Using freki on host connected to network through Proxy Server.

Question

Using freki on host connected to network through Proxy Server.

Closed this issue 8 years ago · 6 comments

My system connects to the internet via a HTTP proxy. I saw the documentation specified freki usage while on a TCP proxy (which I assume must be SOCKS proxy), when I tried working with similar rules for HTTP proxy, I couldn't get freki working. Am I doing anything wrong, or is this support to be added to freki yet?

Answer 1 · 2017-02-07T20:12:17.000Z

Hi @kalyan-kumar, that's not really how freki works. When you have a rule like this:

  - match: tcp dst port 555
    type: proxy
    target: tcp://portquiz.net:666

That means that any incoming connection on TCP port 555 will be accepted, and then proxied to portquiz.net:666.

This is not the same thing as a HTTP proxy. Rather it is really just shuffling bytes between two TCP connections.

Answer 2 · 2017-02-08T05:16:13.000Z

@kung-foo, thank you for the reply. But I have previously understood that freki is not a HTTP proxy. I am already working from behind a HTTP proxy. Now I just want to see how freki works, and am trying to set it up on my system. But I am unable to connect as freki is not forwarding the requests to my proxy (I assume that is the error). So I am asking how should I setup freki so that it works on a system that is connecting via a HTTP proxy. Thank You :)

Answer 3 · 2017-02-09T12:12:14.000Z

Freki will not forward requests to an HTTP proxy unless you explicitly configure it to in the rules.

Here is an example of setting up an explicit HTTP proxy and then proxying (TCP) requests to it:

https://github.com/kung-foo/freki/tree/master/examples/http-proxy

Answer 4 · 2017-02-09T18:39:20.000Z

I added the rule, and set proxy of my browser to localhost:6000 (freki is running on that). Warnings are raised by freki, and the browser is unable to connect. I get the following warning.
WARN[0120] [prxy.tcp] untracked connection: 127.0.0.1:39886

Answer 5 · 2017-02-10T11:27:02.000Z

Freki generally only mangles packets that originate from outside the interface it is bound to. So if you bind freki to eth0 and then make a request from localhost to localhost, it probably won't work.

I did this explicitly because I didn't want to mess with connection initiated on the localhost. For example, I still want apt-get or yum to still work.

For testing, I usually use Docker to either run freki, or to test from. Meaning I bind freki to eth0, and then start a simple Ubuntu container and make a request to the container's gateway (which is the host).

I would recommend checking out the above example to see how you can use Docker for testing on your local system.

Answer 6 · 2017-02-14T11:15:34.000Z

@kalyan-kumar let us know in case you have more questions. Closing this for now.