62 files changed, 1037 insertions, 876 deletions

diff --git a/.github/NPTest.cache b/.github/NPTest.cache
index 6b463e74..3f6d4da6 100644
--- a/.github/NPTest.cache
+++ b/.github/NPTest.cache
@@ -19,6 +19,13 @@
   'NP_HOST_TCP_HPJD' => '',
   'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
   'NP_HOST_TCP_HTTP' => 'localhost',
+  'NP_HOST_TCP_HTTP_IPV4' => '127.0.0.1',
+  'NP_HOST_TCP_HTTP_IPV4_CIDR_1' => '127.0.0.0/28',
+  'NP_HOST_TCP_HTTP_IPV4_CIDR_2' => '127.0.0.1/32',
+  'NP_HOST_TCP_HTTP_IPV6' => '::1',
+  'NP_HOST_TCP_HTTP_IPV6_CIDR_1' => '0000:0000:0000::0000:0000:0000/16',
+  'NP_HOST_TCP_HTTP_IPV6_CIDR_2' => '::1234:5678/16',
+  'NP_HOST_TCP_HTTP_SUBDOMAIN' => 'subdomain1.localhost',
   'NP_HOST_TCP_IMAP' => 'imap.web.de',
   'NP_HOST_TCP_JABBER' => 'jabber.org',
   'NP_HOST_TCP_LDAP' => 'localhost',
diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh
index cffe98c5..15c2286c 100755
--- a/.github/prepare_debian.sh
+++ b/.github/prepare_debian.sh
@@ -67,10 +67,10 @@ apt-get -y install perl \
         libjson-perl
 
 # remove ipv6 interface from hosts
-sed '/^::1/d' /etc/hosts > /tmp/hosts
-cp -f /tmp/hosts /etc/hosts
-ip addr show
-cat /etc/hosts
+# sed '/^::1/d' /etc/hosts > /tmp/hosts
+# cp -f /tmp/hosts /etc/hosts
+# ip addr show
+# cat /etc/hosts
 
 # apache
 a2enmod ssl
@@ -80,6 +80,19 @@ a2ensite default-ssl
 rm /etc/ssl/certs/ssl-cert-snakeoil.pem
 rm /etc/ssl/private/ssl-cert-snakeoil.key
 openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)"
+# add a subdomain for testing
+cp tools/subdomain1/subdomain1.conf /etc/apache2/sites-available/
+mkdir -p /var/www/subdomain1
+cp tools/subdomain1/index.php /var/www/subdomain1/
+echo '127.0.0.1 subdomain1.localhost' >> /etc/hosts
+echo '127.0.0.1 subdomain1.localhost.com' >> /etc/hosts
+apache2ctl configtest
+a2ensite subdomain1.conf
+
+# Make it listen to both IPv4 on IPv6 on localhost
+sed -i 's/^Listen 80/Listen 0.0.0.0:80\nListen [::1]:80/' /etc/apache2/ports.conf
+sed -i 's/^[[:space:]]*Listen 443/Listen 0.0.0.0:443\nListen [::1]:443/' /etc/apache2/ports.conf
+
 service apache2 restart
 
 # squid
diff --git a/configure.ac b/configure.ac
index 7361434a..ae7eb30b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -475,30 +475,6 @@ AC_ARG_WITH([ipv6],
         [AS_HELP_STRING([--with-ipv6], [support IPv6 @<:@default=check@:>@])],
         [], [with_ipv6=check])
 
-dnl Check for AF_INET6 support - unistd.h required for Darwin
-if test "$with_ipv6" != "no"; then
-        AC_CACHE_CHECK([for IPv6 support], np_cv_sys_ipv6, [
-                AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#ifdef HAVE_UNISTD_H
-                        #include <unistd.h>
-                        #endif
-                        #include <netinet/in.h>
-                        #include <sys/socket.h>]], [[struct sockaddr_in6 sin6;
-                        void *p;
-
-                        sin6.sin6_family = AF_INET6;
-                        sin6.sin6_port = 587;
-                        p = &sin6.sin6_addr;]])],[np_cv_sys_ipv6=yes],[np_cv_sys_ipv6=no])
-                ])
-        if test "$np_cv_sys_ipv6" = "no" -a "$with_ipv6" != "check"; then
-                AC_MSG_FAILURE([--with-ipv6 was given, but test for IPv6 support failed])
-        fi
-        if test "$np_cv_sys_ipv6" = "yes"; then
-                AC_DEFINE(USE_IPV6,1,[Enable IPv6 support])
-        fi
-        with_ipv6="$np_cv_sys_ipv6"
-fi
-
-
 dnl Checks for Kerberos. Must come before openssl checks for Redhat EL 3
 AC_CHECK_HEADERS(krb5.h,FOUNDINCLUDE=yes,FOUNDINCLUDE=no)
 if test "$FOUNDINCLUDE" = "no"; then
diff --git a/doc/NEW_STARTERS b/doc/NEW_STARTERS
index 2c5aac88..4fda35fb 100644
--- a/doc/NEW_STARTERS
+++ b/doc/NEW_STARTERS
@@ -10,7 +10,7 @@ Need to know:
 
 1. Add member to team mailing list (https://www.monitoring-plugins.org/list/listinfo/team/)
    and to the commits mailing list (https://www.monitoring-plugins.org/list/listinfo/commits/),
-   add sourceforge email address via Privacy Options->Sender filters)
+   add sourceforge email address via Privacy Options->Sender filters
 2. Add Sourceforge access:
   - Translator: CVS access, Shell access, Release Tech (no)
   - Developer: Project role: Developer, CVS access, Shell access, Release Tech (no), Task Manager (A&T),
diff --git a/doc/RELEASING.md b/doc/RELEASING.md
index e1f3bf74..700683e7 100644
--- a/doc/RELEASING.md
+++ b/doc/RELEASING.md
@@ -9,7 +9,7 @@ using the remote name `monitoring-plugins` (rather than `origin`).
 Before you start
 ----------------
 
-- Check Github Actions status.
+- Check GitHub Actions status.
 - Update local Git repository to the current `master` tip.  For a
   maintenance release (e.g., version 2.4.1), update to the current
   `maint-2.4` tip, instead.
diff --git a/doc/developer-guidelines.sgml b/doc/developer-guidelines.sgml
index 0afa733b..8288b897 100644
--- a/doc/developer-guidelines.sgml
+++ b/doc/developer-guidelines.sgml
@@ -23,9 +23,9 @@
 
 
 <preface id="preface"><title>Preface</title>
-    <para>The purpose of this guidelines is to provide a reference for
+    <para>The purpose of these guidelines is to provide a reference for
     the plugin developers and encourage the standardization of the
-    different kind of plugins: C, shell, perl, python, etc.</para>
+    different kinds of plugins: C, shell, perl, python, etc.</para>
 
         <para>Monitoring Plugins Development Guidelines Copyright (C) 2000-2024
         (Monitoring Plugins Team)</para>
@@ -68,7 +68,7 @@
 
                 <para>You should always print something to STDOUT that tells if the
                 service is working or why it is failing. Try to keep the output short -
-                probably less that 80 characters. Remember that you ideally would like
+                probably less than 80 characters. Remember that you ideally would like
                 the entire output to appear in a pager message, which will get chopped
                 off after a certain length.</para>
 
@@ -214,7 +214,7 @@
                 back a numerical value, or metric, which is then compared to the warning and
                 critical thresholds. Use the get_status(double, thresholds *) function to
                 compare the value against the thresholds.</para>
-                <para>This is the generalised format for ranges:</para>
+                <para>This is the generalized format for ranges:</para>
 
                 <literallayout>
                 [@]start:end
@@ -474,7 +474,7 @@
                         </listitem>
 
                         <listitem><para>If writing to a file (perhaps recording
-                        performance data) explicitly close close it.  The plugin never
+                        performance data) explicitly close it.  The plugin never
                         calls <emphasis role="strong">exit</emphasis>; that is caught by
                         p1.pl, so output streams are never closed.</para>
                         </listitem>
diff --git a/gl/unicase/.deps/.dirstamp b/gl/unicase/.deps/.dirstamp
deleted file mode 100644
index e69de29b..00000000
--- a/gl/unicase/.deps/.dirstamp
+++ /dev/null
diff --git a/gl/unicase/.deps/libgnu_a-tolower.Po b/gl/unicase/.deps/libgnu_a-tolower.Po
deleted file mode 100644
index 1ba6bacb..00000000
--- a/gl/unicase/.deps/libgnu_a-tolower.Po
+++ /dev/null
@@ -1,49 +0,0 @@
-unicase/libgnu_a-tolower.o: unicase/tolower.c /usr/include/stdc-predef.h \
- ../config.h unicase.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h uninorm.h \
- unicase/tolower.h unicase/simple-mapping.h
-/usr/include/stdc-predef.h:
-../config.h:
-unicase.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-uninorm.h:
-unicase/tolower.h:
-unicase/simple-mapping.h:
diff --git a/gl/unictype/.deps/.dirstamp b/gl/unictype/.deps/.dirstamp
deleted file mode 100644
index e69de29b..00000000
--- a/gl/unictype/.deps/.dirstamp
+++ /dev/null
diff --git a/gl/unictype/.deps/libgnu_a-ctype_alnum.Po b/gl/unictype/.deps/libgnu_a-ctype_alnum.Po
deleted file mode 100644
index 429d1968..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_alnum.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_alnum.o: unictype/ctype_alnum.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_alnum.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_alnum.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_alpha.Po b/gl/unictype/.deps/libgnu_a-ctype_alpha.Po
deleted file mode 100644
index f2d01713..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_alpha.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_alpha.o: unictype/ctype_alpha.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_alpha.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_alpha.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_blank.Po b/gl/unictype/.deps/libgnu_a-ctype_blank.Po
deleted file mode 100644
index 82be4126..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_blank.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_blank.o: unictype/ctype_blank.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_blank.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_blank.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_cntrl.Po b/gl/unictype/.deps/libgnu_a-ctype_cntrl.Po
deleted file mode 100644
index dfb2233d..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_cntrl.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_cntrl.o: unictype/ctype_cntrl.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_cntrl.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_cntrl.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_digit.Po b/gl/unictype/.deps/libgnu_a-ctype_digit.Po
deleted file mode 100644
index d243fcc1..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_digit.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_digit.o: unictype/ctype_digit.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_digit.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_digit.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_graph.Po b/gl/unictype/.deps/libgnu_a-ctype_graph.Po
deleted file mode 100644
index 9850fe6f..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_graph.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_graph.o: unictype/ctype_graph.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_graph.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_graph.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_lower.Po b/gl/unictype/.deps/libgnu_a-ctype_lower.Po
deleted file mode 100644
index 6447d3e4..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_lower.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_lower.o: unictype/ctype_lower.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_lower.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_lower.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_print.Po b/gl/unictype/.deps/libgnu_a-ctype_print.Po
deleted file mode 100644
index f592e16c..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_print.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_print.o: unictype/ctype_print.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_print.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_print.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_punct.Po b/gl/unictype/.deps/libgnu_a-ctype_punct.Po
deleted file mode 100644
index 245e5396..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_punct.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_punct.o: unictype/ctype_punct.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_punct.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_punct.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_space.Po b/gl/unictype/.deps/libgnu_a-ctype_space.Po
deleted file mode 100644
index 2b51c518..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_space.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_space.o: unictype/ctype_space.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_space.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_space.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_upper.Po b/gl/unictype/.deps/libgnu_a-ctype_upper.Po
deleted file mode 100644
index 3395834f..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_upper.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_upper.o: unictype/ctype_upper.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_upper.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_upper.h:
diff --git a/gl/unictype/.deps/libgnu_a-ctype_xdigit.Po b/gl/unictype/.deps/libgnu_a-ctype_xdigit.Po
deleted file mode 100644
index 3c05b331..00000000
--- a/gl/unictype/.deps/libgnu_a-ctype_xdigit.Po
+++ /dev/null
@@ -1,48 +0,0 @@
-unictype/libgnu_a-ctype_xdigit.o: unictype/ctype_xdigit.c \
- /usr/include/stdc-predef.h ../config.h unictype.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h unictype/bitmap.h \
- unictype/ctype_xdigit.h
-/usr/include/stdc-predef.h:
-../config.h:
-unictype.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdbool.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-unictype/bitmap.h:
-unictype/ctype_xdigit.h:
diff --git a/gl/uniwidth/.deps/.dirstamp b/gl/uniwidth/.deps/.dirstamp
deleted file mode 100644
index e69de29b..00000000
--- a/gl/uniwidth/.deps/.dirstamp
+++ /dev/null
diff --git a/gl/uniwidth/.deps/libgnu_a-width.Po b/gl/uniwidth/.deps/libgnu_a-width.Po
deleted file mode 100644
index f3f0e3fd..00000000
--- a/gl/uniwidth/.deps/libgnu_a-width.Po
+++ /dev/null
@@ -1,60 +0,0 @@
-uniwidth/libgnu_a-width.o: uniwidth/width.c /usr/include/stdc-predef.h \
- ../config.h uniwidth.h unitypes.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h /usr/include/stdint.h \
- /usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
- /usr/include/features.h /usr/include/features-time64.h \
- /usr/include/x86_64-linux-gnu/bits/wordsize.h \
- /usr/include/x86_64-linux-gnu/bits/timesize.h \
- /usr/include/x86_64-linux-gnu/sys/cdefs.h \
- /usr/include/x86_64-linux-gnu/bits/long-double.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs.h \
- /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
- /usr/include/x86_64-linux-gnu/bits/types.h \
- /usr/include/x86_64-linux-gnu/bits/typesizes.h \
- /usr/include/x86_64-linux-gnu/bits/time64.h \
- /usr/include/x86_64-linux-gnu/bits/wchar.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
- /usr/include/x86_64-linux-gnu/bits/stdint-least.h stddef.h \
- /usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h localcharset.h \
- uniwidth/cjk.h streq.h string.h /usr/include/string.h \
- /usr/include/x86_64-linux-gnu/bits/types/locale_t.h \
- /usr/include/x86_64-linux-gnu/bits/types/__locale_t.h strings.h \
- /usr/include/strings.h uniwidth/width0.h uniwidth/width2.h \
- unictype/bitmap.h
-/usr/include/stdc-predef.h:
-../config.h:
-uniwidth.h:
-unitypes.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stdint.h:
-/usr/include/stdint.h:
-/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
-/usr/include/features.h:
-/usr/include/features-time64.h:
-/usr/include/x86_64-linux-gnu/bits/wordsize.h:
-/usr/include/x86_64-linux-gnu/bits/timesize.h:
-/usr/include/x86_64-linux-gnu/sys/cdefs.h:
-/usr/include/x86_64-linux-gnu/bits/long-double.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs.h:
-/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
-/usr/include/x86_64-linux-gnu/bits/types.h:
-/usr/include/x86_64-linux-gnu/bits/typesizes.h:
-/usr/include/x86_64-linux-gnu/bits/time64.h:
-/usr/include/x86_64-linux-gnu/bits/wchar.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
-/usr/include/x86_64-linux-gnu/bits/stdint-least.h:
-stddef.h:
-/usr/lib/gcc/x86_64-linux-gnu/15/include/stddef.h:
-localcharset.h:
-uniwidth/cjk.h:
-streq.h:
-string.h:
-/usr/include/string.h:
-/usr/include/x86_64-linux-gnu/bits/types/locale_t.h:
-/usr/include/x86_64-linux-gnu/bits/types/__locale_t.h:
-strings.h:
-/usr/include/strings.h:
-uniwidth/width0.h:
-uniwidth/width2.h:
-unictype/bitmap.h:
diff --git a/lib/extra_opts.c b/lib/extra_opts.c
index 3fe69014..fa64d650 100644
--- a/lib/extra_opts.c
+++ b/lib/extra_opts.c
@@ -120,7 +120,7 @@ char **np_extra_opts(int *argc, char **argv, const char *plugin_name) {
                         }
                         ea1 = ea_tmp = NULL;
                 }
-        } /* lather, rince, repeat */
+        } /* lather, rinse, repeat */
 
