iSnick Multi.

(1-3) Prepare Your Environment – Privoxy

Since ClearOS repositories do not contain any traces of Privoxy you’ll need to manually build it yourself. Head over to the Privoxy website, towards the downloads. You’ll need to “View All Files” and scroll down to the “Sources” directory. There you should see a tar.gz, click on it – Make sure it is “stable” (Link: http://sourceforge.net/projects/ijbswa/files/)

Copy the direct link and put it into the shell – I’m going to assume you’re in /home/admin. Example ..

wget http://downloads.sourceforge.net/project/ijbswa/Sources/3.0.16%20%28stable%29/privoxy-3.0.16-stable-src.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fijbswa%2Ffiles%2F&ts=1289336405&use_mirror=cdnetworks-us-1

Something like this..

So now that we’ve did that. Let’s run some other useful tasks.

Before compiling or installing Privoxy, you need to set a specific user/group for it. Mostly because you don’t want this tool running under super cow powers.

Do this:

useradd privoxy

Then:

passwd privoxy

Think of something good

Now, run make. It’ll then give you some tips on doing some other commands first – Whatever that is about. Either way, just press the y key and you’ll be set. Hopefully no errors occur. If so, just post them and I’ll see what I can dig up.

So… if everything does go OK. Issue make install – This will then install Privoxy to its suitable environment.

Side Note: Since there is 2 proxies by default installed on ClearOS (Squid, and Dans Guardian), you would naturally think you could direct Squid to Tor. This is not the case. ClearOS has the Squid configuration in a specific way, in-which I really didn’t not feel like editing. So I came up with this solution instead. If you have instead wanted to use Squid and came up with a suitable edit, feel free to pass it along.


Time to edit the configuration! Head over to /usr/local/etc/privoxy/ to edit the config. Like so:

cd /usr/local/etc/privoxy/

nano config

Go all the way to the end of the file and add:

forward-socks4a / IP:9050 .

Do not forget the end dot (.). Replace IP with the IP of the machine (the loopback IP. E.g. 127.0.0.1 or LAN, 192.168.1.2).

Save/Close that file.

(2-3) Tor

Now it’s time to cook some onions. Go to the Tor Project website to grab a binary or source of tor (http://www.torproject.org/download/download-unix.html.en). I recommend grabbing the source tarball.

Copy the link of the source tarball, at this time it’ll be 0.2.1.26. Make sure you’re still in /home/admin or something suitable. (I have an admin account setup for pseudo reasons if you hadn’t noticed.)

wget http://www.torproject.org/dist/tor-0.2.1.26.tar.gz

tar xvf tor-0.2.1.26.tar.gz

cd tor-0.2.1.26

./configure

make

OR

make install

If you only issue make you can execute directly in src/or/tor after compiling. Or you can issue make install and it’ll install it. Remember the account you’re installing / running under – You may not want tor running under a root account.

Small configuring with Tor

Now that Tor is installed, and hopefully working, it’s time to change a few things. Even though tor will be used by the entire network (HTTP) via a single machine, maybe some people will want to go directly to Tor, rather than around tor to use tor.

Open up /usr/local/etc/tor/torrc and find (if torrc does not exist, do: mv torrc.sample torrc):

## Replace this with “SocksPort 0″ if you plan to run Tor only as a

## relay, and not make any local application connections yourself.

SocksPort 9050 # what port to open for local application connections

SocksListenAddress 127.0.0.1 # accept connections only from localhost

“IP” should be the LAN IP of the machine, such as 192.168.1.2. You can set the port to whatever you prefer (as long as it’s not in use by something else).

Generally some people will want to run Tor in the background, so if you want to do this find #RunAsDaemon 1 and remove the #. But if you don’t think anyone is going to run Privoxy / Polipo or some other translator on their owncomputer to connect to Tor then don’t worry about adding an extra listening address.

Once you’re all finished with that, save and close.

(3-3) DansGuardian

Yay – We’ve made it this far!

Let’s start editing DG now. Open up /etc/dansguardian-av/dansguardian.conf and find:

# the port DansGuardian connects to proxy on

proxyport = 3128

Execute Privoxy, Tor, and you’re set. Point your browser to IP-Of-ClearOS:8080 and hit up google.com to see if it works. Remember, you may want to run these programs with different rights/etc, so think clearly about what you’re doing.