Here’s a Binary Blogger How To post on how to create a proxy server on your mac. Either as a developer or as an alternative to a restrictive filtering system proxy servers can come in handy from time to time.
This will tell you how to setup the proxy server on your mac, how to test it, how to route your traffic from your home router to your mac and how to use it externally to your home,
A Mac with basic knowledge of installing apps, system preferences, network options and understanding of IP address and ports.
A second computer to test with.
The first step is to download and install SquidMan proxy server on your mac.
After you have installed the proxy server, run it. You will see a screen similar to the one below. Hit Start Squid and the window will show Squid is running when its ready to go.
Now you are ready to test it. Open the Mac System Preferences and then open the Network options.
In the Network options go to your primary network interface and hit advanced or configure (depending on your Mac OS). Go to Proxies and enter localhost with port 8080. This will force your Mac to run through Squid. Hit apply, then open Safari and browse the internet. If you are seeing the webpage you are good to go. If your page does not load then there is an issue. In the Squidman interface look at the logs to see if you are connecting. If not, repeat the above steps.
Now this is only the first part, the next part is to set it up for external connections in.
You will need to configure Squidman Access Control Lists to allow your external IP to route through the proxy. If you don’t then you will see an error. This is a built in fail safe to block the Internet from using your home internet connection.
First you need to go on the computer that you are going to connect in from and goto http://whatismyipaddress.com to see what your IP address is out on the Internet. Here comes the sensitive part.
In Squidman goto File > Preferences.
Select the Template.
In the Template add this to following section in bold
# Access Control lists
acl myclients src
and then add the bold line under this section
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
http_access allow myclients
This will configure Squid to know the inbound IP address and allow it.
Last step to do is in the PC you are connecting in with set the proxy setting in that browser to your Mac IP address and port 8080. Use http://whatismyipaddress.com if you don’t know what your ISP assigned external IP address is.
If you have a home wireless router, chances are you do, you will now need to tell the router how to route the inbound traffic to your mac. Login to your home router and there will be a Port Forwarding/Route Traffic option. What it’s called varies between vendors but they all do the same thing. What you will need to configure is to forward all inbound 8080 traffic to your internal Mac IP address which will be your inward facing IP not the external one.
Example inbound port 8080 route to 192.168.1.99 which is the IP your Mac was assigned.
I have set this up in my environment and it works perfectly. Its far simpler than it looks and is far easier to get going than a SOCKS proxy or SSH tunnels.
Any questions or help setting this up, leave comments.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.
