+ http-rfcs.txt

+if HAVE_MANPAGE_INTEREST

+M_SECTION=5

+M_NAME=TINYPROXY.CONF

+

+if HAVE_POD2MAN

+ $(AM_V_GEN) $(POD2MAN) --center="Tinyproxy manual" \

+ --section=$(M_SECTION) --name=$(M_NAME) --release="Version @VERSION@" \

+ $< > $@

+ @echo "*** pod2man is required to regenerate $(@) ***"; exit 1;

+MAINTAINERCLEANFILES = \

+ $(MAN5_FILES:.txt=.5)

+=pod

+=encoding utf8

+

+=head1 NAME

+=head1 SYNOPSIS

+B<tinyproxy.conf>

+=head1 DESCRIPTION

+L<tinyproxy(8)> reads its configuration file, typically stored in

+=over 4

+

+=item B<User>

+

+The user which the Tinyproxy process should run as, after the

+initial port-binding has been done as the `root` user. Either the

+user name or the UID may be specified.

+

+=item B<Group>

+

+The group which the Tinyproxy process should run as, after the

+initial port-binding has been done as the `root` user. Either the

+group name or the GID may be specified.

+

+=item B<Port>

+

+The port which the Tinyproxy service will listen on. If the port is

+less than 1024, you will need to start the Tinyproxy process as the

+`root` user.

+

+=item B<Listen>

+

+By default, Tinyproxy listens for connections on all available

+interfaces (i.e. it listens on the wildcard address `0.0.0.0`).

+With this configuration parameter, Tinyproxy can be told to listen

+only on one specific address.

+

+=item B<Bind>

+

+This allows you to specify which address Tinyproxy will bind

+to for outgoing connections to web servers or upstream proxies.

+This parameter may be specified multiple times, then Tinyproxy

+will try all the specified addresses in order.

+

+=item B<BindSame>

+

+If this boolean parameter is set to `yes`, then Tinyproxy will

+bind the outgoing connection to the IP address of the incoming

+connection that triggered the outgoing request.

+

+=item B<Timeout>

+

+The maximum number of seconds of inactivity a connection is

+allowed to have before it is closed by Tinyproxy.

+

+=item B<ErrorFile>

+

+This parameter controls which HTML file Tinyproxy returns when a

+given HTTP error occurs. It takes two arguments, the error number

+and the location of the HTML error file.

+

+=item B<DefaultErrorFile>

+

+This parameter controls the HTML template file returned when an

+error occurs for which no specific error file has been set.

+

+=item B<StatHost>

+

+This configures the host name or IP address that is treated

+as the `stat host`: Whenever a request for this host is received,

+Tinyproxy will return an internal statistics page instead of

+forwarding the request to that host. The template for this

+page can be configured with the `StatFile` configuration option.

+The default value of `StatHost` is `@TINYPROXY_STATHOST@`.

+

+=item B<StatFile>

+

+This configures the HTML file that Tinyproxy sends when

+a request for the stathost is received. If this parameter is

+not set, Tinyproxy returns a hard-coded basic statistics page.

+See the STATHOST section in the L<tinyproxy(8)> manual page

+for details.

+

+Note that the StatFile and the error files configured with ErrorFile

+and DefaultErrorFile are template files that can contain a few

+template variables that Tinyproxy expands prior to delivery.

+Examples are "{cause}" for an abbreviated error description and

+"{detail}" for a detailed error message. The L<tinyproxy(8)>

+manual page contains a description of all template variables.

+

+=item B<LogFile>

+

+This controls the location of the file to which Tinyproxy

+writes its debug output. Alternatively, Tinyproxy can log

+to syslog -- see the Syslog option.

+

+=item B<Syslog>

+When set to `On`, this option tells Tinyproxy to write its

+debug messages to syslog instead of to a log file configured

+with `LogFile`. These two options are mutually exclusive.

