Security tools with ddwrt and optware – Part III.

Posted on November 6, 2011



I am too tired to write about privoxy so I just copy the description from

“Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.”

It is now natively supported and through the gui you can manage it, but the cli – as always – gives you much more freedom.

What runs by default if the service is enabled:

root@mygw:~# ps | grep priv
30433 root 1436 S /usr/sbin/privoxy /tmp/privoxy.conf
31155 root 1296 S grep priv

What is the default configuration (Transparent proxy was disabled):

root@mygw:~# cat /tmp/privoxy.conf
confdir /etc/privoxy
logdir /var/log/privoxy
actionsfile match-all.action
actionsfile default.action
actionsfile user.action
filterfile default.filter
logfile logfile
toggle 1
enable-remote-toggle 0
enable-remote-http-toggle 0
enable-edit-actions 0
buffer-limit 4096
accept-intercepted-requests 0
split-large-forms 0
keep-alive-timeout 5
socket-timeout 300
max-client-connections 64
handle-as-empty-doc-returns-ok 1

The files that contain the rules

root@mygw:~# ls -lat /etc/privoxy
drwxr-xr-x 9 root root 533 Sep 17 13:43 ..
drwxr-xr-x 3 root root 111 Sep 17 13:43 .
-rwxr-xr-x 1 root root 78143 Sep 17 13:43 default.action
-rwxr-xr-x 1 root root 39311 Sep 17 13:43 default.filter
-rwxr-xr-x 1 root root 627 Sep 17 13:43 match-all.action
drwxr-xr-x 2 root root 802 Sep 17 13:43 templates
-rwxr-xr-x 1 root root 3761 Sep 17 13:43 trust
-rwxr-xr-x 1 root root 6736 Sep 17 13:43 user.action


It is an interestring idea, the ddwrt router forwards with iptables the tcp 80 traffic to an internal squid proxy transparently:
A ddwrt router forwardol minden tcp 80 portot egy lan proxyra (egy ubuntura amin squid fut).

Update follows if I have time again.. :-)

Tagged: ,
Posted in: ddwrt, Linux, Security