Upside Down Ternet

From ArchWiki
Revision as of 20:34, 10 June 2011 by Pointone (talk | contribs) (recategorize)
Jump to: navigation, search

This is a HowTo on creating a transparent Squid proxy server using mogrify to flip the images upside down.


Install these packages to get things started

pacman -S squid apache imagemagick

ImageMagick contains mogrify and is only needed if you don't already have it.


Create and place it in your /usr/local/bin folder

$count = 0;
$pid = $$;
while (<>) {
       chomp $_;
       if ($_ =~ /(.*\.jpg)/i) {
               $url = $1;
               system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.jpg", "$url");
               system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.jpg");
               print "$pid-$count.jpg\n";
       elsif ($_ =~ /(.*\.gif)/i) {
               $url = $1;
               system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.gif", "$url");
               system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.gif");
               print "$pid-$count.gif\n";
       elsif ($_ =~ /(.*\.png)/i) {
               $url = $1;
               system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.png", "$url");
               system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.png");
               print "$pid-$count.png\n";
       else {
               print "$_\n";;

Now we need to modify the permissions so that it's executable

chmod 755 /usr/local/bin/

Next, while not necessary, does clean up the Squid config file a lot making it easier on the eyes

sed -i "/^#/d;/^ *$/d" /etc/squid/squid.conf

Now, edit your squid.conf file and append this to the bottom

url_rewrite_program /usr/local/bin/

Also find the line for http_port and make it now read

http_port 3128 transparent

Finally, we have to create the folders for the images to be flipped in and set their permissions

mkdir /srv/http/images
chown http:http /srv/http/images
chmod 755 /srv/http/images

Finally, add the proxy user to group http

usermod -aG http proxy

Verify that the proxy user is a member of the http group

groups proxy


id -Gn proxy


Make sure you start both apache and squid with

/etc/rc.d/httpd start
/etc/rc.d/squid start

Router Setup

You will need to edit iptables on your router or gateway to redirect http traffic to your proxy.

If you have DD-WRT on your router, this is easily done by going to Administration -> Commands and pasting the following into the box.

LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`
iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT

Links and Sources

Original Upside-Down-Ternet Link

Ubuntu HowTo

Transparent Proxy with DD-WRT

Upside-Down-Ternet XKCD