Unix users


All of the proxyTools except localProxy run on any system with Perl and a few modules instaled.
Unix/Linux users with the Tk modules installed are able to use localproxy in the same manner as MS Windows users.
This document discusses use of localProxy when Tk is not available (probably because the X-Windows toolkit is not present).

Installation

Same as for MS Windows users, but more manual.

Module installation might be assisted by the following notes.
At least the following are required:
Storable
XML::Parser (and expat)
Time::HiRes
Archive::Zip
Net::DNS

Archive::Zip needed unzip to pass it's installation tests which was not present on NetBSD. Forcing the installation seems to work ok.

Startup

The back end (localProxy2.pl) is run directly (rather than from the localProxy.pl GUI).

./localProxy2.pl -c User0 -x 3
will start the back end, building a system for configuration User0 (as specified in config-User0.xml).

Control

The back end will accept any Perl command on port 10081. Note how dangerous this is (see below).
No commands are needed normally, but are usually used to get information  (running configuration, currently known speeds etc.)
To see which commands make sense you will need to look at the code; essentially anything which makes sense in the context of the 'eval' point in the code is acceptable.

A few examples are:
getConfig() will return a complete XML description of the built (running) system.
$config->{10080}->{1}->{0}->{2}->{host} will return the host address and port being used by localProxy for the 10080 service (usually the non-censoring HTTP proxy service), in commStrat 1 (the CONNECT strategy), layer 0 (the directly connectable proxies in the chain), index number 2.
Similarly $config->{10080}->{1}->{0}->{2}->{host} = "a.new.proxy.net:8000" would set a new value for this host.
$config->{10080}->{0}->{0}->{1}->{isEnabled} = 0 is an example of a command type commonly used from the GUI. It will disable the non-censoring http proxy service, commStrat 0, layer 0, index 1 host. Whole commStrats, and even services may be disabled dynamically by similar commands.
sub hello {print "hello world\n"}; hello() will create a new subroutine named hello and execute it.

Security

An open port where the listening application obligingly executes any command with the privileges of the user is obviously a security risk. LocalProxy makes attempts to limit access by IP address. It makes the assumption that the first connecting IP address is the valid master.
Usually localProxy is run from the GUI on localhost, and the GUI waits for the control port to open, so the window of exposure is only a second or so.
The most insecure situation would be where the back end is being run on another host, and no GUI is involved. In this case, the user should connect to the control port (say via telnet, netcat etc.) ASAP (and check that he has been accepted as the master).

The services offered by localProxy may be used by others as well. Perl is not vulnerable to buffer overflows, and localProxy never executes any of this data, but it does process it sometimes (regexes, for example) , and so may be vulnerable in some way.  Use by others may be desirable (to allow friends to use your non-censoring HTTP proxy or Usenet News service, for example), so in this case, a flag is provided to allow/disallow access from other addresses (see the setting of 'serverAccessRestricted' in config-User0.xml, for example).