# ${LOCALBASE}/share/xsl/docbook/lib/lib.xsl:${PORTSDIR}/textproc/docbook-xsl USE_RC_SUBR= tinyproxy.sh GNU_CONFIGURE= yes @@ -26,7 +28,8 @@ MAKE_JOBS_SAFE= yes CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \ --program-transform-name="" \ - --disable-silent-rules + --disable-silent-rules \ + --localstatedir=/var MAN8= tinyproxy.8 MAN5= tinyproxy.conf.5 @@ -66,5 +69,9 @@ ${CP} -p ${PREFIX}/etc/tinyproxy.conf.sample \ ${PREFIX}/etc/tinyproxy.conf ; \ fi +.if !defined(NO_INSTALL_MANPAGES) + ${INSTALL_MAN} ${FILESDIR}/${MAN5} ${MAN1PREFIX}/man/man5 + ${INSTALL_MAN} ${FILESDIR}/${MAN8} ${MAN1PREFIX}/man/man8 +.endif .include Index: distinfo =================================================================== RCS file: /home/ncvs/ports/www/tinyproxy/distinfo,v retrieving revision 1.18 diff -u -r1.18 distinfo --- distinfo 23 Feb 2011 13:56:32 -0000 1.18 +++ distinfo 22 Oct 2011 11:28:59 -0000 @@ -1,2 +1,2 @@ -SHA256 (tinyproxy-1.8.2.tar.gz) = 5520f9b726f004b32abee621aad03ff0c8db2ba2680b7afba05dd6ccad1d6b14 -SIZE (tinyproxy-1.8.2.tar.gz) = 268190 +SHA256 (tinyproxy-1.8.3.tar.gz) = 682416c8f0f733a8106c87bb395c631222569751fe4617bc381d0499b0f0c017 +SIZE (tinyproxy-1.8.3.tar.gz) = 266744 Index: files/patch-Makefile.in =================================================================== RCS file: files/patch-Makefile.in diff -N files/patch-Makefile.in --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-Makefile.in 22 Oct 2011 12:11:46 -0000 @@ -0,0 +1,10 @@ +--- ./Makefile.in.orig 2011-08-16 08:27:58.000000000 -0400 ++++ ./Makefile.in 2011-10-22 08:11:22.000000000 -0400 +@@ -222,7 +222,6 @@ + src \ + data \ + etc \ +- docs \ + m4macros \ + tests + Index: files/patch-configure =================================================================== RCS file: /home/ncvs/ports/www/tinyproxy/files/patch-configure,v retrieving revision 1.1 diff -u -r1.1 patch-configure --- files/patch-configure 22 Jun 2010 00:51:38 -0000 1.1 +++ files/patch-configure 22 Oct 2011 12:06:30 -0000 @@ -1,11 +1,15 @@ ---- ./configure.orig 2010-06-21 10:54:53.000000000 -0400 -+++ ./configure 2010-06-21 10:55:11.000000000 -0400 -@@ -764,7 +764,7 @@ - datadir='${datarootdir}' - sysconfdir='${prefix}/etc' - sharedstatedir='${prefix}/com' --localstatedir='${prefix}/var' -+localstatedir='/var' - includedir='${prefix}/include' - oldincludedir='/usr/include' - docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +--- ./configure.orig 2011-10-22 08:06:07.000000000 -0400 ++++ ./configure 2011-10-22 08:06:26.000000000 -0400 +@@ -6865,11 +6865,7 @@ + HAVE_A2X_FALSE= + fi + +-if test x"$A2X" = x"no"; then +- as_fn_error $? "Test for asciidoc failed. See the file 'INSTALL' for help." "$LINENO" 5 +-fi +- +-ac_config_files="$ac_config_files Makefile src/Makefile data/Makefile data/templates/Makefile etc/Makefile docs/Makefile docs/man5/Makefile docs/man5/tinyproxy.conf.txt docs/man8/Makefile docs/man8/tinyproxy.txt m4macros/Makefile tests/Makefile tests/scripts/Makefile" ++ac_config_files="$ac_config_files Makefile src/Makefile data/Makefile data/templates/Makefile etc/Makefile m4macros/Makefile tests/Makefile tests/scripts/Makefile" + + + cat >confcache <<\_ACEOF Index: files/patch-docs__man5__Makefile.am =================================================================== RCS file: files/patch-docs__man5__Makefile.am diff -N files/patch-docs__man5__Makefile.am --- files/patch-docs__man5__Makefile.am 23 Feb 2011 13:57:26 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,12 +0,0 @@ ---- docs/man5/Makefile.am.orig 2011-02-09 12:11:57.000000000 -0800 -+++ docs/man5/Makefile.am 2011-02-09 12:12:10.000000000 -0800 -@@ -3,7 +3,8 @@ - - A2X_ARGS = \ - -d manpage \ -- -f manpage -+ -f manpage \ -+ -L - - man_MANS = \ - $(MAN5_FILES:.txt=.5) Index: files/patch-docs__man8__Makefile.am =================================================================== RCS file: files/patch-docs__man8__Makefile.am diff -N files/patch-docs__man8__Makefile.am --- files/patch-docs__man8__Makefile.am 23 Feb 2011 13:57:26 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,12 +0,0 @@ ---- docs/man8/Makefile.am.orig 2011-02-09 12:10:50.000000000 -0800 -+++ docs/man8/Makefile.am 2011-02-09 12:11:05.000000000 -0800 -@@ -3,7 +3,8 @@ - - A2X_ARGS = \ - -d manpage \ -- -f manpage -+ -f manpage \ -+ -L - - man_MANS = \ - $(MAN8_FILES:.txt=.8) Index: files/patch-src__acl.c =================================================================== RCS file: files/patch-src__acl.c diff -N files/patch-src__acl.c --- files/patch-src__acl.c 8 Apr 2011 07:28:10 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,55 +0,0 @@ ---- src/acl.c.orig -+++ src/acl.c -@@ -66,8 +66,8 @@ struct acl_s { - * - */ - static int --fill_netmask_array (char *bitmask_string, unsigned char array[], -- size_t len) -+fill_netmask_array (char *bitmask_string, int v6, -+ unsigned char array[], size_t len) - { - unsigned int i; - unsigned long int mask; -@@ -81,7 +81,14 @@ fill_netmask_array (char *bitmask_string, unsigned char array[], - || (errno != 0 && mask == 0) || (endptr == bitmask_string)) - return -1; - -- /* valid range for a bit mask */ -+ if (v6 == 0) { -+ /* The mask comparison is done as an IPv6 address, so -+ * convert to a longer mask in the case of IPv4 -+ * addresses. */ -+ mask += 12 * 8; -+ } -+ -+ /* check valid range for a bit mask */ - if (mask > (8 * len)) - return -1; - -@@ -163,6 +170,9 @@ insert_acl (char *location, acl_access_t access_type, vector_t *access_list) - */ - p = strchr (location, '/'); - if (p != NULL) { -+ char dst[sizeof(struct in6_addr)]; -+ int v6; -+ - /* - * We have a slash, so it's intended to be an - * IP address with mask -@@ -173,8 +183,15 @@ insert_acl (char *location, acl_access_t access_type, vector_t *access_list) - - acl.type = ACL_NUMERIC; - -+ /* Check if the IP address before the netmask is -+ * an IPv6 address */ -+ if (inet_pton(AF_INET6, location, dst) > 0) -+ v6 = 1; -+ else -+ v6 = 0; -+ - if (fill_netmask_array -- (p + 1, &(acl.address.ip.mask[0]), IPV6_LEN) -+ (p + 1, v6, &(acl.address.ip.mask[0]), IPV6_LEN) - < 0) - return -1; Index: files/patch-src__conf.c =================================================================== RCS file: files/patch-src__conf.c diff -N files/patch-src__conf.c --- files/patch-src__conf.c 23 Feb 2011 13:57:26 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,13 +0,0 @@ ---- src/conf.c.orig 2011-02-09 11:55:12.000000000 -0800 -+++ src/conf.c 2011-02-09 11:56:02.000000000 -0800 -@@ -1046,8 +1046,8 @@ - return -1; - port = (int) get_long_arg (line, &match[7]); - -- if (match[9].rm_so != -1) { -- domain = get_string_arg (line, &match[9]); -+ if (match[10].rm_so != -1) { -+ domain = get_string_arg (line, &match[10]); - if (domain) { - upstream_add (ip, port, domain, &conf->upstream_list); - safefree (domain); Index: files/tinyproxy.8 =================================================================== RCS file: files/tinyproxy.8 diff -N files/tinyproxy.8 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/tinyproxy.8 22 Oct 2011 12:35:52 -0000 @@ -0,0 +1,161 @@ +'\" t +.\" Title: tinyproxy +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.75.2 +.\" Date: 07/16/2011 +.\" Manual: Tinyproxy manual +.\" Source: Version 1.8.3 +.\" Language: English +.