         if (ea_num == (size_t)*argc && extra_args == NULL) {
                 /* No extra-opts */
diff --git a/lib/extra_opts.h b/lib/extra_opts.h
index 3f64360f..3c2d5eb1 100644
--- a/lib/extra_opts.h
+++ b/lib/extra_opts.h
@@ -8,7 +8,7 @@
 
 /* np_extra_opts: Process the --extra-opts arguments and create a new argument
  * array with ini-processed and argument-passed arguments together. The
- * ini-procesed arguments always come first (in the order of --extra-opts
+ * ini-processed arguments always come first (in the order of --extra-opts
  * arguments). If no --extra-opts arguments are provided or returned nothing
  * it returns **argv otherwise the new array is returned. --extra-opts are
  * always removed from **argv. The original pointers from **argv are kept in
diff --git a/lib/output.c b/lib/output.c
index d650a3c5..bfd43195 100644
--- a/lib/output.c
+++ b/lib/output.c
@@ -165,7 +165,7 @@ int mp_add_subcheck_to_subcheck(mp_subcheck check[static 1], mp_subcheck subchec
 void mp_add_summary(mp_check check[static 1], char *summary) { check->summary = summary; }
 
 /*
- * Generate the summary string of a mp_check object based on it's subchecks
+ * Generate the summary string of a mp_check object based on its subchecks
  */
 char *get_subcheck_summary(mp_check check) {
         mp_subcheck_list *subchecks = check.subchecks;
@@ -243,7 +243,7 @@ mp_state_enum mp_compute_check_state(const mp_check check) {
 }
 
 /*
- * Generate the result state of a mp_check object based on it's own state and it's subchecks states
+ * Generate the result state of a mp_check object based on its own state and its subchecks states
  */
 mp_state_enum mp_eval_check_default(const mp_check check) {
         assert(check.subchecks != NULL); // a mp_check without subchecks is invalid, die here
@@ -259,6 +259,21 @@ mp_state_enum mp_eval_check_default(const mp_check check) {
         return result;
 }
 
+// Remove troublesome symbols from plugin output
+char *sanitize_output_insitu(char *input) {
+        if (input == NULL) {
+                return input;
+        }
+
+        for (char *walker = input; *walker != '\0'; walker++) {
+                if (*walker == '|') {
+                        *walker = ' ';
+                }
+        }
+
+        return input;
+}
+
 /*
  * Generate output string for a mp_check object
  * Non static to be available for testing functions
@@ -299,6 +314,8 @@ char *mp_fmt_output(mp_check check) {
                         subchecks = subchecks->next;
                 }
 
+                result = sanitize_output_insitu(result);
+
                 if (pd_string != NULL && strlen(pd_string) > 0) {
                         asprintf(&result, "%s|%s", result, pd_string);
                 }
diff --git a/lib/parse_ini.c b/lib/parse_ini.c
index 196cac79..8a54af58 100644
--- a/lib/parse_ini.c
+++ b/lib/parse_ini.c
@@ -173,7 +173,7 @@ static bool read_defaults(FILE *defaults_file, const char *stanza, np_arg_list *
                         continue;
                 }
                 switch (current_char) {
-                        /* globble up comment lines */
+                        /* gobble up comment lines */
                 case ';':
                 case '#':
                         GOBBLE_TO(defaults_file, current_char, '\n');
diff --git a/lib/perfdata.c b/lib/perfdata.c
index 2930a8bc..f4eaf843 100644
--- a/lib/perfdata.c
+++ b/lib/perfdata.c
@@ -37,9 +37,9 @@ char *pd_to_string(mp_perfdata pd) {
         if (strchr(pd.label, '\'') == NULL) {
                 asprintf(&result, "'%s'=", pd.label);
         } else {
-                // we have a illegal single quote in the string
+                // we have an illegal single quote in the string
                 // replace it silently instead of complaining
-                for (char *ptr = pd.label; *ptr == '\0'; ptr++) {
+                for (char *ptr = pd.label; *ptr != '\0'; ptr++) {
                         if (*ptr == '\'') {
                                 *ptr = '_';
                         }
@@ -393,7 +393,7 @@ mp_range_parsed mp_parse_range_string(const char *input) {
 
         mp_range_parsed result = {
                 .range = mp_range_init(),
-                .error = MP_PARSING_SUCCES,
+                .error = MP_PARSING_SUCCESS,
         };
 
         if (input[0] == '@') {
@@ -436,7 +436,7 @@ mp_range_parsed mp_parse_range_string(const char *input) {
                         result.range.start_infinity = false;
                         perfdata_value_parser_wrapper parsed_pd = parse_pd_value(input);
 
-                        if (parsed_pd.error != MP_PARSING_SUCCES) {
+                        if (parsed_pd.error != MP_PARSING_SUCCESS) {
                                 result.error = parsed_pd.error;
                                 free(working_copy);
                                 return result;
@@ -457,7 +457,7 @@ mp_range_parsed mp_parse_range_string(const char *input) {
         } else {
                 perfdata_value_parser_wrapper parsed_pd = parse_pd_value(input);
 
-                if (parsed_pd.error != MP_PARSING_SUCCES) {
+                if (parsed_pd.error != MP_PARSING_SUCCESS) {
                         result.error = parsed_pd.error;
                         return result;
                 }
@@ -470,7 +470,7 @@ mp_range_parsed mp_parse_range_string(const char *input) {
 
 double_parser_wrapper parse_double(const char *input) {
         double_parser_wrapper result = {
-                .error = MP_PARSING_SUCCES,
+                .error = MP_PARSING_SUCCESS,
         };
 
         if (input == NULL) {
@@ -501,7 +501,7 @@ double_parser_wrapper parse_double(const char *input) {
 
 integer_parser_wrapper parse_integer(const char *input) {
         integer_parser_wrapper result = {
-                .error = MP_PARSING_SUCCES,
+                .error = MP_PARSING_SUCCESS,
         };
 
         if (input == NULL) {
@@ -548,7 +548,7 @@ perfdata_value_parser_wrapper parse_pd_value(const char *input) {
         // try integer first
         integer_parser_wrapper tmp_int = parse_integer(input);
 
-        if (tmp_int.error == MP_PARSING_SUCCES) {
+        if (tmp_int.error == MP_PARSING_SUCCESS) {
                 perfdata_value_parser_wrapper result = {
                         .error = tmp_int.error,
                         .value = tmp_int.value,
@@ -558,7 +558,7 @@ perfdata_value_parser_wrapper parse_pd_value(const char *input) {
 
         double_parser_wrapper tmp_double = parse_double(input);
         perfdata_value_parser_wrapper result = {};
-        if (tmp_double.error == MP_PARSING_SUCCES) {
+        if (tmp_double.error == MP_PARSING_SUCCESS) {
                 result.error = tmp_double.error;
                 result.value = tmp_double.value;
         } else {
diff --git a/lib/perfdata.h b/lib/perfdata.h
index e51ef5fd..d7e5670a 100644
--- a/lib/perfdata.h
+++ b/lib/perfdata.h
@@ -111,7 +111,8 @@ mp_range mp_range_set_end(mp_range, mp_perfdata_value);
  */
 
 typedef enum {
-        MP_PARSING_SUCCES = 0,
+        MP_PARSING_SUCCESS = 0,
+        MP_PARSING_SUCCES = MP_PARSING_SUCCESS,
         MP_PARSING_FAILURE,
         MP_RANGE_PARSING_FAILURE,
         MP_RANGE_PARSING_UNDERFLOW,
diff --git a/lib/states.h b/lib/states.h
index 4a170caa..43926f0c 100644
--- a/lib/states.h
+++ b/lib/states.h
@@ -45,7 +45,7 @@ static inline mp_state_enum max_state(mp_state_enum a, mp_state_enum b) {
  * STATE_OK < STATE_DEPENDENT < STATE_UNKNOWN < STATE_WARNING < STATE_CRITICAL
  *
  * The main difference between max_state_alt and max_state it that it doesn't
- * allow setting a default to UNKNOWN. It will instead prioritixe any valid
+ * allow setting a default to UNKNOWN. It will instead prioritize any valid
  * non-OK state.
  ****************************************************************************/
 
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c
index 5bfb5cb5..1390a03e 100644
--- a/plugins-root/check_icmp.c
+++ b/plugins-root/check_icmp.c
@@ -277,15 +277,6 @@ typedef struct {
         check_icmp_config config;
 } check_icmp_config_wrapper;
 check_icmp_config_wrapper process_arguments(int argc, char **argv) {
-        /* get calling name the old-fashioned way for portability instead
-         * of relying on the glibc-ism __progname */
-        char *ptr = strrchr(argv[0], '/');
-        if (ptr) {
-                progname = &ptr[1];
-        } else {
-                progname = argv[0];
-        }
-
         check_icmp_config_wrapper result = {
                 .errorcode = OK,
                 .config = check_icmp_config_init(),
@@ -821,6 +812,15 @@ void parse_address(const struct sockaddr_storage *addr, char *dst, socklen_t siz
 }
 
 int main(int argc, char **argv) {
+#ifdef __OpenBSD__
+        /* - rpath is required to read --extra-opts (given up later)
+         * - inet is required for sockets
+         * - dns is required for name lookups (given up later)
+         * - id is required for temporary privilege drops in configparsing and for
+         *   permanent privilege dropping after opening the socket (given up later) */
+        pledge("stdio rpath inet dns id", NULL);
+#endif // __OpenBSD__
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -828,6 +828,14 @@ int main(int argc, char **argv) {
         /* POSIXLY_CORRECT might break things, so unset it (the portable way) */
         environ = NULL;
 
