proxy settings - KanoComputing/kano-settings GitHub Wiki

This facility allows you to run all network operations inside KanuxOS behind a network proxy. Supported proxy types currently are http and socks based proxies.

There are many options to setup a network proxy but for the sake of simplicity and readiness for testing there are 2 fairly easy options.

It is important to note that DNS queries will go to the default gateway, as retuned by your DHCP server. ICMP traffic will by go to the proxy, so operations like ping will fail unless the proxy has advanced features to support this traffic.

Socks server - openssh

Here’s how you can easily setup a socks based proxy server using only openssh software. For this you need a system working as a proxy server, and an additional system from which all source connections will originate. Both these servers can sit on the

KanuxOS -> Proxy Server -> Internet exit server

Both KanuxOS and the proxy server can belong on the same network segment - the local network.

  • Step 1: On the Proxy Server, run the following command.

$ ssh -D 0.0.0.0:555 internet-exit-server

This command will put the system listening on TCP port 5555, that’s the actual socks server. You can wrap this command under the screen tool so you detach it form the controlling terminal like this:

$ screen -d -m -S “ProxyServer” ssh -D 0.0.0.0:5555 internet-exit-serve

  • Step 2: Back on the KanuxOS system, you can enable the proxy server by entering the IP of the proxy server, and port 5555, type socksv4/5. No authentication is needed in this scenario.

  • Step 3: Check your proxy is working:

$ curl ipinfo.io

Should tell you the location at the Internet exit server instead of the location of your local network.

Rebooting the system should also set your current timezone and time according to the location of this server.

Http server - tinyproxy

In this scenario we’ll be using tinyproxy, a simple yet flexible http based proxy: https://banu.com/tinyproxy/ It is available on all major distributions.

The scenario is similar to the socks server but this time only one server is needed which can sit on an outside network:

KanuxOS -> Proxy Server

  • Step 1: Install the proxy. On Deiban apt-get install tinyproxy.

You’ll also need to tweak the configuration file under /etc/tinyproxy.conf keywords port, listen and bind, and most importantly Allow 192.168.1.0/16 or equivalent subnet mask on your environment, as it has denied permissions by default.

  • Step 2: Back on kanuxOS, you can enable the proxy server by entering the IP of the proxy server, and port according to settings under tinyproxy.conf, type http_v1.0. No authentication is needed in this scenario.

  • Step 3: Check your proxy settings by following step 3 on previous recipe.

Enabling and disabling proxy mode under kano-settings should take effect inmediately, but it is suggested you restart your Kano Make application to re-establish connectivity.