Privaxy Next generation tracker and advertisement blocker

Overview

Privaxy

Next generation tracker and advertisement blocker

About

Privaxy is a MITM HTTP(s) proxy that sits in between HTTP(s) talking applications, such as a web browser and HTTP servers, such as those serving websites.

By establishing a two-way tunnel between both ends, Privaxy is able to block network requests based on URL patterns and to inject scripts as well as styles into HTML documents.

Operating at a lower level, Privaxy is both more efficient as well as more streamlined than browser add-on-based blockers. A single instance of Privaxy on a small virtual machine, server or even, on the same computer as the traffic is originating from, can filter thousands of requests per second while requiring a very small amount of memory.

Privaxy is not limited by the browser’s APIs and can operate with any HTTP traffic, not only the traffic flowing from web browsers.

Privaxy is also way more capable than DNS-based blockers as it is able to operate directly on URLs and to inject resources into web pages.

Features

  • Suppport for Adblock Plus filters, such as easylist.
  • Web graphical user interface with a statistics display as well as a live request explorer.
  • Support for uBlock origin's js syntax.
  • Support for uBlock origin's redirect syntax.
  • Support for uBlock origin's scriptlets.
  • Browser and HTTP client agnostic.
  • Support for custom filters.
  • Support for excluding hosts from the MITM pipeline.
  • Support for protocol upgrades, such as with websockets.
  • Automatic filter lists updates.
  • Very low resource usage.
    • Around 250MB of memory with approximately 320 000 filters enabled.
    • Able to filter thousands of requests per second on a small machine.
Comments
  • Initial release

    Initial release

    • [ ] Write proper documentation.
    • [x] Keep only the most recent requests in the "Requests" pane of the gui.
    • [x] Serve the gui from the server instead of from trunk.
    opened by Barre 6
  • Moderate-high RAM usage, internet throttling (Windows)

    Moderate-high RAM usage, internet throttling (Windows)

    Taskmgr_LLUzegQh0l

    Not sure if I'm doing something wrong, or if by default it uses many more filters than in the tests, but Privaxy uses around 100mb by default on Windows ( (I realise RAM usage will increase with number of filters used) and internet browsing feels slow. ~~Is there a way to run it silently without the console window?~~ I found out how to run Privaxy on Windows without a console window, using an old method.

    chrome_lyJg10BTR0

    Internet Speed Test:

    Same speed with and without Privaxy, but there is a noticeable delay of a second or two when loading pages while Privaxy is running, while the same pages load instantly without Privaxy. Speedtest_vCW9kVG8tN

    Maybe HDD throttling? Not sure what the limiting factor is.

    opened by Darthagnon 4
  • Windows Build?

    Windows Build?

    It seems to work fine. Looks like the beauty of Rust :)

    image

    Originally posted by @shirshak55 in https://github.com/Barre/privaxy/issues/2#issuecomment-1132441928

    opened by Darthagnon 4
  • Error compiling web_frontend

    Error compiling web_frontend

    I tried following the instruction but I ended up getting the below.

    ~/src/privaxy$ cd web_frontend && trunk build --release && cd .. 2022-06-04T15:37:07.156633Z INFO 📦 starting build 2022-06-04T15:37:07.157325Z INFO spawning asset pipelines 2022-06-04T15:37:07.157372Z INFO spawned hook sh command_arguments=["-c", "npx tailwindcss build -i src/tailwind.css -o $TRUNK_STAGING_DIR/tailwind.css"] 2022-06-04T15:37:07.157410Z INFO spawning hook stage=PreBuild command=sh npx: installed 60 in 4.694s Object.fromEntries is not a function 2022-06-04T15:37:13.041231Z ERROR ❌ error error from HTML pipeline

    Caused by: hook call to sh returned a bad status Error: error from HTML pipeline

    Caused by: hook call to sh returned a bad status ===============================

    Any idea on what could be the reason?

    Thanks!

    opened by ipiazza 4
  • trunk build --release fails, missing

    trunk build --release fails, missing "wasm32-unknown-unknown"

    Building the web frontend kept failing immediately until I ran "rustup target add wasm32-unknown-unknown"

    edit: Should probably mention. This is on a Macbook Pro with M1.

    opened by aequis 3
  • wildcards don't seem to work in the exclusions list

    wildcards don't seem to work in the exclusions list

    I've tried both *.dropbox.com and just dropbox.com, and in both cases subdomains continue to generate TLS handshake errors in the log. Adding each offending subdomain fixes it.

    I also noticed that the UI says that domains that have handshake failures will be automatically added to the exclusion list, but that doesn't seem to be happening in my case.