+=item B<LogLevel>

+Sets the log level. Messages from the set level and above are

+logged. For example, if the LogLevel was set to Warning, then all

+log messages from Warning to Critical would be output, but Notice

+and below would be suppressed. Allowed values are:

+=over 4

+=item * Critical (least verbose)

+=item * Error

+=item * Warning

+=item * Notice

+=item * Connect (log connections without Info's noise)

+=item * Info (most verbose)

+=back

+=item B<PidFile>

+This option controls the location of the file where the main

+Tinyproxy process stores its process ID for signaling purposes.

+=item B<XTinyproxy>

+Setting this option to `Yes` tells Tinyproxy to add a header

+`X-Tinyproxy` containing the client's IP address to the request.

+=item B<Upstream>

+This option allows you to set up a set of rules for deciding

+whether an upstream proxy server is to be used, based on the

+host or domain of the site being accessed. The rules are stored

+in the order encountered in the configuration file and the

+LAST matching rule wins. The following forms for specifying upstream

+rules exist:

+=over 4

+=item * I<upstream type host:port> turns proxy upstream support on generally.

+=item * I<upstream type user:pass@host:port>

+does the same, but uses the supplied credentials for authentication.

+=item * I<upstream type host:port "site_spec">

+turns on the upstream proxy for the sites matching `site_spec`.

+`type` can be one of `http`, `socks4`, `socks5`, `none`.

+=item * I<upstream none "site_spec">

+turns off upstream support for sites matching `site_spec`, that means the

+connection is done directly.

+=back

+The site can be specified in various forms as a hostname, domain

+name or as an IP range:

+=over 4

+=item * I<name> matches host exactly

+=item * I<.name> matches any host in domain "name"

+=item * I<.> matches any host with no domain (in 'empty' domain)

+=item * I<IP/bits> matches network/mask

+=item * I<IP/mask> matches network/mask

+=back

+Note that the upstream directive can also be used to null-route

+a specific target domain/host, e.g.:

+`upstream http 0.0.0.0:0 ".adserver.com"`

+=item B<MaxClients>

+Tinyproxy creates one thread for each connected client.

+This options specifies the absolute highest number processes that

+will be created. With other words, only MaxClients clients can be

+connected to Tinyproxy simultaneously.

+=item B<Allow>

+=item B<Deny>

+The `Allow` and `Deny` options provide a means to customize

+which clients are allowed to access Tinyproxy. `Allow` and `Deny`

+lines can be specified multiple times to build the access control

+list for Tinyproxy. The order in the config file is important.

+If there are no `Allow` or `Deny` lines, then all clients are

+allowed. Otherwise, the default action is to deny access.

+The argument to `Allow` or `Deny` can be a single IP address

+of a client host, like `127.0.0.1`, an IP address range, like

+`192.168.0.1/24` or a string that will be matched against the

+end of the client host name, i.e, this can be a full host name

+like `host.example.com` or a domain name like `.example.com` or

+even a top level domain name like `.com`.

+Note that by adding a rule using a host or domain name, a costly name

+lookup has to be done for every new connection, which could slow down

+the service considerably.

+=item B<BasicAuth>

+Configure HTTP "Basic Authentication" username and password

+for accessing the proxy. If there are any entries specified,

+access is only granted for authenticated users.

+ BasicAuth user password

+=item B<AddHeader>

+Configure one or more HTTP request headers to be added to outgoing

+HTTP requests that Tinyproxy makes. Note that this option will not

+work for HTTPS traffic, as Tinyproxy has no control over what

+headers are exchanged.

+ AddHeader "X-My-Header" "Powered by Tinyproxy"

+=item B<ViaProxyName>

+RFC 2616 requires proxies to add a `Via` header to the HTTP

+requests, but using the real host name can be a security

+concern. If the `ViaProxyname` option is present, then its

+string value will be used as the host name in the Via header.

+Otherwise, the server's host name will be used.

+=item B<DisableViaHeader>

+When this is set to yes, Tinyproxy does NOT add the `Via` header

+to the requests. This virtually puts Tinyproxy into stealth mode.

+Note that RFC 2616 requires proxies to set the `Via` header, so by

+enabling this option, you break compliance.

+Don't disable the `Via` header unless you know what you are doing...

