After setup the squid http proxy, I want to give socks 5 proxy a try as well.
Same as squid proxy, you will need to figure out an tcp port which is not blocked by your broadband ISP. If you need to access your proxy from other network (say company network), the tcp port should not blocked by the firewall from other network as well.
Socks proxy do not encrypt data. Your data is subject to be inspected by the administrator. If privacy is a concern, use SSH tunneling instead.
To install nylon:
- #ipkg install nylon –force-depends
This should installed both of the libevent and nylon packages.
- Edit the nylon.conf
# vi /opt/etc/nylon.conf
Binding-Interface=eth0 Connecting-Interface=eth0 Port=8080 Allow-IP=192.168.1.0/24,192.168.21.0/24
By default, socks will usually run at TCP port 1080. You can change the port to whatever you wish, for example, 8080.
Only allowed IP is permitted to connect to the nylon proxy, so assign the proxy client IP address(es) to the Allow-IP field. IP addresses were separated with a comma.
If you need to connect the socks proxy from remote network, and the remote network only have dynamic IP, same as srelay, IP filtering will not works in this case. You need to allow any host to connect to the proxy by assigning 0.0.0.0/0 to the Allow-IP field.
- To start nylon
# /opt/etc/init.d/S10nylon start
- Setup router, insert a port forwarding rule in order to allow incoming proxy connection, example for linksys WRT54G router
Input your own nylon port and IP address of the NAS. Protocol should be TCP or Both.
For firmware 2.2 user, a firewall rule is required for external access of the nylon server.
Network Services > Firewall > Click ‘Create’ button
Ports > Check ‘Custom’ radio button > Click ‘Custom’ button
To add a new custom port:
Ports: Type: Destination Port
Ports: 8080 (or your defined port)
Source IP: ALL (or any other permitted IP address)
Action : Access : Allow
- Configure your browser to use your NAS as socks proxy
For Internet Explorer (replace localhost to your NAS ip and your proxy port, if you connect from remote location, input dynamic domain name instead)
For Firefox (replace localhost to your NAS ip and your proxy port, if you connect from remote location, input dynamic domain name instead)