\" +.TH "TINYPROXY" "8" "07/16/2011" "Version 1\&.8\&.3" "Tinyproxy manual" +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +tinyproxy \- A light\-weight HTTP proxy daemon +.SH "SYNOPSIS" +.sp +\fBtinyproxy\fR [\-vldch] +.SH "DESCRIPTION" +.sp +\fBtinyproxy\fR is a light\-weight HTTP proxy daemon designed to consume a minimum amount of system resources\&. It listens on a given TCP port and handles HTTP proxy requests\&. Designed from the ground up to be fast and yet small, it is an ideal solution for use cases such as embedded deployments where a full featured HTTP proxy is required, but the system resources for a larger proxy are unavailable\&. +.SH "OPTIONS" +.sp +\fBtinyproxy\fR accepts the following options: +.PP +\fB\-c \fR +.RS 4 +Use an alternate configuration file\&. +.RE +.PP +\fB\-d\fR +.RS 4 +Don\(cqt daemonize and stay in the foreground\&. Useful for debugging purposes\&. +.RE +.PP +\fB\-h\fR +.RS 4 +Display a short help screen of command line arguments and exit\&. +.RE +.PP +\fB\-l\fR +.RS 4 +Display the licensing agreement\&. +.RE +.PP +\fB\-v\fR +.RS 4 +Display version information and exit\&. +.RE +.SH "SIGNALS" +.sp +In addition to command\-line options, there are also several signals that can be sent to \fBtinyproxy\fR while it is running to generate debugging information and to force certain events\&. +.PP +\fBSIGHUP\fR +.RS 4 +Force Tinyproxy to do a garbage collection on the current connections linked list\&. This is usually done automatically after a certain number of connections have been handled\&. +.RE +.SH "TEMPLATE FILES" +.sp +There are two occasions when Tinyproxy delivers HTML pages to the client on it\(cqs own right: +.sp +.RS 4 +.ie n \{\ +\h'-04' 1.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 1." 4.2 +.\} +When an error occurred, a corresponding error page is returned\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 2.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 2." 4.2 +.\} +When a request for the stathost is made, a page summarizing the connection statistics is returned\&. (See STATHOST below\&.) +.RE +.sp +The layout of both error pages and the statistics page can be controlled via configurable HTML template files that are plain HTML files that additionally understand a few template variables\&. +.SH "TEMPLATE VARIABLES" +.sp +There are several standard HTML variables that are available in every template file: +.PP +\fBrequest\fR +.RS 4 +The full HTTP request line\&. +.RE +.PP +\fBcause\fR +.RS 4 +The abbreviated cause of the error condition\&. +.RE +.PP +\fBclientip\fR +.RS 4 +The IP address of the client making the request\&. +.RE +.PP +\fBclienthost\fR +.RS 4 +The hostname of the client making the request\&. +.RE +.PP +\fBversion\fR +.RS 4 +The version of Tinyproxy\&. +.RE +.PP +\fBpackage\fR +.RS 4 +The package name\&. Presently, resolves to +\fItinyproxy\fR\&. +.RE +.PP +\fBdate\fR +.RS 4 +The current date/time in HTTP format\&. +.RE +.sp +In addition, almost all templates support: +.PP +\fBdetail\fR +.RS 4 +A detailed, plain English explanation of the error and possible causes\&. +.RE +.sp +When Tinyproxy finds a variable name enclosed in braces, e\&.g\&. "{request}", then this is replaced by the value of the corresponding variable before delivery of the page\&. +.SH "STATHOST" +.sp +Tinyproxy returns a HTML page with connection statistics when it receives a HTTP request for a certain host \(em the stathost\&. The stathost name defaults to tinyproxy\&.stats and can be changed at runtime to any name or IP address with the configuration variable StatHost\&. +.sp +The stat file template can be changed at runtime through the configuration variable StatFile\&. +.SH "FILES" +.sp +/usr/local/etc/tinyproxy\&.conf, /var/run/tinyproxy\&.pid, /var/log/tinyproxy\&.log +.SH "BUGS" +.sp +To report bugs in Tinyproxy, please visit \&. +.SH "SEE ALSO" +.sp +tinyproxy\&.conf(5) +.SH "AUTHOR" +.sp +Written by the Tinyproxy project team\&. +.SH "COPYRIGHT" +.sp +Copyright (c) 1998\-2000 Steven Young; Copyright (c) 2000\-2001 Robert James Kaes; Copyright (c) 2009\-2010 Mukund Sivaraman; Copyright (c) 2009\-2010 Michael Adam\&. +.sp +This program is distributed under the terms of the GNU General Public License version 2 or above\&. See the COPYING file for additional information\&. Index: files/tinyproxy.conf.5 =================================================================== RCS file: files/tinyproxy.conf.5 diff -N files/tinyproxy.conf.5 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/tinyproxy.conf.5 22 Oct 2011 12:36:05 -0000 @@ -0,0 +1,540 @@ +'\" t +.\" Title: tinyproxy.conf +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.75.2 +.\" Date: 07/16/2011 +.\" Manual: Tinyproxy manual +.\" Source: Version 1.8.3 +.\" Language: English +.\" +.TH "TINYPROXY\&.CONF" "5" "07/16/2011" "Version 1\&.8\&.3" "Tinyproxy manual" +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +tinyproxy.conf \- Tinyproxy HTTP proxy daemon configuration file +.SH "SYNOPSIS" +.sp +\fBtinyproxy\&.conf\fR +.SH "DESCRIPTION" +.sp +tinyproxy(8) reads its configuration file, typically stored in /usr/local/etc/tinyproxy\&.conf (or passed to Tinyproxy with \-c on the command line)\&. This manpage describes the syntax and contents of the configuration file\&. +.sp +The Tinyproxy configuration file contains key\-value pairs, one per line\&. Lines starting with # and empty lines are comments and are ignored\&. Keywords are case\-insensitive, whereas values are case\-sensitive\&. Values may be enclosed in double\-quotes (") if they contain spaces\&. +.sp +The possible keywords and their descriptions are as follows: +.PP +\fBUser\fR +.RS 4 +The user which the Tinyproxy process should run as, after the initial port\-binding has been done as the +root +user\&. Either the user name or the UID may be specified\&. +.RE +.PP +\fBGroup\fR +.RS 4 +The group which the Tinyproxy process should run as, after the initial port\-binding has been done as the +root +user\&. Either the group name or the GID may be specified\&. +.RE +.PP +\fBPort\fR +.RS 4 +The port which the Tinyproxy service will listen on\&. If the port is less than 1024, you will need to start the Tinyproxy process as the +root +user\&. +.RE +.PP +\fBListen\fR +.RS 4 +By default, Tinyproxy listens for connections on all available interfaces (i\&.e\&. it listens on the wildcard address +0\&.0\&.0\&.0)\&. With this configuration parameter, Tinyproxy can be told to listen only on one specific address\&. +.RE +.PP +\fBBind\fR +.RS 4 +This allows you to specify which address Tinyproxy will bind to for outgoing connections to web servers or upstream proxies\&. +.RE +.PP +\fBBindSame\fR +.RS 4 +If this boolean parameter is set to +yes, then Tinyproxy will bind the outgoing connection to the IP address of the incoming connection that triggered the outgoing request\&. +.RE +.PP +\fBTimeout\fR +.RS 4 +The maximum number of seconds of inactivity a connection is allowed to have before it is closed by Tinyproxy\&. +.RE +.PP +\fBErrorFile\fR +.RS 4 +This parameter controls which HTML file Tinyproxy returns when a given HTTP error occurs\&. It takes two arguments, the error number and the location of the HTML error file\&. +.RE +.PP +\fBDefaultErrorFile\fR +.RS 4 +This parameter controls the HTML template file returned when an error occurs for which no specific error file has been set\&. +.RE +.PP +\fBStatHost\fR +.RS 4 +This configures the host name or IP address that is treated as the +stat host: Whenever a request for this host is received, Tinyproxy will return an internal statistics page instead of forwarding the request to that host\&. The template for this page can be configured with the +StatFile +configuration option\&. The default value of +StatHost +is +tinyproxy\&.stats\&. +.RE +.PP +\fBStatFile\fR +.RS 4 +This configures the HTML file that Tinyproxy sends when a request for the stathost is received\&. If this parameter is not set, Tinyproxy returns a hard\-coded basic statistics page\&. See the STATHOST section in the +tinyproxy(8) +manual page for details\&. + +Note that the StatFile and the error files configured with ErrorFile and DefaultErrorFile are template files that can contain a few template variables that Tinyproxy expands prior to delivery\&. Examples are "{cause}" for an abbreviated error description and "{detail}" for a detailed error message\&. The +tinyproxy(8) +manual page contains a description of all template variables\&. +.RE +.PP +\fBLogFile\fR +.RS 4 +This controls the location of the file to which Tinyproxy writes its debug output\&. Alternatively, Tinyproxy can log to syslog \(em see the Syslog option\&. +.RE +.PP +\fBSyslog\fR +.RS 4 +When set to +On, this option tells Tinyproxy to write its debug messages to syslog instead of to a log file configured with +LogFile\&. These two options are mutually exclusive\&. +.RE +.PP +\fBLogLevel\fR +.RS 4 +Sets the log level\&. Messages from the set level and above are logged\&. For example, if the LogLevel was set to Warning, then all log messages from Warning to Critical would be output, but Notice and below would be suppressed\&. Allowed values are: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Critical (least verbose) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Error +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Warning +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Notice +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Connect (log connections without Info\(cqs noise) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Info (most verbose) +.RE +.RE +.PP +\fBPidFile\fR +.RS 4 +This option controls the location of the file where the main Tinyproxy process stores its process ID for signaling purposes\&. +.RE +.PP +\fBXTinyproxy\fR +.RS 4 +Setting this option to +Yes +tells Tinyproxy to add a header +X\-Tinyproxy +containing the client\(cqs IP address to the request\&. +.RE +.PP +\fBUpstream\fR, \fBNo Upstream\fR +.RS 4 +This option allows you to set up a set of rules for deciding whether an upstream proxy server is to be used, based on the host or domain of the site being accessed\&. The rules are stored in the order encountered in the configuration file and the LAST matching rule wins\&. There are three possible forms for specifying upstream rules: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fIupstream host:port\fR +turns proxy upstream support on generally\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fIupstream host:port "site_spec"\fR +turns on the upstream proxy for the sites matching +site_spec\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fIno upstream "site_spec"\fR +turns off upstream support for sites matching +site_spec\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf +The site can be specified in various forms as a hostname, domain +name or as an IP range: +.fi +.if n \{\ +.RE +.\} +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fIname\fR +matches host exactly +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fI\&.name\fR +matches any host in domain "name" +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fI\&.