Since Proxomitron has been through the block a few times now, some of the questions below have indeed had a chance to be asked frequently. Astonishingly my psychic friends did show amazing accuracy in their predictions and seldom seemed to miss the kayak - it almost makes the expansive phone bills worth it. Even so there's now a few new answers to be questioned...
- I've run the Proxomitron, but my browser doesn't seem to use it. Nothing is being filtered - why?
- I'm using IE5 and set my proxy yet it *still* doesn't seem to work??!
- My browser doesn't seem to work anymore - what gives?
- Can Proxomitron be set to start automatically with my computer?
- When using certain filters, some web pages don't seem to work anymore - why?
- How do I see the original unfiltered web page?
- How come some rules don't appear to work on my browser?
- How come I get a warning message from Hotmail when using Proxomitron?
- I'm having trouble using Outlook with Hotmail when using Proxomitron
- Can I automatically have Proxomitron bypassed on certain sites?
- How many filters can I use at the same time?
- Why do I see open connections under netstat or my firewall?
- Why can't I filter stuff like REMOTE_ADDR, REMOTE_HOST, HTTP_FORWARDED?
I've run the Proxomitron, but my browser doesn't seem to use it. Nothing is being filtered - why?
You first need to tell your browser to use Proxomitron. To do this, just set your browser's proxy option - see installation for details.
I'm using IE and set my proxy yet it *still* doesn't seem to work??!
IE5 an up can be tricky to set correctly. IE now has different proxy settings for each dial-up connection you may have plus an extra one for LAN (Local Area Network) connections. Unless you're using a DSL or cable modem, the LAN setting is probably not what you want (and even if you do often there's a fake dial-up entry for your ISP you should use). First click the dial-up connection for your ISP from the list box above the LAN button then click "settings". You'll find the real proxy set up here. If that doesn't work (or there's no dial-up entries at all) only then try using the LAN button.
My browser doesn't seem to work anymore - what gives?
Once you set your browser to use the Proxomitron both programs must be running for things to work. If you don't want to use the Proxomitron at all, just set your browser back to not using a HTTP proxy (direct connect). Also see installation
Can Proxomitron be set to start automatically with my computer?
Yes! Just make a shortcut to "Proxomitron.exe" in your start menu's StartUp folder. This can be used to automatically run most any windows program. Just be careful to only create a shortcut and not an actual copy of the program.
When using certain filters, some web pages don't seem to work anymore - why?
For the more adventurous, open the log window. This will show which rules are used on a particular page, and can be useful in tracking down exactly which rule is causing the problem. Once you find it you can exclude the offending page by adding it to the rule's URL match, like so... (^www.dont.filter.me.com)
How do I see the original unfiltered web page?
Simply press the Proxomitron's bypass button then press reload on your browser.
Note this may not reload animated .GIFs - you may need to "force" a total reload. In Netscape hold down SHIFT while you press reload. In IE 4.x press CTRL+F5 (doesn't seem to be a way to do this in IE 3.x ??! ) .
How come some rules don't appear to work on my browser?
How come I get a warning message from Hotmail when using Proxomitron?
I'm having trouble using Outlook with Hotmail when using Proxomitron
Unfortunately Outlook doesn't use regular HTTP to do this and also won't let you set it's proxy setting different from IE. One work-around is to go back into IE's proxy setup and add *hotmail*;*services.msn*. to the area labeled Do not use proxy server for addresses beginning with box.
Can I automatically have Proxomitron bypassed on certain sites?
Yes! Just add the site to the "BypassList" blockfile. In rare cases if you need to bypass Proxomitron entirely, most browsers will, under their proxy setting, also allow you to list sites not to use a proxy with. You can add any sites you don't wish to filter here and Proxomitron will not be used at all.
How many filters can I use at the same time?
The Proxomitron imposes no hard limit on the number of filters you can use (it's only limited by your computers memory). However, on slower systems using too many simultaneous filters could slow things down. Generally you may notice this if your using a 486 or slower PC. If you do, here's a few tips:
- Web filters use the most CPU time - the GIF and header filters use very little.
- Non-active filters consume almost no CPU time - enable just those you need.
- Using URL limits with web filters can reduce load since all filters won't be active for all pages.
- When creating complex filters, use a bounds expression and as small a byte limit as you can get away with.
- Be careful adding filters created by others - it's possible for a single filter to slow things to a crawl if its design is not quite what it should be. Always test drive such filters for a bit before adding others or it may be hard to spot the culprit.
- High speed Internet connections (like DSL or a cable modem) will require more CPU speed to keep up with the increased data flow. This is unavoidable since more data is being pumped through Proxomitron each second.
For a regular dial-up connection, a Pentium 120 can run a large number of active filters with no slowdown and a P160 can handle most broadband conenctions. With current CPU's it becomes more and more a non-issue.
Why do I see open connections under netstat or my firewall?
Proxomitron now features support for persistent connections and it'll keep a few (up to 8) of the most recent connections open in case any further requests are made to that server. It's a recommended as part of HTTP/1.1 and can improve overall speed (since making new connections involves some overhead). They'll remain open but inactive until their needed again or one of the following happens...
- The remote server or proxy closes the connection
- It's replaced by a newer connection
- Any unexpected data is received on the connection
- The Proxomitron's abort button is pressed (this kills all connections)
Often people ask why the connections remain even if they close their browser, but this is mixing apples and unauthorized biographies of Topo Gigo. Connections a proxy makes to a webserver are actually independent of the connections between the proxy and your browser. In fact, a proxy usually doesn't even know if your browser is open or closed, but always must be prepared to accept new connections.
You can avoid persistent connections by sending a "Connection: close" in both incoming and outgoing HTTP headers, but it's not usually a good idea unless you're having specific conections related problems. It doesn't increase security much, but can hurt performance. In particular don't confuse an "open connection" with an "open port".
Why can't I filter stuff like REMOTE_ADDR, REMOTE_HOST, HTTP_FORWARDED?
Ah, I see you're looking at a web server's environment test page! It might help to understand where some of this stuff really comes from. First, only the items preceded by "HTTP_" start life as HTTP headers. The other values come from different sources...
REMOTE_ADDR is found by looking up the IP address used by the TCP/IP connection itself. This is required information, since it's how your computer is told apart from the millions of others on the net. Without a real IP address the web server could never send the page back to you. Going through a remote proxy (one running on another host) will change this simply because the server sends the info back to the proxy which, in turn, sends it back to you. In this case the IP address will be the remote proxy's host. Proxomitron alone cannot change your IP since it's running on your own computer and its IP address is the same as your IP address.
REMOTE_HOST comes from doing a "Reverse DNS lookup" on your IP address. Here the web server takes the IP address of the connections and asks the DNS system what hostname is attached to it. Normally your ISP's DNS server will respond with the answer. It can't be filtered, unless you run the DNS server with authority over that IP, since the info doesn't come from your PC to begin with.
HTTP_VIA, HTTP_FORWARDED, and HTTP_X_FORWARDED_FOR as the name indicates *are* in fact HTTP headers. The problem here is they're not ones normally added by your browser but instead by an intermediary proxy server. Normally the connection "chain" is a bit like so...
+--------------------+ +--------------+ +------------+ |Browser->Proxomitron|-->| Remote Proxy |-->| Web Server | +--------------------+ +--------------+ +------------+ (Your PC) (Proxy host) (Web host)
Since the headers are added by the remote proxy after leaving Proxomitron, you can't filter them out. You can however add headers of your own beforehand which may possibly confuse automated scripts. It should also be noted that, by default, these headers aren't stored in most web server logs anyway.
Return to main index