All_Proxy Socks5
complete ways to set http/socks/ssh proxy environment variables
# set proxy
export _proxy=PROXYHOST:PROXYPORT
# set proxy with user and password
export _proxy=USERNAME:PASSWORD@PROXYHOST:PROXYPORT
# set proxy with user and password (with special characters)
export _proxy=`urlencode ‘USERNAME’`:`urlencode ‘PASSWORD’`@PROXYHOST:PROXYPORT
# set socks proxy (local DNS)
export _proxy=socks5PROXYHOST:PROXYPORT
# set socks proxy (remote DNS)
export _proxy=socks5hPROXYHOST:PROXYPORT
# export other env variables
export _proxy=$_proxy
ftp_proxy=$_proxy
rsync_proxy=$_proxy
all_proxy=$_proxy
# export other env variables (another way)
export {, ftp, rsync, all}_proxy=$_proxy
export HTTP_PROXY=$_proxy
HTTPS_PROXY=$_proxy
FTP_PROXY=$_proxy
RSYNC_PROXY=$_proxy
ALL_PROXY=$_proxy
NO_PROXY=$no_proxy
export {HTTP, HTTPS, FTP, RSYNC, ALL}_PROXY=$_proxy
# set git (s) proxy
git config –global lverify false
git config –global $_proxy
# only for ”
git config –global. $_proxy
# use ‘nc’ with protocol
export ssh_proxy=’ProxyCommand=nc -X connect -x PROXYHOST:PROXYPORT%h%p’
# use ‘nc’ with protocol and proxy user
export ssh_proxy=’ProxyCommand=nc -X connect -x PROXYHOST:PROXYPORT -P ‘USERNAME’%h%p’
# use ‘nc’ with socks5 protocol
export ssh_proxy=’ProxyCommand=nc -X 5 -x PROXYHOST:PROXYPORT%h%p’
# use ‘connect’ with protocol
export ssh_proxy=’ProxyCommand=connect -H PROXYHOST:PROXYPORT%h%p’
# use ‘connect’ with protocol and proxy user
export ssh_proxy=’ProxyCommand=connect -H USER@PROXYHOST:PROXYPORT%h%p’
# use ‘connect’ with HTTP_PROXY environment
export ssh_proxy=’ProxyCommand=connect -h%h%p’
# use ‘connect’ with socks5 protocol
export ssh_proxy=’ProxyCommand=connect -S PROXYHOST:PROXYPORT%h%p’
# use ‘connect’ with socks5 protocol and user
export ssh_proxy=’ProxyCommand=connect -S USER@PROXYHOST:PROXYPORT%h%p’
# use ‘connect’ with SOCKS5_SERVER environment
export SOCKS5_SERVER=’PROXYHOST:PROXYPORT’
export SOCKS5_USER=’USERNAME’
export SOCKS5_PASSWD=’PASSWORD’
export ssh_proxy=’ProxyCommand=connect -s%h%p’
# connect to ssh server over proxy
ssh -o “$ssh_proxy” USER@FINAL_DEST
# set git ssh proxy
git config –global hCommand “ssh -o $ssh_proxy”
no_proxy=”127. 0. 1, localhost,. ”
no_proxy=$no_proxy, `echo 10. {0.. 255}. 255}|tr ‘ ‘ ‘, ‘`
no_proxy=$no_proxy, `echo 172. {16.. 31}. 255}|tr ‘ ‘ ‘, ‘`
no_proxy=$no_proxy, `echo 192. 168. 255}|tr ‘ ‘ ‘, ‘`
export no_proxy
# for more private network addresses, check following url
# #
unset _proxy _proxy ftp_proxy rsync_proxy all_proxy HTTP_PROXY HTTPS_PROXY FTP_PROXY RSYNC_PROXY ALL_PROXY
unset {,, ftp, rsync, all}_proxy {HTTP, HTTPS, FTP, RSYNC, ALL}_PROXY
git config –global –unset
git config –global –unset hCommand
git config –global –unset.
unset ssh_proxy
Proxy server – ArchWiki
According to Wikipedia:
In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.
HTTPS MITM proxies
When debugging HTTPS connections it is sometimes useful to intercept them outside of the browser. In order for the TLS MITM to work you need to trust a certificate authority of the proxy either in your browser or system-wide.
Charles — Graphical trialware written in Java.
|| charlesAUR
Fiddler — Proprietary and graphical, running on Mono.
|| fiddlerAUR
mitmproxy — Command-line and web interface, written in Python, also has API.
|| mitmproxy
sslsplit — Works with any TLS connections but cannot act as a HTTP proxy in a browser, written in C.
|| sslsplit
Warning: mitmproxy creates the private key to be readable by all users. [1]
Environment variables
This article or section needs expansion.
Reason: To export the environment everywhere (more or less), they could be set in /etc/environment and /etc/environment. d/* or ~/. pam_environment and ~/* (Discuss in Talk:Proxy server)
Some programs, such as wget and (used by pacman) curl, use environment variables of the form protocol_proxy to determine the proxy for a given protocol (e. g. HTTP, FTP,… ).
Below is an example on how to set these variables in a shell:
export _proxy=export _proxy=$_proxy
export ftp_proxy=$_proxy
export rsync_proxy=$_proxy
export no_proxy=”localhost, 127. 0. 1, localaddress,. ”
Some programs look for the all caps version of the environment variables.
If the proxy environment variables are to be made available to all users and all applications, the above mentioned export commands may be added to a script, say inside /etc/profile. d/. The script has to be then made executable. This method is helpful while using a desktop environment like Xfce which does not provide an option for proxy configuration. For example, Chromium browser will make use of the variables set using this method while running XFCE.
Alternatively, there is a tool named proxyman-gitAUR which claims to configure system-wide proxy settings easily. It also handles proxy configurations of other software like git, npm, Dropbox, etc. The project is inspired from Alan Pope’s idea of making a script.
Alternatively you can automate the toggling of the variables by adding a function to your (thanks to Alan Pope for original script idea)
function proxy_on() {
if (( $# > 0)); then
valid=$(echo $@ | sed -n ‘s/([0-9]{1, 3}. ? ){4}:([0-9]+)/&/p’)
if [[ $valid! = $@]]; then
>&2 echo “Invalid address”
return 1
fi
local proxy=$1
export _proxy=”$proxy”
_proxy=$proxy
ftp_proxy=$proxy
rsync_proxy=$proxy
echo “Proxy environment variable set. ”
return 0
echo -n “username: “; read username
if [[ $username! = “”]]; then
echo -n “password: ”
read -es password
local pre=”$username:$password@”
echo -n “server: “; read server
echo -n “port: “; read port
local proxy=$pre$server:$port
rsync_proxy=$proxy
HTTP_PROXY=$proxy
HTTPS_PROXY=$proxy
FTP_PROXY=$proxy
RSYNC_PROXY=$proxy}
function proxy_off(){
unset _proxy _proxy ftp_proxy rsync_proxy
HTTP_PROXY HTTPS_PROXY FTP_PROXY RSYNC_PROXY
echo -e “Proxy environment variable removed. “}
Omit username or password if they are not needed.
As an alternative, you may want to use the following script.
Change the strings YourUserName, ProxyServerAddress:Port, LocalAddress and LocalDomain to match your own data, then edit your ~/ to include the edited functions. Any new bash window will have the new functions. In existing bash windows, type source ~/
You may prefer to put function definitions in a separate file like functions then add source functions to instead of putting everything in You may also want to change the name “myProxy” into something short and easy to write.
#! /bin/bash
assignProxy(){
PROXY_ENV=”_proxy ftp_proxy _proxy all_proxy HTTP_PROXY HTTPS_PROXY FTP_PROXY ALL_PROXY”
for envar in $PROXY_ENV
do
export $envar=$1
done
for envar in “no_proxy NO_PROXY”
export $envar=$2
done}
clrProxy(){
unset $envar
myProxy(){
user=YourUserName
read -p “Password: ” -s pass && echo -e ” ”
proxy_value=”$user:$pass@ProxyServerAddress:Port”
no_proxy_value=”localhost, 127. 1, LocalAddress, ”
assignProxy $proxy_value $no_proxy_value}
Keep proxy through sudo
If the proxy environment variables are set for the user only they will get lost when running commands with sudo (or when programs use sudo internally).
A way to prevent that is to add the following line to a sudo configuration file:
/etc/sudoers. d/05_proxy
Defaults env_keep += “*_proxy *_PROXY”
Automation with network managers
NetworkManager cannot change the environment variables.
netctl could set-up these environment variables but they would not be seen by other applications as they are not child of netctl.
About libproxy
libproxy (which is available in the extra repository) is an abstraction library which should be used by all applications that want to access a network resource. It still is in development but could lead to a unified and automated handling of proxies in GNU/Linux if widely adopted.
The role of libproxy is to read the proxy settings from different sources and make them available to applications which use the library. The interesting part with libproxy is that it offers an implementation of the Web Proxy Autodiscovery Protocol and an implementation of Proxy Auto-Config that goes with it.
The /usr/bin/proxy binary takes URL(s) as argument(s) and returns the proxy/proxies that could be used to fetch this/these network resource(s).
Note: the version 0. 4. 11 does not support _proxy=’wpad:’ because { pkg-config ‘mozjs185 >= 1. 8. 5’;} fails.
As of 06/04/2009 libproxy is required by libsoup. It is then indirectly used by the midori browser.
Web proxy options
Squid is a very popular caching/optimizing proxy
Privoxy is an anonymizing and ad-blocking proxy
tinyproxy is a small, efficient HTTP/SSL proxy daemon
For a simple proxy, ssh with port forwarding can be used
Simple Proxy with SSH
Connect to a server (HOST) on which you have an account (USER) as follows
$ ssh -D PORT USER@HOST
For PORT, choose some number which is not an IANA registered port. This specifies that traffic on the local PORT will be forwarded to the remote HOST. ssh will act as a SOCKS server. Software supporting SOCKS proxy servers can simply be configured to connect to PORT on localhost.
Using a SOCKS proxy
There are two cases:
the application you want to use handles SOCKS5 proxies (for example Firefox), then you just have to configure it to use the proxy.
the application you want to use does not handle SOCKS proxies, then you can try to use tsocks or proxychains-ng.
In Firefox, you can use the SOCKS proxy in the menu Preferences > Network > Settings. Choose Manual Proxy Configuration, and set the SOCKS Host (and only this one, make sure the other fields, such as HTTP Proxy or SSL Proxy are left empty). For example, if a SOCKS5 proxy is running on localhost port 8080, put 127. 1 in the SOCKS Host field, 8080 in the Port field, and validate.
If using proxychains-ng, the configuration takes place in /etc/ You may have to uncomment the last line (set by default to use Tor), and replace it with the parameters of the SOCKS proxy. For example, if you are using the same SOCKS5 proxy as above, you will have to replace the last line by:
socks5 127. 1 8080
Then, proxychains-ng can be launched with
$ proxychains program
Where program can be any program already installed on your system (e. xterm, gnome-terminal, etc).
If using tsocks, the configuration takes place in /etc/ See (5) for the options. An example minimum configuration looks like this:
/etc/
server = 127. 1
server_port = 8080
server_type = 5
default_user = “”
default_pass = “”
curl and pacman
You may set the all_proxy environment variable to let curl and pacman (which uses curl) use your socks5 proxy:
$ export all_proxy=”socks5″
Proxy settings on GNOME3
Some programs like Chromium and Firefox can use the settings stored by GNOME. These settings can be modified through the gnome-control-center front end and also through gsettings.
gsettings set mode ‘manual’
gsettings set host ”
gsettings set port 8080
gsettings set ignore-hosts “[‘localhost’, ‘127. 0/8′, ’10. 0/8’, ‘192. 168. 0/16’, ‘172. 16. 0/12’, ‘*. ‘]”
This configuration can also be set to automatically execute when NetworkManager connects to specific networks, by using the proxydriverAUR package.
Microsoft NTLM proxy
In a Windows network, NT LAN Manager (NTLM) is a suite of Microsoft security protocols which provides authentication, integrity, and confidentiality to users.
cntlmAUR from the AUR stands between your applications and the NTLM proxy, adding NTLM authentication on-the-fly. You can specify several “parent” proxies and Cntlm will try one after another until one works. All authenticated connections are cached and reused to achieve high efficiency.
(NTLM PROXY IP:PORT + CREDENTIALS + OTHER INFO) —–> (127. 1:PORT)
Configuration
Change settings in /etc/ as needed, except for the password. Then run:
$ cntlm -H
This will generate encrypted password hashes according to your proxy hostname, username and password.
Warning: ettercap can easily sniff your password over LAN when using plain-text passwords instead of encrypted hashes.
Edit /etc/ again and include all three generated hashes, then enable rvice.
To test settings, run:
$ cntlm -v
Usage
Use 127. 1:port or localhost:port as a proxy adress. port matches the Listen parameter in /etc/, which by default is 3128.
What is the all_proxy environment variable used for? – Ask …
When I type
set | grep -i proxy
I see all environmental variables which refers to proxy settings. I understand the meaning of _proxy and ftp_proxy but what is all_proxy used for and where can I change it?
It has been added to my environment variables when I used gnome-network-properties application. Why socks is specified there as a protocol?
all_proxy=socksmy_proxy:port/
htorque60. 8k37 gold badges190 silver badges217 bronze badges
asked Jan 31 ’11 at 12:31
I found a post in a mailing list which says:
We already export, ftp, proxy environment variables. Some environments,
GNOME for instance, place the socks proxy in ALL_PROXY and all_proxy. Export it
as well.
Here is the post
So it’s for the SOCKS proxy in gnome.
answered Feb 9 ’11 at 6:16
PedramPedram5, 1733 gold badges27 silver badges37 bronze badges
1
Not the answer you’re looking for? Browse other questions tagged proxy environment-variables or ask your own question.
