Thursday 4 February 2010

Accessing your Intranet via Privoxy

At our workplace we have several webpages that are filtered by IP. If you don't want to use VPNs, then you can access them easily via a ssh tunnel and privoxy.

This is actually quite easy. Just install privoxy in the machine inside the local network (with Ubuntu this is already pre-packaged for you, so just run Synaptic Package Manager and install it). It is normally configured to run automatically after every reboot, and that is just fine. It is also configured to listen in the 8118 port.

So now, if we are outside our local network, we can create a ssh tunnel. We can do this with a config file like this:

$ cat .ssh/config
Host work
HostName vaso.myinstitute.org
User myuser

#Privoxy
LocalForward 8118 localhost:8118


With this in place, when we do "ssh work" from outside our network, we will connect to vaso.myinstitute.org and at the same time we will create a tunnel in which all requests to local port 8118 will in fact be redirected to port 8118 in vaso.myinstitute.org (where privoxy is running).

Now in the PC outside the local network, just get Firefox with FoxyProxy (some details to configure this are in previous post:BBC iPlayer Overseas) and create a proxy configuration for Privoxy, where the IP address is 127.0.0.1 and the port 8118. When you activate this configuration (if you have the ssh tunnel in place), all your traffic will be as if inside the local network.

BBC iPlayer Overseas

I'm quite fond of the BBC, but I'm currently located outside the UK, which means that by default I cannot use their BBC iPlayer. The following steps solve this. I assume you have Unbuntu Karmic (64 bits), although for other distributions the steps should be similar.

* As a browser we will be using Firefox, since it has a very nice Proxy manager (FoxyProxy), which makes things easier.

* First, we follow the option two in http://www.torproject.org/docs/debian.html.en to add the Tor repositories. Tor is an anonymizer, which will help to pretend that we are located in the UK.

* Then, via the Synaptic Package Manager we should install FoxyProxy, vidalia and tor.

* We want to have control as to when Tor will be running, so we run the following to avoid it starting automatically after each reboot

sudo update-rc.d tor disable

* When we want to start Tor, we use Vidalia, which will give us an easy way to start/stop tor.

* Once Tor is started (Vidalia will tell you "Connected to the Tor network!"), it is time to try if it's working fine with Firefox/FoxyProxy

* In the FoxyProxy options (clicking in the status bar of Firefox), go to File->Tor Wizard, and configure a new Tor proxy (without Privoxy, default port). In the URL Patterns tab, you can write URL patterns that you need to anonymize, for the moment make sure it has *torcheck*

* Then, from the FoxyProxy options in the status bar (click with right button), select the one that says "Use proxies based on their pre-defined patterns...", and visit: http://torcheck.xenobite.eu/index.php (if all went well you should see the message: Your IP is identified to be a Tor-EXIT.)

* Now, we want a bit more control, and we want to make sure that the exit node in Tor is based in the UK. For this, we should edit the file .vidalia/torrc in your home directory and add:

StrictExitNodes 1
exitnodes {GB}


(you can get the country codes needed in the "View the Network" option with Vidalia).

* Stop/start Tor from within Vidalia. Recheck with http://torcheck.xenobite.eu/index.php and now you should get a UK IP address.

* So now for the BBC... Add as patterns for the Tor FoxyProxy (perhaps not all are necessary, should recheck):

http://www.bbc.co.uk/iplayer/episode/*
http://www.bbc.co.uk/mediaselector/4/js/download/*
http://www.bbc.co.uk/mediaselector/4/mtis/stream*


* Now go to http://www.bbc.co.uk/iplayer/, and select any of the TV programmes in there. If it tells you "Currently BBC iPlayer TV programmes are available to play in the UK only" you have done something wrong. If the message is not displayed, but you don't see anything, perhaps is a Flash Issue. With my versions of Ubuntu (9.10, 64bits), Firefox (3.5.7) and Flash (Shockwave Flash 10.1 d51) this was solved by selecting "None" (no visual effects) in System->Preferences->Appearance->Visual Effects.

* Now get a beer and enjoy the BBC programmes...

UPDATE (16/1/2013): With Ubuntu 12.10 now, I was having trouble to make this work as per the instructions above. In the end I got it working by getting rid of Vidalia, and letting Tor run as a daemon, which is run all the time in the background. Since my use of Tor is exclusively for this at the moment, I modified the global configuration file:


angelv@pilas:~$ tail -n 4 /etc/tor/torrc
#PublishServerDescriptor 0

StrictNodes 1
exitnodes {GB}
angelv@pilas:~$ 


With that, I use FoxyProxy in a similar manner as described above, but in Chromium (Version 23.0.1271.97 Ubuntu 12.10 (23.0.1271.97-0ubuntu0.12.10.1)). This time I didn't use the Tor wizard, but the details for the proxy are very simple, just use host: 127.0.0.1, port 9050, and check the SOCKS proxy? option.

When using the iPlayer, I find that the playback will not work for me at normal bandwith, so I switch to low bandwith, and all is OK.

Also, for convenience I install caffeine, which at first refuses to work, until I find the solution (to install gir1.2-appindicator3-0.1 and gir1.2-notify-0.7) at https://bugs.launchpad.net/caffeine/+bug/889705