|
SwiftSurf
Smart Web Proxy
|
|
download the latest version (Change Log)
Compilation and installation
Compilation is very easy : you just have to type "gmake" (or "gmake
byte" if you don't have a native ocaml compiler). To get an ocaml
compiler, go to ocaml web
site.
For installing swiftsurf, you must become root and type "gmake
install".
You can now launch swiftsurf and configure your browser. With
Netscape or Mozilla, go to
Edit->Preferences->Advanced->Proxies, select "Manual proxy
configuration" and set localhost with port 8080 as proxy for http and
https.
Presentation
SwiftSurf is a web proxy that can handle http (1.0 and 1.1) and
https. Moreover, it allows page filtering and authentication through a
password.
a. Vocabulary
- Proxy : Little program your browser (Netscape) uses to get html
pages over the internet.
- filtering : Allows you to forbid some pages. They are replaced by
an image of your choice.
- http : hyper text transfer protocol : language used on the
internet for exchanging html pages.
- https : secure http : allow secure communications across the
internet.
b. Interest of filtering
- Censorship : you can forbid pages whose url contain sex or xxx.
- Surf more swiftly : no more time wasted to load ads. This is very
interesting if you're connected through a modem, since it is slow and
expensive.
- Display and control all the information your browser exchange
with the world.
Nota: The way the filter stops a page is by looking at the url, NOT the
content of the page. However, as you'll soon see, it's enough most of
the time.
Configuration
All the configuration of SwiftSurf is made using the configuration
file. Comments start by "#" and finish at the end of the line.
If not specified with the -c option, the configuration file is
searched within the following files : $HOME/.swiftsurf,
/etc/swiftsurf.conf, ./swiftsurf.conf, /dev/null.
the default file provided with the program should be fine for
most users. You just need to add the urls you want to filter in the
file named "forbidden". If you want an example of configuration file
using profiles, see swiftsurf.conf.school.
General configurations
Here are the configurations that will be used by all connections
(all the keywords are case insensitive) :
- port : port on which the proxy is running (8080 by default)
- logFile : allow to write the log to a file (default : stdout)
- connectFrom : addresses from where it is allowed to connect : a
regexp describing the local network.
- authentication : give a login and a password that will be
required for using the proxy.
- maxConns : maximum number of simultaneous connections accepted by
the proxy.
- nextProxy : If this proxy has to connect to another proxy to
have access to internet, give its name and port on which to connect.
- noProxy : If useProxy is set : list of sites which do not need to
be accessed through the proxy. This list can be finished by
"end" for clarity. You can use * and ?.
- forbiddenReqHeader : list of headers you want to ban from
request. It can be used to ignore all cookies for instance.
- forbiddenAnsHeader : idem for the answer.
- overrideUseragent : change the User-Agent sent by your
browser. This can be usefull with sites such as msn.com filtering
access with User-Agent (ex : overrideUseragent Mozilla/4.76).
- timeout : timeout for inactive connections in seconds (default :
30 sec). A value of 0 set timeout to infinite.
- maxConns : set a maximum number of simultaneous connections
(default : infinity).
- stats : 0 indicates you don't want any stats output, 1 a little
(display all the urls and tells if it has been accepted), 2 a little
more (display date, time and ip of client for each request).
- debug : display some debugging output. If you want to submit a
bug please give me the output with debug set to 2.
Profiles configurations
You can use at the same time different profiles, depending on the
access you want to give for example. Here is how a profile is defined :
profile login:pass
profOpt1
profOpt2 ...
endProfile
If you do not define any profile, you will be able to use the proxy
without password.
Here are the possible options for profiles (profOpt) :
- forbiddenFile : name of a file containing a list of forbidden
urls followed by the name of a file containing a picture used for
replacing forbidden documents. if the image name is default (or
nothing), swiftsurf replaces documents by a small black square.
- forbiddenUrl : list of the forbidden urls. This list must be
finished by "end" and is followed by the name of a file containing a
picture used for replacing forbidden documents. You can use * and ?.
- allowedUrl : If this field is specified, only urls which match
one the items of the list are considered. All the other ones are
"forbidden". This list must be finished by "end" and is followed by
the name of a file containing a picture used for replacing forbidden
documents.
- allCONNECT : accept https on any port (default : only 443).
- noCONNECT : disable https.
- noGET : disable GET method.
- noPOST : disable POST method.
- request : part of the request you want to display. It is an
addition of three numbers : 1 for the command line and headers; 2 for
the content (in case of POST); 4 for all incoming data; 8 for all
outgoing data.
- answer : part of the answer you want to display. It is an
addition of three numbers : 1 for the command line and headers; 2 for
the content; 4 for all incoming data; 8 for all outgoing data.
To do
- Understand ftp
- Add a cache
- prefetch