bahattab
10-07-2009, 11:10 PM
How to Run Your Own Proxy ?
So you want to access MySpace (http://www.myspace.com/) or use instant messenger from school or work? By connecting to your cable/DSL internet connection from school/work, you can! Here's how:
Web Proxy
If you only need access to restricted web sites from school or work, read this tutorial (http://foxyproxy.mozdev.org/apache.html).
SOCKS Proxy
If you need to access restricted web sites and instant messenger, ftp, or other restricted protocols, read this tutorial (http://foxyproxy.mozdev.org/antinat.html) (easier for Windows users). or this one (http://foxyproxy.mozdev.org/sshproxy.html) (easier for linux/osx/unix users). Both tutorials work for Windows and *nix-based operating systems.
Encryped Communications with the Proxy
After you've setup a proxy with one of the above tutorials, you can encrypt all communication to and from the proxy so school/work can't spy. See encrypting with stunnel (http://foxyproxy.mozdev.org/stunnel.html).
Further Reading
Tunneling Any Protocol (http://www.linux-mag.com/id/2062/) over HTTP, ICMP, UDP, etc. using httptunnel, icmp shell, shadyshell, Stegtunnel
GNU httptunnel (http://www.nocrew.org/software/httptunnel.html)
GNU httptunnel v3.3 for Windows (http://www.neophob.com/serendipity/index.php?/archives/85-GNU-HTTPtunnel-v3.3-Windows-Binaries.html) with tutorials
Firewall Piercing (http://www.linuxdocs.org/HOWTOs/mini/Firewall-Piercing.html)
How to Run Your Own Proxy (Web only)
Who is this tutorial for?
This tutorial is for the person who needs to access restricted web sites from a location with a restricted internet connection (e.g., work, school). If you need to use instant messenger, ftp, and other non-web (HTTP) protocols, see How to Run Your Own Proxy (SOCKS5) (http://foxyproxy.mozdev.org/antinat.html).
You should be comfortable installing and configuring software.
You should have a decent understand of the internet and networks in general
You should know what a proxy is (see FAQ (http://foxyproxy.mozdev.org/faq.html) if you don't).
Prerequisites
An unrestricted internet connection. Perhaps you have this at home (instead of school/work) or at a friend's house.
A computer which you can leave turned on while you're at school, work, or wherever the restricted internet connection is.
Let's begin.
Download the latest version of Apache httpd from here (http://httpd.apache.org/download.cgi). Click the "Other files" link to download binaries.
Install. For Windows, it's just like any other Windows installation. You'll be prompted for a few things during installation like domain name. You can enter your IP address or, better yet, get a free dynamic domain name at no-ip.com (http://www.no-ip.com/) or DynDNS.org (http://www.dyndns.com/). On Windows, you should choose the option to install as a service. Otherwise, you'll have an annoying command-prompt on your desktop when apache runs.
Open the file httpd.conf installed by apache. This is the configuration file for the web server. On Windows, the default location is c:\Program Files\Apache Group\Apache2\conf\httpd.conf. Comments in the file start with "#".
Around line 120, you'll see Listen 8080 or Listen 80. Change this to the port on which you'd like to expose the proxy server. If this proxy server will be running on a residential cable/DSL connection, many ISPs prevent inbound connections on to residential connections on ports 80 and 25 as well as others. To find out which inbound ports your ISP prevents connection to, find the FAQ for your ISP at dslreports.com (http://www.dslreports.com/faqnew). Additionally, if you will be connecting to this proxy server from a corporate environment, be aware that some corporate firewalls only permit outbound connections on a few ports to machines outside their firewall. Often outbound ports 21, 23, 80, and 443 are permitted because they are typically used for FTP, telnet, HTTP, and SSL, respectively.
If your IP address is in one of these ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
you are most likely behind a router using NAT addressing. If so, configure port forwarding on your router to forward the port you chose in the previous step to the NAT'd IP address of the PC which will run apache httpd (e.g., 198.168.x.x).
