IP teleportation (or “I, P. Squiddy”)
Back in June, bbum mentioned a tantalizing computing technique I didn’t yet comprehend —
If you don’t trust the web proxy on your LAN (I wouldn’t in either a hotel or a corporate environment), turn on Apache’s caching proxy server or install squid, then use port forwarding to forward a port on your local machine to the proxy port on the remote proxy server. Then, point your browser (or OS) to use the local port as the proxy server. This allows for secure, non-monitor-able, transparent, surfing from any location.
![[Star Trek TOS transporter room image]](/mt/archives/photos/eo-transporter_227x163.jpg)
This intrigued me because I do a lot of surfing from work (for news, technical research) in the process of doing my work. I consider this warranted because I’m a full-time tech writer/web publisher, and I’m constantly keeping current and on the lookout for more efficient publishing and troubleshooting techniques. But I still don’t like leaving my employer’s domain strewn in server logs all over the ‘net.
Following Bill’s hint, I built/installed squid on my always-on NetBSD box at home — squid is in NetBSD’s pkgsrc — and for security, configured squid to allow access only from my home internal network.
Now from work I open a ssh tunnel to squid running on my home NetBSD box with
ssh -2 -C -L 3128:home_box_int_name:3128 -N home_box_ext_name
where home_box_ext_name is kept current courtesy DynDNS and home_box_int_name need only be known to home_box_ext_name.
Then I set my at-work web proxy to http://localhost:3128/ and start browsing.
Result: All my at-work surfing is now actually being initiated by squid from my home box, with the results cached there, then encrypted and compressed through the ssh tunnel to my machine at work.
That this is happening is easily verifiable by visiting WhatsmyIP.org before and after setting the at-work browser’s web proxy — before, what visited servers see is my at-work proxy’s IP; after, what they see is my home IP.
Of course — as usual for me — now that it’s working, what once was mysterious is now old hat, and I therefore feel as though not only have I always known how to do this but that everyone else does, too. I have to remind myself that as recently as June I had no clue, so I mention this proxying option (granted, without much specific detail) in case it’s useful news to anyone. :-)
Thanks, Bill.
Note: Privoxy is a lighter-weight alternative to squid that I haven’t looked into yet.
![[Creative Commons logo]](/images/ccLogo.gif){kind=small}