All times are UTC + 1 hour




Post new topic Reply to topic  [ 33 posts ]  Go to page Previous  1, 2, 3, 4
Author Message
 Post subject: Re: Transparent Proxy - secure, isolated box (JonDoBOX)
PostPosted: Tue Dec 16, 2014 21:12 

Joined: Sat Aug 25, 2012 1:02
Posts: 188
I have been using this setup for about a year. HTTP and HTTPS work perfect.

proper wrote:
I mean, you first use iptables to redirect all the systems traffic ("Trans data stream") to redsocks, and redsocks forwards it to JonDo's http port (default: 4001)? (Obviously, JonDo's traffic however must be allowed to connect the open internet. Be it run as as special user or on a gateway [vm] machine.) Right?


No need for Virtual Machine.

In my diagram, it is Redsocks that intercepts a given port and forwards it to a transport.

The same setup applies to SSH, Tor, JonDo, et al.

No leaks whatsoever.

You can even anonymize Bittorent with no leaks.

To use JonDo free services with Redsocks, you have to use the http-connect protocol, not SOCKS.

Remember, the free services do not support SOCKS, so in Redsocks you cannot use SOCKS. Use http-connect. For the premium services, you should use SOCKS5.

For performance reasons, the free services are not recommend, as it is slow.

_________________
http://www.sovereignpress.org - The Privacy Book.


Top
 Profile  
 
 Post subject: Re: Transparent Proxy - secure, isolated box (JonDoBOX)
PostPosted: Tue Dec 16, 2014 23:07 

Joined: Sun Apr 01, 2012 21:19
Posts: 39
sovereignpress wrote:
No leaks whatsoever.

Hard to say without any iptables to compare with.

Quote:
To use JonDo free services with Redsocks, you have to use the http-connect protocol, not SOCKS.

Remember, the free services do not support SOCKS, so in Redsocks you cannot use SOCKS. Use http-connect. For the premium services, you should use SOCKS5.

Indeed. Just remembered. JonDo free also supports http-connect.

But with JonDo free, you will be only able to connect to ports 80 and 443? An inherited limitatiation by JonDo free?

How do you resolve DNS? Using a public DNS server?

Because to my research a few years ago ([general, any proxy] see https://www.whonix.org/wiki/Dev/Inspira ... ing_Method) it was not possible without using a public DNS server.


Top
 Profile  
 
 Post subject: Re: Transparent Proxy - secure, isolated box (JonDoBOX)
PostPosted: Tue Aug 16, 2016 13:25 

Joined: Tue Aug 16, 2016 10:56
Posts: 3
Could someone tell me why it's important to configure iptables for a different user than the one JonDo runs on?


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 33 posts ]  Go to page Previous  1, 2, 3, 4

All times are UTC + 1 hour


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Free Trial for Premium Services
Free Trial for Premium Services
JonDonym News
New OpenPGP signatur key
Tue, 11 Nov 2014
New SSL certificate for webserver
Fri, 31 Oct 2014
Speaker's Corner
UK Data Retention and Investigation Powers Bill
Fri, 11 July 2014
NSA and Tor
Fri, 04 July 2014
For your web site - free!
Get your free IP check image for your web site or forum here!
Latest software releases
JonDo 0.19.001
Tue, 29 Aug 2013
JonDoFox 2.12.0
Thu, 13 Jul 2015
JoToSL-DVD 0.9.88.2
Fri, 08 Jan 2016