1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can you force traffic for a specific website through a proxy?

Discussion in 'Tomato Firmware' started by little brittle, May 19, 2011.

  1. little brittle

    little brittle Networkin' Nut Member

    I want to access a couple specific websites through a proxy, and I need to do it on my Tomato router. Take these two sites for example:

    https://*.google.com/*
    https://*.facebook.com/*

    I would like to access them through an anonymous proxy automatically:
    123.12.123.34:3128

    Unfortunately, I would need to update the proxy ip address on occasion. What would I need to do to get this running on Tomato? I'm reasonably tech-savvy, but I have no idea what's required to get this working.
     
  2. Jeroen

    Jeroen Networkin' Nut Member

  3. RonWessels

    RonWessels Network Guru Member

    You need to do this on your router?!!

    Given you are trying to intercept the SSL connection and re-direct it, you are attempting to perform the equivalent of a classic man-in-the-middle attack on the HTTPS protocol. That protocol has been specifically designed to be resistant to that sort of attack.

    Bottom line: can't be done.
     
  4. little brittle

    little brittle Networkin' Nut Member

    Yes, I would like to do it on the router. I have some devices like phones and set top boxes that are connected to my network that don't have proxy settings. I was hoping I could send all traffic through a proxy configured on the router but I guess not. I can do this with a browser plugin, I didn't realize it was so hard to do on the router.
     
  5. Azuse

    Azuse LI Guru Member

    You can redirect certain requests via dnsmasq but https, not just because it's ssl but because tomato is also designed to to be reasonably secure.

    Have you thought about approaching this differently i.e. treating your proxy as a vpn? Having the router act as the end point but redirecting specific pages from specific macs (or ips) to the vpn then adding keywords for those pages in the dns masq for those macs (ips)?
     
  6. little brittle

    little brittle Networkin' Nut Member

    cespare press

    Treating the proxy as a vpn is probably the way to go. I don't see any built-in vpn functionality, should I grab a fork of Tomato, or is there a way to do it with the stock firmware?
     
  7. wilsonhlacerda

    wilsonhlacerda Networkin' Nut Member

    Yes, you can!
     
  8. Azuse

    Azuse LI Guru Member

    Iirc most people, how to put it, "dislike" the Chinese mod because the author took tomato source code, modded it, encrypted it (i.e. it's not open source) and took credit for it. Didn't even acknowledge the people who coded tomato which, aside from not being in the open source spirit, is just plain rude.

    Moot point sadly, because it's not open it can't be converted.

    Edit: thanks for linking the vpn config :)
     

Share This Page