tunneling squid over ssh

kholloi · 06-09-2007, 09:58 AM

Hello forum.

My Situation is this. I live in a country where internet access is severely restricted. I need to access certain sites which are believed to be inconsistent with the morals and ethics of this great hypocritical state.

I have SSH access to a Linux server which I work on in another country, lets call it rmt1.freedom.net.
I set up a squid proxy server on rmt1 and it is actually being used as a proxy server from the LAN at freedom.net.
I have no control over the firewall at freedom.net. It only allows SSH from my IP.

So here is what I have in mind. I want to create an SSH tunnel from my linux based desktop to rmt1.freedom.net:3128. Then I want to configure my browser to connect to virtual proxy at localhost:3128. These connections should then be forwarded via the ssh tunnel to rmt1.freedom.net:3128.

The man page is way too cryptic for me. If I can see an example of how this is done I would be much obliged.

Thanks

raskin · 06-09-2007, 02:03 PM

[ Command removed by win32sux ]

-L means tunnel local port to some address

ort relative to remote machine.

kholloi · 06-10-2007, 01:12 AM

Thanks Raskin,

sorry but I am a little confused. Which command am I supposed to use? Or do I run one on the local machine and one on rmt1.freedom.net?

L

raskin · 06-10-2007, 01:23 AM

Try both, one at a time. I think that both ways work, but I can forget something. Your proxy will be 127.0.0.1:3128 from your box then.

kholloi · 06-10-2007, 02:19 AM

OK Cool thanks for the help.
WIll take it from here and play it by ear.

Bebo · 06-10-2007, 09:40 AM

I often do this kind of proxying when at work. I use ssh to setup a tunnel from my work laptop to my home computer, which in turn runs squid. Here is the command that I use (translated to kholloi's case

)

[ Command removed by win32sux ]

Then I tell Firefox to use 127.0.0.1:3128 as proxy (the xyzproxy Firefox add-on is a nice tool for quickly changing proxies). When I'm finished I just kill the ssh connection.

Oh, about the -f and -N options; -f tells ssh to just fork into the background after connecting, and -N tells ssh to not execute anything. That way you don't have to leave open the terminal that you execute the ssh command in.

Another "oh"; this requires the squid proxy to accept connections from localhost, you may have to edit squid's configuration for that.

win32sux · 06-10-2007, 08:21 PM

Quote:

Originally Posted by kholloi

I live in a country where internet access is severely restricted. I need to access certain sites which are believed to be inconsistent with the morals and ethics of this great hypocritical state.

LQ can play no part in helping you circumvent network access restrictions. There are plenty of places on the Web where you can get help with that, but this isn't one of them. Please refrain from asking for help here with these types of issues. Thread closed.