Proxy Web Traffic

From UbuntuPhone
Jump to: navigation, search

There is an assigned bug to sort out blocking webbugs and trackers, in the meantime there is Privoxy...

Privoxy

Follow Install Packages to install privoxy, then start it:

apt-get install privoxy
service privoxy start

Edit /etc/environment and add:

ftp_proxy=http://localhost:8118/
http_proxy=http://localhost:8118/
https_proxy=http://localhost:8118/
FTP_PROXY=http://localhost:8118/
HTTP_PROXY=http://localhost:8118/
HTTPS_PROXY=http://localhost:8118/

Reboot the phone to change the root filesystem to read-only and to ensure that sessions have the env vars above set (you can check in a terminal with printenv).

Visit http://config.privoxy.org/ to test it is working.

SSH tunnel

Set the root file system to be read-write and edit /etc/privoxy/config adding this line with the port the ssh tunnel will be on, in this case 3128:

forward-socks5   /               127.0.0.1:3128 .

Add a list of local networks you don't want the tunnel to be used for (so you can use the web browser to login to public wifi networks for example):

forward         192.168.*.*/     .

Create a script to start a ssh tunnel, eg ~/bin/proxy containing something like this (remove the v for non-verbose output in the terminal):

#!/bin/bash
 
if [[ $1 ]]; then
  REMOTE_SERVER=$1
else
  echo "Run this script like this:"
  echo "/bin/bash $0 server-name-from-ssh-config-file"
  exit
fi
 
ssh -vTnN -C -F "$HOME/.ssh/config" -D 3128 $REMOTE_SERVER

This works best if you have short names for servers in your ~/.ssh/config and have ssh keys set up.

Start the tunnel (note you might need to run it as follows unless you ssh to localhost first and have ~/bin/ in your $PATH, then you can simply type proxy after you chmod 750 ~/bin/proxy):

bash ~/bin/proxy your-ssh-server

Visit a page that reports your IP address, eg https://parrot.transitionnetwork.org/myip.shtml

Troubleshooting

If your network is very unreliable, try adding this to /etc/privoxy/config:

keep-alive-timeout 300