Uncomment the following lines by removing the leading "#" LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
Add the following to the end of the file: ProxyRequests On
ProxyVia On
<Proxy *>
Order deny,allow
Deny from all
Allow from aaa.bbb.ccc.ddd
</Proxy>
where aaa.bbb.ccc.ddd is the IP address of the remote machine which will connect to your PC. If you omit the green text, you will be running an open proxy (http://en.wikipedia.org/wiki/Open_proxy). FoxyProxy does not endorse or condone open proxies.
Save the file and start apache. On Windows, this is done either from the Start Menu or from the Service Control Panel (if you installed apache httpd as a service).
Caching (optional)
Apache can cache web server responses, such as commonly-used images, to speed things up. HTTPS responses are not cached due to security restrictions. To enable caching, add the following to the end of http.conf: LoadModule cache_module modules/mod_cache.so
<IfModule mod_cache.c>
# This sets up caching to disk.
# You can setup caching to memory if you prefer.
LoadModule disk_cache_module modules/mod_disk_cache.so
<IfModule mod_disk_cache.c>
CacheRoot c:/temp/cacheroot
CacheEnable disk /
CacheDirLevels 5
CacheDirLength 4
# Read this (http://httpd.apache.org/docs/2.2/mod/mod_disk_cache.html) for info about the above options
# Read this (http://httpd.apache.org/docs/2.2/programs/htcacheclean.html) for info on cleaning the cache
</IfModule>
Configuring FoxyProxy to Use Your Proxy
Create a new proxy definition by clicking the "Add New Proxy" button on the FoxyProxy Options dialog [screenshot].
Enter a name and optionally, notes, on the General tab [screenshot]. For example, under name you might enter "Apache HTTPD" and under notes, "Web proxy running at home"
On the Proxy Details tab [screenshot], select "Manual Proxy Configuration". In the HTTP proxy field, enter the IP address of the machine on which you installed Apache httpd. If your ISP periodically changes your IP address (many cable/dsl ISPs do), get a free No-IP (http://www.no-ip.com/) or DynDNS (http://www.dyndns.com/) account. These services grant you a free domain name; for example, myproxy.bounceme.net. You run client software on your PC which "phones home" to DynDNS/No-IP every 30 minutes, informing them of your current IP address. Note that many modern consumer-oriented routers from Linksys, Netgear, D-Link, etc. have this software built-in so you don't need to run a client on your PC. If you have a domain name instead of an IP address, enter it here.
In the port field, enter the port under which you configured Apache httpd to run. This is specified in the c:\Program Files\Apache Group\Apache2\conf\httpd.conf file on the Listen xxxx line.
Leave all other fields on the Proxy Details tab blank.
On the Patterns tab [screenshot], enter patterns which match blocked URLs at your school/place-of-business.
Start surfing the web!
Optional
If you would like to
Configure encryption so all communications between you and your proxy are encrypted (even plain http:// addresses)
Restrict who can use the proxy not by IP address but by password or digital certificate
then see the stunnel/OpenSSL (http://foxyproxy.mozdev.org/stunnel.html) tutorial. Other Tutorials (http://foxyproxy.mozdev.org/howto.html)
How to Run Your Own SOCKS Proxy Server
UPDATE 10 April 2009: The Windows version of antinat is no longer available from the links below. I recommend trying something else if you still require a Windows SOCKS server, for example SOCKS Puppet (http://socks.pendulus.net/). Note that SOCKS Puppet source code is not available, and so its efficacy and safety (i.e., no nefarious behavior) cannot be vetted.
Run your own SOCKS5 proxy server on Windows/Mac/Linux. Access restricted web sites, use instant messenger, ftp, and other protocols from school/work by leveraging your cable/DSL connection at home!
Who is this tutorial for?