+=item B<Filter>

+Tinyproxy supports filtering of web sites based on URLs or

+domains. This option specifies the location of the file

+containing the filter rules, one rule per line.

+Rules are specified as POSIX basic regular expressions (BRE), unless

+FilterExtended is activated.

+Comment lines start with a `#` character.

+Example filter file contents:

+ # filter exactly cnn.com

+ ^cnn\.com$

+

+ # filter all subdomains of cnn.com, but not cnn.com itself

+ .*\.cnn.com$

+

+ # filter any domain that has cnn.com in it, like xcnn.comfy.org

+ cnn\.com

+

+ # filter any domain that ends in cnn.com

+ cnn\.com$

+

+ # filter any domain that starts with adserver

+ ^adserver

+=item B<FilterURLs>

+If this boolean option is set to `Yes` or `On`, filtering is

+performed for URLs rather than for domains. The default is to

+filter based on domains.

+

+=item B<FilterExtended>

+

+If this boolean option is set to `Yes`, then extended POSIX

+regular expressions are used for matching the filter rules.

+The default is to use basic POSIX regular expressions.

+

+=item B<FilterCaseSensitive>

+

+If this boolean option is set to `Yes`, then the filter rules

+are matched in a case sensitive manner. The default is to

+match case-insensitively.

+

+=item B<FilterDefaultDeny>

+

+The default filtering policy is to allow everything that is

+not matched by a filtering rule. Setting `FilterDefaultDeny`

+to `Yes` changes the policy do deny everything but the domains

+or URLs matched by the filtering rules.

+

+=item B<Anonymous>

+

+If an `Anonymous` keyword is present, then anonymous proxying

+is enabled. The headers listed with `Anonymous` are allowed

+through, while all others are denied. If no Anonymous keyword

+is present, then all headers are allowed through. You must

+include quotes around the headers.

+

+Most sites require cookies to be enabled for them to work correctly, so

+you will need to allow cookies through if you access those sites.

+

+Example:

+

+ Anonymous "Host"

+ Anonymous "Authorization"

+ Anonymous "Cookie"

+

+=item B<ConnectPort>

+

+This option can be used to specify the ports allowed for the

+CONNECT method. If no `ConnectPort` line is found, then all

+ports are allowed. To disable CONNECT altogether, include a

+single ConnectPort line with a value of `0`.

+

+=item B<ReversePath>

+

+Configure one or more ReversePath directives to enable reverse proxy

+support. With reverse proxying it's possible to make a number of

+sites appear as if they were part of a single site.

+

+If you uncomment the following two directives and run Tinyproxy

+on your own computer at port 8888, you can access example.com,

+using http://localhost:8888/example/.

+

+ ReversePath "/example/" "http://www.example.com/"

+

+=item B<ReverseOnly>

+

+When using Tinyproxy as a reverse proxy, it is STRONGLY

+recommended that the normal proxy is turned off by setting

+this boolean option to `Yes`.

+

+=item B<ReverseMagic>

+

+Setting this option to `Yes`, makes Tinyproxy use a cookie to

+track reverse proxy mappings. If you need to reverse proxy

+sites which have absolute links you must use this option.

+

+=item B<ReverseBaseURL>

+

+The URL that is used to access this reverse proxy. The URL is

+used to rewrite HTTP redirects so that they won't escape the

+proxy. If you have a chain of reverse proxies, you'll need to

+put the outermost URL here (the address which the end user

+types into his/her browser). If this option is not set then

+no rewriting of redirects occurs.

+

+=back

+

+=head1 BUGS

+L<https://tinyproxy.github.io/>.

+

+=head1 SEE ALSO

+L<tinyproxy(8)>

+=head1 AUTHOR

+=head1 COPYRIGHT

+Copyright (c) 1998-2020 the Tinyproxy authors.

