Yes, you’re going to need shell access to your ClearOS box. Preferably root, but if you have another user that is allowed
and has sudo access, that’ll work too.
(
Side note: More detailed information about proxying via ClearOS can be found here.)
(1-3) Prepare Your Environment – Privoxy
Since ClearOS repositories do not contain any traces of Privoxy you’ll need to manually build it yourself. Head over to the Privoxy website, towards the downloads. You’ll need to “View All Files” and scroll down to the “Sources” directory. There you should see a tar.gz, click on it – Make sure it is “stable” (Link: http://sourceforge.net/projects/ijbswa/files/)
Copy the direct link and put it into the shell – I’m going to assume you’re in /home/admin. Example ..
wget http://downloads.sourceforge.net/project/ijbswa/Sources/3.0.16%20%28stable%29/privoxy-3.0.16-stable-src.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fijbswa%2Ffiles%2F&ts=1289336405&use_mirror=cdnetworks-us-1
Something like this..
So now that we’ve did that. Let’s run some other useful tasks.
Before compiling or installing Privoxy, you need to set a specific user/group for it. Mostly because you don’t want this tool running under super cow powers.
Do this:
useradd privoxy
Then:
passwd privoxy
Think of something good 
Now, run make. It’ll then give you some tips on doing some other commands first – Whatever that is about. Either way, just press the y key and you’ll be set. Hopefully no errors occur. If so, just post them and I’ll see what I can dig up.
So… if everything does go OK. Issue make install – This will then install Privoxy to its suitable environment.
Side Note: Since there is 2 proxies by default installed on ClearOS (Squid, and Dans Guardian), you would naturally think you could direct Squid to Tor. This is not the case. ClearOS has the Squid configuration in a specific way, in-which I really didn’t not feel like editing. So I came up with this solution instead. If you have instead wanted to use Squid and came up with a suitable edit, feel free to pass it along.
Time to edit the configuration! Head over to /usr/local/etc/privoxy/ to edit the config. Like so:
cd /usr/local/etc/privoxy/
nano config
Go all the way to the end of the file and add:
forward-socks4a / IP:9050 .
Do not forget the end dot (.). Replace IP with the IP of the machine (the loopback IP. E.g. 127.0.0.1 or LAN, 192.168.1.2).
Save/Close that file.
(2-3) Tor
Now it’s time to cook some onions. Go to the Tor Project website to grab a binary or source of tor (http://www.torproject.org/download/download-unix.html.en). I recommend grabbing the source tarball.
Copy the link of the source tarball, at this time it’ll be 0.2.1.26. Make sure you’re still in /home/admin or something suitable. (I have an admin account setup for pseudo reasons if you hadn’t noticed.)
wget http://www.torproject.org/dist/tor-0.2.1.26.tar.gz
tar xvf tor-0.2.1.26.tar.gz
cd tor-0.2.1.26
./configure
make
OR
make install
If you only issue make you can execute directly in src/or/tor after compiling. Or you can issue make install and it’ll install it. Remember the account you’re installing / running under – You may not want tor running under a root account.
Small configuring with Tor
Now that Tor is installed, and hopefully working, it’s time to change a few things. Even though tor will be used by the entire network (HTTP) via a single machine, maybe some people will want to go directly to Tor, rather than around tor to use tor.
Open up /usr/local/etc/tor/torrc and find (if torrc does not exist, do: mv torrc.sample torrc):
## Replace this with “SocksPort 0″ if you plan to run Tor only as a
## relay, and not make any local application connections yourself.
SocksPort 9050 # what port to open for local application connections
SocksListenAddress 127.0.0.1 # accept connections only from localhost
This is for connecting local Internet applications through port 9050. We want to add an listening host/port in-case someone wants to connect directly to Tor that is not on the machine. It should look like this instead:
## Replace this with “SocksPort 0″ if you plan to run Tor only as a
## relay, and not make any local application connections yourself.
SocksPort 9050 # what port to open for local application connections
SocksListenAddress 127.0.0.1 # accept connections only from localhost
SocksListenAddress IP:9100 # listen on this IP:port also
“IP” should be the LAN IP of the machine, such as 192.168.1.2. You can set the port to whatever you prefer (as long as it’s not in use by something else).
Generally some people will want to run Tor in the background, so if you want to do this find #RunAsDaemon 1 and remove the #. But if you don’t think anyone is going to run Privoxy / Polipo or some other translator on their owncomputer to connect to Tor then don’t worry about adding an extra listening address.
Once you’re all finished with that, save and close.
(3-3) DansGuardian
Yay – We’ve made it this far!
Let’s start editing DG now. Open up /etc/dansguardian-av/dansguardian.conf and find:
# the port DansGuardian connects to proxy on
proxyport = 3128
3128 is Squid’s port. We want to change this to 8118 (which is Privoxy). Save and close.
Finishing Up
Login to the web interface of ClearOS, head to the Content Filter, and restart it. If all goes well, it should come back online – If not, change the proxy port back and start over.
Everything should be correctly setup now. You’ll be connecting to DansGuardian, which connects to Privoxy, and that will connect to Tor. This is rather a complicated solution, however DansGuardian is the layer that offers some blocking and stuff.
Execute Privoxy, Tor, and you’re set. Point your browser to IP-Of-ClearOS:8080 and hit up google.com to see if it works. Remember, you may want to run these programs with different rights/etc, so think clearly about what you’re doing.
Please post any conflicts. I understand I’m not the best tutorial’r.
Best of luck!
