About Archive Tags RSS Feed

 

I hear it every day

17 January 2008 21:50

It bothers me that my Tor usage is less than I'd like because it is just so fiddly.

When it comes to privacy I want to keep things simple, I want to use tor, but I dont want to use it for things that aren't sane.

In practise that means I want to use tor for a small amount of browsing:

  • When the host is a.com, b.com, & c.com
  • When the traffic is not over SSL.

To do that I have to install privoxy, and use that with a configuration file like this:

# don't forward by default.
forward-socks4   /    .
# don't forward by default, even more so for HTTPS
forward-socks4   :443 .

# but we do want tor on these three sites:
forward-socks4   a.com/       127.0.0.1:9050 .
forward-socks4   b.com/       127.0.0.1:9050 .
forward-socks4   c.com/       127.0.0.1:9050 .

I'm using absolutely nothing else in my Privoxy configuration, so it seems like overkill.

I'd love to hear about a simple rule-based proxy-chaining tool - if there is one out there then I'd love to know about it lazyweb.

If not it shouldn't be too hard to write one with the Net::Proxy & Net::Socks module(s).

<global>
  listen 1234
  no-proxy
</global>

<sites>  
  hostname one.com
  port != 443
  proxy socks localhost 8050
</sites>

<sites>  
  hostname two.com
  port != 443
  proxy socks localhost 8050
</sites>

<sites>
  hostname foo.com
  port = 80
  proxy localhost 8000
</sites>

Tags: privoxy, todo, tor | 7 comments

 

Comments on this entry

icon Erik Johansson at 10:42 on 17 January 2008
You can use javascript to configure proxy settings in a browser. I never finnished this so I don't know if it works properly, but I think you can find out..
http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

function FindProxyForURL(url, host){ var proxy= new Array(); proxy["a.example.com"]="PROXY localhost:990"; proxy["b.example.com"]="SOCKS localhost:991"; proxy["c.example.com"]="DIRECT"; connection_method=proxy[host]; if(connection_method == null) { return("DIRECT"); }else{ return(connection_method); } }
icon James at 16:27 on 17 January 2008
Create yourself a proxy autoconfig file? It uses javascript to match on URLs so should meet your needs.
icon Alex at 18:23 on 17 January 2008
All of the previous comments assume Mozilla Firefox, it'd be nice to see a solution that's browser independent and could also work with stuff like 'wget' :)
icon Vladimir Penov at 19:25 on 17 January 2008
If you want it only for browsing using Firefox - FoxyProxy works great. https://addons.mozilla.org/en-US/firefox/addon/2464
icon Anonymous at 01:43 on 18 January 2008
Why would you not want SSL traffic going over Tor? That seems like exactly the kind of traffic you should route over Tor.
icon Sam at 10:42 on 20 January 2008
Sorry, my English is bad. I think this solution breaks privacy! For example: HTML-page http://one.com/index.html contains links to another hosts (counters, ADs, images, js, css, php, etc.) Your traffic to these hosts going NOT over Tor! Somebody analyses logs of these hosts and ascertains your IP and more.
icon Erik Johansson at 11:57 on 20 January 2008
Alex, AFAIK there is no way to handle wget, curl or apt privoxy is the only way then because you can just set http_proxy enviroment.

 

Created by ephemeris.

© Steve Kemp