Linux – How to force all Linux apps to use SOCKS proxy

linuxnetworkingPROXY

Using Linux, I need a way to route all network traffic of interface enp2s0 through SOCKS4 192.168.1.2:1080 (or any SOCKS proxy for that matter)
– something like Proxifier in Windows.
The proxy works fine when manually set in Chrome or Firefox.

OS:
Linux Mint 19.1

Things I tried:

I set the proxy manually in network settings,
but it's just like I didn't set it;
Chrome still connects directly. Here's a screenshot:
Proxychains is working great,
but I have to manually launch each app individually from the terminal.

I don't know how to use redsocks or iptables (yet).

I hope there's a GUI like Proxifier for Linux,
but a terminal (CLI)-based solution is okay.

Best Answer

for the impatient just do the following; assuming that the proxy is example.com:7777 and it's socks5 (change it with your own later)

first install redsocks sudo apt-get install redsocks

, make an empty file anywhere and name it redsocks.conf (or whatever), I'll assume it's here /etc/redsocks.conf (change it with your own).

edit the file you created (redsocks.conf) as follows

base {
 log_debug = on;
 log_info = on;
 log = "stderr";
 daemon = off;
 redirector = iptables;
}

redsocks {
    local_ip = 127.0.0.1;
    local_port = 12345;

    ip = example.com;
    port = 7777;
    type = socks5;
      // known types: socks4, socks5, http-connect, http-relay

    // login = username;
    // password = password;
        }

change example.com 7777 with your proxy, (note that you can use any local_port other than 12345,it's the local port that we will set an iptable rule to redirect the traffic to, so if you use another, make sure to use it in later steps below)

-- now run redsocks with the config file destination as follows

sudo redsocks -c /etc/redsocks.conf

change with the destination of your redsocks.conf (if you get "bind: Address already in use" try killall redsocks) you can also check if redsocks is bound to local port 12345 with netstat -tulpn

-- now that redsocks is running and ready, let's change the iptables rules to use redsocks. this should be customized to your needs, but if you like to redirect all HTTP and HTTPS packets through the proxy. Define the following rules.

sudo iptables -t nat -N REDSOCKS

sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN

sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345

sudo iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDSOCKS
sudo iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDSOCKS

sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDSOCKS
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDSOCKS

now your http and https traffic should be redirected through example.com:7777

if you want your iptables reset use:

iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X

additional tip: if you have vpn on your iphone or android, you can use it for free in your pc whatever the OS is. just connect the phone vpn app, and establish a socks proxy server ( in android you can use 'servers ultimate' app) then use the proxy in your pc as above, now all your pc traffic is routed through your phone vpn. neat.

Related Solutions

Linux Mint Network Proxy Preferences doesn’t affect command line apps

Simply edit your /etc/profile file with ie, nano:

sudo nano /etc/profile

and at the end of the file add

http_proxy="http://user:password@foo_server:port"
https_proxy="http://user:password@foo_server:port"
ftp_proxy="http://user:password@foo_server:port"
export http_proxy ftp_proxy https_proxy

where foo_server is your proxy server, and port is the port you need to connect to your proxy server.

To check if the new settings are in use simple use type source /etc/profile and you can then check that the server is in use with (install curl if you don't have it yet)

curl icanhazip.com

that should return your proxy server's address.

Software like git, ssh, telnet, will tend to ignore those settings and use their own, I know that there are several utilities for ssh that allow you to do that. There wont be a unique, works for all way of doing it.

Maybe separate questions, regarding each service you want to use is a better option than asking for a global way of making it work, the short answer here would be: there is no global way.

Linux – How to set up a hotspot with socks5 proxy

I have a similar set up. wlan0 is connected to the internet (through my router) while wlan1 acts as a hotspot (Access Point) for my Android phone. wlan1 is set up with ipv4 address 10.0.0.1/24 that is my phone gets ip address in the 10.0.0.x range.

The iptables rule I use to pass all traffic from my phone through redsocks is:

sudo iptables -t nat -A PREROUTING -s 10.0.0.0/24 -p tcp -j REDIRECT --to-ports 12345

As far as I understand it this rule basically takes all tcp traffic from any source device with address 10.0.0.0/24 and redirects it to the 12345 port which passes it through redsocks.

Best Answer

Related Solutions

Linux Mint Network Proxy Preferences doesn’t affect command line apps

Linux – How to set up a hotspot with socks5 proxy

Related Question