+        /* determine program- and service-name quickly */
+        progname = strrchr(argv[0], '/');
+        if (progname != NULL) {
+                progname++;
+        } else {
+                progname = argv[0];
+        }
+
         /* Parse extra opts if any */
         argv = np_extra_opts(&argc, argv, progname);
 
@@ -837,6 +845,10 @@ int main(int argc, char **argv) {
                 crash("failed to parse config");
         }
 
+#ifdef __OpenBSD__
+        pledge("stdio inet dns id", NULL);
+#endif // __OpenBSD__
+
         const check_icmp_config config = tmp_config.config;
 
         if (config.output_format_is_set) {
@@ -899,6 +911,10 @@ int main(int argc, char **argv) {
                 return 1;
         }
 
+#ifdef __OpenBSD__
+        pledge("stdio inet", NULL);
+#endif // __OpenBSD__
+
         if (sockset.socket4) {
                 int result = setsockopt(sockset.socket4, SOL_IP, IP_TTL, &config.ttl, sizeof(config.ttl));
                 if (debug) {
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 1dec8a2a..f63cdea2 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -120,6 +120,14 @@ mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_
 #endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */
 
 int main(int argc, char **argv) {
+#ifdef __OpenBSD__
+        /* - rpath is required to read --extra-opts, CA and/or client certs
+         * - wpath is required to write --cookie-jar (possibly given up later)
+         * - inet is required for sockets
+         * - dns is required for name lookups */
+        pledge("stdio rpath wpath inet dns", NULL);
+#endif // __OpenBSD__
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -135,6 +143,15 @@ int main(int argc, char **argv) {
 
         const check_curl_config config = tmp_config.config;
 
+#ifdef __OpenBSD__
+        if (!config.curl_config.cookie_jar_file) {
+                if (verbose >= 2) {
+                        printf(_("* No \"--cookie-jar\" is used, giving up \"wpath\" pledge(2)\n"));
+                }
+                pledge("stdio rpath inet dns", NULL);
+        }
+#endif // __OpenBSD__
+
         if (config.output_format_is_set) {
                 mp_set_format(config.output_format);
         }
@@ -222,10 +239,35 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
         // ==============
         CURLcode res = curl_easy_perform(curl_state.curl);
 
+        if (verbose > 1) {
+                printf("* curl_easy_perform returned: %s\n", curl_easy_strerror(res));
+        }
+
         if (verbose >= 2 && workingState.http_post_data) {
                 printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data);
         }
 
+         // curl_state is updated after curl_easy_perform, and with updated curl_state certificate checks can be done
+         // Check_http tries to check certs as early as possible, and exits with certificate check result by default. Behave similarly.
+#ifdef LIBCURL_FEATURE_SSL
+        if (workingState.use_ssl && config.check_cert) {
+                if (verbose > 1) {
+                        printf("* adding a subcheck for the certificate\n");
+                }
+                mp_subcheck sc_certificate = check_curl_certificate_checks(
+                        curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
+
+                mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
+                if (!config.continue_after_check_cert) {
+                        if (verbose > 1) {
+                                printf("* returning after adding the subcheck for certificate, continuing after "
+                                           "checking the certificate is turned off\n");
+                        }
+                        return sc_result;
+                }
+        }
+#endif
+
         mp_subcheck sc_curl = mp_subcheck_init();
 
         /* Curl errors, result in critical Nagios state */
@@ -266,18 +308,6 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
         // Evaluation
         // ==========
 
-#ifdef LIBCURL_FEATURE_SSL
-        if (workingState.use_ssl && config.check_cert) {
-                mp_subcheck sc_certificate = check_curl_certificate_checks(
-                        curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
-
-                mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
-                if (!config.continue_after_check_cert) {
-                        return sc_result;
-                }
-        }
-#endif
-
         /* we got the data and we executed the request in a given time, so we can append
          * performance data to the answer always
          */
@@ -857,7 +887,8 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                 COOKIE_JAR,
                 HAPROXY_PROTOCOL,
                 STATE_REGEX,
-                OUTPUT_FORMAT
+                OUTPUT_FORMAT,
+                NO_PROXY,
         };
 
         static struct option longopts[] = {
@@ -872,6 +903,8 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                 {"url", required_argument, 0, 'u'},
                 {"port", required_argument, 0, 'p'},
                 {"authorization", required_argument, 0, 'a'},
+                {"proxy", required_argument, 0, 'x'},
+                {"noproxy", required_argument, 0, NO_PROXY},
                 {"proxy-authorization", required_argument, 0, 'b'},
                 {"header-string", required_argument, 0, 'd'},
                 {"string", required_argument, 0, 's'},
@@ -944,7 +977,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
 
         while (true) {
                 int option_index = getopt_long(
-                        argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:DnlLS::m:M:NEB",
+                        argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:x:b:d:e:p:s:R:r:u:f:C:J:K:DnlLS::m:M:NEB",
                         longopts, &option);
                 if (option_index == -1 || option_index == EOF || option_index == 1) {
                         break;
@@ -973,7 +1006,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                 case 'c': /* critical time threshold */
                 {
                         mp_range_parsed critical_range = mp_parse_range_string(optarg);
-                        if (critical_range.error != MP_PARSING_SUCCES) {
+                        if (critical_range.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical threshold: %s", optarg);
                         }
                         result.config.thlds = mp_thresholds_set_crit(result.config.thlds, critical_range.range);
@@ -982,7 +1015,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                 {
                         mp_range_parsed warning_range = mp_parse_range_string(optarg);
 
-                        if (warning_range.error != MP_PARSING_SUCCES) {
+                        if (warning_range.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning threshold: %s", optarg);
                         }
                         result.config.thlds = mp_thresholds_set_warn(result.config.thlds, warning_range.range);
@@ -1032,6 +1065,10 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                         strncpy(result.config.curl_config.user_auth, optarg, MAX_INPUT_BUFFER - 1);
                         result.config.curl_config.user_auth[MAX_INPUT_BUFFER - 1] = 0;
                         break;
+                case 'x': /* proxy info */
+                        strncpy(result.config.curl_config.proxy, optarg, DEFAULT_BUFFER_SIZE - 1);
+                        result.config.curl_config.proxy[DEFAULT_BUFFER_SIZE - 1] = 0;
+                        break;
                 case 'b': /* proxy-authorization info */
                         strncpy(result.config.curl_config.proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
                         result.config.curl_config.proxy_auth[MAX_INPUT_BUFFER - 1] = 0;
@@ -1248,7 +1285,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                         result.config.curl_config.sin_family = AF_INET;
                         break;
                 case '6':
-#if defined(USE_IPV6) && defined(LIBCURL_FEATURE_IPV6)
+#if defined(LIBCURL_FEATURE_IPV6)
                         result.config.curl_config.sin_family = AF_INET6;
 #else
                         usage4(_("IPv6 support not available"));
@@ -1258,7 +1295,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                 {
                         mp_range_parsed foo = mp_parse_range_string(optarg);
 
-                        if (foo.error != MP_PARSING_SUCCES) {
+                        if (foo.error != MP_PARSING_SUCCESS) {
                                 die(STATE_CRITICAL, "failed to parse page size limits: %s", optarg);
                         }
 
@@ -1327,6 +1364,10 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                 case HAPROXY_PROTOCOL:
                         result.config.curl_config.haproxy_protocol = true;
                         break;
+                case NO_PROXY:
+                        strncpy(result.config.curl_config.no_proxy, optarg, DEFAULT_BUFFER_SIZE - 1);
+                        result.config.curl_config.no_proxy[DEFAULT_BUFFER_SIZE - 1] = 0;
+                        break;
                 case '?':
                         /* print short usage statement if args not parsable */
                         usage5();
@@ -1354,35 +1395,35 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
                  * parameters, like -S and -C combinations */
                 result.config.curl_config.ssl_version = CURL_SSLVERSION_DEFAULT;
                 if (tls_option_optarg != NULL) {
-                        char *plus_ptr = strchr(optarg, '+');
+                        char *plus_ptr = strchr(tls_option_optarg, '+');
                         if (plus_ptr) {
                                 got_plus = true;
                                 *plus_ptr = '\0';
                         }
 
-                        if (optarg[0] == '2') {
+                        if (tls_option_optarg[0] == '2') {
                                 result.config.curl_config.ssl_version = CURL_SSLVERSION_SSLv2;
-                        } else if (optarg[0] == '3') {
+                        } else if (tls_option_optarg[0] == '3') {
                                 result.config.curl_config.ssl_version = CURL_SSLVERSION_SSLv3;
-                        } else if (!strcmp(optarg, "1") || !strcmp(optarg, "1.0")) {
+                        } else if (!strcmp(tls_option_optarg, "1") || !strcmp(tls_option_optarg, "1.0")) {
 #if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0)
                                 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_0;
 #else
                                 result.config.ssl_version = CURL_SSLVERSION_DEFAULT;
 #endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */
-                        } else if (!strcmp(optarg, "1.1")) {
+                        } else if (!strcmp(tls_option_optarg, "1.1")) {
 #if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0)
                                 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_1;
 #else
                                 result.config.ssl_version = CURL_SSLVERSION_DEFAULT;
 #endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */
-                        } else if (!strcmp(optarg, "1.2")) {
+                        } else if (!strcmp(tls_option_optarg, "1.2")) {
 #if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0)
                                 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_2;
 #else
                                 result.config.ssl_version = CURL_SSLVERSION_DEFAULT;
 #endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */
-                        } else if (!strcmp(optarg, "1.3")) {
+                        } else if (!strcmp(tls_option_optarg, "1.3")) {
 #if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 52, 0)
                                 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_3;
 #else
@@ -1505,8 +1546,8 @@ void print_help(void) {
         printf(" %s\n", "-I, --IP-address=ADDRESS");
         printf("    %s\n",
                    "IP address or name (use numeric address if possible to bypass DNS lookup).");
-        printf("    %s\n", "This overwrites the network address of the target while leaving everything "
-                                           "else (HTTP headers) as they are");
+        printf("    %s\n",
+                     "This overwrites the network address of the target while leaving everything else (HTTP headers) as they are");
         printf(" %s\n", "-p, --port=INTEGER");
         printf("    %s", _("Port number (default: "));
         printf("%d)\n", HTTP_PORT);
@@ -1570,8 +1611,7 @@ void print_help(void) {
         printf("    %s\n", _("String to expect in the content"));
         printf(" %s\n", "-u, --url=PATH");
         printf("    %s\n", _("URL to GET or POST (default: /)"));
-        printf("    %s\n", _("This is the part after the address in a URL, so for "
-                                                 "\"https://example.com/index.html\" it would be '-u /index.html'"));
+        printf("    %s\n", _("This is the part after the address in a URL, so for \"https://example.com/index.html\" it would be '-u /index.html'"));
         printf(" %s\n", "-P, --post=STRING");
         printf("    %s\n", _("URL decoded http POST data"));
         printf(" %s\n",
@@ -1597,6 +1637,18 @@ void print_help(void) {
         printf(" %s\n", "--state-regex=STATE");
         printf("    %s\n", _("Return STATE if regex is found, OK if not. STATE can be one of "
                                                  "\"critical\",\"warning\""));
+        printf(" %s\n", "-x, --proxy=PROXY_SERVER");
+        printf("    %s\n", _("Specify the proxy in form of <scheme>://<host(name)>:<port>"));
+        printf("    %s\n", _("Available schemes are http, https, socks4, socks4a, socks5, socks5h"));
+        printf("    %s\n", _("If port is not specified, libcurl defaults to 1080"));
+        printf("    %s\n", _("This value will be set as CURLOPT_PROXY"));
+        printf(" %s\n", "--noproxy=COMMA_SEPARATED_LIST");
+        printf("    %s\n", _("Specify hostnames, addresses and subnets where proxy should not be used"));
+        printf("    %s\n", _("Example usage: \"example.com,::1,1.1.1.1,localhost,192.168.0.0/16\""));
+        printf("    %s\n", _("Do not use brackets when specifying IPv6 addresses"));
+        printf("    %s\n", _("Special case when an item is '*' : matches all hosts/addresses "
+                "and effectively disables proxy."));
+        printf("    %s\n", _("This value will be set as CURLOPT_NOPROXY"));
         printf(" %s\n", "-a, --authorization=AUTH_PAIR");
         printf("    %s\n", _("Username:password on sites with basic authentication"));
         printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
@@ -1705,10 +1757,39 @@ void print_help(void) {
 #endif
 