This tutorial is for the person who needs to access restricted web sites, use instant messenger, ftp, and other protocols from a location with a restricted internet connection (e.g., work, school)
You should be comfortable installing and configuring software.
You should have a decent understand of the internet and networks in general
You should know what a proxy is (see About Proxy Servers (http://compnetworking.about.com/cs/proxyservers/a/proxyservers.htm) if you don't).
Prerequisites
An unrestricted internet connection. Perhaps you have this at home (instead of school/work) or at a friend's house.
A computer which you can leave turned on while you're at school, work, or wherever the restricted internet connection is.
Let's begin.
Download and install the latest Windows version of Antinat here (http://antinat.sourceforge.net/download.shtml). There are also versions for Linux and Unix (http://antinat.sourceforge.net/download.shtml).
Accept the default installation options [screenshot].
If you want Antinat to start automatically every time Windows starts, go to Windows Services and change the Antinat service startup type from manual to automatic [screenshot].
Click the Windows Start button, select Run, and in the Open box type notepad c:\program files\Antinat\antinat.xml
Replace the contents of the file with: <?xml version='1.0'?>
<antinatconfig>
<!-- Use any ethernet interface -->
<interface value='0.0.0.0'/>
<!-- Port on which to listen -->
<port value='1080'/>
<maxbindwait value='60'/>
<!-- What security methods do we offer clients? -->
<authchoice>
<select mechanism='anonymous'/>
</authchoice>
<!-- Which connections should we accept or reject? -->
<filter source_addrtype='ipv4'>
<filter source_addr='aaa.bbb.ccc.ddd'><accept/></filter>
<filter source_addr='eee.fff.ggg.hhh'><accept/></filter>
<filter source_addr='iii.jjj.kkk.mmm'><accept/></filter>
<reject/>
</filter>
</antinatconfig>
Change the IP addresses in the <filter source_addr='aaa.bbb.ccc.ddd'><accept/></filter> entries to the IP addresses which you'd like to grant access to this proxy server.
Change <port value='1080'/> to the port on which you'd like to expose the proxy server. If this proxy server will be running on a residential cable/DSL connection, many ISPs prevent inbound connections to residential connections on ports 80 and 25 as well as others. To find out which inbound ports your ISP prevents connection to, find the FAQ for your ISP at dslreports.com (http://www.dslreports.com/faqnew). Additionally, if you will be connecting to this proxy server from a corporate environment, be aware that some corporate firewalls only permit outbound connections on a few ports to machines outside their firewall. Often outbound ports 21, 23, 80, and 443 are permitted because they are typically used for FTP, telnet, HTTP, and SSL, respectively.
For complete instructions on Antinat configuration, see the Antinat man page (http://antinat.sourceforge.net/doc/antinat.xml.4.shtml). You can, for example, configure Antinat to accept connections based on userid/password credentials instead of by IP address.
If your IP address is in one of these ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
you are most likely behind a router using NAT addressing. If so, configure port forwarding on your router to forward the port you chose in the previous step to the NAT'd IP address of the PC which will run Antinat (e.g., 198.168.x.x).
Save the file restart Antinat. On Windows, if you selected to install Antinat as a service, this is done from the Service Control Panel [screenshot] by right-clicking and selecting "Start" or "Restart".
Configuring FoxyProxy to Use Your Proxy Server
Finally, you must install and configure FoxyProxy on the computer with restricted internet access.
Create a new proxy definition by clicking the "Add New Proxy" button on the FoxyProxy Options dialog [screenshot].
Enter a name and optionally, notes, on the General tab [screenshot]. For example, under name you might enter "My Home Proxy" and under notes, "SOCKS5 proxy running at home"
On the Proxy Details tab [screenshot], select "Manual Proxy Configuration". In the SOCKS proxy field, enter the IP address or domain name of the machine on which you installed Antinat. If your ISP periodically changes your IP address as many cable/dsl ISPs do, read this (http://foxyproxy.mozdev.org/antinat.html#no-ip) below.
