Customize

Setting up tinyproxy under Linux/Debian/Ubuntu/etc

Discussion in 'Keeping Your Anonymity In Iran' started by NasturtiumRoad, Jun 18, 2009.

  1. Here are steps I took to install tinyproxy for linux, a very light HTTP proxy with as little as 2MB memory footprint. It was intended for use by Iranian protesters, but I believe my twitter contacts either ignored me (the server available to me wasn't terribly fast), or they were not who they said they were, probably resulting in my IP finding its way to the ban list. I hope these steps are useful to someone else.

    1. Download & install tinyproxy

    On Ubuntu/Debian, you can do this with the command "sudo apt-get install tinyproxy" or use the Synaptic package manager in Ubuntu. Other flavors of linux may have tinyproxy available via their own package system (rpm, yum), or you can download the source here:
    https://www.banu.com/tinyproxy/download/

    2. Configure tinyproxy

    Use a text editor (e.g. nano, vi) change these lines in the tinyproxy config file.

    /etc/tinyproxy/tinyproxy.conf

    Code:
    # Change loglevel to connect, or even Warning to limit log traffic
    LogLevel Connect
    
    # Port to listen on.  Select a random 4-digit number.  Well-known ports are being filtered.
    Port 7562
    
    # Filter based on URLs rather than domains.
    FilterURLs On
    
    # Comment out any other Allow statements, replace with these below
    Allow 127.0.0.1
    # The IP below should should be your computer's external IP
    Allow x.x.x.x
    # Allow these Iranian IPs.  IP list from http://bit.ly/10f1ai 
    Allow 62.60.128.0/17
    Allow 62.193.0.0/19
    Allow 62.220.96.0/19
    Allow 77.36.128.0/17
    Allow 77.77.64.0/18
    Allow 77.104.64.0/18
    Allow 77.237.64.0/19
    Allow 77.237.160.0/19
    Allow 77.245.224.0/20
    Allow 78.38.0.0/15
    Allow 78.109.192.0/20
    Allow 78.110.112.0/20
    Allow 78.111.0.0/20
    Allow 78.154.32.0/19
    Allow 78.157.32.0/19
    Allow 78.158.160.0/19
    Allow 79.127.0.0/17
    Allow 79.132.192.0/19
    Allow 79.170.144.0/21
    Allow 79.175.128.0/18
    Allow 80.66.176.0/20
    Allow 80.69.240.0/20
    Allow 80.71.112.0/20
    Allow 80.75.0.0/20
    Allow 80.191.0.0/16
    Allow 80.242.0.0/20
    Allow 80.253.128.0/20
    Allow 80.253.144.0/20
    Allow 81.12.0.0/17
    Allow 81.28.32.0/20
    Allow 81.28.48.0/20
    Allow 81.31.160.0/20
    Allow 81.31.176.0/20
    Allow 81.90.144.0/20
    Allow 81.91.128.0/20
    Allow 81.91.144.0/20
    Allow 82.99.192.0/18
    Allow 82.115.0.0/19
    Allow 83.147.192.0/18
    Allow 84.47.192.0/18
    Allow 84.241.0.0/18
    Allow 85.9.64.0/18
    Allow 85.15.0.0/18
    Allow 85.133.128.0/17
    Allow 85.185.0.0/16
    Allow 85.198.0.0/18
    Allow 86.109.32.0/19
    Allow 87.107.0.0/16
    Allow 87.247.160.0/19
    Allow 87.248.128.0/19
    Allow 89.144.128.0/18
    Allow 89.165.0.0/17
    Allow 89.221.80.0/20
    Allow 89.235.64.0/18
    Allow 91.98.0.0/15
    Allow 91.184.64.0/19
    Allow 91.186.192.0/19
    Allow 91.206.122.0/23
    Allow 91.208.165.0/24
    Allow 91.209.242.0/24
    Allow 91.212.16.0/24
    Allow 91.212.19.0/24
    Allow 91.212.252.0/24
    Allow 92.42.48.0/21
    Allow 92.50.0.0/18
    Allow 92.61.176.0/20
    Allow 92.62.176.0/20
    Allow 92.242.192.0/19
    Allow 93.110.0.0/16
    Allow 93.190.24.0/21
    Allow 94.74.128.0/18
    Allow 94.101.128.0/20
    Allow 94.101.176.0/20
    Allow 94.101.240.0/20
    Allow 94.139.160.0/19
    Allow 94.182.0.0/15
    Allow 94.184.0.0/17
    Allow 94.232.168.0/21
    Allow 94.241.128.0/18
    Allow 95.38.0.0/16
    Allow 95.80.128.0/18
    Allow 95.81.64.0/18
    Allow 95.82.0.0/18
    Allow 95.82.64.0/18
    Allow 95.130.56.0/21
    Allow 95.130.240.0/21
    Allow 188.34.0.0/16
    Allow 188.93.64.0/21
    Allow 188.121.96.0/19
    Allow 188.121.128.0/19
    Allow 188.136.128.0/17
    Allow 188.158.0.0/15
    Allow 193.189.122.0/23
    Allow 194.225.0.0/16
    Allow 195.146.32.0/19
    Allow 212.16.64.0/19
    Allow 212.33.192.0/19
    Allow 212.50.224.0/19
    Allow 212.80.0.0/19
    Allow 212.95.128.0/19
    Allow 212.120.192.0/19
    Allow 213.176.0.0/19
    Allow 213.176.32.0/19
    Allow 213.176.64.0/18
    Allow 213.195.0.0/18
    Allow 213.207.192.0/18
    Allow 213.217.32.0/19
    Allow 213.233.160.0/19
    Allow 217.11.16.0/20
    Allow 217.24.144.0/20
    Allow 217.25.48.0/20
    Allow 217.64.144.0/20
    Allow 217.66.192.0/20
    Allow 217.66.208.0/20
    Allow 217.146.208.0/20
    Allow 217.172.96.0/19
    Allow 217.174.16.0/20
    Allow 217.218.0.0/15
    Now create/edit the filter file, which will contain addresses to block for the proxy. This file may be blank, but I just added a well-known useless address for demonstration.