+

+if HAVE_MANPAGE_INTEREST

+MAN8_FILES = \

+M_SECTION=8

+M_NAME=TINYPROXY

+

+if HAVE_POD2MAN

+ $(AM_V_GEN) $(POD2MAN) --center="Tinyproxy manual" \

+ --section=$(M_SECTION) --name=$(M_NAME) --release="Version @VERSION@" \

+ $< > $@

+ @echo "*** pod2man is required to regenerate $(@) ***"; exit 1;

+MAINTAINERCLEANFILES = \

+ $(MAN8_FILES:.txt=.8)

+EXTRA_DIST = \

+=pod

+=encoding utf8

+

+=head1 NAME

+=head1 SYNOPSIS

+B<tinyproxy> [-vdch]

+=head1 DESCRIPTION

+B<tinyproxy> is a light-weight HTTP proxy daemon designed to consume a

+=head1 OPTIONS

+

+B<tinyproxy> accepts the following options:

+

+=over 4

+

+=item B<-c <config-file>>

+Use an alternate configuration file.

+=item B<-d>

+Don't daemonize and stay in the foreground. Useful for debugging purposes.

+=item B<-h>

+Display a short help screen of command line arguments and exit.

+=item B<-v>

+Display version information and exit.

+

+=back

+

+=head1 SIGNALS

+can be sent to B<tinyproxy> while it is running to generate debugging

+=over 4

+

+=item B<SIGHUP>

+Force Tinyproxy to do a garbage collection on the current

+connections linked list. This is usually done automatically after a

+certain number of connections have been handled.

+(Daemon mode only)

+=item B<SIGUSR1>

+

+Force reload of config file and filter list.

+This is handy to update the configuration if Tinyproxy is running

+in foreground without dropping active connections.

+

+=back

+

+=head1 TEMPLATE FILES

+=over 4

+

+=item * When an error occurred, a corresponding error page is returned.

+

+=item * When a request for the stathost is made, a page summarizing the

+connection statistics is returned. (See STATHOST below.)

+

+=back

+=head1 TEMPLATE VARIABLES

+=over 4

+=item B<request>

+The full HTTP request line.

+=item B<cause>

+The abbreviated cause of the error condition.

+=item B<clientip>

+The IP address of the client making the request.

+

+=item B<clienthost>

+

+The hostname of the client making the request.

+

+=item B<version>

+

+The version of Tinyproxy.

+

+=item B<package>

+

+The package name. Presently, resolves to 'tinyproxy'.

+

+=item B<date>

+

+The current date/time in HTTP format.

+

+=back

+=over 4

+

+=item B<detail>

+

+A detailed, plain English explanation of the error and possible

+causes.

+

+=back

+"{request}", then this is replaced by the value of the corresponding

+=head1 STATHOST

+=head1 FILES

+=head1 BUGS

+L<https://tinyproxy.github.io/>.

+

+=head1 SEE ALSO

+L<tinyproxy.conf(5)>

+=head1 AUTHOR

+=head1 COPYRIGHT

+Copyright (c) 1998-2020 the Tinyproxy authors.

+# test webpage with `python -m SimpleHTTPServer`

+

+all: index.html

+

+tp.html.conf: ../man5/tinyproxy.conf.txt

+ pod2html --noindex < $^ | awk -f podhtml-filter.awk > $@

+

+index.html: tp.html.head tp.html.conf tp.html.foot

+ cat $^ > $@

+

+clean:

+ rm tp.html.conf index.html *.tmp

+

+.PHONY: all clean

+

+BEGIN {i=0}

+/<\/{0,1}h1/ {if(!i)i=1; gsub("h1", "h4", $0);}

+#/<\/body>/ {i=0;}

+/BUGS/ {i=-1}

+{if(i==1) print;}

+/*******************************************************************************

+Slate Theme for GitHub Pages

+by Jason Costello, @jsncostello

+*******************************************************************************/

+

+@import url(github-light.css);

+

+/*******************************************************************************

+MeyerWeb Reset

+*******************************************************************************/