         printf("\n %s\n", "CHECK WEBSERVER CONTENT VIA PROXY:");
-        printf(" %s\n", _("It is recommended to use an environment proxy like:"));
-        printf(" %s\n",
-                   _("http_proxy=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org"));
-        printf(" %s\n", _("legacy proxy requests in check_http style still work:"));
+        printf(" %s\n", _("Proxies are specified or disabled for certain hosts/addresses using environment variables"
+                " or -x/--proxy and --noproxy arguments:"));
+        printf(" %s\n", _("Checked environment variables: all_proxy, http_proxy, https_proxy, no_proxy"));
+        printf(" %s\n", _("Environment variables can also be given in uppercase, but the lowercase ones will "
+                                          "take predence if both are defined."));
+        printf(" %s\n", _("The environment variables are overwritten by -x/--proxy and --noproxy arguments:"));
+        printf(" %s\n", _("all_proxy/ALL_PROXY environment variables are read first, but protocol "
+                                        "specific environment variables override them."));
+        printf(" %s\n", _("If SSL is enabled and used, https_proxy/HTTPS_PROXY will be checked and overwrite "
+                        "http_proxy/HTTPS_PROXY."));
+        printf(" %s\n", _("Curl accepts proxies using http, https, socks4, socks4a, socks5 and socks5h schemes."));
+        printf(" %s\n", _("http_proxy=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org"));
+        printf(" %s\n", _("http_proxy=http://used.proxy.com HTTP_PROXY=http://ignored.proxy.com ./check_curl -H www.monitoring-plugins.org"));
+        printf(" %s\n", _("  Lowercase http_proxy takes predence over uppercase HTTP_PROXY"));
+        printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://192.168.100.35:3128"));
+        printf(" %s\n", _("http_proxy=http://unused.proxy1.com HTTP_PROXY=http://unused.proxy2.com ./check_curl "
+                        "-H www.monitoring-plugins.org --proxy http://used.proxy"));
+        printf(" %s\n", _("  Proxy specified by --proxy overrides any proxy specified by environment variable."));
+        printf(" %s\n", _("  Curl uses port 1080 by default as port is not specified"));
+        printf(" %s\n", _("HTTPS_PROXY=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org --ssl"));
+        printf(" %s\n", _("  HTTPS_PROXY is read as --ssl is toggled"));
+        printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org --proxy socks5h://192.168.122.21"));
+        printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com --noproxy '*'"));
+        printf(" %s\n", _("  Disabled proxy for all hosts by using '*' in no_proxy ."));
+        printf(" %s\n", _("NO_PROXY=www.monitoring-plugins.org ./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com"));
+        printf(" %s\n", _("  Exact matches with the hostname/address work."));
+        printf(" %s\n", _("no_proxy=192.168.178.0/24 ./check_curl -I 192.168.178.10 -x http://proxy.acme.org"));
+        printf(" %s\n", _("no_proxy=acme.org ./check_curl -H nonpublic.internalwebapp.acme.org -x http://proxy.acme.org"));
+        printf(" %s\n", _("  Do not use proxy when accessing internal domains/addresses, but use a default proxy when accessing public web."));
+        printf(" %s\n", _("  IMPORTANT: Check_curl can not always determine whether itself or the proxy will "
+                "resolve a hostname before sending a request and getting an answer."
+                "This can lead to DNS resolvation issues if hostname is only resolvable over proxy."));
+        printf(" %s\n", _("Legacy proxy requests in check_http style still work:"));
         printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u http://www.monitoring-plugins.org/ "
                                           "-H www.monitoring-plugins.org"));
 
@@ -1739,13 +1820,15 @@ void print_usage(void) {
         printf(" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n", progname);
         printf("       [-J <client certificate file>] [-K <private key>] [--ca-cert <CA certificate "
                    "file>] [-D]\n");
-        printf("       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n");
-        printf("       [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport|curl>]\n");
+        printf("       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-x <proxy>]\n");
+        printf("       [-a auth] [-b proxy_auth] [-f "
+                   "<ok|warning|critical|follow|sticky|stickyport|curl>]\n");
         printf("       [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive "
                    "regex>]\n");
         printf("       [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
         printf("       [-A string] [-k string] [-S <version>] [--sni] [--haproxy-protocol]\n");
         printf("       [-T <content-type>] [-j method]\n");
+        printf("       [--noproxy=<comma separated list of hosts, IP addresses, IP CIDR subnets>\n");
         printf("       [--http-version=<version>] [--enable-automatic-decompression]\n");
         printf("       [--cookie-jar=<cookie jar file>\n");
         printf(" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n", progname);
diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c
index 5af00973..4372dc0b 100644
--- a/plugins/check_curl.d/check_curl_helpers.c
+++ b/plugins/check_curl.d/check_curl_helpers.c
@@ -3,8 +3,11 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>
 #include <netdb.h>
+#include <stdint.h>
+#include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <sys/socket.h>
 #include "../utils.h"
 #include "check_curl.d/config.h"
 #include "output.h"
@@ -116,6 +119,107 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
                 curl_easy_setopt(result.curl_state.curl, CURLOPT_TIMEOUT, config.socket_timeout),
                 "CURLOPT_TIMEOUT");
 
+        /* set proxy */
+        /* http(s) proxy can either be given from the command line, or taken from environment variables */
+        /* socks4(a) / socks5(h) proxy should be given using the command line */
+
+        /* first source to check is the environment variables */
+        /* lower case proxy environment variables are almost always accepted, while some programs also checking
+        uppercase ones. discover both, but take the lowercase one if both are present */
+
+        /* extra information: libcurl does not discover the uppercase version HTTP_PROXY due to security reasons */
+        /* https://github.com/curl/curl/blob/d445f2d930ae701039518d695481ee53b8490521/lib/url.c#L1987 */
+
+        /* first environment variable to read is all_proxy. it can be overridden by protocol specific environment variables */
+        char *all_proxy_env, *all_proxy_uppercase_env;
+        all_proxy_env = getenv("all_proxy");
+        all_proxy_uppercase_env = getenv("ALL_PROXY");
+        if (all_proxy_env != NULL && strlen(all_proxy_env)){
+                working_state.curlopt_proxy = strdup(all_proxy_env);
+                if (all_proxy_uppercase_env != NULL && verbose >= 1) {
+                        printf("* cURL ignoring environment variable 'ALL_PROXY' as 'all_proxy' is set\n");
+                }
+        } else if (all_proxy_uppercase_env != NULL && strlen(all_proxy_uppercase_env) > 0) {
+                working_state.curlopt_proxy = strdup(all_proxy_uppercase_env);
+        }
+
+        /* second environment variable to read is http_proxy. only set curlopt_proxy if ssl is not toggled */
+        char *http_proxy_env, *http_proxy_uppercase_env;
+        http_proxy_env = getenv("http_proxy");
+        http_proxy_uppercase_env = getenv("HTTP_PROXY");
+        if (!working_state.use_ssl){
+                if (http_proxy_env != NULL && strlen(http_proxy_env) > 0) {
+                        working_state.curlopt_proxy = strdup(http_proxy_env);
+                        if (http_proxy_uppercase_env != NULL && verbose >= 1) {
+                                printf("* cURL ignoring environment variable 'HTTP_PROXY' as 'http_proxy' is set\n");
+                        }
+                } else if (http_proxy_uppercase_env != NULL && strlen(http_proxy_uppercase_env) > 0) {
+                        working_state.curlopt_proxy = strdup(http_proxy_uppercase_env);
+                }
+        }
+#ifdef LIBCURL_FEATURE_SSL
+        /* optionally read https_proxy environment variable and set curlopt_proxy if ssl is toggled */
+        char *https_proxy_env, *https_proxy_uppercase_env;
+        https_proxy_env = getenv("https_proxy");
+        https_proxy_uppercase_env = getenv("HTTPS_PROXY");
+        if (working_state.use_ssl) {
+                if (https_proxy_env != NULL && strlen(https_proxy_env) > 0) {
+                        working_state.curlopt_proxy = strdup(https_proxy_env);
+                        if (https_proxy_uppercase_env != NULL && verbose >= 1) {
+                                printf("* cURL ignoring environment variable 'HTTPS_PROXY' as 'https_proxy' is set\n");
+                        }
+                }
+                else if (https_proxy_uppercase_env != NULL && strlen(https_proxy_uppercase_env) >= 0) {
+                        working_state.curlopt_proxy = strdup(https_proxy_uppercase_env);
+                }
+        }
+#endif /* LIBCURL_FEATURE_SSL */
+
+        /* second source to check for proxies is command line argument, overwriting the environment variables */
+        if (strlen(config.proxy) > 0) {
+                working_state.curlopt_proxy = strdup(config.proxy);
+        }
+
+        if (working_state.curlopt_proxy != NULL && strlen(working_state.curlopt_proxy)){
+                handle_curl_option_return_code(
+                        curl_easy_setopt(result.curl_state.curl, CURLOPT_PROXY, working_state.curlopt_proxy), "CURLOPT_PROXY");
+                if (verbose >= 1) {
+                        printf("* curl CURLOPT_PROXY: %s\n", working_state.curlopt_proxy);
+                }
+        }
+
+        /* set no_proxy */
+        /* first source to check is environment variables */
+        char *no_proxy_env, *no_proxy_uppercase_env;
+        no_proxy_env = getenv("no_proxy");
+        no_proxy_uppercase_env = getenv("NO_PROXY");
+        if (no_proxy_env != NULL && strlen(no_proxy_env)){
+                working_state.curlopt_noproxy = strdup(no_proxy_env);
+                if (no_proxy_uppercase_env != NULL && verbose >= 1){
+                        printf("* cURL ignoring environment variable 'NO_PROXY' as 'no_proxy' is set\n");
+                }
+        }else if (no_proxy_uppercase_env != NULL && strlen(no_proxy_uppercase_env) > 0){
+                working_state.curlopt_noproxy = strdup(no_proxy_uppercase_env);
+        }
+
+        /* second source to check for no_proxy is command line argument, overwriting the environment variables */
+        if (strlen(config.no_proxy) > 0) {
+                working_state.curlopt_noproxy = strdup(config.no_proxy);
+        }
+
+        if ( working_state.curlopt_noproxy != NULL && strlen(working_state.curlopt_noproxy)){
+                handle_curl_option_return_code(
+                        curl_easy_setopt(result.curl_state.curl, CURLOPT_NOPROXY, working_state.curlopt_noproxy), "CURLOPT_NOPROXY");
+                if (verbose >= 1) {
+                        printf("* curl CURLOPT_NOPROXY: %s\n", working_state.curlopt_noproxy);
+                }
+        }
+
+        int proxy_resolves_hostname = determine_hostname_resolver(working_state, config);
+        if (verbose >= 1) {
+                printf("* proxy_resolves_hostname: %d\n", proxy_resolves_hostname);
+        }
+
         /* enable haproxy protocol */
         if (config.haproxy_protocol) {
                 handle_curl_option_return_code(
@@ -123,11 +227,11 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
                         "CURLOPT_HAPROXYPROTOCOL");
         }
 
-        // fill dns resolve cache to make curl connect to the given server_address instead of the
-        // host_name, only required for ssl, because we use the host_name later on to make SNI happy
+        /* fill dns resolve cache to make curl connect to the given server_address instead of the */
+        /* host_name, only required for ssl, because we use the host_name later on to make SNI happy */
         char dnscache[DEFAULT_BUFFER_SIZE];
         char addrstr[DEFAULT_BUFFER_SIZE / 2];
-        if (working_state.use_ssl && working_state.host_name != NULL) {
+        if (working_state.use_ssl && working_state.host_name != NULL && !proxy_resolves_hostname ) {
                 char *tmp_mod_address;
 
