Skip to content

I hear it every day

17th January 2008

It bothers me that my Tor usage is less than I'd like because it is just so fiddly.

When it comes to privacy I want to keep things simple, I want to use tor, but I dont want to use it for things that aren't sane.

In practise that means I want to use tor for a small amount of browsing:

  • When the host is a.com, b.com, & c.com
  • When the traffic is not over SSL.

To do that I have to install privoxy, and use that with a configuration file like this:

# don't forward by default.
forward-socks4   /    .
# don't forward by default, even more so for HTTPS
forward-socks4   :443 .

# but we do want tor on these three sites:
forward-socks4   a.com/       127.0.0.1:9050 .
forward-socks4   b.com/       127.0.0.1:9050 .
forward-socks4   c.com/       127.0.0.1:9050 .

I'm using absolutely nothing else in my Privoxy configuration, so it seems like overkill.

I'd love to hear about a simple rule-based proxy-chaining tool - if there is one out there then I'd love to know about it lazyweb.

If not it shouldn't be too hard to write one with the Net::Proxy & Net::Socks module(s).

<global>
  listen 1234
  no-proxy
</global>

<sites>  
  hostname one.com
  port != 443
  proxy socks localhost 8050
</sites>

<sites>  
  hostname two.com
  port != 443
  proxy socks localhost 8050
</sites>

<sites>
  hostname foo.com
  port = 80
  proxy localhost 8000
</sites>
Tags: privoxy, todo, tor. | 7 comments.

Comments On This Entry

  1. [gravitar] Erik Johansson Submitted at 10:42:17 on 17 January 2008
    You can use javascript to configure proxy settings in a browser. I never finnished this so I don't know if it works properly, but I think you can find out..
    http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

    function FindProxyForURL(url, host){ var proxy= new Array(); proxy["a.example.com"]="PROXY localhost:990"; proxy["b.example.com"]="SOCKS localhost:991"; proxy["c.example.com"]="DIRECT"; connection_method=proxy[host]; if(connection_method == null) { return("DIRECT"); }else{ return(connection_method); } }
  2. [gravitar] James Submitted at 16:27:20 on 17 January 2008
    Create yourself a proxy autoconfig file? It uses javascript to match on URLs so should meet your needs.
  3. [gravitar] Alex Submitted at 18:23:08 on 17 January 2008
    All of the previous comments assume Mozilla Firefox, it'd be nice to see a solution that's browser independent and could also work with stuff like 'wget' :)
  4. [gravitar] Vladimir Penov Submitted at 19:25:00 on 17 January 2008
    If you want it only for browsing using Firefox - FoxyProxy works great. https://addons.mozilla.org/en-US/firefox/addon/2464
  5. [gravitar] Anonymous Submitted at 01:43:06 on 18 January 2008
    Why would you not want SSL traffic going over Tor? That seems like exactly the kind of traffic you should route over Tor.
  6. [gravitar] Sam Submitted at 10:42:52 on 20 January 2008
    Sorry, my English is bad. I think this solution breaks privacy! For example: HTML-page http://one.com/index.html contains links to another hosts (counters, ADs, images, js, css, php, etc.) Your traffic to these hosts going NOT over Tor! Somebody analyses logs of these hosts and ascertains your IP and more.
  7. [gravitar] Erik Johansson Submitted at 11:57:50 on 20 January 2008
    Alex, AFAIK there is no way to handle wget, curl or apt privoxy is the only way then because you can just set http_proxy enviroment.