+

+html, body, div, span, applet, object, iframe,

+h1, h2, h3, h4, h5, h6, p, blockquote, pre,

+a, abbr, acronym, address, big, cite, code,

+del, dfn, em, img, ins, kbd, q, s, samp,

+small, strike, strong, sub, sup, tt, var,

+b, u, i, center,

+dl, dt, dd, ol, ul, li,

+fieldset, form, label, legend,

+table, caption, tbody, tfoot, thead, tr, th, td,

+article, aside, canvas, details, embed,

+figure, figcaption, footer, header, hgroup,

+menu, nav, output, ruby, section, summary,

+time, mark, audio, video {

+ margin: 0;

+ padding: 0;

+ border: 0;

+ font: inherit;

+ vertical-align: baseline;

+}

+

+/* HTML5 display-role reset for older browsers */

+article, aside, details, figcaption, figure,

+footer, header, hgroup, menu, nav, section {

+ display: block;

+}

+

+ol, ul {

+ list-style: none;

+}

+

+table {

+ border-collapse: collapse;

+ border-spacing: 0;

+}

+

+/*******************************************************************************

+Theme Styles

+*******************************************************************************/

+

+body {

+ box-sizing: border-box;

+ color:#373737;

+ background: #212121;

+ font-size: 16px;

+ font-family: 'Myriad Pro', Calibri, Helvetica, Arial, sans-serif;

+ line-height: 1.5;

+ -webkit-font-smoothing: antialiased;

+}

+

+h1, h2, h3, h4, h5, h6 {

+ margin: 10px 0;

+ font-weight: 700;

+ color:#222222;

+ font-family: 'Lucida Grande', 'Calibri', Helvetica, Arial, sans-serif;

+ letter-spacing: -1px;

+}

+

+h1 {

+ font-size: 36px;

+ font-weight: 700;

+}

+

+h2 {

+ padding-bottom: 10px;

+ font-size: 32px;

+ background: url('../images/bg_hr.png') repeat-x bottom;

+}

+

+h3 {

+ font-size: 24px;

+}

+

+h4 {

+ font-size: 21px;

+}

+

+h5 {

+ font-size: 18px;

+}

+

+h6 {

+ font-size: 16px;

+}

+

+p {

+ margin: 10px 0 15px 0;

+}

+

+footer p {

+ color: #f2f2f2;

+}

+

+a {

+ text-decoration: none;

+ color: #007edf;

+ text-shadow: none;

+

+ transition: color 0.5s ease;

+ transition: text-shadow 0.5s ease;

+ -webkit-transition: color 0.5s ease;

+ -webkit-transition: text-shadow 0.5s ease;

+ -moz-transition: color 0.5s ease;

+ -moz-transition: text-shadow 0.5s ease;

+ -o-transition: color 0.5s ease;

+ -o-transition: text-shadow 0.5s ease;

+ -ms-transition: color 0.5s ease;

+ -ms-transition: text-shadow 0.5s ease;

+}

+

+a:hover, a:focus {text-decoration: underline;}

+

+footer a {

+ color: #F2F2F2;

+ text-decoration: underline;

+}

+

+em {

+ font-style: italic;

+}

+

+strong {

+ font-weight: bold;

+}

+

+img {

+ position: relative;

+ margin: 0 auto;

+ max-width: 739px;

+ padding: 5px;

+ margin: 10px 0 10px 0;

+ border: 1px solid #ebebeb;

+

+ box-shadow: 0 0 5px #ebebeb;

+ -webkit-box-shadow: 0 0 5px #ebebeb;

+ -moz-box-shadow: 0 0 5px #ebebeb;

+ -o-box-shadow: 0 0 5px #ebebeb;

+ -ms-box-shadow: 0 0 5px #ebebeb;

+}

+

+p img {

+ display: inline;

+ margin: 0;

+ padding: 0;

+ vertical-align: middle;

+ text-align: center;

+ border: none;

+}

+

+pre, code {

+ width: 100%;

+ color: #222;

+ background-color: #fff;

+

+ font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace;

+ font-size: 14px;

+

+ border-radius: 2px;

+ -moz-border-radius: 2px;

+ -webkit-border-radius: 2px;

+}

+

+pre {

+ width: 100%;

+ padding: 10px;

+ margin-bottom: 20px;