                 /* lookup_host() requires an IPv6 address without the brackets. */
@@ -488,7 +592,7 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
                         curl_easy_setopt(result.curl_state.curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4),
                         "CURLOPT_IPRESOLVE(CURL_IPRESOLVE_V4)");
         }
-#if defined(USE_IPV6) && defined(LIBCURL_FEATURE_IPV6)
+#if defined(LIBCURL_FEATURE_IPV6)
         else if (config.sin_family == AF_INET6) {
                 handle_curl_option_return_code(
                         curl_easy_setopt(result.curl_state.curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V6),
@@ -562,7 +666,7 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
 
 void handle_curl_option_return_code(CURLcode res, const char *option) {
         if (res != CURLE_OK) {
-                die(STATE_CRITICAL, _("Error while setting cURL option '%s': cURL returned %d - %s"),
+                die(STATE_CRITICAL, _("Error while setting cURL option '%s': cURL returned %d - %s\n"),
                         option, res, curl_easy_strerror(res));
         }
 }
@@ -589,6 +693,8 @@ check_curl_working_state check_curl_working_state_init() {
                 .serverPort = HTTP_PORT,
                 .use_ssl = false,
                 .no_body = false,
+                .curlopt_proxy = NULL,
+                .curlopt_noproxy = NULL,
         };
         return result;
 }
@@ -612,6 +718,8 @@ check_curl_config check_curl_config_init() {
                                 .ca_cert = NULL,
                                 .verify_peer_and_host = false,
                                 .user_agent = {'\0'},
+                                .proxy = "",
+                                .no_proxy = "",
                                 .proxy_auth = "",
                                 .user_auth = "",
                                 .http_content_type = NULL,
@@ -1295,3 +1403,342 @@ char *fmt_url(check_curl_working_state workingState) {
 
         return url;
 }
+
+int determine_hostname_resolver(const check_curl_working_state working_state, const check_curl_static_curl_config config){
+        char *host_name_display = "NULL";
+        unsigned long host_name_len = 0;
+        if( working_state.host_name){
+                host_name_len = strlen(working_state.host_name);
+                host_name_display = working_state.host_name;
+        }
+
+        /* IPv4 or IPv6 version of the address */
+        char *server_address_clean = strdup(working_state.server_address);
+        /* server address might be a full length ipv6 address encapsulated in square brackets */
+        if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) && (working_state.server_address[0] == '[') && (working_state.server_address[strlen(working_state.server_address)-1] == ']') ) {
+                server_address_clean = strndup( working_state.server_address + 1, strlen(working_state.server_address) - 2);
+        }
+
+        /* check curlopt_noproxy option first */
+        /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */
+
+        /* curlopt_noproxy is specified as a comma separated list of
+        direct IPv4 or IPv6 addresses e.g 130.133.8.40, 2001:4860:4802:32::a ,
+        IPv4 or IPv6 CIDR regions e.g 10.241.0.0/16 , abcd:ef01:2345::/48 ,
+        direct hostnames e.g example.com, google.de */
+
+        if (working_state.curlopt_noproxy != NULL){
+                char* curlopt_noproxy_copy = strdup( working_state.curlopt_noproxy);
+                char* noproxy_item = strtok(curlopt_noproxy_copy, ",");
+                while(noproxy_item != NULL){
+                        unsigned long noproxy_item_len = strlen(noproxy_item);
+
+                        /* According to the CURLOPT_NOPROXY documentation: */
+                        /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */
+                        /* The only wildcard available is a single * character, which matches all hosts, and effectively disables the proxy. */
+                        if ( strlen(noproxy_item) == 1 && noproxy_item[0] == '*'){
+                                if (verbose >= 1){
+                                        printf("* noproxy includes '*' which disables proxy for all host name incl. : %s / server address incl. : %s\n", host_name_display , server_address_clean);
+                                }
+                                free(curlopt_noproxy_copy);
+                                free(server_address_clean);
+                                return 0;
+                        }
+
+                        /* direct comparison with the server_address */
+                        if( server_address_clean != NULL && strlen(server_address_clean) == strlen(noproxy_item) && strcmp(server_address_clean, noproxy_item) == 0){
+                                if (verbose >= 1){
+                                        printf("* server_address is in the no_proxy list: %s\n", noproxy_item);
+                                }
+                                free(curlopt_noproxy_copy);
+                                free(server_address_clean);
+                                return 0;
+                        }
+
+                        /* direct comparison with the host_name */
+                        if( working_state.host_name != NULL && host_name_len == noproxy_item_len && strcmp(working_state.host_name, noproxy_item) == 0){
+                                if (verbose >= 1){
+                                        printf("* host_name is in the no_proxy list: %s\n", noproxy_item);
+                                }
+                                free(curlopt_noproxy_copy);
+                                free(server_address_clean);
+                                return 0;
+                        }
+
+                        /* check if hostname is a subdomain of the item, e.g www.example.com when token is example.com */
+                        /* subdomain1.acme.com will not will use a proxy if you only specify 'acme' in the noproxy */
+                        /* check if noproxy_item is a suffix */
+                        /* check if the character just before the suffix is '.' */
+                        if( working_state.host_name != NULL && host_name_len > noproxy_item_len){
+                                unsigned long suffix_start_idx = host_name_len - noproxy_item_len;
+                                if (strcmp(working_state.host_name + suffix_start_idx, noproxy_item ) == 0 && working_state.host_name[suffix_start_idx-1] == '.' ){
+                                        if (verbose >= 1){
+                                                printf("* host_name: %s is a subdomain of the no_proxy list item: %s\n", working_state.host_name , noproxy_item);
+                                        }
+                                        free(curlopt_noproxy_copy);
+                                        free(server_address_clean);
+                                        return 0;
+                                }
+                        }
+
+                        // noproxy_item could be a CIDR IP range
+                        if( server_address_clean != NULL && strlen(server_address_clean)){
+
+                                int ip_addr_inside_cidr_ret = ip_addr_inside_cidr(noproxy_item, server_address_clean);
+
+                                switch(ip_addr_inside_cidr_ret){
+                                case 1:
+                                        return 0;
+                                        break;
+                                case 0:
+                                        if(verbose >= 1){
+                                                printf("server address: %s is not inside IP cidr: %s\n", server_address_clean, noproxy_item);
+                                        }
+                                        break;
+                                case -1:
+                                        if(verbose >= 1){
+                                                printf("could not fully determine if server address: %s is inside the IP cidr: %s\n", server_address_clean, noproxy_item);
+                                        }
+                                        break;
+                                }
+                        }
+
+                        noproxy_item = strtok(NULL, ",");
+                }
+
+                free(curlopt_noproxy_copy);
+        }
+
+        if (working_state.curlopt_proxy != NULL){
+                // Libcurl documentation
+                // Setting the proxy string to "" (an empty string) explicitly disables the use of a proxy, even if there is an environment variable set for it.
+                if ( strlen(working_state.curlopt_proxy) == 0){
+                        return 0;
+                }
+
+                if ( strncmp( working_state.curlopt_proxy, "http://", 7) == 0){
+                        if (verbose >= 1){
+                                printf("* proxy scheme is http, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
+                        }
+                        free(server_address_clean);
+                        return 1;
+                }
+
+                if ( strncmp( working_state.curlopt_proxy, "https://", 8) == 0){
+                        if (verbose >= 1){
+                                printf("* proxy scheme is https, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
+                        }
+                        free(server_address_clean);
+                        return 1;
+                }
+
+                if ( strncmp( working_state.curlopt_proxy, "socks4://", 9) == 0){
+                        if (verbose >= 1){
+                                printf("* proxy scheme is socks, proxy: %s does not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
+                        }
+                        free(server_address_clean);
+                        return 0;
+                }
+
+                if ( strncmp( working_state.curlopt_proxy, "socks4a://", 10) == 0){
+                        if (verbose >= 1){
+                                printf("* proxy scheme is socks4a, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
+                        }
+                        free(server_address_clean);
+                        return 1;
+                }
+
+                if ( strncmp( working_state.curlopt_proxy, "socks5://", 9) == 0){
+                        if (verbose >= 1){
+                                printf("* proxy scheme is socks5, proxy: %s does not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
+                        }
+                        free(server_address_clean);
+                        return 0;
+                }
+
+                if ( strncmp( working_state.curlopt_proxy, "socks5h://", 10) == 0){
+                        if (verbose >= 1){
+                                printf("* proxy scheme is socks5h, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
+                        }
+                        free(server_address_clean);
+                        return 1;
+                }
+
+                // Libcurl documentation:
+                // Without a scheme prefix, CURLOPT_PROXYTYPE can be used to specify which kind of proxy the string identifies.
+                // We do not set this value
+                // Without a scheme, it is treated as an http proxy
+
+                return 1;
+        }
+
+        if (verbose >= 1){
+                printf("* proxy scheme is unknown/unavailable, no proxy is assumed for host: %s or server_address: %s\n", host_name_display, server_address_clean);
+        }
+
+        free(server_address_clean);
+        return 0;
+}
+
+int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_ip){
+        unsigned int slash_count = 0;
+        unsigned int last_slash_idx = 0;
+        for(size_t i = 0; i < strlen(cidr_region_or_ip_addr); i++){
+                if(cidr_region_or_ip_addr[i] == '/'){
+                        slash_count++;
+                        last_slash_idx = (unsigned int)i;
+                }
+        }
+
+        char *cidr_ip_part = NULL;
+        int prefix_length = 0;
+
+        if (slash_count == 0) {
+                cidr_ip_part = strdup(cidr_region_or_ip_addr);
+                if (!cidr_ip_part) return -1;
+        } else if (slash_count == 1) {
+                cidr_ip_part = strndup(cidr_region_or_ip_addr, last_slash_idx);
+                if (!cidr_ip_part) return -1;
+
+                errno = 0;
+                long long tmp = strtoll(cidr_region_or_ip_addr + last_slash_idx + 1, NULL, 10);
+                if (errno == ERANGE) {
+                        if (verbose >= 1) {
+                                printf("cidr_region_or_ip: %s , could not parse subnet length\n", cidr_region_or_ip_addr);
+                        }
+                        free(cidr_ip_part);
+                        return -1;
+                }
+                prefix_length = (int)tmp;
+        } else {
+                printf("cidr_region_or_ip: %s , has %d number of '/' characters, is not a valid cidr_region or IP\n", cidr_region_or_ip_addr, slash_count);
+                return -1;
+        }
+
+        int cidr_addr_family, target_addr_family;
+        if (strchr(cidr_ip_part, ':')){
+                cidr_addr_family = AF_INET6;
+        } else {
+                cidr_addr_family = AF_INET;
+        }
+
+        if (strchr(target_ip, ':')){
+                target_addr_family = AF_INET6;
+        } else {
+                target_addr_family = AF_INET;
+        }
+
+        if (cidr_addr_family != target_addr_family){
+                if (verbose >= 1){
+                        printf("cidr address: %s and target ip address: %s have different address families\n", cidr_ip_part, target_ip);
+                }
+                free(cidr_ip_part);
+                return 0;
+        }
+
+        // If no prefix is given, treat the cidr as a single address (full-length prefix)
+        if (slash_count == 0) {
+                prefix_length = (cidr_addr_family == AF_INET) ? 32 : 128;
+        }
+
+        int max_bits = (cidr_addr_family == AF_INET) ? 32u : 128u;
+        if (prefix_length < 0 || prefix_length > max_bits) {
+                if (verbose >= 1) {
+                        printf("cidr_region_or_ip: %s has invalid prefix length: %u\n", cidr_region_or_ip_addr, prefix_length);
+                }
+                free(cidr_ip_part);
+                return -1;
+        }
+
+        if (verbose >= 1){
+                printf("cidr_region_or_ip: %s , has prefix length: %u\n", cidr_region_or_ip_addr, prefix_length);
+        }
+
+        int inet_pton_rc;
+        uint8_t *cidr_bytes = NULL;
+        uint8_t *target_bytes = NULL;
+        uint8_t cidr_buf[16];
+        uint8_t target_buf[16];
+        size_t total_bytes = 0;
+
+        if (cidr_addr_family == AF_INET) {
+                struct in_addr cidr_ipv4;
+                struct in_addr target_ipv4;
+                inet_pton_rc = inet_pton(AF_INET, cidr_ip_part, &cidr_ipv4);
+                if (inet_pton_rc != 1) {
+                        if (verbose >= 1) {
+                                printf("ip string: %s contains characters not valid for its address family: IPv4\n", cidr_ip_part);
+                        }
+                        free(cidr_ip_part);
+                        return -1;
+                }
+                inet_pton_rc = inet_pton(AF_INET, target_ip, &target_ipv4);
+                if (inet_pton_rc != 1) {
+                        if (verbose >= 1) {
+                                printf("ip string: %s contains characters not valid for its address family: IPv4\n", target_ip);
+                        }
+                        free(cidr_ip_part);
+                        return -1;
+                }
+                // copy the addresses in network byte order to a buffer for comparison
+                memcpy(cidr_buf, &cidr_ipv4.s_addr, 4);
+                memcpy(target_buf, &target_ipv4.s_addr, 4);
+                cidr_bytes = cidr_buf;
+                target_bytes = target_buf;
+                total_bytes = 4;
+        } else {
+                struct in6_addr cidr_ipv6;
+                struct in6_addr target_ipv6;
+                inet_pton_rc = inet_pton(AF_INET6, cidr_ip_part, &cidr_ipv6);
+                if (inet_pton_rc != 1) {
+                        if (verbose >= 1) {
+                                printf("ip string: %s contains characters not valid for its address family: IPv6\n", cidr_ip_part);
+                        }
+                        free(cidr_ip_part);
+                        return -1;
+                }
+                inet_pton_rc = inet_pton(AF_INET6, target_ip, &target_ipv6);
+                if (inet_pton_rc != 1) {
+                        if (verbose >= 1) {
+                                printf("ip string: %s contains characters not valid for its address family: IPv6\n", target_ip);
+                        }
+                        free(cidr_ip_part);
+                        return -1;
+                }
+                memcpy(cidr_buf, &cidr_ipv6, 16);
+                memcpy(target_buf, &target_ipv6, 16);
+                cidr_bytes = cidr_buf;
+                target_bytes = target_buf;
+                total_bytes = 16;
+        }
+
+        int prefix_bytes = prefix_length / 8;
+        int prefix_bits = prefix_length % 8;
+
+        if (prefix_bytes > 0) {
+                if (memcmp(cidr_bytes, target_bytes, (size_t)prefix_bytes) != 0) {
+                        if (verbose >= 1) {
+                                printf("the first %d bytes of the cidr_region_or_ip: %s and target_ip: %s are different\n", prefix_bytes, cidr_ip_part, target_ip);
+                        }
+                        free(cidr_ip_part);
+                        return 0;
+                }
+        }
+
+        if (prefix_bits != 0) {
+                uint8_t cidr_oct = cidr_bytes[prefix_bytes];
+                uint8_t target_oct = target_bytes[prefix_bytes];
+                // the mask has first prefix_bits bits 1, the rest as 0
+                uint8_t mask = (uint8_t)(0xFFu << (8 - prefix_bits));
+                if ((cidr_oct & mask) != (target_oct & mask)) {
+                        if (verbose >= 1) {
+                                printf("looking at the last %d bits of the prefix, cidr_region_or_ip(%s) byte is: %u and target_ip byte(%s) is: %u, applying bitmask: %02X returns different results\n", prefix_bits, cidr_ip_part, (unsigned)cidr_oct, target_ip, (unsigned)target_oct, mask);
+                        }
+                        free(cidr_ip_part);
+                        return 0;
+                }
+        }
+
+        free(cidr_ip_part);
+        return 1;
+}
diff --git a/plugins/check_curl.d/check_curl_helpers.h b/plugins/check_curl.d/check_curl_helpers.h
index e77b763b..cc47bf9d 100644
--- a/plugins/check_curl.d/check_curl_helpers.h
+++ b/plugins/check_curl.d/check_curl_helpers.h
@@ -126,3 +126,12 @@ void test_file(char *path);
 mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_till_exp,
                                                                                   int crit_days_till_exp);
 char *fmt_url(check_curl_working_state workingState);
+
+
+/* function that will determine if the host or the proxy resolves the target hostname
+returns 0 if requester resolves the hostname locally, 1 if proxy resolves the hostname */
+int determine_hostname_resolver(const check_curl_working_state working_state, const check_curl_static_curl_config config);
+
+/* Checks if an IP is inside given CIDR region. Using /protocol_size or not specifying the prefix length performs an equality check. Supports both IPv4 and IPv6
+returns 1 if the target_ip address is inside the given cidr_region_or_ip_addr, 0 if its out. return codes < 0 mean an error has occurred. */
+int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_ip);
diff --git a/plugins/check_curl.d/config.h b/plugins/check_curl.d/config.h
index 61067d46..bcdf3010 100644
--- a/plugins/check_curl.d/config.h
+++ b/plugins/check_curl.d/config.h
@@ -48,6 +48,11 @@ typedef struct {
 
