Set Global HTTP/HTTPS Proxy/Proxies on Xubuntu Using IPTables and RedSocks

I work at a company where we still have an authenticated HTTP proxy in place. It’s very boring having to config every new program I install which doesn’t support the http_proxy, https_proxy environment variables by hand.

I was playing with my Android phone and there’s an application called ProxyDroid, which I use, that proxifies all installed apps transparently. I decided to replicate this on my Xubuntu platform, but it should work on every Ubuntu/Debian variant.

First, we need to install the required packages:

Now we will configure redsocks, which redirects connections to a set of defined proxies. I have only an HTTP/HTTPS proxy at work, so I edited the ‘/etc/redsocks.conf’ file with this info:

Do a ‘sudo service redsocks restart’ to reload the config file.
Now, we must configure the iptables rules to use our redsocks server.

First we added a new chain called ‘REDSOCKS’ to the ‘nat’ table.
Next we used “-j RETURN” rules for the networks we don’t want to use a proxy.
We then told iptables to redirect all port 80 connections to the http-relay redsocks port and all other connections to the http-connect redsocks port.
Finally we tell iptables to use the ‘REDSOCKS’ chain for all outgoing connection in the network interface ‘eth0’.

This configuration is not persistent between boots. To do that we just use:

And there you have it, your own ProxyDroid (albeit a little more silent :D). Don’t forget to disable your proxy configurations afterwards to “use no proxy” and delete your proxy environment variables.

3 thoughts on “Set Global HTTP/HTTPS Proxy/Proxies on Xubuntu Using IPTables and RedSocks”

  1. Hello, does this function as a tunnel? I can’t get the programs connected through the proxy, what can be happening?

Leave a Reply

Your email address will not be published. Required fields are marked *