proxychains

From Gentoo Wiki
Jump to:navigation Jump to:search
This page contains changes which are not marked for translation.
This article is a stub. Please help out by expanding it - how to get started.
This article has been flagged for not conforming to the wiki guidelines (Needs to follow blueprint; Improve explanations). Please help Gentoo out by starting fixing things.


proxychains force any tcp connections to flow through a proxy (or proxy chain). Tool used to secure internet connections.

Installation

net-misc/proxychains does not have USE flags right now.

root #emerge --ask net-misc/proxychains

DNS leakage

Proxy chains has "proxy_dns" option in /etc/proxychains.conf to prevent "DNS leaks", but this options will work only if application support "Proxy DNS when using socks5", like Firefox has.

To test if application leaks DNS you can use Tcpdump tool.

To block all DNS request for user ff (simple sandbox for Firefox) in nftables use command:

root #nft add rule filter output meta skuid ff ip daddr != { 127.0.0.1/8, 224.0.0.0/8 } drop

To prevent leakage net-proxy/dnsproxy can be used on remote SSH server with following commands.

At local machine:

user $ssh -L 6667:0.0.0:6667 root@remove_ssh_ip

At server:

root #socat tcp4-listen:6667,reuseaddr,fork UDP:127.0.0.1:53000

At local machine:

root #socat udp-listen:53,reuseaddr,fork TCP:127.0.0.1:6667 &
root #echo "nameserver 127.0.0.1" > /etc/resolv.conf
root #chattr +i /etc/resolv.conf

Check dnsproxy with command:

root #dig @127.0.0.1 -p 53 gentoo.org
Retrieved from "https://wiki.gentoo.org/index.php?title=Proxychains&oldid=1224605"