In the port field, enter the port under which you configured Antinat to run. This is specified in the c:\program files\Antinat\antinat.xml file in the <port value='1080'/> entry.
Leave all other fields on the Proxy Details tab blank.
On the Patterns tab [screenshot], enter URL patterns which match blocked URLs at your school/place-of-business. You can read more about patterns here (http://foxyproxy.mozdev.org/patterns.html).
Change FoxyProxy from disabled to Use proxies based on their pre-defined patterns and priorities.
Surf the web. Whenever a URL to which you browse matches one of the patterns (http://foxyproxy.mozdev.org/patterns.html)* you've defined, the associated proxy is used to load that URL.
Surf the web. Whenever a URL to which you browse matches one of the patterns (http://foxyproxy.mozdev.org/patterns.html)* you've defined, the associated proxy is used to load that URL.
* Providing (1) FoxyProxy is set to "Use proxies based on their pre-defined patterns and priorities" and (2) there is no blacklist pattern defined for that URL.
Optional
If you would like to configure encryption so all communications between you and your proxy are encrypted (even plain http:// addresses), see the stunnel/OpenSSL (http://foxyproxy.mozdev.org/stunnel.html) tutorial.
What if my unrestricted internet connection has a dynamic IP address?
If your ISP periodically changes your IP address as many cable/dsl ISPs do, get a free No-IP (http://www.no-ip.com/) or DynDNS (http://www.dyndns.com/) account. These services grant you a free domain name; for example, myproxy.bounceme.net. You run client software on your PC which "phones home" to DynDNS/No-IP every 30 minutes, informing them of your current IP address. Note that many modern consumer-oriented routers from Linksys, Netgear, D-Link, etc. have this software built-in so you don't need to run a client on your PC.
Other Tutorials (http://foxyproxy.mozdev.org/howto.html)
Proxy Lists
You are encouraged to run your own private proxy (http://foxyproxy.mozdev.org/howto.html) if you have access to an unrestricted ISP. However, for those who are not so fortunate, here are some sites that maintain lists of open proxies around the globe. These proxies can be temperamental, so you will be better off running run your own private proxy (http://foxyproxy.mozdev.org/howto.html) if possible. We have no affiliation with these sites.
Please note open proxies are usually unreliable, slow and insecure. If you need fast and secure proxy service for the UK, US, Canada, or most any country, please click here (http://foxyproxy.mozdev.org/proxyservice) (free trial available).
CoDeeN (http://codeen.cs.princeton.edu/), Princeton University's Content Distribution Network - neither private nor anonymous but reliable. HTTP proxies only (no SOCKS), all of which listen on port 3128.
Rosinstrument (http://tools.rosinstrument.com/) - huge resource of proxy lists, tutorials, FAQs, etc.
www.TextProxyLists.com (http://www.textproxylists.com/proxy.php?allproxy)
XRoxy (http://www.xroxy.com/proxylist.htm)
SamAir Security (http://www.samair.ru/)
MultiProxy List (http://www.multiproxy.org/all_proxy.htm)
Proxy4Free (http://www.proxy4free.com/page1.html)
AtomInterSoft socks (http://www.atomintersoft.com/products/alive-proxy/socks5-list/) and non-socks (http://www.atomintersoft.com/products/alive-proxy/proxy-list/)
PublicProxyServers.com (http://www.publicproxyservers.com/page1.html)
http://proxylist.sakura.ne.jp/
http://www.proxy-list.net/fresh-proxy-lists.shtml
http://atomintersoft.com/products/alive-proxy/proxy-list/
http://www.hackingballz.com/herramientas/proxys/index.html
NNTime (http://nntime.com/) - sortable lists by country
e-pr0xy.com (http://e-pr0xy.com/)
OpenNIC's free HTTP proxy (http://www.opennic.org.uk/proxy_howto.html) (77.240.4.209:8118)
http://foxyproxy.mozdev.org/help.html
(http://foxyproxy.mozdev.org/help.html)
So you want to access MySpace (http://www.myspace.com/) or use instant messenger from school or work? By connecting to your cable/DSL internet connection from school/work, you can! Here's how:
Web Proxy
If you only need access to restricted web sites from school or work, read this tutorial (http://foxyproxy.mozdev.org/apache.html).
