DSM-G600, DNS-3xx and NSA-220 Hack Forum

rejong · 2008-04-24 23:30:25

Hi all,

I wanted a http proxy on my ch3snas and found Polipo to be the best for me. Polipo is lightweight, has a web interface for configuration and has enough options (set in /ffp/etc/polipo/config).

Install with

Code:

funplug -i polipo-1.0.4.tgz

you have to have funplug 0.5 by fonz installed.

Attachments:

polipo-1.0.4.tgz, Size: 296,622 bytes, Downloads: 1,780

mic_man · 2008-04-25 00:27:07

Isn't that almost the same as tunneling the traffic through SSH?... except that you might not need to login.

http://jstrassburg.blogspot.com/2006/01 … th-dd.html

rejong · 2008-04-26 18:10:58

True, but a proxy also does the DNS query.

fonz · 2008-04-26 18:27:16

mic_man wrote:
Isn't that almost the same as tunneling the traffic through SSH?... except that you might not need to login.

A good proxy does a lot more than just forwarding requests. Polipo is also a cache, it can filter and probably more.

shipiboconibo · 2009-03-03 15:30:58

I am having some trouble with Polipo.

It works fine on my LAN, but when I uncomment this line (below) and add my local PC's static IP address it seems to break Polipo.

Code:

allowedClients = "127.0.0.1, 192.168.1.100"

Also, when I uncomment the IPv4 & IPv6 line (below) it seems to lock me out as well, so I stuck with IPv4 only, not sure if this sheds any light on the problem.

Code:

#proxyAddress = "::0"        # both IPv4 and IPv6
proxyAddress = "0.0.0.0"    # IPv4 only

Everything else is stock.

Any ideas? I can't seem to forward ports on my router for specific IPs, so obviously I need to figure this out to use it safely :-(

shipiboconibo · 2009-03-03 17:40:11

UPDATE:
It works when I loose the double quotes.

Code:

allowedClients = 192.168.1.100, xxx.xxx.xxx.xxx

where xxx.xxx.xxx.xxx is my work IP
Odd, but it seems to work fine now. Can anyone else verify this?

It seems to be working right and I can now use Polipo on my DNS-323 at my home from my work PC.

Now, on to my ultimate goal, to figure out how to use 'tunnelAllowedPorts' correctly so I can IRC through Polipo. I am trying to do this so that I don't have dozens of script kiddies attacking my Windows servers at work.

That said, so far Polipo's port 8123 is the only port I have forwarded from the outside world to the DNS-323. Obviously I am using allowedClients, but is there any other security risks I may be unaware of with my Polipo n00bieness? :-P

UPDATE #2 :-P

Tunneling thru Polipo was a breeze. For IRC it was literally as simple as adding:

Code:

tunnelAllowedPorts = 113, 6667

Now, I am not sure that 113 is needed, it worked without it, but I didn't want to risk the ident server communicating directly with my work PC and possibly leaking my work IP, so I added it anyways. Maybe someone more knowledgeable than myself on this could clear it up or mention anything I might have overlooked here.

Last edited by shipiboconibo (2009-03-03 19:23:36)

DSM-G600, DNS-3xx and NSA-220 Hack Forum

Announcement

#1 2008-04-24 23:30:25

Polipo - proxy for funplug 0.5

Code:

#2 2008-04-25 00:27:07

Re: Polipo - proxy for funplug 0.5

#3 2008-04-26 18:10:58

Re: Polipo - proxy for funplug 0.5

#4 2008-04-26 18:27:16

Re: Polipo - proxy for funplug 0.5

mic_man wrote:

#5 2009-03-03 15:30:58

Re: Polipo - proxy for funplug 0.5

Code:

Code:

#6 2009-03-03 17:40:11

Re: Polipo - proxy for funplug 0.5

Code:

Code:

Board footer