    Context: MacOS, pre-built binary

    opened by dhc02 3
  • Error compiling web_frontend ( arm64 )

    Error compiling web_frontend ( arm64 )

    I have same issue like https://github.com/Barre/privaxy/issues/18 but on arm64, nodejs already upgrade (18.9). warning: web_frontend (bin "web_frontend") generated 2 warnings Finished release [optimized] target(s) in 1m 17s 2022-09-23T18:03:21.417497Z INFO fetching cargo artifacts 2022-09-23T18:03:21.541404Z INFO processing WASM for web_frontend 2022-09-23T18:03:21.546225Z INFO calling wasm-bindgen for web_frontend 2022-09-23T18:03:21.549376Z ERROR ❌ error error from HTML pipeline

    Caused by: 0: error from asset pipeline 1: error spawning wasm-bindgen call 2: Exec format error (os error 8) Error: error from HTML pipeline

    Caused by: 0: error from asset pipeline 1: error spawning wasm-bindgen call 2: Exec format error (os error 8)

    Thanks!

    opened by supperchym23 2
  • Windows Usage Instructions

    Windows Usage Instructions

    To be added to here:

    1. Navigate to the web gui at `http://127.0.0.1:8000`, click on "Download CA certificate".
    2. Install the downloaded certificate locally.
      - MacOS: https://support.apple.com/guide/keychain-access/add-certificates-to-a-keychain-kyca2431/mac
      - Linux: `cp privaxy_ca_certificate.pem /usr/local/share/ca-certificates/`
      - Windows CLI: Open an Admin Command Prompt, then run `certutil –addstore –f "Root" privaxy_ca_certificate.pem` ([Source](https://superuser.com/questions/1031444/importing-pem-certificates-on-windows-7-on-the-command-line))
      - Windows GUI: `Control Panel` >> `Network and Sharing Center` >> `Internet Options` (link, bottom left) >> `Content` tab >> `Certificates` button >> `Trusted Root Certification Authorities` tab >> `Import` button >> `Next`, `Browse` to the `privaxy_ca_certificate.pem`, `Next`, `Finish`. **Done**, you can close it all.
    3. Configure your local system to pass http traffic through privaxy.
      - MacOS: https://support.apple.com/guide/mac-help/change-proxy-settings-network-preferences-mac-mchlp2591/mac
      - Ubuntu (gnome): https://phoenixnap.com/kb/ubuntu-proxy-settings
      - Windows 10: `Settings` >> `Network & Internet` >> `Proxy` >> `Manual Proxy Setup` (Enable `Use a proxy` toggle, Address: `127.0.0.1`, Port: `8100`
      - Windows 7: `Control Panel` >> `Network and Sharing Center` >> `Internet Options` (link, bottom left) >> `Connections` tab >> `LAN Settings` button >> [ x ] Use a proxy server for your LAN, Address: `127.0.0.1`, Port: `8100`
    

    I'll open a pull request

    opened by Darthagnon 2
  • Cannot find module 'tailwindcss/forms' error

    Cannot find module 'tailwindcss/forms' error

    Hi, building the web frontend fails with the above error.

    Seems to be related to https://github.com/tailwindlabs/tailwindcss-forms/issues/31), since running 'npm install -D @tailwindcss/forms' fixes the error.

    opened by aequis 2
  • Enhancement: Auto start when login and background process

    Enhancement: Auto start when login and background process

    After doing some research I've come up with the ultimate solution Adding login plist Note that this is for Mac only. You'll have to edit a little bit in the plist and it'll be more clear when you open the file You'll have to put into the LaunchAgent folder and run sudo launchctl load "path to plist" Thank you I just wasted 3 hours

    opened by tkit0428 1
  • How to import custom filterlists?

    How to import custom filterlists?

    I see it's possible to add custom individual filters to Privaxy, but can't see how to add custom filterlists. Is this possible, e.g. by adding it to a config file somewhere?

    opened by Darthagnon 1
  • Certificate Not Working on Android Device

    Certificate Not Working on Android Device

    Hi @Barre

    I have been able to run privaxy from source locally on my Mac and made it available(changing let ip = [0, 0, 0, 0] ) on my home network and connected a android device using proxy on wifi but the certificate is causing an issue even though I installed certificate on my android device. it shows following error

    Your Connection is not private

    NET:ERR_CERT_DATE_INVALID.

    I have no problem browsing on my Mac if connected to same proxy and it is effectively blocking all ads. I want to have this on entire home network so that I don't have to install on all devices.

    In application logs I am seeing

    Unable to perform handshake for host: go-updater.brave.com:443. Consider excluding it from blocking. The service may not tolerate TLS interception.

    Any help here is appreciated.

    Thanks

    opened by Virinchi2595 1
  • Privaxy only binds to 127.0.0.1

    Privaxy only binds to 127.0.0.1

    I know this is currently on purpose, however, many of us would like to use this in our home environments. I've built a docker container with privaxy, but it doesn't work correctly with your restriction. Please remove this restriction.

    opened by chrisbensch 4
Releases(v0.5.0)
Owner
Pierre Barre
Pierre Barre
A multi-functional lightweight BitTorrent Tracker

Torrust-Axum Tracker Project Description Torrust-Axum Tracker is a lightweight but incredibly powerful and feature-rich BitTorrent Tracker made using

Jasper 55 Apr 21, 2023
The true next-gen L7 minecraft proxy and load balancer. Built in Rust.

