Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Proxy

Proxy

DanielMDanielM Disabled
edited June 2012 in General

Hi

Does anyone have an idea how to setup a proxy server with authentication on linux (Squid like)

Already asked @onepound but sadly he didnt know :(

Before i get why etc its so i can bypass the FUP limits on my t-mobile mobile broadband stick. after you pass 1GB they block everything except http/https and some proxy ports. (And SSTP)

Comments

  • Move SSH to port 443 and use it as a proxy.

  • DanielMDanielM Disabled
    edited June 2012

    i dont think its port blocking... i think its a little deeper.

    Possibly DPI and a Firewall

  • @DanielM said: i dont think its port blocking... i think its a little deeper.

    Surely they'll allow corporate VPNs, right? Try moving OpenVPN onto 443, see if that works.

    Thanked by 1TheHackBox
  • DanielMDanielM Disabled

    @ElliotJ said: Surely they'll allow corporate VPNs, right? Try moving OpenVPN onto 443, see if that works.

    Nope. And openVPN tcp sometimes works but its like a 10% success rate.

  • gsrdgrdghdgsrdgrdghd Member
    edited June 2012

    @DanielM said: Possibly DPI and a Firewall

    I don't think its possible to DPI SSL encrypted traffic. Did you already give it a try?

  • DanielMDanielM Disabled

    @gsrdgrdghd said: I don't think its possible to DPI SSL encrypted traffic. Did you already give it a try?

    Yes i have tried that.

    And like i said it only works like 10% of the time

    Errors i get are Connection reset by peer etc

  • Easy as pie.

    !/bin/bash

    user=$1 thepath=$PWD apt-get update -y && apt-get upgrade -y apt-get install squid unzip apache2-utils -y cd /etc/squid squid -k shutdown rm squid.conf wget http://pastebin.com/download.php?i=4sy7CkAx -O squid.conf htpasswd /etc/squid/users_passwd $user /etc/init.d/squid start exit 0

    Opinions/Posts are to be assumed my own/personal and not company related unless obvious
    Working @ EDIS and owning some others (and/or parts of) | Available for consulting | http://as198412.net | https://william.si

  • @DanielM said: And like i said it only works like 10% of the time

    You said openVPN tcp connections get reset 10% of the time.

    Anyway it might help to send keepAlive packets more often or to use their HTTP proxy (if they provide one)

  • DanielMDanielM Disabled

    @gsrdgrdghd said: You said openVPN tcp connections get reset 10% of the time.

    No i must have said it wrong. The chances of getting connected (And staying connected are 10%

  • @DanielM said: No i must have said it wrong. The chances of getting connected (And staying connected are 10%

    Yeah but my point was that you were refering to OpenVPN, not SSH

  • DanielMDanielM Disabled

    @gsrdgrdghd said: Yeah but my point was that you were refering to OpenVPN, not SSH

    lol. Yes i was. SSH is blocked 24-7

  • @DanielM said: SSH is blocked 24-7

    If everything else fails you can use those TCP-in-DNS solutions but i think they have a really limited bandwidth.

    Thanked by 1klikli
  • DanielMDanielM Disabled

    Managed to get squid going but i keep getting this

    While trying to retrieve the URL: http://www.lagado.com/proxy-test

    The following error was encountered:

    •Access Denied. Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

    Your cache administrator is root.


    although the AC is set fine

  • 1q11q1 Member
    edited June 2012

    You can combine standard HTTP proxy and OpenVPN. Basically you use HTTP proxy to connect to openvpn. Read the proxy section at openvpn's manpage.

  • how about polipo + have it only allow your IP address.

    This signature is brought to you by the NSA. Spying on the entire world since 1952!

  • klikliklikli Member

    @gsrdgrdghd said: If everything else fails you can use those TCP-in-DNS solutions but i think they have a really limited bandwidth.

    Yes but from my (1 year ago) experience it's only like 0.1Mbps of throughput.

    @TheHackBox said: polipo

    Though I am still sticking with them it seems like they're no longer maintained :(

    My suggestion is to setup polio on your VPS, bind to localhost then setup SSH to listen at port 443 and create a tunnel between polipo and your computer with putty on windows.

    Selling multiple 2000-user GApps :) Shoot me a message to make an offer.

  • If you want a Squid sample, I could give you my configuration sample.

    This one is Squid 2.7 based : - /etc/squid/squid.conf : [http://www.erawanarifnugroho.net/download/squid.conf] - /etc/squid/users_passwd : [http://www.erawanarifnugroho.net/download/users_passwd]

    That configuration will enable squid for running at port 1212, and require authentification from the users_passwd.

    To create the password authentication :

    # htpasswd /etc/squid/users_passwd user-for-accessing-squid
    My blog | Server Uptime | I'm not working for any providers in here, all my comments just my own opinion.image
  • Download link is removed due some abusing attempt from Finland.

    My blog | Server Uptime | I'm not working for any providers in here, all my comments just my own opinion.image
  • DanielMDanielM Disabled

    @ErawanArifNugroho said: Download link is removed due some abusing attempt from Finland.

    Can you email me the files? to save for future.

  • CoreyCorey Member

    Does that equal .38KB/s per month? :)

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • No, that's not the problem for the bandwidth :p

    The users_password is having real username and password for connecting to the squid proxy. So I don't want it to be used to do a hacking trial to someone server :p

    And also, I saw so many access to this file from my webstats, and it comes from some country (Finland) and another IP which is listed in spambot

    My blog | Server Uptime | I'm not working for any providers in here, all my comments just my own opinion.image
  • debugdebug Member

    @ErawanArifNugroho said: Download link is removed due some abusing attempt from Finland.

    Abusing how? Just block access from that IP. Anyway, just edit the file and replace it with dummy information.

    Hello, World.

    Thanked by 1Jack
  • Thank you. I will try it :)

    My blog | Server Uptime | I'm not working for any providers in here, all my comments just my own opinion.image
    Thanked by 1djvdorp
Sign In or Register to comment.