• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1329
  • Last Modified:

seting up a socks proxy

i have a comp with lynx OS directly connected to internet. how can i make it a SOCKS Proxy server ?? i have to install some proxy s/w or i can use any command like ipfwadm to configure it ?? coz' i want to access internet from a m/c in network which is not connected to internet.
0
mohitdas
Asked:
mohitdas
  • 4
  • 2
1 Solution
 
hbradyCommented:
I would suggest using ipfwadm or ipchains unless content / access control is important to you.  The socks5.conf file is a nice quick way to set acess permisions.  What version of Linux are you using ?
0
 
fatalerror080298Commented:
On the client machine(s):
Go into the network options..  Go into the properties of the protocol for the network adapter (TCP/IP for whatever adapter you are using) and set the default gateway to the IP address of the server (I use 172.16.1.1)...

On the Linux box:
If you are directly connected to the internet through a NIC in your Linux machine then these 3 commands should work just fine for you:
  ipchains -P forward DENY
  ipchains -A forward -i eth0 -j MASQ
  echo 1 > /proc/sys/net/ipv4/ip_forward

This assumes you have ipchains available to you...

This works like a charm on my Linux box at home...  If you want more information about ipchains in general you can go to http://www.redhat.com/mirrors/LDP/HOWTO/IPCHAINS-HOWTO.html....

Also, I know that is a RedHat site but as long as you have ipchains available to you it will not matter...

You will also notice that I used eth0 for the interface...  If you are using a dial up then it will probably be ppp0...  (Or whatever interface is directly connected to the internet)
0
 
mohitdasAuthor Commented:
thanx fatalerror. but it will be better if u can provide the solution using ipfwadm  rather than ipchains. i'm using a version 2.5.0 of linux.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
fatalerror080298Commented:
Hmm...  I haven't done it with ipfwadm yet but I will research that one...
0
 
hbradyCommented:
Create a bash script like this and throw it in your rc.local

#!/bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipfwadm-wrapper -F -p deny
ipfwadm-wrapper -F -a m -b -S 192.168.2.0/24 -D 0.0.0.0/0
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio  



192.168.2.0/24 would be changed to match your internal network.
0
 
fatalerror080298Commented:
That is similar to the answer I found as well...  Here is the information I found:

Enabling IP masquerading for other machines in your local network is very simple. First, check the network initialisation scripts (/etc/sysconfig/network should be the right place) to see if they contain a line that reads FORWARD_IPV4=true. It's used to set /proc/sys/net/ipv4/ip_forward to 1 when the network subsystem comes up.

Add these lines to /etc/rc.d/rc.sysinit:


# default: packets cannot go reach the outside
/sbin/ipfwadm -F -p deny
# allow all machines on the local network to reach the Internet
/sbin/ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
# alternatively, allow only these two machines
# /sbin/ipfwadm -F -a m -S 192.168.1.100/24 -D 0.0.0.0/0
# /sbin/ipfwadm -F -a m -S 192.168.1.101/24 -D 0.0.0.0/0


I found this information at:
http://www.redhat.com/mirrors/LDP/HOWTO/Config-HOWTO-3.html#ss3.1
0
 
fatalerror080298Commented:
Oops..  Sorry about that stuff after the URL..  Not sure how that got in the clipboard copy...
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now