I am trying to use privoxy while connected to freedom box via openVPN. I don’t know how to add connection in network to have both firewall set as internal and external. If I modify a connection to external I can browse the web with the VPN, but cannot use privoxy and if I set the connection to internal I cannot browse the web while on the VPN. Steps to Reproduce
Login to FreedomBox.
Add a Network connection firewall to External
Configure Privoxy in browser and try loading a page
Page show The proxy server is refusing connections
I was expected to have both connection active
I cannot use VPN and privoxy at the same time
Thank you for the response!
I am using a work-around right now with a raspberry pi and pivpn. I would prefer to use only freedombox, but I don’t want to compromise the security of it. Is there a place where I can follow the progress of this issue so that I know when it’s deemed safe?
If your the interfaces in external zone are connected to a Internet directly (or if your router is forwarding all traffic via DMZ or specifically privoxy port) then this is risk. It will become an open proxy on the Internet that anyone could use to browse the Internet since privoxy does not have proxy authentication.
If want to help people with their anonymity online, run a Tor relay instead.
So if you have a freedombox with only 1 physical ethernet port that is marked as external and is connected with the router via DMZ would there be a way to use privoxy from inside the network ?
Or would you have to mark the physical ethernet port as internal and only forward the ports you need from the router ? (and not forward privoxy)
The pioneer freedombox comes with 1 physical ethernet port while the freedombox software seems to function from the perspective that you have one ethernet port for external traffic and one ethernet port for internal traffic.
Most apps in FreedomBox work well with a single interface. Privoxy and a few others being the exception. We have discussed with hardware manufacturer about how for some use cases having two Ethernet interfaces is ideal. They are constrained by various factors and recommended a separate USB Ethernet device. FreedomBox should work well with additional network interfaces connected via USB. Some hardware like the APU come with many Ethernet ports.
If I’m understanding correctly here are a few options for the pioneer freedombox with 1 ethernet interface:
running the ethernet interface as internal and only forward the ports you need from the router (and not forward privoxy). And use your firewall masquerade commands: Using Privoxy with openVPN Then you would be able to use privoxy+openvpn.
running the ethernet interface as external and DMZ. Ability to use openvpn but not be able to use privoxy. And not having to manually forward ports (thanks to the DMZ).