+ box-shadow: 0 0 10px rgba(0,0,0,.1);

+ overflow: auto;

+}

+

+code {

+ padding: 3px;

+ margin: 0 3px;

+ box-shadow: 0 0 10px rgba(0,0,0,.1);

+}

+

+pre code {

+ display: block;

+ box-shadow: none;

+}

+

+blockquote {

+ color: #666;

+ margin-bottom: 20px;

+ padding: 0 0 0 20px;

+ border-left: 3px solid #bbb;

+}

+

+

+ul, ol, dl {

+ margin-bottom: 15px

+}

+

+ul {

+ list-style-position: inside;

+ list-style: disc;

+ padding-left: 20px;

+}

+

+ol {

+ list-style-position: inside;

+ list-style: decimal;

+ padding-left: 20px;

+}

+

+dl dt {

+ font-weight: bold;

+}

+

+dl dd {

+ padding-left: 20px;

+/* font-style: italic; */

+}

+

+dl p {

+ padding-left: 20px;

+/* font-style: italic; */

+}

+

+hr {

+ height: 1px;

+ margin-bottom: 5px;

+ border: none;

+ background: url('../images/bg_hr.png') repeat-x center;

+}

+

+table {

+ border: 1px solid #373737;

+ margin-bottom: 20px;

+ text-align: left;

+ }

+

+th {

+ font-family: 'Lucida Grande', 'Helvetica Neue', Helvetica, Arial, sans-serif;

+ padding: 10px;

+ background: #373737;

+ color: #fff;

+ }

+

+td {

+ padding: 10px;

+ border: 1px solid #373737;

+ }

+

+form {

+ background: #f2f2f2;

+ padding: 20px;

+}

+

+/*******************************************************************************

+Full-Width Styles

+*******************************************************************************/

+

+.outer {

+ width: 100%;

+}

+

+.inner {

+ position: relative;

+ max-width: 640px;

+ padding: 20px 10px;

+ margin: 0 auto;

+}

+

+#forkme_banner {

+ display: block;

+ position: absolute;

+ top:0;

+ right: 10px;

+ z-index: 10;

+ padding: 10px 50px 10px 10px;

+ color: #fff;

+ background: url('../images/blacktocat.png') #0090ff no-repeat 95% 50%;

+ font-weight: 700;

+ box-shadow: 0 0 10px rgba(0,0,0,.5);

+ border-bottom-left-radius: 2px;

+ border-bottom-right-radius: 2px;

+}

+

+#header_wrap {

+ background: #212121;

+ background: -moz-linear-gradient(top, #373737, #212121);

+ background: -webkit-linear-gradient(top, #373737, #212121);

+ background: -ms-linear-gradient(top, #373737, #212121);

+ background: -o-linear-gradient(top, #373737, #212121);

+ background: linear-gradient(top, #373737, #212121);

+}

+

+#header_wrap .inner {

+ padding: 50px 10px 30px 10px;

+}

+

+#project_title {

+ margin: 0;

+ color: #fff;

+ font-size: 42px;

+ font-weight: 700;

+ text-shadow: #111 0px 0px 10px;

+}

+

+#project_tagline {

+ color: #fff;

+ font-size: 24px;

+ font-weight: 300;

+ background: none;

+ text-shadow: #111 0px 0px 10px;

+}

+

+#downloads {

+ position: absolute;

+ width: 210px;

+ z-index: 10;

+ bottom: -40px;

+ right: 0;

+ height: 70px;

+ background: url('../images/icon_download.png') no-repeat 0% 90%;

+}

+

+.zip_download_link {

+ display: block;

+ float: right;

+ width: 90px;

+ height:70px;

+ text-indent: -5000px;

+ overflow: hidden;

+ background: url(../images/sprite_download.png) no-repeat bottom left;

+}

+

+.tar_download_link {

+ display: block;

+ float: right;

+ width: 90px;

+ height:70px;

+ text-indent: -5000px;

+ overflow: hidden;

+ background: url(../images/sprite_download.png) no-repeat bottom right;