\fR +matches any host with no domain (in +\fIempty\fR +domain) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fIIP/bits\fR +matches network/mask +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fIIP/mask\fR +matches network/mask +.RE +.RE +.PP +\fBMaxClients\fR +.RS 4 +Tinyproxy creates one child process for each connected client\&. This options specifies the absolute highest number processes that will be created\&. With other words, only MaxClients clients can be connected to Tinyproxy simultaneously\&. +.RE +.PP +\fBMinSpareServers\fR, \fBMaxSpareServers\fR +.RS 4 +Tinyproxy always keeps a certain number of idle child processes so that it can handle new incoming client requests quickly\&. +MinSpareServer +and +MaxSpareServers +control the lower and upper limits for the number of spare processes\&. I\&.e\&. when the number of spare servers drops below +MinSpareServers +then Tinyproxy will start forking new spare processes in the background and when the number of spare processes exceeds +MaxSpareServers +then Tinyproxy will kill off extra processes\&. +.RE +.PP +\fBStartServers\fR +.RS 4 +The number of servers to start initially\&. This should usually be set to a value between MinSpareServers and MaxSpareServers\&. +.RE +.PP +\fBMaxRequestsPerChild\fR +.RS 4 +This limits the number of connections that a child process will handle before it is killed\&. The default value is +0 +which disables this feature\&. This option is meant as an emergency measure in the case of problems with memory leakage\&. In that case, setting +MaxRequestsPerChild +to a value of e\&.g\&. 1000, or 10000 can be useful\&. +.RE +.PP +\fBAllow\fR, \fBDeny\fR +.RS 4 +The +Allow +and +Deny +options provide a means to customize which clients are allowed to access Tinyproxy\&. +Allow +and +Deny +lines can be specified multiple times to build the access control list for Tinyproxy\&. The order in the config file is important\&. If there are no +Allow +or +Deny +lines, then all clients are allowed\&. Otherwise, the default action is to deny access\&. The argument to +Allow +or +Deny +can be a single IP address of a client host, like +127\&.0\&.0\&.1, an IP address range, like +192\&.168\&.0\&.1/24 +or a string that will be matched against the end of the client host name, i\&.e, this can be a full host name like +host\&.example\&.com +or a domain name like +\&.example\&.com +or even a top level domain name like +\&.com\&. +.RE +.PP +\fBAddHeader\fR +.RS 4 +Configure one or more HTTP request headers to be added to outgoing HTTP requests that Tinyproxy makes\&. Note that this option will not work for HTTPS traffic, as Tinyproxy has no control over what headers are exchanged\&. +.RE +.sp +.if n \{\ +.RS 4 +.\} +.nf +AddHeader "X\-My\-Header" "Powered by Tinyproxy" +.fi +.if n \{\ +.RE +.\} +.PP +\fBViaProxyName\fR +.RS 4 +RFC 2616 requires proxies to add a +Via +header to the HTTP requests, but using the real host name can be a security concern\&. If the +ViaProxyname +option is present, then its string value will be used as the host name in the Via header\&. Otherwise, the server\(cqs host name will be used\&. +.RE +.PP +\fBDisableViaHeader\fR +.RS 4 +When this is set to yes, Tinyproxy does NOT add the +Via +header to the requests\&. This virtually puts Tinyproxy into stealth mode\&. Note that RFC 2616 requires proxies to set the +Via +header, so by enabling this option, you break compliance\&. Don\(cqt disable the +Via +header unless you know what you are doing\&... +.RE +.PP +\fBFilter\fR +.RS 4 +Tinyproxy supports filtering of web sites based on URLs or