SOCKS Proxy
If you need to access restricted web sites and instant messenger, ftp, or other restricted protocols, read this tutorial (http://foxyproxy.mozdev.org/antinat.html) (easier for Windows users). or this one (http://foxyproxy.mozdev.org/sshproxy.html) (easier for linux/osx/unix users). Both tutorials work for Windows and *nix-based operating systems.
Encryped Communications with the Proxy
After you've setup a proxy with one of the above tutorials, you can encrypt all communication to and from the proxy so school/work can't spy. See encrypting with stunnel (http://foxyproxy.mozdev.org/stunnel.html).
Further Reading
Tunneling Any Protocol (http://www.linux-mag.com/id/2062/) over HTTP, ICMP, UDP, etc. using httptunnel, icmp shell, shadyshell, Stegtunnel
GNU httptunnel (http://www.nocrew.org/software/httptunnel.html)
GNU httptunnel v3.3 for Windows (http://www.neophob.com/serendipity/index.php?/archives/85-GNU-HTTPtunnel-v3.3-Windows-Binaries.html) with tutorials
Firewall Piercing (http://www.linuxdocs.org/HOWTOs/mini/Firewall-Piercing.html)
How to Run Your Own Proxy (Web only)
Who is this tutorial for?
This tutorial is for the person who needs to access restricted web sites from a location with a restricted internet connection (e.g., work, school). If you need to use instant messenger, ftp, and other non-web (HTTP) protocols, see How to Run Your Own Proxy (SOCKS5) (http://foxyproxy.mozdev.org/antinat.html).
You should be comfortable installing and configuring software.
You should have a decent understand of the internet and networks in general
You should know what a proxy is (see FAQ (http://foxyproxy.mozdev.org/faq.html) if you don't).
Prerequisites
An unrestricted internet connection. Perhaps you have this at home (instead of school/work) or at a friend's house.
A computer which you can leave turned on while you're at school, work, or wherever the restricted internet connection is.
Let's begin.
Download the latest version of Apache httpd from here (http://httpd.apache.org/download.cgi). Click the "Other files" link to download binaries.
Install. For Windows, it's just like any other Windows installation. You'll be prompted for a few things during installation like domain name. You can enter your IP address or, better yet, get a free dynamic domain name at no-ip.com (http://www.no-ip.com/) or DynDNS.org (http://www.dyndns.com/). On Windows, you should choose the option to install as a service. Otherwise, you'll have an annoying command-prompt on your desktop when apache runs.
Open the file httpd.conf installed by apache. This is the configuration file for the web server. On Windows, the default location is c:\Program Files\Apache Group\Apache2\conf\httpd.conf. Comments in the file start with "#".
Around line 120, you'll see Listen 8080 or Listen 80. Change this to the port on which you'd like to expose the proxy server. If this proxy server will be running on a residential cable/DSL connection, many ISPs prevent inbound connections on to residential connections on ports 80 and 25 as well as others. To find out which inbound ports your ISP prevents connection to, find the FAQ for your ISP at dslreports.com (http://www.dslreports.com/faqnew). Additionally, if you will be connecting to this proxy server from a corporate environment, be aware that some corporate firewalls only permit outbound connections on a few ports to machines outside their firewall. Often outbound ports 21, 23, 80, and 443 are permitted because they are typically used for FTP, telnet, HTTP, and SSL, respectively.
If your IP address is in one of these ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
you are most likely behind a router using NAT addressing. If so, configure port forwarding on your router to forward the port you chose in the previous step to the NAT'd IP address of the PC which will run apache httpd (e.g., 198.168.x.x).