Lure The true next-gen L7 minecraft proxy and load balancer. Built in Rust, Tokio and Valence. Why? Rust is a powerful programming language and a grea

Sammwy 67 Apr 16, 2023
An end-to-end encrypted, anonymous IP-hiding, decentralized, audio/video/file sharing/offline messaging multi-device platform built for both communications and application security and performance.

An end-to-end encrypted, anonymous IP-hiding, decentralized, audio/video/file sharing/offline messaging multi-device platform built for both communications and application security and performance.

null 2 Apr 27, 2022
A fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption

A fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption

editso 1.3k Dec 30, 2022
A proxy implement with http / socks5 in-bound and vmess out-bound, written in Rust and tokio.rs

tokio-vmess an Asynchronous proxy implement with http / socks5 in-bound and vmess out-bound, written in Rust and tokio Run example first, Fill out the

irumeria 7 Oct 3, 2022
A simple web server(and library) to display server stats over HTTP and Websockets/SSE or stream it to other systems.

x-server-stats A simple web server(and library) to display server stats over HTTP and Websockets/SSE or stream it to other systems. x-server(in x-serv

Pratyaksh 11 Oct 17, 2022
RDE1 (Rusty Data Exfiltrator) is client and server tool allowing auditor to extract files from DNS and HTTPS protocols written in Rust. 🦀

Information: RDE1 is an old personal project (end 2022) that I didn't continue development on. It's part of a list of projects that helped me to learn

Quentin Texier (g0h4n) 32 Oct 6, 2023
The gRPC library for Rust built on C Core library and futures

gRPC-rs gRPC-rs is a Rust wrapper of gRPC Core. gRPC is a high performance, open source universal RPC framework that puts mobile and HTTP/2 first. Sta

TiKV Project 1.6k Jan 7, 2023
🥧 Savoury implementation of the QUIC transport protocol and HTTP/3

quiche is an implementation of the QUIC transport protocol and HTTP/3 as specified by the IETF. It provides a low level API for processing QUIC packet

Cloudflare 7.1k Jan 8, 2023
Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...

tosh Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code... Inspired fro

Mark Vainomaa 409 Oct 23, 2022
Library + CLI-Tool to measure the TTFB (time to first byte) of HTTP requests. Additionally, this crate measures the times of DNS lookup, TCP connect and TLS handshake.

TTFB: CLI + Lib to Measure the TTFB of HTTP/1.1 Requests Similar to the network tab in Google Chrome or Mozilla Firefox, this crate helps you find the

Philipp Schuster 24 Dec 1, 2022
A versatile and efficient proxy framework with nice features suitable for various use cases.

A versatile and efficient proxy framework with nice features suitable for various use cases.

null 1.7k Jan 9, 2023
A multiplayer web based roguelike built on Rust and WebRTC

Gorgon A multiplayer web-based roguelike build on Rust and WebRTC. License This project is licensed under either of Apache License, Version 2.0, (LICE

RICHΛRD ΛNΛYΛ 2 Sep 19, 2022
Simple and fast layer 4 proxy in Rust

Fourth 这一波在第四层。 English Fourth是一个Rust实现的Layer 4代理,用于监听指定端口TCP流量,并根据规则转发到指定目标。 功能 监听指定端口代理到本地或远端指定端口 监听指定端口,通过TLS ClientHello消息中的SNI进行分流 安装方法 为了确保获得您架构

Rui Li 17 Nov 8, 2022
Drop-in proxy for Discord gateway connections and sessions allowing for zero downtime deploys

gateway-proxy This is a very hacky project, so it might stop working if Discord changes their API core. This is unlikely, but keep that in mind while

Jens Reidel 39 Nov 26, 2022
A remote shell, TCP tunnel and HTTP proxy for Replit.

Autobahn A remote shell, TCP tunnel and HTTP proxy for Replit. Hybrid SSH/HTTP server for Replit. Based on leon332157/replish. Autobahn runs a WebSock

Patrick Winters 12 Sep 24, 2022
A DHCP parser and encoder for DHCPv4/DHCPv6

dhcproto A DHCP parser and encoder for DHCPv4/DHCPv6. dhcproto aims to be a functionally complete DHCP implementation. Many common option types are im

BlueCat Engineering 80 Dec 11, 2022
The Graph is a protocol for building decentralized applications (dApps) quickly on Ethereum and IPFS using GraphQL.

Graph Node The Graph is a protocol for building decentralized applications (dApps) quickly on Ethereum and IPFS using GraphQL. Graph Node is an open s

Mindy.wang 2 Jun 18, 2022
Rust implementation of PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols

Rust PRECIS Framework libray PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols as descr

Santiago Carot-Nemesio 1 Oct 20, 2022