+ margin-left: 10px;

+}

+

+.zip_download_link:hover {

+ background: url(../images/sprite_download.png) no-repeat top left;

+}

+

+.tar_download_link:hover {

+ background: url(../images/sprite_download.png) no-repeat top right;

+}

+

+#main_content_wrap {

+ background: #f2f2f2;

+ border-top: 1px solid #111;

+ border-bottom: 1px solid #111;

+}

+

+#main_content {

+ padding-top: 40px;

+}

+

+#footer_wrap {

+ background: #212121;

+}

+

+

+

+/*******************************************************************************

+Small Device Styles

+*******************************************************************************/

+

+@media screen and (max-width: 480px) {

+ body {

+ font-size:14px;

+ }

+

+ #downloads {

+ display: none;

+ }

+

+ .inner {

+ min-width: 320px;

+ max-width: 480px;

+ }

+

+ #project_title {

+ font-size: 32px;

+ }

+

+ h1 {

+ font-size: 28px;

+ }

+

+ h2 {

+ font-size: 24px;

+ }

+

+ h3 {

+ font-size: 21px;

+ }

+

+ h4 {

+ font-size: 18px;

+ }

+

+ h5 {

+ font-size: 14px;

+ }

+

+ h6 {

+ font-size: 12px;

+ }

+

+ code, pre {

+ min-width: 320px;

+ max-width: 480px;

+ font-size: 11px;

+ }

+

+}

+<h2>

+<a id="support" class="anchor" href="#support" aria-hidden="true"><span class="octicon octicon-link"></span></a>Support</h2>

+

+<ul>

+<li>Feel free to report a new bug or suggest features via github issues.</li>

+<li>Tinyproxy developers hang out in #tinyproxy on irc.freenode.net.</li>

+</ul>

+ </section>

+ </div>

+

+ <!-- FOOTER -->

+ <div id="footer_wrap" class="outer">

+ <footer class="inner">

+ <p>Published with <a href="https://pages.github.com">GitHub Pages</a></p>

+ </footer>

+ </div>

+

+

+

+ </body>

+</html>

+<!DOCTYPE html>

+<html>

+

+ <head>

+ <meta charset='utf-8'>

+ <meta http-equiv="X-UA-Compatible" content="chrome=1">

+ <meta name="description" content="Tinyproxy : lightweight http(s) proxy daemon">

+

+ <link rel="stylesheet" type="text/css" media="screen" href="stylesheets/stylesheet.css">

+

+ <title>Tinyproxy</title>

+ </head>

+

+ <body>

+

+ <!-- HEADER -->

+ <div id="header_wrap" class="outer">

+ <header class="inner">

+ <a id="forkme_banner" href="https://github.com/tinyproxy">View on GitHub</a>

+

+ <h1 id="project_title">Tinyproxy</h1>

+ <h2 id="project_tagline">lightweight http(s) proxy daemon</h2>

+

+ </header>

+ </div>

+

+ <!-- MAIN CONTENT -->

+ <div id="main_content_wrap" class="outer">

+ <section id="main_content" class="inner">

+ <h1>

+<a id="tinyproxy" class="anchor" href="#tinyproxy" aria-hidden="true"><span class="octicon octicon-link"></span></a>Tinyproxy</h1>

+

+<p>Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems. Designed from the ground up to be fast and yet small, it is an ideal solution for use cases such as embedded deployments where a full featured HTTP proxy is required, but the system resources for a larger proxy are unavailable.</p>

+

+<p>Tinyproxy is distributed using the GNU GPL license (version 2 or above).</p>

+

+<h2>

+<a id="features" class="anchor" href="#features" aria-hidden="true"><span class="octicon octicon-link"></span></a>Features</h2>

+

+<p>Tinyproxy has a <strong>small footprint</strong> and requires very little in the way of system resources. The memory footprint tends to be around 2 MB with glibc, and the CPU load increases linearly with the number of simultaneous connections (depending on the speed of the connection). Thus, Tinyproxy can be run on an older machine, or on a network appliance such as a Linux-based broadband router, without any noticeable impact on performance.</p>