Uncomment the following lines by removing the leading "#" LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
Add the following to the end of the file: ProxyRequests On
ProxyVia On
<Proxy *>
Order deny,allow
Deny from all
Allow from aaa.bbb.ccc.ddd
</Proxy>
where aaa.bbb.ccc.ddd is the IP address of the remote machine which will connect to your PC. If you omit the green text, you will be running an open proxy (http://en.wikipedia.org/wiki/Open_proxy). FoxyProxy does not endorse or condone open proxies.
Save the file and start apache. On Windows, this is done either from the Start Menu or from the Service Control Panel (if you installed apache httpd as a service).
Caching (optional)
Apache can cache web server responses, such as commonly-used images, to speed things up. HTTPS responses are not cached due to security restrictions. To enable caching, add the following to the end of http.conf: LoadModule cache_module modules/mod_cache.so
<IfModule mod_cache.c>
# This sets up caching to disk.
# You can setup caching to memory if you prefer.
LoadModule disk_cache_module modules/mod_disk_cache.so
<IfModule mod_disk_cache.c>
CacheRoot c:/temp/cacheroot
CacheEnable disk /
CacheDirLevels 5
CacheDirLength 4
# Read this (http://httpd.apache.org/docs/2.2/mod/mod_disk_cache.html) for info about the above options
# Read this (http://httpd.apache.org/docs/2.2/programs/htcacheclean.html) for info on cleaning the cache
</IfModule>
Configuring FoxyProxy to Use Your Proxy
Create a new proxy definition by clicking the "Add New Proxy" button on the FoxyProxy Options dialog [screenshot].
Enter a name and optionally, notes, on the General tab [screenshot]. For example, under name you might enter "Apache HTTPD" and under notes, "Web proxy running at home"
On the Proxy Details tab [screenshot], select "Manual Proxy Configuration". In the HTTP proxy field, enter the IP address of the machine on which you installed Apache httpd. If your ISP periodically changes your IP address (many cable/dsl ISPs do), get a free No-IP (http://www.no-ip.com/) or DynDNS (http://www.dyndns.com/) account. These services grant you a free domain name; for example, myproxy.bounceme.net. You run client software on your PC which "phones home" to DynDNS/No-IP every 30 minutes, informing them of your current IP address. Note that many modern consumer-oriented routers from Linksys, Netgear, D-Link, etc. have this software built-in so you don't need to run a client on your PC. If you have a domain name instead of an IP address, enter it here.
In the port field, enter the port under which you configured Apache httpd to run. This is specified in the c:\Program Files\Apache Group\Apache2\conf\httpd.conf file on the Listen xxxx line.
Leave all other fields on the Proxy Details tab blank.
On the Patterns tab [screenshot], enter patterns which match blocked URLs at your school/place-of-business.
Start surfing the web!
Optional
If you would like to
Configure encryption so all communications between you and your proxy are encrypted (even plain http:// addresses)
Restrict who can use the proxy not by IP address but by password or digital certificate
then see the stunnel/OpenSSL (http://foxyproxy.mozdev.org/stunnel.html) tutorial. Other Tutorials (http://foxyproxy.mozdev.org/howto.html)
How to Run Your Own SOCKS Proxy Server
UPDATE 10 April 2009: The Windows version of antinat is no longer available from the links below. I recommend trying something else if you still require a Windows SOCKS server, for example SOCKS Puppet (http://socks.pendulus.net/). Note that SOCKS Puppet source code is not available, and so its efficacy and safety (i.e., no nefarious behavior) cannot be vetted.
Run your own SOCKS5 proxy server on Windows/Mac/Linux. Access restricted web sites, use instant messenger, ftp, and other protocols from school/work by leveraging your cable/DSL connection at home!
Who is this tutorial for?
This tutorial is for the person who needs to access restricted web sites, use instant messenger, ftp, and other protocols from a location with a restricted internet connection (e.g., work, school)
You should be comfortable installing and configuring software.