         bool use_ssl;
         bool no_body;
+
+        /* curl CURLOPT_PROXY option will be set to this value if not NULL */
+        char *curlopt_proxy;
+        /* curl CURLOPT_NOPROXY option will be set to this value if not NULL */
+        char *curlopt_noproxy;
 } check_curl_working_state;
 
 check_curl_working_state check_curl_working_state_init();
@@ -65,6 +70,8 @@ typedef struct {
         char *client_privkey;
         char *ca_cert;
         bool verify_peer_and_host;
+        char proxy[DEFAULT_BUFFER_SIZE];
+        char no_proxy[DEFAULT_BUFFER_SIZE];
         char user_agent[DEFAULT_BUFFER_SIZE];
         char proxy_auth[MAX_INPUT_BUFFER];
         char user_auth[MAX_INPUT_BUFFER];
diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c
index 81d92952..dd466d00 100644
--- a/plugins/check_dbi.c
+++ b/plugins/check_dbi.c
@@ -470,7 +470,7 @@ check_dbi_config_wrapper process_arguments(int argc, char **argv) {
 
                 case 'c': /* critical range */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical threshold");
                         }
                         result.config.thresholds = mp_thresholds_set_crit(result.config.thresholds, tmp.range);
@@ -478,7 +478,7 @@ check_dbi_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'w': /* warning range */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning threshold");
                         }
                         result.config.thresholds = mp_thresholds_set_warn(result.config.thresholds, tmp.range);
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index e1a2baff..0d941f25 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -838,7 +838,7 @@ check_disk_config_wrapper process_arguments(int argc, char **argv) {
                 }
                 char *range = argv[index++];
                 mp_range_parsed tmp = mp_parse_range_string(range);
-                if (tmp.error != MP_PARSING_SUCCES) {
+                if (tmp.error != MP_PARSING_SUCCESS) {
                         die(STATE_UNKNOWN, "failed to parse warning threshold");
                 }
 
@@ -859,7 +859,7 @@ check_disk_config_wrapper process_arguments(int argc, char **argv) {
                 }
                 char *range = argv[index++];
                 mp_range_parsed tmp = mp_parse_range_string(range);
-                if (tmp.error != MP_PARSING_SUCCES) {
+                if (tmp.error != MP_PARSING_SUCCESS) {
                         die(STATE_UNKNOWN, "failed to parse warning threshold");
                 }
 
diff --git a/plugins/check_http.c b/plugins/check_http.c
index d2f080c7..71f94b91 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -544,11 +544,7 @@ bool process_arguments(int argc, char **argv) {
                         address_family = AF_INET;
                         break;
                 case '6':
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage4(_("IPv6 support not available"));
-#endif
                         break;
                 case 'v': /* verbose */
                         verbose = true;
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index 1b2e2826..7f8282b4 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -400,7 +400,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'w': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning connection time threshold");
                         }
                         result.config.connection_time_threshold =
@@ -408,7 +408,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'c': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical connection time threshold");
                         }
                         result.config.connection_time_threshold =
@@ -416,7 +416,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'W': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse number of entries warning threshold");
                         }
                         result.config.entries_thresholds =
@@ -424,7 +424,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'C': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse number of entries critical threshold");
                         }
                         result.config.entries_thresholds =
@@ -462,11 +462,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
                         }
                         break;
                 case '6':
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage(_("IPv6 support not available\n"));
-#endif
                         break;
                 case output_format_index: {
                         parsed_output_format parser = mp_parse_output_format(optarg);
diff --git a/plugins/check_mrtg.c b/plugins/check_mrtg.c
index cdc2a035..bb38fcc5 100644
--- a/plugins/check_mrtg.c
+++ b/plugins/check_mrtg.c
@@ -255,7 +255,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'w': /* critical time threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning threshold");
                         }
                         result.config.values_threshold =
@@ -263,7 +263,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'c': /* warning time threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical threshold");
                         }
                         result.config.values_threshold =
@@ -330,7 +330,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
 
         if (argc > option_char && !result.config.values_threshold.warning_is_set) {
                 mp_range_parsed tmp = mp_parse_range_string(argv[option_char++]);
-                if (tmp.error != MP_PARSING_SUCCES) {
+                if (tmp.error != MP_PARSING_SUCCESS) {
                         die(STATE_UNKNOWN, "failed to parse warning threshold");
                 }
                 result.config.values_threshold =
@@ -339,7 +339,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
 
         if (argc > option_char && !result.config.values_threshold.critical_is_set) {
                 mp_range_parsed tmp = mp_parse_range_string(argv[option_char++]);
-                if (tmp.error != MP_PARSING_SUCCES) {
+                if (tmp.error != MP_PARSING_SUCCESS) {
                         die(STATE_UNKNOWN, "failed to parse critical threshold");
                 }
                 result.config.values_threshold =
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 26730d4c..15005bf5 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -572,7 +572,7 @@ check_mysql_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'w': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning time threshold");
                         }
                         result.config.replica_thresholds =
@@ -580,7 +580,7 @@ check_mysql_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'c': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical time threshold");
                         }
                         result.config.replica_thresholds =
diff --git a/plugins/check_mysql_query.c b/plugins/check_mysql_query.c
index ae6cc15d..fc0966d3 100644
--- a/plugins/check_mysql_query.c
+++ b/plugins/check_mysql_query.c
@@ -277,14 +277,14 @@ check_mysql_query_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'w': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning threshold");
                         }
                         result.config.thresholds = mp_thresholds_set_warn(result.config.thresholds, tmp.range);
                 } break;
                 case 'c': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical threshold");
                         }
                         result.config.thresholds = mp_thresholds_set_crit(result.config.thresholds, tmp.range);
diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c
index 26f74286..b5cfb460 100644
--- a/plugins/check_ntp_peer.c
+++ b/plugins/check_ntp_peer.c
@@ -548,7 +548,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'w': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning offset threshold");
                         }
 
@@ -557,7 +557,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'c': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical offset threshold");
                         }
 
@@ -567,7 +567,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 case 'W': {
                         result.config.do_stratum = true;
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning stratum threshold");
                         }
 
@@ -577,7 +577,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 case 'C': {
                         result.config.do_stratum = true;
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical stratum threshold");
                         }
 
@@ -587,7 +587,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 case 'j': {
                         result.config.do_jitter = true;
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning jitter threshold");
                         }
 
@@ -597,7 +597,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 case 'k': {
                         result.config.do_jitter = true;
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical jitter threshold");
                         }
 
@@ -607,7 +607,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 case 'm': {
                         result.config.do_truechimers = true;
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning truechimer threshold");
                         }
 
@@ -617,7 +617,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                 case 'n': {
                         result.config.do_truechimers = true;
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical truechimer threshold");
                         }
 
@@ -640,11 +640,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
                         address_family = AF_INET;
                         break;
                 case '6':
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage4(_("IPv6 support not available"));
-#endif
                         break;
                 case '?':
                         /* print short usage statement if args not parsable */
diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c
index 9e0beb9c..4e3a55db 100644
--- a/plugins/check_ntp_time.c
+++ b/plugins/check_ntp_time.c
@@ -605,7 +605,7 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'w': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning threshold");
                         }
 
@@ -614,7 +614,7 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'c': {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse crit threshold");
                         }
 
@@ -640,11 +640,7 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
                         address_family = AF_INET;
                         break;
                 case '6':
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage4(_("IPv6 support not available"));
-#endif
                         break;
                 case '?':
                         /* print short usage statement if args not parsable */
@@ -661,6 +657,14 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
 }
 
 int main(int argc, char *argv[]) {
+#ifdef __OpenBSD__
+        /* - rpath is required to read --extra-opts (given up later)
+         * - inet is required for sockets
+         * - unix is required for Unix domain sockets
+         * - dns is required for name lookups */
+        pledge("stdio rpath inet unix dns", NULL);
+#endif // __OpenBSD__
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -674,6 +678,10 @@ int main(int argc, char *argv[]) {
                 usage4(_("Could not parse arguments"));
         }
 
+#ifdef __OpenBSD__
+        pledge("stdio inet unix dns", NULL);
+#endif // __OpenBSD__
+
         const check_ntp_time_config config = tmp_config.config;
 
         if (config.output_format_is_set) {
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index 0ce75e0a..8cbaaeeb 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -401,7 +401,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'c': /* critical time threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical time threshold");
                         }
                         result.config.time_thresholds =
@@ -409,7 +409,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'w': /* warning time threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning time threshold");
                         }
                         result.config.time_thresholds =
@@ -417,7 +417,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'C': /* critical query threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical query threshold");
                         }
 
@@ -427,7 +427,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'W': /* warning query threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning query threshold");
                         }
                         result.config.qthresholds =
diff --git a/plugins/check_ping.c b/plugins/check_ping.c
index 61feb958..e1ee0f5c 100644
--- a/plugins/check_ping.c
+++ b/plugins/check_ping.c
@@ -246,11 +246,7 @@ check_ping_config_wrapper process_arguments(int argc, char **argv) {
                         address_family = AF_INET;
                         break;
                 case '6': /* IPv6 only */
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage(_("IPv6 support not available\n"));
-#endif
                         break;
                 case 'H': /* hostname */ {
                         char *ptr = optarg;
diff --git a/plugins/check_procs.c b/plugins/check_procs.c
index ae6e9c23..50837cb4 100644
--- a/plugins/check_procs.c
+++ b/plugins/check_procs.c
@@ -430,7 +430,7 @@ check_procs_config_wrapper process_arguments(int argc, char **argv) {
         while (true) {
                 int option = 0;
                 int option_index =
-                        getopt_long(argc, argv, "Vvhkt:c:w:p:s:u:C:a:z:r:m:P:T:X:", longopts, &option);
+                        getopt_long(argc, argv, "Vvhkt:c:w:p:s:u:C:a:z:r:m:P:TX:", longopts, &option);
 
                 if (option_index == -1 || option_index == EOF) {
                         break;
diff --git a/plugins/check_real.c b/plugins/check_real.c
index 15c8a20c..b415578f 100644
--- a/plugins/check_real.c
+++ b/plugins/check_real.c
@@ -409,7 +409,7 @@ check_real_config_wrapper process_arguments(int argc, char **argv) {
                 case 'w': /* warning time threshold */
                 {
                         mp_range_parsed critical_range = mp_parse_range_string(optarg);
-                        if (critical_range.error != MP_PARSING_SUCCES) {
+                        if (critical_range.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning threshold: %s", optarg);
                         }
                         result.config.time_thresholds =
@@ -418,7 +418,7 @@ check_real_config_wrapper process_arguments(int argc, char **argv) {
                 case 'c': /* critical time threshold */
                 {
                         mp_range_parsed critical_range = mp_parse_range_string(optarg);
-                        if (critical_range.error != MP_PARSING_SUCCES) {
+                        if (critical_range.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical threshold: %s", optarg);
                         }
                         result.config.time_thresholds =
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index e8c35f58..24883fd8 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -100,6 +100,14 @@ static int my_close(int /*socket_descriptor*/);
 static int verbose = 0;
 
 int main(int argc, char **argv) {
+#ifdef __OpenBSD__
+        /* - rpath is required to read --extra-opts (given up later)
+         * - inet is required for sockets
+         * - unix is required for Unix domain sockets
+         * - dns is required for name lookups */
+        pledge("stdio rpath inet unix dns", NULL);
+#endif // __OpenBSD__
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -113,6 +121,10 @@ int main(int argc, char **argv) {
                 usage4(_("Could not parse arguments"));
         }
 
