Setting up a home proxy



  • Hello all-

     I am about to ship off to France for five months for a study abroad program and would like to set up a proxy at my home in the states that I can connect to while abroad.  I currently have a Zune and understand that Microsoft blocks access to the marketplace for all countries except the US, and I also recently discovered that Hulu is only accessible from the US (I will die if I cannot keep up with the new season of 24 this winter!).  I'm planning on using the proxy to get around these two things.

     Anyway, I have a fairly old (2001) Dell Inspiron that I was planning to use as the proxy, and will be connecting to it with a Vaio running Windows Vista Ultimate.  The Dell Inspiron currently has XP Home loaded, however I am completely willing to load linux on it if that would make things easier (I even have a copy of Windows Server 2008 that I could put on there too, if the computer can handle it).

     I was just wondering what ideas anyone may have of doing this in an easy manner.  I've found online a method using PuTTY, however it seems that this requires the computer acting as a proxy to be set up as a web server.  My knowledge is really elementary in this area but if there is any way to accomplish this without setting up a web server I would love to hear how.  Otherwise I guess I will just have to start messing around with it.

     Thanks for any suggestions!



  • On Linux use SSH like you are except have squid act as the proxy. You don't need an HTTP daemon/server for this

    On Windows use ISA Server (does proxy) + Windows VPN (whatever it is actually called, comes built into Windows Server 2003 at least)



  •  You only need ssh, it has a built-in SOCKS proxy. Just "ssh -D 8000 yourserver.tld", then use localhost:8000 as the SOCKS proxy.



  • @gremlin said:

     You only need ssh, it has a built-in SOCKS proxy. Just "ssh -D 8000 yourserver.tld", then use localhost:8000 as the SOCKS proxy.

    Presuming the client is using an SSH client that does indeed support openSSH's proxy method. PuTTY doesn't and will not (the feature request is closed "will not fix" for reason: "openssh's proxy system is a WTF and we aren't going to bother implementing it").



  • @Lingerance said:

    @gremlin said:
     You only need ssh, it has a built-in SOCKS proxy. Just "ssh -D 8000 yourserver.tld", then use localhost:8000 as the SOCKS proxy.
    Presuming the client is using an SSH client that does indeed support openSSH's proxy method. PuTTY doesn't and will not (the feature request is closed "will not fix" for reason: "openssh's proxy system is a WTF and we aren't going to bother implementing it").
     

    Are you sure? I haven't got a Windows machine here to test it on, but I'm pretty sure you can set it up in the Connection->SSH->Tunnels configuration page, just set a dynamic tunnel on port 8000 (or whatever you like).



  • Thanks everyone for your help.  I am going to attempt to set it up later today using Ubuntu and OpenSSH.  From my (brief) research online it seems that you can use PuTTY with OpenSSH.  Hopefully this is the case!



  • @gremlin said:

    Are you sure? I haven't got a Windows machine here to test it on, but I'm pretty sure you can set it up in the Connection->SSH->Tunnels configuration page, just set a dynamic tunnel on port 8000 (or whatever you like).

    Yes you can do the tunnel per port number, but the full tunnel won't be implemented



  • @Lingerance said:

    @gremlin said:
    Are you sure? I haven't got a Windows machine here to test it on, but I'm pretty sure you can set it up in the Connection->SSH->Tunnels configuration page, just set a dynamic tunnel on port 8000 (or whatever you like).
    Yes you can do the tunnel per port number, but the full tunnel won't be implemented
     

    No, there they are talking about some sort of VPN system. You don't have to tunnel per port number, the dynamic tunnel is a SOCKS proxy, the port number you give is the local port number to connect to the proxy.



  • OpenVPN from the laptop back to the proxy box, Debian/Squid installed on that, job done.



  • @tomf84 said:

    OpenVPN from the laptop back to the proxy box, Debian/Squid installed on that, job done.
     

    If you VPN into the "proxy box", why do you need another proxy running on there? The web server will already see the request as coming from the states. I guess it could help with caching, but if this is mainly for downloading music/videos I don't think it would make much difference.

    I still think the simplest solution is SSH, as you probably will want it running anyway for remote admin. Then just set up the necessary apps to use the built-in proxy, and don't have all the other traffic going over the possibly slow connection, as would be the case with a VPN.



  • Personally I run the proxy because I want to explicitly configure certain apps to use it, and I want an encrypted connection from wherever I am back to my own (trusted) net connection.

    I have my VPN configured to only run traffic to a certain subnet (where the proxy sits) through the tunnel, and leave everything else alone, rather than all traffic being routed via the VPN. This way I can tell individual apps to use the Squid instance if I want them to be using the proxy. (It also removes the need to touch anything iptables related on the proxy box, which wouldn't be fun because it's already a NAT router for my own home LAN).

    Basically achieving the same net result - either would work.


Log in to reply