{"id":2398,"date":"2017-08-17T22:03:28","date_gmt":"2017-08-17T22:03:28","guid":{"rendered":"http:\/\/blog.paranoidprofessor.com\/?p=2398"},"modified":"2017-08-17T22:03:28","modified_gmt":"2017-08-17T22:03:28","slug":"reuse-a-pi-proxy-server","status":"publish","type":"post","link":"https:\/\/blog.paranoidprofessor.com\/index.php\/2017\/08\/17\/reuse-a-pi-proxy-server\/","title":{"rendered":"Reuse a Pi – Proxy server"},"content":{"rendered":"

The Raspberry Pi was (and still is) an incredible computer. It was the size of a small deck of cards, ran Linux, could manipulate other devices via the GPIO pins, cost only 35 dollars and is just as capable as a normal personal computer.<\/p>\n

If one was good then two must be better and so some how I ended up buying a few of them. \u00a0I did create my own little weather station and to fool around with other Arduino peripherals. \u00a0It was a lot of fun but somehow they got set aside in a shoe box.<\/p>\n

It seems to be a shame to not use these so I am trying to find a use for these devices. \u00a0The first use was to create a Airprint server <\/a>so my wife could print from her Ipad.<\/p>\n

What is a proxy server<\/h2>\n

A proxy server is simply a server that is acting as a gateway between two networks. Typically the second network is the internet. \u00a0There are a number of different types of proxy server’s that can be installed.<\/p>\n\n\n\n\n\n
Cache server<\/td>\nThe server saves the internet content locally. \u00a0This makes subsequent calls by either the same or different\u00a0clients faster as the information is cached locally.<\/p>\n

The server is defined to listen to a specific port and the client must be specifically configured to use that proxy server.<\/td>\n<\/tr>\n

Transparent\u00a0server<\/td>\nA transparent server performs the same function as a cache server but with a single distinction.<\/p>\n

The client does not have to be specifically configured nor know that a proxy server exists.<\/td>\n<\/tr>\n

Reverse\u00a0server<\/td>\nA reverse proxy performs a similar function of caching results but instead of running on the client’s network for the benefit of the client’s company it runs for the benefit of the web server. \u00a0Its goal is to reduce the load from the web server.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Installing a proxy server<\/h2>\n

In the open source world there is seldom a single option for any given software solution. This is true from web servers to office suites. \u00a0There is undoubtedly a number of proxy servers as well but the one that kept coming up in my searches was Squid.<\/p>\n

Installing squid on the Raspberry Pi is just as matter of the following apt-get command.<\/p>\n

apt-get install squid3<\/pre>\n
This is a small and self contained program. \u00a0The program squid3 is installed into \/etc\/squid3 along with the squid.conf configuration file.<\/p>\n
The default configuration for squid won’t let anything through, you will need to make a few tiny changes. \u00a0Below are a few extracts from the configuration.<\/p>\n
\r\n# Example rule allowing access from your local networks.\r\n# Adapt to list your (internal) IP networks from where browsing\r\n# should be allowed\r\n#acl localnet src 10.0.0.0\/8 # RFC1918 possible internal network\r\n#acl localnet src 172.16.0.0\/12 # RFC1918 possible internal network\r\n#acl localnet src 192.168.0.0\/16 # RFC1918 possible internal network\r\n#acl localnet src fc00::\/7 # RFC 4193 local private network range\r\n#acl localnet src fe80::\/10 # RFC 4291 link-local (directly plugged) machines\r\nacl localnet src 192.168.178.0\/24\r\n<\/pre>\n
In this excerpt I needed to add line 9 for my network.<\/p>\n
 <\/p>\n
The change above is used in conjunction with a second change to the configuration file, line 8\u00a0below to use this “localnet”.<\/p>\n
\r\n#\r\n# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS\r\n#\r\n\r\n# Example rule allowing access from your local networks.\r\n# Adapt localnet in the ACL section to list your (internal) IP networks\r\n# from where browsing should be allowed\r\nhttp_access allow localnet\r\nhttp_access allow localhost \r\n<\/pre>\n
This is actually the only configuration that is necessary in order to use the proxy server.<\/p>\n
 <\/p>\n
However it is possible to add a few additional lines to try and filter out advertisements a bit. \u00a0Just add them at the spot highlighted in the configuration file. This small insert allows me to define places on the internet in a text file or text files of locations that I don’t want to be accessible.<\/p>\n
\r\n## disable ads \r\nacl ads dstdom_regex "\/etc\/squid3\/ad_block.txt"\r\nhttp_access deny ads\r\ndeny_info TCP_RESET ads\r\n\r\nacl urlads url_regex "\/etc\/squid3\/adurl_block.txt"\r\nhttp_access deny urlads\r\n#deny_info TCP_RESET urlads\r\n<\/pre>\n
For my proxy server I have setup two text files. The first one is for sites that I want filtered out. \u00a0The second text file could contain url’s for sites that deliver advertisements. This makes it easy to either reduce the advertisements for the sites you want to visit while preventing unsavory sites from getting through.<\/p>\n
 <\/p>\n
Blocking the URL’s is as simple as you think. \u00a0Simply enter the name of the website that you would normally enter into your browser.<\/p>\n
\r\nadurl_block.txt\r\nwww.nakedgirls.com\r\nwww.myspace.com\r\n<\/pre>\n
The same is true for blocking the ads as well. \u00a0It is harder to give a clear list of which domains are serving advertisements. \u00a0It is probably best to find a blacklist of those domains.<\/p>\n
There are other sites that are dedicated to keeping up-to-date lists for\u00a0these advertisement domains. I don’t feel that I am adding any additional value by providing that here. \u00a0If you want such a list then you should go and find one of those sites.<\/p>\n
https:\/\/www.calomel.org\/squid_adservers.html<\/a><\/p><\/blockquote>\n
This site also has additional information on how to setup squid. \u00a0If you want to learn more visit\u00a0calomel.org.<\/p>\n
Setting up the client<\/h2>\n
The squid proxy server will look at port 3128 by default.<\/p>\n
# Squid normally listens to port 3128\r\nhttp_port 3128\r\n<\/pre>\n
So when setting up the browser to use the new proxy server point it to the raspberry pi and to this port.<\/p>\n
\"\"<\/a><\/p>\n
Other notes<\/h2>\n
When updating the different ad blocking text files you could get these values reloaded by restarting squid or by running the reconfigure option which will re-process the configuration file.<\/p>\n
squid3 -k reconfigure<\/pre>\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
The Raspberry Pi was (and still is) an incredible computer. It was the size of a small deck of cards, ran Linux, could manipulate other devices via the GPIO pins, cost only 35 dollars and is just as capable as … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts\/2398"}],"collection":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/comments?post=2398"}],"version-history":[{"count":11,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts\/2398\/revisions"}],"predecessor-version":[{"id":2529,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/posts\/2398\/revisions\/2529"}],"wp:attachment":[{"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/media?parent=2398"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/categories?post=2398"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.paranoidprofessor.com\/index.php\/wp-json\/wp\/v2\/tags?post=2398"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}