Skip to content

Instantly share code, notes, and snippets.

@ephesus
Last active January 30, 2023 07:49
Show Gist options
  • Save ephesus/2c53b288c1767f4e1cee to your computer and use it in GitHub Desktop.
Save ephesus/2c53b288c1767f4e1cee to your computer and use it in GitHub Desktop.
Setting up tinyproxy to allow ssh/corkscrew connections brew/osx
$ brew update && brew upgrade
$ brew install tinyproxy
$# Most firewalls allow http CONNECT over port 443 to allow https, so run tinyrpoxy on 443
$ cat > /usr/local/Cellar/tinyproxy/1.8.3/etc/tinyproxy.conf <<EOF
User nobody
Group nobody
Port 443
Timeout 600
DefaultErrorFile "/usr/local/Cellar/tinyproxy/1.8.3/share/tinyproxy/default.html"
StatFile "/usr/local/Cellar/tinyproxy/1.8.3/share/tinyproxy/stats.html"
LogLevel Info
MaxClients 5
MinSpareServers 1
MaxSpareServers 2
StartServers 1
MaxRequestsPerChild 0
Allow 127.0.0.1
Allow $specific_ip_of_client
Allow 192.168.1.0/24
ConnectPort 22
ConnectPort 23
ConnectPort 443
ConnectPort 563
EOF
$ mkdir -p /usr/local/Cellar/tinyproxy/1.8.3/var/log/tinyproxy/ /usr/local/Cellar/tinyproxy/1.8.3/var/run/tinyproxy/
$ chown -R nobody:nobody /usr/local/Cellar/tinyproxy/1.8.3/var/log/ /usr/local/Cellar/tinyproxy/1.8.3/var/run/
$ #add app to allowed apps in firewall to allow binding socket
$ /usr/libexec/ApplicationFirewall/socketfilterfw --add /usr/local/Cellar/tinyproxy/1.8.3/sbin/tinyproxy
$ /usr/local/Cellar/tinyproxy/1.8.3/sbin/tinyproxy
@ephesus
Copy link
Author

ephesus commented Oct 23, 2015

As of updating 10/23/2015 it's compiled with --localstatedir=/usr/local/var --sysconfdir=/usr/local/etc, so the config is in /usr/local/etc/tinyproxy.conf and the pidfile and log are in /usr/local/var/run/tinyproxy and /usr/local/var/log/tinyproxy

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment