Upside Down Ternet

This article explains how to create a transparent Squid proxy server using imagemagick's mogrify to flip the images upside down.

Installation

Install the squid, apache, wget and imagemagick packages.

Configuration

Create flip.pl, place it in your /usr/local/bin folder and make it executable: 

/usr/local/bin/flip.pl
#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
       @splitted=split(/ /,$_);
       chomp $_;
       if ($_ =~ /(.*\.jpg)/i) {
               $url = $1;
               system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.jpg", "$url");
               system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.jpg");
               print "http://127.0.0.1/images/$pid-$count.jpg\n";
       }
       elsif ($_ =~ /(.*\.gif)/i) {
               $url = $1;
               system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.gif", "$url");
               system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.gif");
               print "http://127.0.0.1/images/$pid-$count.gif\n";
       }
       elsif ($_ =~ /(.*\.png)/i) {
               $url = $1;
               system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.png", "$url");
               system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.png");
               print "http://127.0.0.1/images/$pid-$count.png\n";
       }
       else {
               print "$splitted[0]\n";
       }
       $count++;
}

Next, while not necessary, does clean up the Squid configuration file a lot making it easier on the eyes

# sed -i "/^#/d;/^ *$/d" /etc/squid/squid.conf

Now, edit your squid.conf file and append this to the bottom

squid.conf
url_rewrite_program /usr/local/bin/flip.pl

Also find the line for http_port and make it now read

Finally, we have to create the folders for the images to be flipped in and set their permissions

The directory where the images are to be stored must be owned by the proxy user. Finally, add the http user to the proxy group

Verify that the http user is a member of the proxy group

or

Router Setup

You will need to edit iptables on your router or gateway to redirect http traffic to your proxy.

If you have DD-WRT on your router, this is easily done by going to Administration -> Commands and pasting the following into the box.

#!/bin/sh
PROXY_IP=192.168.1.
PROXY_PORT=3128
LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`
iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT

Starting

Start/enable httpd.service and .

gollark: javascript_irł
gollark: * speol
gollark: Yeeeees, I sometimes faaaaial to assplepselell.
gollark: > problem 1: there are too many botsThiis is not a problem. You are wrong.> problem 2: the people there suckThis is untrue. We have many interesting people and contentoids.> problem 3: its just badThis is axiomatically false.
gollark: So if heavserver is bad, this implies it has problems. Explain them.

See also
This article is issued from Archlinux. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.