[SOLVED] I want to run firefox from SSH

acid_kewpie · 04-25-2012, 06:01 AM

oh fair enough...

so if you want to be a proxy you could run squid, but you'd probably just prefer to use a socks connection forwarded over ssh / putty. just set a dynamic port on putty or use "-D <port number>" on an ssh client command and use that port as a socks proxy in your browser once you are ssh'd into the remote server.

Raakh5 · 04-25-2012, 09:36 AM

Thanks TobiSGD for your favorable reply. This link made my life very easy. Everything gone very good but I stuck on this step of link:

Code:

-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT

When I am adding this and restarting iptables then it throws following error:

Code:

# /etc/init.d/iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules: iptables-restore: line 7 failed
                                                           [FAILED]

EDIT:

Quote:

acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks

I have written my server online ip address in place of 192.168.1.0/24 192.168.2.0/24. Is that right?

Please advise

Raakh5 · 04-25-2012, 12:14 PM

This is how I edited iptables

Quote:

]# vi /etc/sysconfig/iptables
# Generated by iptables-save v1.3.5 on Thu Dec 29 06:28:24 2011
*filter
:INPUT ACCEPT [677:66814]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [563:75641]
-A INPUT -s xx.xx.xx.xx -j DROP
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp
--dport 3128 -j ACCEPT
COMMIT
# Completed on Thu Dec 29 06:28:24 2011

Raakh5 · 04-25-2012, 01:48 PM

I changed

Quote:

-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp
--dport 3128 -j ACCEPT

to

Quote:

-A INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT

and now there is no error. Finally I open by firefox browser and given my server IP address and port # 3128 but it says:
The connection has timed out
The server at www.google.com is taking too long to respond.

Please advise

acid_kewpie · 04-26-2012, 01:55 AM

Again it sounds like you do not need a squid server at all, but just using PuTTY to create a socks connection to your server over SSH will be more than suitable.

Raakh5 · 04-26-2012, 12:39 PM

Finally, I became able to achieve my goal. What I did and succeeded is as follow:

Quote:

yum install squid
vi /etc/squid/squid.conf
Change
acl our_networks src 192.168.1.0/24 192.168.2.0/24
To
acl our_networks src <your IP> (http://whatismyip.com)
and
http_port 3128 to 11223 //my ISP was blocking 3128 and I wasted one day to investigate and find the solution
chkconfig squid on
/etc/init.d/squid start
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT
/etc/init.d/iptables restart

Browser=>Internet options=>Manual Proxy Settings
Http Proxy: xx.zz.xx.xx Port: 11223

Reference: http://www.cyberciti.biz/tips/howto-...iguration.html

Thanks all from the bottom of my heart. I really learned a lot from all experts who participated and shared their ideas

Thanks again & best regards

acid_kewpie · 04-26-2012, 02:39 PM

well done, you're now running an open proxy, prepare to for it to be discovered and have all sorts of ne'er-do-wells abuse it...