====== Web Browser Proxy via AstLinux ====== There may be special situations where you would like to virtually make your web browser appear "inside" a remote AstLinux box to access the web interface of a network device. In the old days command line browsers like 'lynx' and 'links' could get a basic task accomplished, but today a modern browser is needed to manage an IP Phone or network switch that is hidden behind the remote AstLinux firewall. In theory AstLinux VPNs can be configured to access such "hidden" remote web interfaces, but often it is not worth the trouble, or for security or access reasons, some devices may not be directly reachable via the VPN. Assuming you have SSH access to the remote AstLinux box itself, either directly or via a VPN, you can very easily enable a local SOCKS Proxy on your web browser machine and use SSH to tunnel the proxy to your remote AstLinux box. The following example is demonstrated by using Firefox on Mac OS X, but should work with about any modern web browser and an Operating System which supports SSH such as OS X, Linux, ChromeOS (in developer mode), etc. . ===== Establish local SOCKS Proxy ===== Modern SSH clients have built-in support for establishing a local SOCKS server which then can be tunneled to a remote SSH server. The option syntax is: **-D Local_Port** where SSH's SOCKS server listens on port "Local_Port". In our example we use port 5000, but any port larger than 1024 that is not already in use should be fine. To establish a local SOCKS Proxy... Go to Terminal: ssh -D5000 root@pbx login as normal to the remote AstLinux box "pbx", leave this session open, make sure you don't see any "bind: Address already in use" after the ssh login message. Then go to Firefox: Preferences -> Advanced -> Network -> Connection: "Configure how Firefox connects to the Internet" { Settings... } {{:userdoc:web-browser-proxy-firefox.jpg?nolink|Firefox Proxy}} Select "Manual ...", and add the "SOCKS Host:" entry for "localhost" and port "5000". Check "Remote DNS" if you also want DNS proxied. Click "OK" Open a new Firefox window, and enter "192.168.101.1" or some unique address as seen by "pbx". You should be able to access any web enabled device that "pbx" can see. If you have problems, look at your Terminal window for error messages. !!Note ->!! Make sure that you don't have any conflicting "Proxy add-on extensions" active in Firefox, that could interfere with the standard proxy configuration! ===== Disconnect local SOCKS Proxy ===== When finished, to disconnect the local SOCKS Proxy, reverse the process... Go to Firefox: Preferences -> Advanced -> Network -> Connection: "Configure how Firefox connects to the Internet" { Settings... } Select "No proxy" and Click "OK" Go to Terminal: Type "exit", it should exit immediately, but if there are SOCKS sessions still active it may take a minute but will eventually exit by itself. \\ !!Tip ->!! In order to simplify enabling and disabling the web browser proxy settings, most browsers have add-on extensions that allow quickly changing the proxy settings from the browser window without digging into Preferences each time (e.g. "Toggle Proxy" for Firefox) Now for Firefox + Chrome "MM3-ProxySwitch" https://proxy-offline-browser.com/ProxySwitch/