+#ifdef __OpenBSD__
+        pledge("stdio inet unix dns", NULL);
+#endif // __OpenBSD__
+
         const check_smtp_config config = tmp_config.config;
 
         if (config.output_format_is_set) {
@@ -723,7 +735,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
                         break;
                 case 'c': /* critical time threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse critical time threshold");
                         }
                         result.config.connection_time =
@@ -731,7 +743,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
                 } break;
                 case 'w': /* warning time threshold */ {
                         mp_range_parsed tmp = mp_parse_range_string(optarg);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "failed to parse warning time threshold");
                         }
                         result.config.connection_time =
@@ -807,11 +819,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
                         address_family = AF_INET;
                         break;
                 case '6':
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage4(_("IPv6 support not available"));
-#endif
                         break;
                 case 'V': /* version */
                         print_revision(progname, NP_VERSION);
diff --git a/plugins/check_snmp.d/check_snmp_helpers.c b/plugins/check_snmp.d/check_snmp_helpers.c
index 2dfc88b5..83e94a34 100644
--- a/plugins/check_snmp.d/check_snmp_helpers.c
+++ b/plugins/check_snmp.d/check_snmp_helpers.c
@@ -52,7 +52,7 @@ int check_snmp_set_thresholds(const char *threshold_string, check_snmp_test_unit
                         }
 
                         mp_range_parsed tmp = mp_parse_range_string(ptr);
-                        if (tmp.error != MP_PARSING_SUCCES) {
+                        if (tmp.error != MP_PARSING_SUCCESS) {
                                 die(STATE_UNKNOWN, "Unable to parse critical threshold range: %s", ptr);
                         }
 
@@ -70,7 +70,7 @@ int check_snmp_set_thresholds(const char *threshold_string, check_snmp_test_unit
                 // Single value
                 // only valid for the first test unit
                 mp_range_parsed tmp = mp_parse_range_string(threshold_string);
-                if (tmp.error != MP_PARSING_SUCCES) {
+                if (tmp.error != MP_PARSING_SUCCESS) {
                         die(STATE_UNKNOWN, "Unable to parse critical threshold range: %s", threshold_string);
                 }
 
diff --git a/plugins/check_ssh.c b/plugins/check_ssh.c
index f6c8d551..911f6787 100644
--- a/plugins/check_ssh.c
+++ b/plugins/check_ssh.c
@@ -61,6 +61,14 @@ static int ssh_connect(mp_check *overall, char *haddr, int hport, char *remote_v
                                            char *remote_protocol);
 
 int main(int argc, char **argv) {
+#ifdef __OpenBSD__
+        /* - rpath is required to read --extra-opts (given up later)
+         * - inet is required for sockets
+         * - unix is required for Unix domain sockets
+         * - dns is required for name lookups */
+        pledge("stdio rpath inet unix dns", NULL);
+#endif // __OpenBSD__
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -74,6 +82,10 @@ int main(int argc, char **argv) {
                 usage4(_("Could not parse arguments"));
         }
 
+#ifdef __OpenBSD__
+        pledge("stdio inet unix dns", NULL);
+#endif // __OpenBSD__
+
         check_ssh_config config = tmp_config.config;
 
         mp_check overall = mp_check_init();
@@ -161,11 +173,7 @@ process_arguments_wrapper process_arguments(int argc, char **argv) {
                         address_family = AF_INET;
                         break;
                 case '6':
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage4(_("IPv6 support not available"));
-#endif
                         break;
                 case 'r': /* remote version */
                         result.config.remote_version = optarg;
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 09806373..49a8c4c1 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -89,6 +89,14 @@ const int DEFAULT_NNTPS_PORT = 563;
 const int DEFAULT_CLAMD_PORT = 3310;
 
 int main(int argc, char **argv) {
+#ifdef __OpenBSD__
+        /* - rpath is required to read --extra-opts (given up later)
+         * - inet is required for sockets
+         * - unix is required for Unix domain sockets
+         * - dns is required for name lookups */
+        pledge("stdio rpath inet unix dns", NULL);
+#endif // __OpenBSD__
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -216,6 +224,10 @@ int main(int argc, char **argv) {
                 usage4(_("Could not parse arguments"));
         }
 
+#ifdef __OpenBSD__
+        pledge("stdio inet unix dns", NULL);
+#endif // __OpenBSD__
+
         config = paw.config;
 
         if (verbosity > 0) {
@@ -571,11 +583,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
                         address_family = AF_INET;
                         break;
                 case '6': // Apparently unused TODO
-#ifdef USE_IPV6
                         address_family = AF_INET6;
-#else
-                        usage4(_("IPv6 support not available"));
-#endif
                         break;
                 case 'H': /* hostname */
                         config.host_specified = true;
diff --git a/plugins/check_users.c b/plugins/check_users.c
index 3b2e265e..4027d21a 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -222,7 +222,7 @@ check_users_config_wrapper process_arguments(int argc, char **argv) {
                 exit(STATE_UNKNOWN);
         }
 
-        if (tmp.error == MP_PARSING_SUCCES) {
+        if (tmp.error == MP_PARSING_SUCCESS) {
                 result.config.thresholds.warning = tmp.range;
                 result.config.thresholds.warning_is_set = true;
         } else {
@@ -238,7 +238,7 @@ check_users_config_wrapper process_arguments(int argc, char **argv) {
                 exit(STATE_UNKNOWN);
         }
 
-        if (tmp.error == MP_PARSING_SUCCES) {
+        if (tmp.error == MP_PARSING_SUCCESS) {
                 result.config.thresholds.critical = tmp.range;
                 result.config.thresholds.critical_is_set = true;
         } else {
diff --git a/plugins/netutils.c b/plugins/netutils.c
index b4c6ff0a..f9933ebd 100644
--- a/plugins/netutils.c
+++ b/plugins/netutils.c
@@ -38,11 +38,7 @@ mp_state_enum socket_timeout_state = STATE_CRITICAL;
 mp_state_enum econn_refuse_state = STATE_CRITICAL;
 bool was_refused = false;
 
-#if USE_IPV6
 int address_family = AF_UNSPEC;
-#else
-int address_family = AF_INET;
-#endif
 
 /* handles socket timeouts */
 void socket_timeout_alarm_handler(int sig) {
@@ -348,7 +344,6 @@ void host_or_die(const char *str) {
 }
 
 bool is_addr(const char *address) {
-#ifdef USE_IPV6
         if (address_family == AF_INET && is_inet_addr(address)) {
                 return true;
         }
@@ -356,11 +351,6 @@ bool is_addr(const char *address) {
         if (address_family == AF_INET6 && is_inet6_addr(address)) {
                 return true;
         }
-#else
-        if (is_inet_addr(address)) {
-                return true;
-        }
-#endif
 
         return false;
 }
diff --git a/plugins/netutils.h b/plugins/netutils.h
index dbd22398..f3d046c3 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -78,12 +78,8 @@ bool dns_lookup(const char *, struct sockaddr_storage *, int);
 void host_or_die(const char *str);
 #define resolve_host_or_addr(addr, family) dns_lookup(addr, NULL, family)
 #define is_inet_addr(addr)                 resolve_host_or_addr(addr, AF_INET)
-#ifdef USE_IPV6
 #       define is_inet6_addr(addr) resolve_host_or_addr(addr, AF_INET6)
 #       define is_hostname(addr)   resolve_host_or_addr(addr, address_family)
-#else
-#       define is_hostname(addr) resolve_host_or_addr(addr, AF_INET)
-#endif
 
 extern unsigned int socket_timeout;
 extern mp_state_enum socket_timeout_state;
diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t
index 2c2fafde..a8326f12 100644
--- a/plugins/t/check_curl.t
+++ b/plugins/t/check_curl.t
@@ -13,7 +13,7 @@ use vars qw($tests $has_ipv6);
 BEGIN {
     use NPTest;
     $has_ipv6 = NPTest::has_ipv6();
-    $tests = $has_ipv6 ? 55 : 53;
+    $tests = $has_ipv6 ? 57 : 92;
     plan tests => $tests;
 }
 
@@ -25,7 +25,13 @@ my $plugin = 'check_http';
 $plugin    = 'check_curl' if $0 =~ m/check_curl/mx;
 
 my $host_tcp_http      = getTestParameter("NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", "localhost");
+my $host_tcp_http_subdomain = getTestParameter("NP_HOST_TCP_HTTP_SUBDOMAIN", "A host that is served under a subdomain name", "subdomain1.localhost.com");
+my $host_tcp_http_ipv4 = getTestParameter("NP_HOST_TCP_HTTP_IPV4", "An IPv6 address providing a HTTP Service (a web server)", "127.0.0.1");
+my $host_tcp_http_ipv4_cidr_1 = getTestParameter("NP_HOST_TCP_HTTP_IPV4_CIDR_1", "A CIDR that the provided IPv4 address is in.");
+my $host_tcp_http_ipv4_cidr_2 = getTestParameter("NP_HOST_TCP_HTTP_IPV4_CIDR_2", "A CIDR that the provided IPv4 address is in.");
 my $host_tcp_http_ipv6      = getTestParameter("NP_HOST_TCP_HTTP_IPV6", "An IPv6 address providing a HTTP Service (a web server)", "::1");
+my $host_tcp_http_ipv6_cidr_1 = getTestParameter("NP_HOST_TCP_HTTP_IPV6_CIDR_1", "A CIDR that the provided IPv6 address is in.");
+my $host_tcp_http_ipv6_cidr_2 = getTestParameter("NP_HOST_TCP_HTTP_IPV6_CIDR_2", "A CIDR that the provided IPv6 address is in.");
 my $host_tls_http      = getTestParameter("NP_HOST_TLS_HTTP", "A host providing the HTTPS Service (a tls web server)", "localhost");
 my $host_tls_cert      = getTestParameter("NP_HOST_TLS_CERT", "the common name of the certificate.", "localhost");
 my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1");
@@ -222,3 +228,110 @@ SKIP: {
         $res = NPTest->testCmd( "./$plugin -H monitoring-plugins.org --extended-perfdata" );
         like  ( $res->output, '/\'time_connect\'=[\d\.]+/', 'Extended Performance Data Output OK' );
 }
+SKIP: {
+    skip "No internet access", 2 if $internet_access eq "no";
+
+    # Proxy tests
+    # These are the proxy tests that require a working proxy server
+    # The debian container in the github workflow runs a squid proxy server at port 3128
+    # Test that dont require one, like argument/environment variable parsing are in plugins/tests/check_curl.t
+
+    # Test if proxy works
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
+    is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
+    is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv4 works" );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
+    is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv6 works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
+    is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http2 works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
+    is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_subdomain works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tls_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
+    is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tls_http works" );
+
+    # Noproxy '*' should prevent using proxy in any setting, even if its specified
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" ");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" ");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" ");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
+
+    # Noproxy domain should prevent using proxy for subdomains of that domain
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since subdomain: $host_tcp_http_subdomain  is under a noproxy domain: $host_tcp_http");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." );
+
+    # Noproxy should prevent using IP matches if an IP is found directly
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4 -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is added into noproxy: $host_tcp_http_ipv4");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6 -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is added into noproxy: $host_tcp_http_ipv6");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
+
+    # Noproxy should prevent using IP matches if a CIDR region that contains that Ip is used directly.
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_1 -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_1");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_2 -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_2");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_1 -v " );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_1");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
+
+    $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_2 -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_2");
+    is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
+
+    # Noproxy should discern over different types of proxy schemes
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme http ");
+    is( $res->return_code, 0, "Using proxy http:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy https://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme https");
+    # Squid is not configured for https
+    # is( $res->return_code, 0, "Using proxy https:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used for resolving hostname, and is using scheme socks4");
+    # Squid is not configured for socks4
+    # is( $res->return_code, 0, "Using proxy socks4:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4a://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme socks4a");
+    # Squid is not configured for socks4a
+    # is( $res->return_code, 0, "Using proxy socks4a:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used for resolving hostname, and is using scheme socks5");
+    # Squid is not configured for socks5
+    # is( $res->return_code, 0, "Using proxy socks5:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+
+    $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5h://$host_tcp_proxy:$port_tcp_proxy -v" );
+    like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme socks5h");
+    # Squid is not configured for socks5h
+    # is( $res->return_code, 0, "Using proxy socks5h:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
+}
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
index 248eb4c5..94058d5b 100755
--- a/plugins/tests/check_curl.t
+++ b/plugins/tests/check_curl.t
@@ -27,8 +27,8 @@ use HTTP::Daemon::SSL;
 
