![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48"><rect fill-opacity="0"/></svg>){kind=small}
Hi all!
I wanted to install a caching proxy based on Polipo, and at the same time set up transparent i2p and Tor proxying. Of all the services that are available in these anonymous networks (mail, torrents, etc.), I only use the web, so most likely you will not be able to use services that use a non-http protocol if you follow these instructions.
I have a home server on Debian that distributes the Internet. I used TinyProxy as a domain-based distributor, two polipo daemons - one for caching the Internet, the second for (to a greater extent) converting socks5 into an http proxy in order to register it in TinyProxy, and also caches Tor traffic separately; dnsmasq for resolving .i2p and .onion addresses (I had previously used it for both DNS and DHCP).
We will assume that I2P and Tor are already configured and working.
I2P (4444)
/
LAN port – TinyProxy (8888) – Polipo-WAN (8123)
\
Polipo-Tor (8124) - Tor (9050)
First, let's configure dnsmasq so that the browser can get some non-existent ip for .i2p and .onion domains
Excerpt from /etc/dnsmasq.conf:
Now let's configure TinyProxy. In this server, the upstream rules are executed according to the “last is first” principle, so if we put the upstream for the Internet after the upstreams for .i2p and .onion, nothing will work.
Excerpt from /etc/tinyproxy.conf:
Everything is simple here. We configure Polipo for WAN to suit our tastes, but in Polipo for Tor everything is the same, we just add lines:
Probably the most important part. It won't work without it. Execute the command:
Where _LANETH_ — local network interface, and 192.168.4.0/24 — your local subnet.
That's all! You can browse .i2p and .onion sites without additional browser settings from any device.
I wanted to install a caching proxy based on Polipo, and at the same time set up transparent i2p and Tor proxying. Of all the services that are available in these anonymous networks (mail, torrents, etc.), I only use the web, so most likely you will not be able to use services that use a non-http protocol if you follow these instructions.
I have a home server on Debian that distributes the Internet. I used TinyProxy as a domain-based distributor, two polipo daemons - one for caching the Internet, the second for (to a greater extent) converting socks5 into an http proxy in order to register it in TinyProxy, and also caches Tor traffic separately; dnsmasq for resolving .i2p and .onion addresses (I had previously used it for both DNS and DHCP).
We will assume that I2P and Tor are already configured and working.
I2P (4444)
/
LAN port – TinyProxy (8888) – Polipo-WAN (8123)
\
Polipo-Tor (8124) - Tor (9050)
Let's get started!
dnsmasq
First, let's configure dnsmasq so that the browser can get some non-existent ip for .i2p and .onion domains
Excerpt from /etc/dnsmasq.conf:
address=/.i2p/192.168.99.99
address=/.onion/192.168.99.99tinyproxy
Now let's configure TinyProxy. In this server, the upstream rules are executed according to the “last is first” principle, so if we put the upstream for the Internet after the upstreams for .i2p and .onion, nothing will work.
Excerpt from /etc/tinyproxy.conf:
upstream 127.0.0.1:8123
upstream 127.0.0.1:4444 ".i2p"
upstream 127.0.0.1:8124 ".onion"Polipo
Everything is simple here. We configure Polipo for WAN to suit our tastes, but in Polipo for Tor everything is the same, we just add lines:
socksParentProxy = "localhost:9050"
socksProxyType = socks5iptables
Probably the most important part. It won't work without it. Execute the command:
sudo iptables -t nat -I PREROUTING -i _LANETH_ -d ! 192.168.4.0/24 -p tcp --dport 80 -j REDIRECT --to-ports 8888Where _LANETH_ — local network interface, and 192.168.4.0/24 — your local subnet.
That's all! You can browse .i2p and .onion sites without additional browser settings from any device.
