This feature allows users to define how Proxifier processes certain connections. Each connection can be processed directly, processed through a proxy/chain, or blocked.
The rules can be based on application names, target hostnames or IP addresses, or port numbers. Applications and targets can be specified as wildcards, and ports can be specified as ranges.
To access this feature, click
in the Profile menu or the corresponding item on the toolbar.The following dialog window will appear.
The Default rule cannot be changed as it is a special rule. Proxifier uses it when no other rule matches the connection. You can change only the action for this rule.
For example, if you assign a proxy server as an action for the Default rule and define no other rules, Proxifier will process all connections through this proxy.
By default, each profile also has a predefined rule called Localhost. When this rule is enabled, Proxifier does not tunnel local (loopback) connections on the computer. Some applications, such as Firefox, may depend on loopback connections. You can edit or remove this rule, but it is best to keep it enabled unless you are absolutely sure that you need to tunnel connections to 127.0.0.1 through a proxy.
Proxifier scans rules from top to bottom, so the order of rules is important. You can change the order with the arrow-like buttons on the right side of the window.
You can enable/disable the rules with the check box and change a rule’s action.
With the corresponding buttons, it is possible to Add a new rule or Clone, Edit, or Remove an existing rule. Alternatively, you can double click to edit a rule or use your keyboard’s “Delete” key to remove it.
When you edit a rule or add a new one, the following window appears.
Name: the name of the rule. You can use any text that is meaningful to you.
Enable: Use this check box to enable/disable the rule. When the rule is disabled, Proxifier simply ignores it.
Applications: a list of executable file names with or without the path that correspond to the programs whose connections should match the rule.
Separate the individual names with a semicolon (;) and use double quotes (") for names containing spaces.
You can use wildcards (masks) with “?” matching any symbol and “*” matching any substring.
It is possible to specify a process ID using a notation such as pid=1234.
Use the Browse button to browse for a file and add it to the list.
Target hosts: To match the rule, a connection should connect to a host from this list.
You can specify host names (DNS names) and IPv4 or IPv6 addresses.
Separate individual addresses with a semicolon (;).
Wildcards (masks) are supported, and you can use them with “?” matching any symbol and “*” matching any substring.
IPv4/IPv6 addresses can be specified as a range.
Use a minus sign (-) to define the range.
CIDR notation (e.g., 192.168.0.0/24) is supported for IPv4.
The %ComputerName% constant is automatically swapped with the local computer name during the processing.
Target ports: To match the rule, a connection should connect to a port from this list. You can use any integer from 1 to 65535 (216-1). Separate the individual ports with a semicolon (;), and use a minus sign (-) to define a range.
Action: defines how Proxifier should process the connection if it matches the rule.
Options:
Proxy: processes the connection through the proxy server.
Chain: processes the connection through the proxy chain.
Direct: processes the connection directly (omits any processing).
The connections will be made to the original target.
Block: The connection will be blocked.
Advanced: allows you to assign a network interface.
Proxifier filters the text fields, and incorrect symbols are indicated in red. For example, there can be no letters in the Target ports field.
To match the rule, a connection should satisfy all three criteria: Applications, Target hosts, and Ports. If nothing is defined in a field, the word “Any” is displayed in gray, and the field will then match all possible values for certain criteria. This effectively means that this criterion will not be used for rule valuation.
For example, if you specify Applications only and leave Targets and Ports blank, Proxifier will process all connections of the specified applications regardless of the target hosts and ports.
The rules do not affect manually Proxified applications (the Proxifier command in the context menu of .exe files). Applications started by the Proxifier command will always be processed through the selected proxy server.
The following example shows five rules.
Localhost (pre-defined): makes Proxifier bypass all connections to Localhost
Rule 1: processes all connections of applications app1.exe and app2.exe through the proxy
Rule 2: processes all connections in which the target host matches *.example.net through the proxy
Rule 3: processes connections of app.exe to target.example.net:80 through the proxy
Default (pre-defined): processes all remaining connections directly
Click the Advanced button to launch a dialog that allows you to assign a network interface (e.g., Ethernet, VPN, Wi-Fi) to the rule.
You can select the network interface from the list of interfaces available on the system. Proxifier will use it to process the connections that match the rule. By default, the System Default interface is selected. In this case, the system will use the most appropriate interface automatically according to the routing table.
If you select a specific interface, you must specify what Proxifier should do if the interface is down (disconnected). It can either Use system default interface or Ignore the rule.
The second option allows you to create a rule that is triggered only when the computer is connected to a specific network (e.g., an office LAN).