search

avpnusr / torprivoxy

Tor and Privoxy in docker container
26 stars 6 forks source link

Questions about this Proxy #49

Closed dandud100 closed 6 months ago

dandud100 commented 8 months ago

So if i am understand this right, it will give us the ability to proxy using the tor network with privoxy over http, right?

First question: Why not https?

Second question: Will it use a new identity / new ip for every api request to the same linux-iso indexer requested from radarr for example?

Third question: Does it include an kill-switch?

Fourth question: Will it prevent things such as DNS-Leaks and does it block ipv6? (Not sure if ipv6 is usable over tor.)

Fifth question: How can i verify if this proxy is working successfully? Like is there any test i can do from any other docker containers shell?

Thank you! :)

avpnusr commented 6 months ago

Hey @dandud100 sorry for the late answer, but I was quite busy the last few weeks / months.

I try to answer your questions as good as I can :)

  1. The Connection to the proxy itself is afaik never https, as the client uses the CONNECT method to access a webpage through the proxy, which itself opens (if the site offers https) a SSL/TLS encrypted TCP connection. The proxy just receives and transmits the packets and doesn't even care, that it knows nothing about the contents of the packets - so in my opinion the connection is as secure, as directly connecting to a https website

  2. At the moment, it will not create a new identity for every api-request, as I set on the standard behaviour of switching identities every 10 minutes (estimated time). The less special the TOR-daemon runs, the more unidentifiable in my eyes ;) Perhaps you find a way, and will share it as an optional setting with me.

  3. Nope, no kill-switch at the moment, but the container will put itself into an unhealthy state, if no connection to the tor-network is established and the proxy-itself won't work, if the tor-service is not connected, as the SOCKS-Connection to the TOR-service is dead.

  4. It will not prevent those things by itself. You have to configure your client and browser properly to prevent such leakage

  5. You can verify, if the proxy is working by using it. If you can successfully retrieve a webpage, the proxy works. If you want to test TOR itself, just try to open an .onion webpage, as the container does for it's healthcheck. It tries to get the .onion page for duckduckgo.com "https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion". If that works, the TOR-service works perfectly. You can test this even from another container with i.e. "curl" using the proxy-server to retrieve the page. For an example, see how I do it in the healthcheck in the Dockerfile

I hope this helps you somehow