    /etc/tinyproxy/tinyproxy.conf
    Code:
    goatse.cx
    3. Set up a cron job to restart tinyproxy daily.

    This is can help tinyproxy clear any memory leaks if it sees lots of heavy load. Note that I had to use separate start/stop jobs, since the restart script wouldn't restart the proxy reliably.

    Add these lines to /etc/tinyproxy/tinyproxy.conf
    Code:
    0 15 * * * root /etc/init.d/tinyproxy stop
    1 15 * * * root /etc/init.d/tinyproxy start
    You will want to change the hour value (15 in the example above, i.e. 3pm) to something that is sympathetic to Tehran's timezone. I.e. don't restart the proxy at 12pm Tehran time.

    4. Restart tinyproxy to make the new settings take effect.

    Do these 2 commands one after another at the shell prompt:
    Code:
    sudo /etc/init.d/tinyproxy stop
    sudo /etc/init.d/tinyproxy start
    5. Pass only your new proxy address to where it's needed.

    The address for your new proxy to pass along will be...

    http://x.x.x.x:7562

    ...where x.x.x.x is your computer's external IP address (or your router's external IP), and 7562 is the random 4-digit number you selected for the proxy port.

    Please note that if you computer/server resides behind a firewall router of some sort, you will need to configure that router to forward the port 7562 to your computer inside the LAN.

    If you want to test this proxy, add the external IP address from which you be browsing to the list in step #2 above (i.e. "Allow y.y.y.y") and then configure your browser to use IP address x.x.x.x, port 7562, for its proxy.
    • Like Like x 2
  2. when you talk about adding a cron job you
    say:
    "Add these lines to /etc/tinyproxy/tinyproxy.conf"

    did you mean " use crontab -e to add these lines "

    -kevin
  3. fishypants Moderator


    I'm guessing you're right, and that OP meant "Add these lines to your crontab file using crontab -e".

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins