Privoxy via ssh tunnel

Posted by on April 13, 2012 No comments

So I started to use privoxy to block ads before they get to the web-browser(check out privoxy-blocklist). But I still wanted to be able to tunnel my traffic via ssh while browsing the web from places other then my house, in the past I would use a ssh socks5 proxy: ssh -D <someport> user@remote.host

To be able to use both, you need to take advantage of another awesome builtin feature of ssh, ssh local port forwarding (more info on ssh port forwarding)
to do this, set up privoxy, and get the adblock list going, in my example I’ll keep privoxy on it’s default port: 8118

once privoxy is going(on the remote server), and only listening on localhost (/etc/privoxy/config)
listen-address 127.0.0.1:8118

You can set up the ssh local port forward on your computer by:
$ ssh user@remote.host -L 50000:localhost:8118
(port 50000 can by anything, that does not matter)

then to test to make sure it works you can do:
telnet localhost 50000
then type /
you should see:

telnet localhost 50000
Trying ::1…
Connected to localhost.
Escape character is ‘^]’.
/
HTTP/1.1 400 Invalid header received from client
Proxy-Agent: Privoxy 3.0.19
Content-Type: text/plain
Connection: close

Invalid header received from client.
Connection closed by foreign host

Once that is working, you can set up the proxy settings in firefox/chromium

For Firefox, go to:

Preferences > Advanced > Network > Settings

For Chromium you can use:

$ chromium --proxy-server="localhost:50000"

 

It’s also fun to turn on debug  1024 # Log the destination for requests Privoxy didn’t let through, and the reason why.
then tail -f /var/log/privoxy/logfile
Useful to know if you have to remove any of the blocks, eg the default.action:promotions   one
it screws up newegg:

 

https!

Posted by on September 12, 2011 2 comments

This blog of crapness awesomeness now is provided to you via https :D

Since a lot of images I had were on http://pronto185….. i ran this sql command to fix:

update wp_posts set post_content = replace(post_content,’http://pronto185.com’,'https://pronto185.com’);

 

pfSense2

Posted by on May 15, 2011 No comments

So I recently bought a box to run pfSense2 on, to replace some of the crap on my network
before my home lan was more or less:

[Internets]—>[crappy actioncrap router from fios]—->[linksys running tomato]—>computers
now its   [internets]—>[pfSense]—[gigabit switch(unmanaged)]—>computers    (with linksys on the switch for wifis)

Hardware (total over kill)

  • BIOSTAR IPV10-IA Intel NM10 Mini ITX Intel Atom D525 (Dual core, 1.8 GHz) Server Motherboard
  • Kingston 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1066 (PC3 8500) Dual Channel Kit Desktop Memory Model KVR1066D3N7K2/4G
  • APEX MI-008 Black Steel Mini-ITX Tower Computer Case 250W Power Supply
  • Western Digital Caviar Blue WD1600AAJS 160GB 7200 RPM SATA 3.0Gb/s 3.5? Internal Hard Drive -Bare Drive

 

After the initial headaches I’m really starting to like it

Headache one:  For what ever reason pfSense would not boot of a usb drive (tested same usb drive with ubuntu, and booted just fine)   I got around this by just using the sata dvd/cd drive from my desktop…

Headache two: adding a NAT port forward will by default flush your state table, and I like to randomly add port fowards, and being on irc made this quite annoying,

To fix this you need to go to > System: Advanced: Miscellaneous and check the option:

Gateway Monitoring
States By default the monitoring process will flush states for a gateway that goes down. This option allows to override this setting by not clearing states for existing connections.

 

also some graphs :D