Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


how to forward outgoing traffic to a remote proxy?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

how to forward outgoing traffic to a remote proxy?

4n0nx4n0nx Member

Hi,

I use iptables to route all outgoing (tcp?-) traffic through a local proxy on Ubuntu 14.04.
https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#TransparentlyRoutingTrafficThroughTor

How can I achieve this with a remote proxy? I read that it works only with MASQUERADE when using iptables and that it is a dirty hack and I don't have MASQUERADE on my OpenVZ VPS.

VM1 -> VM2(Tor Socks) -> Internet

I have tried setting up a local instance of tinyproxy, which somehow could not pass the traffic on to tor ("Tor is not a HTTP proxy").

I have tried setting up a local instance of polipo, which works on my Ubuntu laptop when I use it to route traffic through an also local installation of Tor. When I try the same on my Ubuntu VPS it only returns the locally accessible polipo welcome page.

Help would be greatly appreciated.

Thanks

Comments

  • perennateperennate Member, Host Rep
    edited May 2015

    Not sure about the rest, but the "Tor is not a HTTP proxy" error is because Tor is SOCKS proxy and not HTTP proxy. This is how Tor supports any TCP application, not just HTTP; it is also why there are more privacy issues from browser headers being leaked to server (although web browsers leak data in other ways so HTTP proxy isn't real solution, need Tor browser bundle or something like that).

    One way to wrap applications that don't support SOCKS proxies is to run them with tsocks: apt-get install tsocks, and then edit /etc/tsocks.conf to just:

    server = 127.0.0.1
    server_port = 9050

    then e.g. tsocks wget -qO- https://api.ipify.org?format=json (this website returns your IP address, so you can see if it's working)

    Thanked by 14n0nx
  • This tool allows you to redirect any TCP connection to SOCKS or HTTPS
    proxy using your firewall, so redirection is system-wide.

    https://github.com/darkk/redsocks

    Thanked by 14n0nx
  • 4n0nx4n0nx Member

    Thanks!

    Tsocks works but does not resolve .onion links. (?)

    Redsocks looks promising (like the best solution, actually). Will I be able to resolve .onion with it?

  • perennateperennate Member, Host Rep
    edited May 2015

    Oh I forgot to mention, you should totally use torsocks if your goal is to use it exclusively with Tor -- tsocks is general SOCKS5 proxy and doesn't proxy the DNS query by default; torsocks goes further and blocks UDP requests and such to avoid leaking IP address (and also proxies the DNS query).

    Not sure about redsocks.

    Thanked by 14n0nx
  • getvpsgetvps Member

    Most easy way to use tor (any socks5) for any application (but not for entire system) is to use proxychains(dns working too with this). "proxychains wget http://". For enitre system one working solution can be sshuttle (with some modifications i guess), sshuttle using dynamic ssh tunnels (socks like tor) and forward all traffic to socks (maybe tor). Using ssh 'poor man vpn' examples you can use as example to use with tor (socks) :)

    Thanked by 14n0nx
Sign In or Register to comment.