You should have a decent understand of the internet and networks in general
You should know what a proxy is (see About Proxy Servers (http://compnetworking.about.com/cs/proxyservers/a/proxyservers.htm) if you don't).
Prerequisites
An unrestricted internet connection. Perhaps you have this at home (instead of school/work) or at a friend's house.
A computer which you can leave turned on while you're at school, work, or wherever the restricted internet connection is.
Let's begin.
Download and install the latest Windows version of Antinat here (http://antinat.sourceforge.net/download.shtml). There are also versions for Linux and Unix (http://antinat.sourceforge.net/download.shtml).
Accept the default installation options [screenshot].
If you want Antinat to start automatically every time Windows starts, go to Windows Services and change the Antinat service startup type from manual to automatic [screenshot].
Click the Windows Start button, select Run, and in the Open box type notepad c:\program files\Antinat\antinat.xml
Replace the contents of the file with: <?xml version='1.0'?>
<antinatconfig>
<!-- Use any ethernet interface -->
<interface value='0.0.0.0'/>
<!-- Port on which to listen -->
<port value='1080'/>
<maxbindwait value='60'/>
<!-- What security methods do we offer clients? -->
<authchoice>
<select mechanism='anonymous'/>
</authchoice>
<!-- Which connections should we accept or reject? -->
<filter source_addrtype='ipv4'>
<filter source_addr='aaa.bbb.ccc.ddd'><accept/></filter>
<filter source_addr='eee.fff.ggg.hhh'><accept/></filter>
<filter source_addr='iii.jjj.kkk.mmm'><accept/></filter>
<reject/>
</filter>
</antinatconfig>
Change the IP addresses in the <filter source_addr='aaa.bbb.ccc.ddd'><accept/></filter> entries to the IP addresses which you'd like to grant access to this proxy server.
Change <port value='1080'/> to the port on which you'd like to expose the proxy server. If this proxy server will be running on a residential cable/DSL connection, many ISPs prevent inbound connections to residential connections on ports 80 and 25 as well as others. To find out which inbound ports your ISP prevents connection to, find the FAQ for your ISP at dslreports.com (http://www.dslreports.com/faqnew). Additionally, if you will be connecting to this proxy server from a corporate environment, be aware that some corporate firewalls only permit outbound connections on a few ports to machines outside their firewall. Often outbound ports 21, 23, 80, and 443 are permitted because they are typically used for FTP, telnet, HTTP, and SSL, respectively.
For complete instructions on Antinat configuration, see the Antinat man page (http://antinat.sourceforge.net/doc/antinat.xml.4.shtml). You can, for example, configure Antinat to accept connections based on userid/password credentials instead of by IP address.
If your IP address is in one of these ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
you are most likely behind a router using NAT addressing. If so, configure port forwarding on your router to forward the port you chose in the previous step to the NAT'd IP address of the PC which will run Antinat (e.g., 198.168.x.x).
Save the file restart Antinat. On Windows, if you selected to install Antinat as a service, this is done from the Service Control Panel [screenshot] by right-clicking and selecting "Start" or "Restart".
Configuring FoxyProxy to Use Your Proxy Server
Finally, you must install and configure FoxyProxy on the computer with restricted internet access.
Create a new proxy definition by clicking the "Add New Proxy" button on the FoxyProxy Options dialog [screenshot].
Enter a name and optionally, notes, on the General tab [screenshot]. For example, under name you might enter "My Home Proxy" and under notes, "SOCKS5 proxy running at home"
On the Proxy Details tab [screenshot], select "Manual Proxy Configuration". In the SOCKS proxy field, enter the IP address or domain name of the machine on which you installed Antinat. If your ISP periodically changes your IP address as many cable/dsl ISPs do, read this (http://foxyproxy.mozdev.org/antinat.html#no-ip) below.