domains\&. This option specifies the location of the file containing the filter rules, one rule per line\&. +.RE +.PP +\fBFilterURLs\fR +.RS 4 +If this boolean option is set to +Yes +or +On, filtering is performed for URLs rather than for domains\&. The default is to filter based on domains\&. +.RE +.PP +\fBFilterExtended\fR +.RS 4 +If this boolean option is set to +Yes, then extended POSIX regular expressions are used for matching the filter rules\&. The default is to use basic POSIX regular expressions\&. +.RE +.PP +\fBFilterCaseSensitive\fR +.RS 4 +If this boolean option is set to +Yes, then the filter rules are matched in a case sensitive manner\&. The default is to match case\-insensitively\&. +.RE +.PP +\fBFilterDefaultDeny\fR +.RS 4 +The default filtering policy is to allow everything that is not matched by a filtering rule\&. Setting +FilterDefaultDeny +to +Yes +changes the policy do deny everything but the domains or URLs matched by the filtering rules\&. +.RE +.PP +\fBAnonymous\fR +.RS 4 +If an +Anonymous +keyword is present, then anonymous proxying is enabled\&. The headers listed with +Anonymous +are allowed through, while all others are denied\&. If no Anonymous keyword is present, then all headers are allowed through\&. You must include quotes around the headers\&. + +Most sites require cookies to be enabled for them to work correctly, so you will need to allow cookies through if you access those sites\&. + +Example: +.RE +.sp +.if n \{\ +.RS 4 +.\} +.nf +Anonymous "Host" +Anonymous "Authorization" +Anonymous "Cookie" +.fi +.if n \{\ +.RE +.\} +.PP +\fBConnectPort\fR +.RS 4 +This option can be used to specify the ports allowed for the CONNECT method\&. If no +ConnectPort +line is found, then all ports are allowed\&. To disable CONNECT altogether, include a single ConnectPort line with a value of +0\&. +.RE +.PP +\fBReversePath\fR +.RS 4 +Configure one or more ReversePath directives to enable reverse proxy support\&. With reverse proxying it\(cqs possible to make a number of sites appear as if they were part of a single site\&. + +If you uncomment the following two directives and run Tinyproxy on your own computer at port 8888, you can access example\&.com, using +http://localhost:8888/example/\&. +.RE +.sp +.if n \{\ +.RS 4 +.\} +.nf +ReversePath "/example/" "http://www\&.example\&.com/" +.fi +.if n \{\ +.RE +.\} +.PP +\fBReverseOnly\fR +.RS 4 +When using Tinyproxy as a reverse proxy, it is STRONGLY recommended that the normal proxy is turned off by setting this boolean option to +Yes\&. +.RE +.PP +\fBReverseMagic\fR +.RS 4 +Setting this option to +Yes, makes Tinyproxy use a cookie to track reverse proxy mappings\&. If you need to reverse proxy sites which have absolute links you must use this option\&. +.RE +.PP +\fBReverseBaseURL\fR +.RS 4 +The URL that is used to access this reverse proxy\&. The URL is used to rewrite HTTP redirects so that they won\(cqt escape the proxy\&. If you have a chain of reverse proxies, you\(cqll need to put the outermost URL here (the address which the end user types into his/her browser)\&. If this option is not set then no rewriting of redirects occurs\&. +.RE +.SH "BUGS" +.sp +To report bugs in Tinyproxy, please visit \&. +.SH "SEE ALSO" +.sp +tinyproxy(8) +.SH "AUTHOR" +.sp +Written by the Tinyproxy project team\&. +.SH "COPYRIGHT" +.sp +Copyright (c) 1998\-2000 Steven Young; Copyright (c) 2000\-2001 Robert James Kaes; Copyright (c) 2009\-2010 Mukund Sivaraman; Copyright (c) 2009\-2010 Michael Adam\&. +.sp +This program is distributed under the terms of the GNU General Public License version 2 or above\&. See the COPYING file for additional information\&.