-
Notifications
You must be signed in to change notification settings - Fork 374
Manual Testing of Proxies
Setting up manual testing scenarios involving proxies can be surprisingly difficult. This page contains some recommended tools and configurations to help make this easier. These examples assume use of Unix.
Setting up an HTTP proxy can most easily be done via Squid. Squid can be installed via:
sudo apt-get install squid
If you wish to user password authentication for your proxy, create a file to store the password
sudo touch /etc/squid/passwords
Then you will need to add a user/password for auth. We can do this with htpasswd.
sudo apt-get install apache2-utils
sudo htpasswd /etc/squid/passwords <username>
The system will then prompt you to enter a new password for this user.
You will now need to edit the configuration file located at /etc/squid/squid.conf
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_access deny all
http_port 3128
http_access allow all
http_port 3128
Now simply start the proxy up
sudo service squid start
We can verify that it is running by trying to access the internet with curl. These commands should return your IP
Use this one if using proxy authentication:
curl --proxy http://127.0.0.1:3128 --proxy-user <username> https://www.httpbin.org/ip
Or this one if there is no proxy authentication:
curl --proxy http://127.0.0.1:3128 https://www.httpbin.org/ip
When you are done, you can stop the proxy server with
sudo service squid stop
Setting up a SOCKS4 or SOCKS5 proxy can be done via dante. Dante can be installed with
sudo apt-get install dante-server
Rather than using a new series of users/passwords like the Squid server mentioned above, Dante will use authentication from your Linux operating system, using the username/passwords from your OS to log in to the proxy server. Note that use of authentication is only compatible with SOCKS5.
Once dante is installed, you will need to edit the configuration file. It can be found at /etc/danted.conf
logoutput: syslog
user.privileged: root
internal: 0.0.0.0 port=1080
external: eth0
socksmethod: none
clientmethod: none
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
proxyprotocol: socks_v5
}
logoutput: syslog
user.privileged: root
internal: 0.0.0.0 port=1080
external: eth0
socksmethod: username
clientmethod: username
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
proxyprotocol: socks_v5
}
logoutput: syslog
user.privileged: root
internal: 0.0.0.0 port=1080
external: eth0
socksmethod: none
clientmethod: none
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect disconnect error
proxyprotocol: socks_v4
}
Now simply start the proxy up
sudo service danted start
We can verify that it is running by trying to access the internet with curl. These commands should return your IP
SOCKS5 (With Auth)
curl --proxy socks5://127.0.0.1:1080 --proxy-user <username> https://httpbin.org/ip
SOCKS5 (No Auth)
curl --proxy socks5://127.0.0.1:1080 https://httpbin.org/ip
SOCKS4
curl ---proxy socks4://127.0.0.1:1080 https://httpbin.org/ip
When you are done, you can stop the proxy server with
sudo service danted stop