Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
| doc:howto:proxy.tinyproxy [2014/10/03 08:30] – fix minor error lynus | docs:guide-user:services:proxy:tinyproxy [2022/01/10 21:18] – [Installing] torxgewinde | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Tinyproxy ====== | ====== Tinyproxy ====== | ||
| - | [[wp> | + | [[wp> |
| - | * https://banu.com/tinyproxy/ | + | * https:// |
| - | ====Enable Transparent Proxy for Backfire 10.03==== | + | ==== Installing |
| - | If a full featured HTTP proxy is required, the tinyproxy | + | To install |
| - install software packages:< | - install software packages:< | ||
| Line 17: | Line 17: | ||
| / | / | ||
| </ | </ | ||
| + | |||
| + | === Detailed configuration === | ||
| + | If you like to finetune the other options you can also use an editor like VI or nano to edit ''/ | ||
| + | config tinyproxy | ||
| + | option User ' | ||
| + | option Group ' | ||
| + | option Port ' | ||
| + | option Timeout ' | ||
| + | option DefaultErrorFile '/ | ||
| + | option StatFile '/ | ||
| + | option LogFile '/ | ||
| + | option LogLevel ' | ||
| + | option MaxClients ' | ||
| + | option MinSpareServers ' | ||
| + | option MaxSpareServers ' | ||
| + | option StartServers ' | ||
| + | option MaxRequestsPerChild ' | ||
| + | option ViaProxyName ' | ||
| + | list ConnectPort ' | ||
| + | list ConnectPort ' | ||
| + | option enabled ' | ||
| + | list Allow ' | ||
| + | list Allow ' | ||
| + | option Filter '/ | ||
| + | option FilterDefaultDeny ' | ||
| + | </ | ||
| + | |||
| + | The whitelist file ''/ | ||
| + | # filter exactly cnn.com | ||
| + | # ^cnn\.com$ | ||
| + | |||
| + | # filter all subdomains of cnn.com, but not cnn.com itself | ||
| + | # .*\.cnn.com$ | ||
| + | |||
| + | # filter any domain that has cnn.com in it, like xcnn.comfy.org | ||
| + | # cnn\.com | ||
| + | |||
| + | # filter any domain that ends in cnn.com | ||
| + | # cnn\.com$ | ||
| + | |||
| + | # filter any domain that starts with adserver | ||
| + | # ^adserver | ||
| + | |||
| + | ^openwrt\.org$ | ||
| + | .*\.openwrt\.org$ | ||
| + | |||
| + | ^127\.0\.0\.1$ | ||
| + | ^localhost$ | ||
| + | </ | ||
| + | |||
| + | Please note that only the FQDN / hostname can be filtered for HTTPS and HTTP. URL filtering with tinyproxy only works for unencrypted HTTP traffic because HTTPS-traffic is opaque to the proxy. It controls if the '' | ||
| + | |||
| + | === Configure Firewall === | ||
| + | Configure the firewall to filter/ | ||
| + | |||
| + | === Configure the clients === | ||
| + | Configure the clients to use the proxy. Browsers like Firefox / Chromium / Brave need the IP or hostname of the device where '' | ||
| + | |||
| + | === Transparent HTTP proxy === | ||
| + | This steps is optional and nowadays, that most websites use encryption, it is not as useful as it was anymore. Prefer configuring the proxy at the client side, most browsers allow configuring the proxy manually for HTTP and HTTPS. | ||
| + | For unencrypted HTTP connections the firewall can redirect traffic to the proxy. Client devices do not need to be configured to make use of the proxy server, but it only works for HTTP traffic. Encrypted HTTPS traffic cannot be handled this way. | ||
| - configure transparent proxy redirection:< | - configure transparent proxy redirection:< | ||
| uci add firewall redirect | uci add firewall redirect | ||