search

foxyproxy / browser-extension

Version 8 and above. Browser extension source code for Firefox, Chrome, and other Chromium-based browsers
GNU General Public License v2.0
227 stars 33 forks source link

Localhost Inaccessible When Using FoxyProxy (SOCKS5) #140

Closed muellert closed 2 months ago

muellert commented 3 months ago

local-patterns.json I have configured a SOCKS5 proxy which I used to run on a high port on localhost, but I also routinely run a local webserver for convenient access to some documentation. As soon as I enable the proxy, I can't access the local web server anymore:

Firefox can’t establish a connection to the server at localhost.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer’s network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.

I've fiddled with the proxy rules to add exclusions for the local address(es), and I've tried to run the proxy on a bridge interface, not the main interface, but still no luck. Tcpdump doesn't show any packet bypassing the proxy.

I'm running FoxyProxy 8.9 on a Firefox 115.7.0esr on Linux.

I've tried to attach the current patterns which pertain to local addresses. If it continues to not work, I'll insert them in a separate posting.

muellert commented 3 months ago

local-patterns.json

erosman commented 3 months ago

Are you trying to exclude some local addresses so that they wont be proxied?

From your local-patterns.json it appears that you are passing everything through a single proxy, except a, b, c,...

If that is the case, the most efficient way would be:

ericjung commented 3 months ago
  1. are you sure you are selecting "proxy by patterns" when enabling FoxyProxy?
  2. On what IP address:port is the local webserver listening?
muellert commented 3 months ago
  1. are you sure you are selecting "proxy by patterns" when enabling FoxyProxy?

No, I am just enabling one of several proxies, with the proxy then having its own set of rules. If I don't use any proxy, I select "Disable".

2. On what IP address:port is the local webserver listening?

The local webserver is running on several addresses and port, eg. on 80, 81, and 9001. But I may have other things running while working, eg. on ports 3000, 5000, 8000, 8080 etc.

The SOCKS proxy is running on a high port, so I ssh into something with a tunnel specification, where the local endpoint is the on the address:port specified for the SOCKS proxy, and the traffic will come out at the other end, where I ssh'ed to.

ericjung commented 2 months ago
  1. are you sure you are selecting "proxy by patterns" when enabling FoxyProxy?

No, I am just enabling one of several proxies, with the proxy then having its own set of rules. If I don't use any proxy, I select "Disable".

Then patterns are ignored.

muellert commented 2 months ago

I don't understand your "solution". When I activate the proxy, even though I have an exclude pattern for localhost, localhost is still "proxied" and thus inaccessible. When I disable the proxy, I can access localhost, but not the sites which I need a proxy for. I never use "Proxy by Patterns", just "Disable" or one of the proxies I have configured. I would like localhost to work even when I have activated a proxy, whenever I have an exclude pattern for localhost. I've tried wildcards and regexes, to no avail.

erosman commented 2 months ago

When I activate the proxy, even though I have an exclude pattern for localhost, localhost is still "proxied" and thus inaccessible.

Where do you have "exclude pattern for localhost"? If it is under the include/exclude of an individual proxy, it will only be applied when "Proxy by Patterns" is selected.

[!IMPORTANT] Include/exclude patterns are only used for the "Proxy by Patterns" option.

If you want to globally exclude localhost, them you can use Global Exclude which is applied to all proxies.

muellert commented 2 months ago

That sounds very weird. Why have patterns in a per-proxy definition in the first place, if they are ignored when activating that proxy?

proxy-definition_edited

If I activate this proxy, I expect these patterns to come into effect. But your comment suggests that this is not so?

erosman commented 2 months ago

That sounds very weird. Why have patterns in a per-proxy definition in the first place, if they are ignored when activating that proxy?

Proxying options are:

In other words, proxying options are:

Patterns are only applicable in the "Proxy by Patterns" options since that option was specially made for this purpose. In "Proxy by Patterns" users set various patterns for each proxy, and then proxy is applied based on those patterns.

Individual Proxy options is for passing everything through a single proxy and switch between them when needed. It is similar to setting a proxy directly in the browser.

Method mentioned in https://github.com/foxyproxy/browser-extension/issues/140#issuecomment-2184062324, is more efficient for the way you have set your proxies.

muellert commented 2 months ago

Thank you, got it now. But the not so great aspect of this is that I have proxies with overlapping, but partially conflicting, rules and patterns to access various development systems, besides other proxies to work around censorship. Therefore, I have trouble imagining how I could possibly use Proxy-by-Pattern, as it seems to imply that it would take all patterns from all proxy definitions and somehow try to use them together - which can't work in my scenario.

erosman commented 2 months ago

Therefore, I have trouble imagining how I could possibly use Proxy-by-Pattern, as it seems to imply that it would take all patterns from all proxy definitions and somehow try to use them together - which can't work in my scenario.

In that case, you would need to specify the "include" for those targets (instead of using a catch-all pattern).

muellert commented 2 months ago

Sorry, that doesn't really work. But one thing I don't understand: Why can I specify rules per proxy, if they're all being ignored unless I use Proxy-by-Pattern, instead of just having one global pattern list in the first place?

erosman commented 2 months ago

But one thing I don't understand: Why can I specify rules per proxy, if they're all being ignored unless I use Proxy-by-Pattern, instead of just having one global pattern list in the first place?

The most popular advanced pattern use is something like this:

Proxying Option: Proxy by Patterns

Visiting Sites:

Site Proxying
https://www.bbc.com/news via proxy 1
https://www.bbc.com/live/... direct (no proxy)
https://www.netflix.com/ via proxy 2
https://dictionary.cambridge.org/us/dictionary/ via proxy 3
https://example.com/ direct (no proxy)

"Proxy by Patterns" enables users to chose if a site would be proxied or not, and if proxied, which proxy to use for that particular site.