3proxy: Difference between revisions

From NixOS Wiki
imported>Holly-hacker
m Fix typo
m Minor formatting pass, add internal link to NixOS.
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
== What is 3proxy ==
<strong>3proxy</strong> is universal proxy server. It can be used to provide internal users with fully controllable access to external resources or to provide external users with access to internal resources. 3proxy is not developed to replace squid, but it can extend functionality of existing cashing proxy. It can be used to route requests between different types of clients and proxy servers. Think about it as application level gateway with configuration like hardware router has for network layer. It can establish multiple gateways with HTTP and HTTPS proxy with FTP over HTTP support, SOCKS v4, v4.5 and v5, POP3 proxy, UDP and TCP portmappers.
 
3proxy is universal proxy server. It can be used to provide internal users with fully controllable access to external resources or to provide external users with access to internal resources. 3proxy is not developed to replace squid, but it can extend functionality of existing cashing proxy. It can be used to route requests between different types of clients and proxy servers. Think about it as application level gateway with configuration like hardware router has for network layer. It can establish multiple gateways with HTTP and HTTPS proxy with FTP over HTTP support, SOCKS v4, v4.5 and v5, POP3 proxy, UDP and TCP portmappers.


== Sample configuration ==
== Sample configuration ==


Just add the following to your <code>configuration.nix</code> file:
Just add the following to your [[Overview_of_the_NixOS_Linux_distribution#Declarative_Configuration|NixOS configuration]]:
<syntaxhighlight lang="nix">
{{file|configuration.nix|nix|
<nowiki>
{
   services._3proxy = {
   services._3proxy = {
     enable = true;
     enable = true;
Line 29: Line 29:
     '';
     '';
   };
   };
</syntaxhighlight>
}
</nowiki>
}}
{{Evaluate}}


This sample configuration runs a single instance as socks proxy with user/password auth. The password can be clear text, as indicated by the <code>CL</code> for user <code>test1</code> or it can be encrypted as indicated by the <code>CR</code> for user <code>test2</code>. You can generate md5-crypted passwords via https://unix4lyfe.org/crypt/
This sample configuration runs a single instance as socks proxy with user/password auth. The password can be clear text, as indicated by the <code>CL</code> for user <code>test1</code> or it can be encrypted as indicated by the <code>CR</code> for user <code>test2</code>. You can generate md5-crypted passwords via https://unix4lyfe.org/crypt/


'''Note''': The htpasswd tool generates incompatible md5-crypted passwords (see https://github.com/z3APA3A/3proxy/wiki/How-To-(incomplete)#USERS )
'''Note''': The <code>htpasswd</code> tool generates incompatible md5-crypted passwords (see https://github.com/z3APA3A/3proxy/wiki/How-To-(incomplete)#USERS )


== Firewall ==
== Firewall ==
Line 41: Line 44:
== Firefox ==
== Firefox ==


To use in Firefox, you can install the FoxyProxy addon and create a new proxy. Give it a name, use <code>SOCKS5</code> and provide the proxy's ip address or domain name. If not set otherwise, use port <code>3128</code> and provider username and password.
To use in Firefox, you can install the FoxyProxy addon and create a new proxy. Give it a name, use <code>SOCKS5</code> and provide the proxy's IP address or domain name. If not set otherwise, use port <code>3128</code> and provider username and password.


[[Category: Applications]]
[[Category: Applications]]
[[Category: Server]]
[[Category: Networking]]

Latest revision as of 20:25, 30 October 2024

3proxy is universal proxy server. It can be used to provide internal users with fully controllable access to external resources or to provide external users with access to internal resources. 3proxy is not developed to replace squid, but it can extend functionality of existing cashing proxy. It can be used to route requests between different types of clients and proxy servers. Think about it as application level gateway with configuration like hardware router has for network layer. It can establish multiple gateways with HTTP and HTTPS proxy with FTP over HTTP support, SOCKS v4, v4.5 and v5, POP3 proxy, UDP and TCP portmappers.

Sample configuration

Just add the following to your NixOS configuration:

configuration.nix
{
  services._3proxy = {
    enable = true;
    services = [
      {
        type = "socks";
          auth = [ "strong" ];
          acl = [ {
            rule = "allow";
            users = [ "test1" ];
          }
        ];
      }
    ];
    usersFile = "/etc/3proxy.passwd";
  };

  environment.etc = {
    "3proxy.passwd".text = ''
      test1:CL:password1
      test2:CR:$1$rkpibm5J$Aq1.9VtYAn0JrqZ8M.1ME.
    '';
  };
}

This sample configuration runs a single instance as socks proxy with user/password auth. The password can be clear text, as indicated by the CL for user test1 or it can be encrypted as indicated by the CR for user test2. You can generate md5-crypted passwords via https://unix4lyfe.org/crypt/

Note: The htpasswd tool generates incompatible md5-crypted passwords (see https://github.com/z3APA3A/3proxy/wiki/How-To-(incomplete)#USERS )

Firewall

If not set otherwise, open port 3128 on the firewall.

Firefox

To use in Firefox, you can install the FoxyProxy addon and create a new proxy. Give it a name, use SOCKS5 and provide the proxy's IP address or domain name. If not set otherwise, use port 3128 and provider username and password.