+

+<p>Tinyproxy requires only a <strong>minimal POSIX environment</strong> to build and operate. It can use additional libraries to add functionality though.</p>

+

+<p>Tinyproxy allows forwarding of <strong>HTTPS connections</strong> without modifying traffic in any way through the <code>CONNECT</code> method (see the <code>ConnectPort</code> directive).</p>

+

+<p>Tinyproxy supports being configured as a <strong>transparent proxy</strong>, so that a proxy can be used without requiring any client-side configuration. You can also use it as a <strong>reverse proxy</strong> front-end to your websites.</p>

+

+<p>Using the <code>AddHeader</code> directive, you can <strong>add/insert HTTP headers</strong> to outgoing traffic.</p>

+

+<p>If you're looking to build a custom web proxy, Tinyproxy is <strong>easy to modify</strong> to your custom needs. The source is straightforward, adhering to the KISS principle. As such, it can be used as a foundation for anything you may need a web proxy to do.</p>

+

+<p>Tinyproxy has <strong>privacy features</strong> which can let you configure which HTTP headers should be allowed through, and which should be blocked. This allows you to restrict both what data comes to your web browser from the HTTP server (e.g., cookies), and to restrict what data is allowed through from your web browser to the HTTP server (e.g., version information).</p>

+

+<p>Using the <strong>remote monitoring</strong> facility, you can access proxy statistics from afar, letting you know exactly how busy the proxy is.</p>

+

+<p>You can configure Tinyproxy to <strong>control access</strong> by only allowing requests from a certain subnet, or from a certain interface, thus ensuring that random, unauthorized people will not be using your proxy.</p>

+

+<p>With a bit of configuration (specifically, making Tinyproxy created files owned by a non-root user and running it on a port greater than 1024), Tinyproxy can be made to run without any special privileges, thus minimizing the chance of system compromise. Furthermore, it was designed with an eye towards preventing buffer overflows. The simplicity of the code ensures it remains easy to spot such bugs.</p>

+

+<h2>

+<a id="downloads" class="anchor" href="#downloads" aria-hidden="true"><span class="octicon octicon-link"></span></a>Downloads</h2>

+

+<ul>

+<li>On Red Hat Enterprise Linux, or its derivatives such as CentOS, install Tinyproxy from the EPEL repository by running yum install tinyproxy.</li>

+<li>On Fedora, install Tinyproxy by running yum install tinyproxy.</li>

+<li>On Debian and derived distributions, run apt-get install tinyproxy to install Tinyproxy.</li>

+<li>For openSUSE run: zypper in tinyproxy</li>

+<li>Arch users can install the Tinyproxy package from the community repository. Run pacman -S tinyproxy to install it.</li>

+<li>FreeBSD, OpenBSD or NetBSD users can use the pkg_add utility to install the tinyproxy package.</li>

+<li>Mac OS X users can check MacPorts to see if the Tinyproxy port there is recent enough.</li>

+</ul>

+

+<p>If you feel that the Tinyproxy binary package in your operating system is not recent, please contact the package maintainer for that particular operating system. If this fails, you can always compile the latest stable version from source code.</p>

+

+<p>We distribute Tinyproxy in source code form, and it has to be compiled in order to be used on your system. Please see the INSTALL file in the source code tree for build instructions. The current stable version of Tinyproxy is available on the <a href="https://github.com/tinyproxy/tinyproxy/releases">releases page</a>. The Tinyproxy NEWS file contains the release notes. You can verify the tarball using its PGP signature. You can also browse the older releases of Tinyproxy.</p>

+

+<p>We use Git as the version control system for the Tinyproxy source code repository. To get a copy of the Tinyproxy repository, use the command:</p>

+

+<p>git clone <a href="https://github.com/tinyproxy/tinyproxy.git">https://github.com/tinyproxy/tinyproxy.git</a></p>

+

+<h2>

+<a id="documentation" class="anchor" href="#documentation" aria-hidden="true"><span class="octicon octicon-link"></span></a>Documentation</h2>