Forked from the app version
This reverts it back to v0.3.1, but with newer updates, an improved UI, and server-friendly configuration. To skip to the differences, see here
See pending features here
TODO: more screencaps
Privaxy is a MITM HTTP(s) proxy that sits in between HTTP(s) talking applications, such as a web browser and HTTP servers, such as those serving websites.
By establishing a two-way tunnel between both ends, Privaxy is able to block network requests based on URL patterns and to inject scripts as well as styles into HTML documents.
Operating at a lower level, Privaxy is both more efficient as well as more streamlined than browser add-on-based blockers. A single instance of Privaxy on a small virtual machine, server or even, on the same computer as the traffic is originating from, can filter thousands of requests per second while requiring a very small amount of memory.
Privaxy is not limited by the browser’s APIs and can operate with any HTTP traffic, not only the traffic flowing from web browsers.
Privaxy is also way more capable than DNS-based blockers as it is able to operate directly on URLs and to inject resources into web pages.
- Suppport for Adblock Plus filters, such as easylist.
- Web graphical user interface with a statistics display as well as a live request explorer.
- Support for uBlock origin's
jssyntax. - Support for uBlock origin's
redirectsyntax. - Support for uBlock origin's scriptlets.
- Browser and HTTP client agnostic.
- Support for custom filters.
- Support for excluding hosts from the MITM pipeline.
- Support for protocol upgrades, such as with websockets.
- Automatic filter lists updates.
- Very low resource usage.
- Around 50MB of memory with approximately 320 000 filters enabled.
- Able to filter thousands of requests per second on a small machine.
- General
- Documentation
- Verify dpkg works as expected
- Configure for /etc/
- Optimize code (kinda)
- Web GUI
- Ability to add custom filters
- filterlists.com integration
- Change bind settings
- TLS on the web gui
- Update configuration from the gui
- Need to add changing the CA
- Authentication to the web gui
- Backend
- Bind to different addresses and ports
- Specify path or CA cert in config
- Update ublock dependencies
- Patch NotValidBefore on generated certificates
- Implement systemctl signal handling
- Web GUI honors SIGHUP
- Proxy
- Package for a systemd service
- Update dependencies (sortof)
- Figure out which syntaxes the adblock engine supports
- Improve logging
- Fix cloudflare/robot checks?
- Utilize uAsset website
- Future
- Add DNS resolutions; incoporate DNS level blocking?
TODO
- You can now specify the address to bind to in the toml config
- You can use environment variables to specify the folder to store the config
- Adding of custom filters from external sources. I've added an integration to https://filterlists.com in the web gui to search and add filters from there.
- NotValidBefore patched properly, slight time differences will not produce invalid cert messages.
- Static files and API now bind to same port
TODO more info, screenshots