In the port field, enter the port under which you configured Antinat to run. This is specified in the c:\program files\Antinat\antinat.xml file in the <port value='1080'/> entry.
Leave all other fields on the Proxy Details tab blank.
On the Patterns tab [screenshot], enter URL patterns which match blocked URLs at your school/place-of-business. You can read more about patterns here (http://foxyproxy.mozdev.org/patterns.html).
Change FoxyProxy from disabled to Use proxies based on their pre-defined patterns and priorities.
Surf the web. Whenever a URL to which you browse matches one of the patterns (http://foxyproxy.mozdev.org/patterns.html)* you've defined, the associated proxy is used to load that URL.
Surf the web. Whenever a URL to which you browse matches one of the patterns (http://foxyproxy.mozdev.org/patterns.html)* you've defined, the associated proxy is used to load that URL.
* Providing (1) FoxyProxy is set to "Use proxies based on their pre-defined patterns and priorities" and (2) there is no blacklist pattern defined for that URL.
Optional
If you would like to configure encryption so all communications between you and your proxy are encrypted (even plain http:// addresses), see the stunnel/OpenSSL (http://foxyproxy.mozdev.org/stunnel.html) tutorial.
What if my unrestricted internet connection has a dynamic IP address?
If your ISP periodically changes your IP address as many cable/dsl ISPs do, get a free No-IP (http://www.no-ip.com/) or DynDNS (http://www.dyndns.com/) account. These services grant you a free domain name; for example, myproxy.bounceme.net. You run client software on your PC which "phones home" to DynDNS/No-IP every 30 minutes, informing them of your current IP address. Note that many modern consumer-oriented routers from Linksys, Netgear, D-Link, etc. have this software built-in so you don't need to run a client on your PC.
Other Tutorials (http://foxyproxy.mozdev.org/howto.html)
Proxy Lists
You are encouraged to run your own private proxy (http://foxyproxy.mozdev.org/howto.html) if you have access to an unrestricted ISP. However, for those who are not so fortunate, here are some sites that maintain lists of open proxies around the globe. These proxies can be temperamental, so you will be better off running run your own private proxy (http://foxyproxy.mozdev.org/howto.html) if possible. We have no affiliation with these sites.
Please note open proxies are usually unreliable, slow and insecure. If you need fast and secure proxy service for the UK, US, Canada, or most any country, please click here (http://foxyproxy.mozdev.org/proxyservice) (free trial available).
CoDeeN (http://codeen.cs.princeton.edu/), Princeton University's Content Distribution Network - neither private nor anonymous but reliable. HTTP proxies only (no SOCKS), all of which listen on port 3128.
Rosinstrument (http://tools.rosinstrument.com/) - huge resource of proxy lists, tutorials, FAQs, etc.
www.TextProxyLists.com (http://www.textproxylists.com/proxy.php?allproxy)
XRoxy (http://www.xroxy.com/proxylist.htm)
SamAir Security (http://www.samair.ru/)
MultiProxy List (http://www.multiproxy.org/all_proxy.htm)
Proxy4Free (http://www.proxy4free.com/page1.html)
AtomInterSoft socks (http://www.atomintersoft.com/products/alive-proxy/socks5-list/) and non-socks (http://www.atomintersoft.com/products/alive-proxy/proxy-list/)
PublicProxyServers.com (http://www.publicproxyservers.com/page1.html)
http://proxylist.sakura.ne.jp/
http://www.proxy-list.net/fresh-proxy-lists.shtml
http://atomintersoft.com/products/alive-proxy/proxy-list/
http://www.hackingballz.com/herramientas/proxys/index.html
NNTime (http://nntime.com/) - sortable lists by country
e-pr0xy.com (http://e-pr0xy.com/)
OpenNIC's free HTTP proxy (http://www.opennic.org.uk/proxy_howto.html) (77.240.4.209:8118)
http://foxyproxy.mozdev.org/help.html
(http://foxyproxy.mozdev.org/help.html)