Proxy settings

From ArchWiki
Revision as of 17:37, 20 September 2011 by Phinfinity (Talk | contribs) (Added info about proxydriver.)

Jump to: navigation, search

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.


Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어


External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: please use the first argument of the template to provide a brief explanation. (Discuss in Talk:Proxy settings#)

Introduction

A proxy is "an interface for a service, especially for one that is remote, resource-intensive, or otherwise difficult to use directly". Source: Proxy - Wiktionary.

Environment variables

Some programs (like wget) use environment variables of the form "protocol_proxy" to determine the proxy for a given protocol (e.g. HTTP, FTP, ...).

Below is an example on how to set these variables in a shell:

 export http_proxy=http://10.203.0.1:5187/
 export https_proxy=http://10.203.0.1:5187/
 export ftp_proxy=http://10.203.0.1:5187/
 export no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com"

Some programs look for the all caps version of the environment variables.

Alternatively you can automate the toggling of the variables by adding a function to your .bashrc (thanks to Alan Pope)

 function proxy(){
     echo -n "username:"
     read -e username
     echo -n "password:"
     read -es password
     export http_proxy="http://$username:$password@proxyserver:8080/"
     export https_proxy="http://$username:$password@proxyserver:8080/"
     export ftp_proxy="http://$username:$password@proxyserver:8080/"
     export no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com"
     echo -e "\nProxy environment variable set."
 }
 function proxyoff(){
     unset HTTP_PROXY
     unset http_proxy
     unset HTTPS_PROXY
     unset https_proxy
     unset FTP_PROXY
     unset ftp_proxy
     echo -e "\nProxy environment variable removed."
 }

If you do not need a password then omit it.

Automation with network managers

  • NetworkManager cannot change the environment variables.
  • netcfg could set-up these environment variables but they would not be seen by other applications as they are not child of netcfg.

About libproxy

libproxy (which is available in the extra repository) is an abstraction library which should be used by all applications that want to access a network resource. It still is in development but could lead to a unified and automated handling of proxies in GNU/Linux if widely adopted.

The role of libproxy is to read the proxy settings form different sources and make them available to applications which use the library. The interesting part with libproxy is that it offers an implementation of the Web Proxy Autodiscovery Protocol and an implementation of Proxy Auto-Config that goes with it.

The Template:Codeline binary takes URL(s) as argument(s) and returns the proxy/proxies that could be used to fetch this/these network resource(s).

Note: the 0.2.3-1 version does not work for me.

As of 06/04/2009 libproxy is required by libsoup. It is then indirectly used by the Midori browser.

Web Proxy Options

  • Squid is a very popular caching/optimizing proxy
  • Privoxy is an anonymizing and ad-blocking proxy
  • For a simple proxy, ssh with port forwarding can be used

Simple Proxy with SSH

Connect to a server (HOST) on which you have an account (USER) as follows

ssh -D PORT USER@HOST

For PORT, choose some number which is not an IANA registered port. This specifies that traffic on the local PORT will be forwarded to the remote HOST. ssh will act as a SOCKS server. Software supporting SOCKS proxy servers can simply be configured to connect to PORT on localhost.

Using a SOCKS proxy

There are two cases:

  • the application you want to use handles SOCKS proxies (for example Firefox) then you just have to configure it to use the proxy
  • the application you want to use does not handle SOCKS proxies then you can try to use tsocks (available in extra)

Proxy settings on GNOME3

Some programs like Chromium prefer to use the settings stored by gnome. These settings can be modified through the gnome-control-center front end and also through gsettings.

gsettings set org.gnome.system.proxy mode 'manual' 
gsettings set org.gnome.system.proxy.http host 'proxy.localdomain.com'
gsettings set org.gnome.system.proxy.http port 8080
gsettings set org.gnome.system.proxy.ftp host 'proxy.localdomain.com'
gsettings set org.gnome.system.proxy.ftp port 8080
gsettings set org.gnome.system.proxy.https host 'proxy.localdomain.com'
gsettings set org.gnome.system.proxy.https port 8080
gsettings set org.gnome.system.proxy ignore-hosts "['localhost', '127.0.0.0/8', '10.0.0.0/8', '192.168.0.0/16', '172.16.0.0/12' , '*.localdomain.com' ]"

This configuration can also be set to automatically execute when Network Manager connects to specific networks , by using the package Template:Package AUR from the AUR