SwiftSurf Smart Web Proxy

download the latest version (Change Log)

Compilation and installation

For installing swiftsurf, you must become root and type "gmake install".

Then you must configure your browser in order it uses swiftsurf. With Netscape or Mozilla, go to Edit->Preferences->Advanced->Proxies, select "Manual proxy configuration" and set localhost with port 8080 as proxy for http and https.

You can now launch SwiftSurf (with the command swiftsurf). The program accept the following options :

• -c conf_file : define the configuration file to use. If not specified, the configuration file is searched within the following files : $HOME/.swiftsurf, /etc/swiftsurf.conf, ./swiftsurf.conf, /dev/null.
• -d : run in daemon mode.
• -help : display options.

Presentation

a. Vocabulary

• Proxy : Little program your browser (Netscape) uses to get html pages over the internet.
• filtering : Allows you to forbid some pages. They are replaced by an image of your choice.
• http : hyper text transfer protocol : language used on the internet for exchanging html pages.
• https : secure http : allow secure communications across the internet.

b. Interest of filtering

• Censorship : you can forbid pages whose url contain sex or xxx.
• Surf more swiftly : no more time wasted to load ads. This is very interesting if you're connected through a modem, since it is slow and expensive.
• Display and control all the information your browser exchange with the world.

Configuration

General configurations

Here are the configurations that will be used by all connections (all the keywords are case insensitive) :

• port : port on which the proxy is running (8080 by default)
• logFile : allow to write the log to a file (default : stdout)
• connectFrom : addresses from where it is allowed to connect : a regexp describing the local network.
• authentication : give a login and a password that will be required for using the proxy.
• maxConns : maximum number of simultaneous connections accepted by the proxy.
• nextProxy : If this proxy has to connect to another proxy to have access to internet, give its name and port on which to connect. A third optionnal argument specifies the authentication for the next proxy. This last argument should look like user:passwd.
• noProxy : If nextProxy is set : list of sites which do not need to be accessed through the proxy. This list can be finished by "end" for clarity. You can use * and ?.
• forbiddenReqHeader : list of headers you want to ban from request. It can be used to ignore all cookies for instance.
• forbiddenAnsHeader : idem for the answer.
• addReqHeader : add a header to every request the proxy sends to the server. http require the header to look like this : "xxx: yyyyy".
• addAnsHeader : add a header to every answer the proxy replies to the client. http require the header to look like this : "xxx: yyyyy".
• overrideUseragent : change the User-Agent sent by your browser. This can be usefull with sites such as msn.com filtering access with User-Agent (ex : overrideUseragent Mozilla/4.76).
• timeout : timeout for inactive connections in seconds (default : 30 sec). A value of 0 set timeout to infinite.
• maxConns : set a maximum number of simultaneous connections (default : infinity).
• stats : 0 indicates you don't want any stats output, 1 a little (display all the urls and tells if it has been accepted), 2 a little more (display date, time and ip of client for each request).
• debug : display some debugging output. If you want to submit a bug please give me the output with debug set to 2.

Profiles configurations

profile login:pass
  profOpt1
  profOpt2 ...
endProfile

• forbiddenFile : name of a file containing a list of forbidden urls followed by the name of a file containing a picture used for replacing forbidden documents. if the image name is default (or nothing), swiftsurf replaces documents by a small black square. If it is a color (white, blue, transparent, green, red, orange, black, yellow or gray), a gif of the given color is used.
• forbiddenUrl : list of the forbidden urls. This list must be finished by "end" and is followed by the name of a file containing a picture used for replacing forbidden documents (or default or a color). You can use * and ?.
• allowedUrl : If this field is specified, only urls which match one the items of the list are considered. All the other ones are "forbidden". This list must be finished by "end" and is followed by the name of a file containing a picture used for replacing forbidden documents (or default or a color).
• allCONNECT : accept https on any port (default : only 443).
• noCONNECT : disable https.
• methods : list of allowed methods. This list must be terminated by "end". An empty list is the default and means that all methods are allowed (GET, POST, HEAD, PUT, DELETE...)
• request : part of the request you want to display. It is an addition of three numbers : 1 for the command line and headers; 2 for the content (in case of POST); 4 for all incoming data; 8 for all outgoing data.
• answer : part of the answer you want to display. It is an addition of three numbers : 1 for the command line and headers; 2 for the content; 4 for all incoming data; 8 for all outgoing data.

To do

• Understand ftp
• Add a cache
• prefetch

sebastien@ailleret.com home page