Linux for Network Engineers: Direct Traffic Through a Proxy (ProxyChains)

By September 18, 2019Linux

There are many reasons you might want to direct your traffic through a proxy. To name a few:

  • It’s the only way to get out of a restricted network
  • To avoid being tracked
  • To use DNS behind proxy

Most popular applications have native options to configure proxy server settings. Browsers like Firefox and Chrome (as well as Linux utilities like curl) can be easily configured to direct traffic through a specific proxy. This can cover the vast majority of everyday, “vanilla” uses.

ProxyChains

However, for more advanced “proxying,” such as using a chain of proxy servers, or forcing traffic for any applications to go through a proxy, you’d have to use a utility such as ProxyChains.You can either install it by downloading and compiling from source code, but I would recommend installing it as a Debian package with:

Proxy Servers

If you are using a proxy server in your enterprise environment then you can get the IP and port information from your IT administrator. 

If you are looking to direct your traffic through third party proxy servers you can just google “public proxy servers list” and you will get several pages of free servers that will satisfy your needs. In this post, I experimented with servers from this list. Keep in mind that some of the servers you find online for free might not work as expected, and will require experimentation with a few different ones before you will iron everything out. For what it’s worth, I found that the servers out of Russia are some of the most reliable ones…

ProxyChains Configuration

Once installed you will need to edit the file /etc/proxychains.conf to set up your proxy access configuration. The main options you’ll have to mess with are the following:

Type of chain:

  • dynamic_chain: it tries to use all provided proxies in the given order, but it dynamically excludes proxies that are offline
  • strict_chain: it tries to use all provided proxies in the given order, even though they might appear offline
  • random_chain: it randomizes the number and order of proxies from the given list
  • chan_len: number of proxies to be used in a chain

ProxyList:

  • List of proxies together with their port number and type (socks4, socks5, http)

Example

For my configuration, I left most options untouched, only editing the “[ProxyList]” section at the bottom of /etc/proxychains.conf as follows:

I commented out the preconfigured line “socks4 127.0.0.1 9050” and added “socks4 62.182.206.19 31618” server found in this list

Then I ran a curl to google.com using proxychains as follows:

ProxyChains gives logs to list which proxies are being used to get to the destination of “google.com.” As you can see, it starts with a DNS query to 4.2.2.2 that goes through the proxy 62.182.206.19:31618, and then it does the actual fetch to 216.58.206.174:80. If you configure multiple servers (depending on the type of chaining you chose), you might see the fetch going through multiple servers.

When you use ProxyChains to cover your identity and browsing information, keep in mind that your information is subject to the proxy’s country-specific laws and restrictions. Hopefully, you will never have to worry about that though…