 $ENV{'LC_TIME'} = "C";
 
-my $common_tests = 95;
-my $ssl_only_tests = 8;
+my $common_tests = 111;
+my $ssl_only_tests = 12;
 # Check that all dependent modules are available
 eval "use HTTP::Daemon 6.01;";
 plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
@@ -41,7 +41,7 @@ my $plugin = 'check_http';
 $plugin    = 'check_curl' if $0 =~ m/check_curl/mx;
 
 # look for libcurl version to see if some advanced checks are possible (>= 7.49.0)
-my $advanced_checks = 12;
+my $advanced_checks = 16;
 my $use_advanced_checks = 0;
 my $required_version = '7.49.0';
 my $virtual_host = 'www.somefunnyhost.com';
@@ -410,6 +410,41 @@ SKIP: {
         $result = NPTest->testCmd( $cmd );
         is( $result->return_code, 0, $cmd);
         like( $result->output, '/.*HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second.*/', "Output correct: ".$result->output );
+
+        # curlopt proxy/noproxy parsing tests, ssl disabled
+        {
+                # Make a scope and change environment variables here, to not mess them up for other tests using environment variables
+
+                local $ENV{"http_proxy"} = 'http://proxy.example.com:8080';
+                $cmd = "$command -u /statuscode/200 -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://proxy.example.com:8080 */', "Correctly took 'http_proxy' environment variable: ".$result->output );
+                delete($ENV{"http_proxy"});
+
+                local $ENV{"http_proxy"} = 'http://taken.proxy.example:8080';
+                local $ENV{"HTTP_PROXY"} = 'http://discarded.proxy.example:8080';
+                $cmd = "$command -u /statuscode/200 -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://taken.proxy.example:8080 */', "Correctly took 'http_proxy' environment variable over 'HTTP_PROXY': ".$result->output );
+                delete(local $ENV{"http_proxy"});
+                delete(local $ENV{"HTTP_PROXY"});
+
+                local $ENV{"http_proxy"} = 'http://discarded1.proxy.example:8080';
+                local $ENV{"HTTP_PROXY"} = 'http://discarded2.proxy.example:8080';
+                $cmd = "$command -u /statuscode/200 -x 'http://taken.proxy.example:8080' -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://taken.proxy.example:8080 */', "Argument -x overwrote 'http_proxy' and 'HTTP_PROXY' environment variables: ".$result->output );
+                delete(local $ENV{"http_proxy"});
+                delete(local $ENV{"HTTP_PROXY"});
+
+                local $ENV{"http_proxy"} = 'http://discarded1.proxy.example:8080';
+                local $ENV{"HTTP_PROXY"} = 'http://discarded2.proxy.example:8080';
+                $cmd = "$command -u /statuscode/200 --proxy 'http://taken.example.com:8080' -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://taken.example.com:8080 */', "Argument --proxy overwrote 'http_proxy' and 'HTTP_PROXY' environment variables: ".$result->output );
+                delete(local $ENV{"http_proxy"});
+                delete(local $ENV{"HTTP_PROXY"});
+        }
 }
 
 # and the same for SSL
@@ -432,6 +467,41 @@ SKIP: {
         $result = NPTest->testCmd( $cmd );
         is( $result->return_code, 0, $cmd);
         like( $result->output, '/.*HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second.*/', "Output correct: ".$result->output );
+
+        # curlopt proxy/noproxy parsing tests, ssl enabled
+        {
+                # Make a scope and change environment variables here, to not mess them up for other tests using environment variables
+
+                local $ENV{"https_proxy"} = 'http://proxy.example.com:8080';
+                $cmd = "$command -u /statuscode/200 --ssl -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://proxy.example.com:8080 */', "Correctly took 'https_proxy' environment variable: ".$result->output );
+                delete($ENV{"https_proxy"});
+
+                local $ENV{"https_proxy"} = 'http://taken.proxy.example:8080';
+                local $ENV{"HTTPS_PROXY"} = 'http://discarded.proxy.example:8080';
+                $cmd = "$command -u /statuscode/200 --ssl -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://taken.proxy.example:8080 */', "Correctly took 'https_proxy' environment variable over 'HTTPS_PROXY': ".$result->output );
+                delete(local $ENV{"https_proxy"});
+                delete(local $ENV{"HTTPS_PROXY"});
+
+                local $ENV{"https_proxy"} = 'http://discarded1.proxy.example:8080';
+                local $ENV{"HTTPS_PROXY"} = 'http://discarded2.proxy.example:8080';
+                $cmd = "$command -u /statuscode/200 --ssl -x 'http://taken.example.com:8080' -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://taken.example.com:8080 */', "Argument -x overwrote environment variables 'https_proxy' and 'HTTPS_PROXY': ".$result->output );
+                delete(local $ENV{"https_proxy"});
+                delete(local $ENV{"HTTPS_PROXY"});
+
+                local $ENV{"https_proxy"} = 'http://discarded1.proxy.example:8080';
+                local $ENV{"HTTPS_PROXY"} = 'http://discarded2.proxy.example:8080';
+                $cmd = "$command -u /statuscode/200 --ssl --proxy 'http://taken.example.com:8080' -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.*CURLOPT_PROXY: http://taken.example.com:8080 */', "Argument --proxy overwrote environment variables 'https_proxy' and 'HTTPS_PROXY': ".$result->output );
+                delete(local $ENV{"https_proxy"});
+                delete(local $ENV{"HTTPS_PROXY"});
+        }
 }
 
 
@@ -712,4 +782,63 @@ sub run_common_tests {
                 $result = NPTest->testCmd( $cmd, 5 );
         };
         is( $@, "", $cmd );
+
+        # curlopt proxy/noproxy parsing tests
+        {
+                # Make a scope and change environment variables here, to not mess them up for other tests using environment variables
+
+                local $ENV{"no_proxy"} = 'internal.acme.org';
+                $cmd = "$command -u /statuscode/200 -v";
+                $result = NPTest->testCmd( $cmd );
+                like( $result->output, '/.* curl CURLOPT_NOPROXY: internal.acme.org */', "Correctly took 'no_proxy' environment variable: ".$result->output );
+                delete($ENV{"no_proxy"});
+
+                local $ENV{"no_proxy"} = 'taken.acme.org';
+                local $ENV{"NO_PROXY"} = 'discarded.acme.org';
+                $cmd = "$command -u /statuscode/200 -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*CURLOPT_NOPROXY: taken.acme.org*/', "Correctly took 'no_proxy' environment variable over 'NO_PROXY': ".$result->output );
+                delete(local $ENV{"no_proxy"});
+                delete(local $ENV{"NO_PROXY"});
+
+                local $ENV{"no_proxy"} = 'taken.acme.org';
+                local $ENV{"NO_PROXY"} = 'discarded.acme.org';
+                $cmd = "$command -u /statuscode/200 --noproxy 'taken.acme.org' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*CURLOPT_NOPROXY: taken.acme.org*/', "Argument --noproxy overwrote environment variables 'no_proxy' and 'NO_PROXY': ".$result->output );
+                delete(local $ENV{"no_proxy"});
+                delete(local $ENV{"NO_PROXY"});
+
+                $cmd = "$command -u /statuscode/200 --noproxy 'internal1.acme.org,internal2.acme.org,internal3.acme.org' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*CURLOPT_NOPROXY: internal1.acme.org,internal2.acme.org,internal3.acme.org*/', "Argument --noproxy read multiple noproxy domains: ".$result->output );
+
+                $cmd = "$command -u /statuscode/200 --noproxy '10.11.12.13,256.256.256.256,0.0.0.0,192.156.0.0/22,10.0.0.0/4' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*CURLOPT_NOPROXY: 10.11.12.13,256.256.256.256,0.0.0.0,192.156.0.0/22,10.0.0.0/4*/', "Argument --noproxy took multiple noproxy domains: ".$result->output );
+
+                $cmd = "$command -u /statuscode/200 --noproxy '0123:4567:89AB:CDEF:0123:4567:89AB:CDEF,0123::CDEF,0123:4567/96,[::1],::1,[1234::5678:ABCD/4]' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*CURLOPT_NOPROXY: 0123:4567:89AB:CDEF:0123:4567:89AB:CDEF,0123::CDEF,0123:4567\/96,\[::1\],::1,\[1234::5678:ABCD\/4\].*/', "Argument --noproxy took multiple noproxy domains: ".$result->output );
+
+                $cmd = "$command -u /statuscode/200 --noproxy '300.400.500.600,1.2.3,XYZD:0123::,1:2:3:4:5:6:7,1::2::3,1.1.1.1/64,::/256' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+
+                $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '*' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*proxy_resolves_hostname: 0.*/', "Proxy will not be used due to '*' in noproxy: ".$result->output );
+
+                $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '127.0.0.1' -v";
+                $result = NPTest->testCmd( $cmd );
+                is( $result->return_code, 0, $cmd);
+                like( $result->output, '/.*proxy_resolves_hostname: 0.*/', "Proxy will not be used due to '127.0.0.1' in noproxy: ".$result->output );
+        }
+
 }
diff --git a/tools/distclean b/tools/distclean
index 961cc801..1ddc7532 100755
--- a/tools/distclean
+++ b/tools/distclean
@@ -37,7 +37,7 @@ find . -type f -name Makefile.in -print| xargs rm -f
 rm -f aclocal.m4 compile config.guess config.h.in config.sub configure depcomp
 rm -f m4/Makefile.am
 
-echo "$0: Removing miscelanious files..."
+echo "$0: Removing miscellaneous files..."
 rm -f po/*.gmo po/stamp-po
 rm -f lib/tests/*.Po
 rm -f doc/developer-guidelines.html
diff --git a/tools/p1.pl b/tools/p1.pl
index 9cbe6dc0..ea80c334 100644
--- a/tools/p1.pl
+++ b/tools/p1.pl
@@ -30,7 +30,7 @@ use IO::File;
 
 sub TIEHANDLE {
         my ($class, $fn) = @_;
-        my $handle = new IO::File "> $fn" or die "Cannot open embedded work filei $!\n";
+        my $handle = new IO::File "> $fn" or die "Cannot open embedded work file $!\n";
         bless { FH => $handle, Value => 0}, $class;
 }
 
diff --git a/tools/squid.conf b/tools/squid.conf
index bed7a583..048aa576 100644
--- a/tools/squid.conf
+++ b/tools/squid.conf
@@ -972,6 +972,8 @@
 # Example rule allowing access from your local networks.
 # Adapt to list your (internal) IP networks from where browsing
 # should be allowed
+acl localhost src 127.0.0.1/32
+acl localhost src ::1/128
 acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
 acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
 acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
@@ -1172,6 +1174,7 @@ http_access deny !Safe_ports
 http_access deny CONNECT !SSL_ports
 
 # Only allow cachemgr access from localhost
+http_access allow localhost
 http_access allow localhost manager
 http_access deny manager
 
diff --git a/tools/subdomain1/index.php b/tools/subdomain1/index.php
new file mode 100644
index 00000000..e97b19f5
--- /dev/null
+++ b/tools/subdomain1/index.php
@@ -0,0 +1 @@
+Subdomain: subdomain1.localhost.com
diff --git a/tools/subdomain1/subdomain1.conf b/tools/subdomain1/subdomain1.conf
new file mode 100644
index 00000000..74521792
--- /dev/null
+++ b/tools/subdomain1/subdomain1.conf
@@ -0,0 +1,22 @@
+# This apache configuration file is used testing
+# check_curl tests use this subdomain to see if --noproxy works on subdomains of a domain.
+
+<VirtualHost *:80>
+    ServerName subdomain1.localhost.com
+    DocumentRoot /var/www/subdomain1
+
+    ErrorLog ${APACHE_LOG_DIR}/subdomain1_error.log
+    CustomLog ${APACHE_LOG_DIR}/subdomain1_access.log combined
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName subdomain1.localhost.com
+    DocumentRoot /var/www/subdomain1
+
+    SSLEngine on
+    SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+    ErrorLog ${APACHE_LOG_DIR}/subdomain1_ssl_error.log
+    CustomLog ${APACHE_LOG_DIR}/subdomain1_ssl_access.log combined
+</VirtualHost>