Log in

No account? Create an account

Standardisation of K

ssh does SOCKS proxies, which is great if you're at a coffeeshop and don't want your web traffic going untunnelled over their network. To use it, you might make a command called socksproxy_to with:

ssh -D 8080 -Nf $*
echo "Configure your browser to use a sock proxy on localhost port 8080"

and invoke that when you like as:

  • socksproxy_to my.trusted.server
switching your browser's config to using localhost:8080 as a SOCKS proxy.

I think I've said that before. Recently, I discovered 3proxy, a fairly popular zero-configuration (no futzing with config files) http, ftp, and socks proxy. This is useful for slightly different network challenges, e.g. you're on a private network where you can't directly address the outside world but you have a shell account on a box that can (or alternatively if you want to dodge location-aware network service offerings and have a box in or outside of the relevant countries *cough* BBC *cough*). Just like ssh, you don't need root anywhere.

This is also useful if you need an app proxied that doesn't understand SOCKS (which is sad, but it happens - example: the "yum" package manager).

If you have 3proxy installed on your intermediary system, starting a HTTP proxy on port 9000 looks like this:

  • proxy -p9000

Pretty simple. If you want to be slightly more secure, you can tell it what IP addresses it should listen on if you're using this to hop from a nonroutable non-NAT network to its routable one using a -iINTERNAL_IP flag.

This is simple enough that it merits the term K-Rad (although given all the years it's been since I used it, I wonder if those darned metric-weenies have gotten around to redefining the K there as being 1000 instead of 1024 like it should be).

A systems geek is a lot like Felix the Cat - with a well-stocked bag of tricks.