Last active
January 30, 2023 07:49
-
-
Save ephesus/2c53b288c1767f4e1cee to your computer and use it in GitHub Desktop.
Setting up tinyproxy to allow ssh/corkscrew connections brew/osx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ brew update && brew upgrade | |
$ brew install tinyproxy | |
$# Most firewalls allow http CONNECT over port 443 to allow https, so run tinyrpoxy on 443 | |
$ cat > /usr/local/Cellar/tinyproxy/1.8.3/etc/tinyproxy.conf <<EOF | |
User nobody | |
Group nobody | |
Port 443 | |
Timeout 600 | |
DefaultErrorFile "/usr/local/Cellar/tinyproxy/1.8.3/share/tinyproxy/default.html" | |
StatFile "/usr/local/Cellar/tinyproxy/1.8.3/share/tinyproxy/stats.html" | |
LogLevel Info | |
MaxClients 5 | |
MinSpareServers 1 | |
MaxSpareServers 2 | |
StartServers 1 | |
MaxRequestsPerChild 0 | |
Allow 127.0.0.1 | |
Allow $specific_ip_of_client | |
Allow 192.168.1.0/24 | |
ConnectPort 22 | |
ConnectPort 23 | |
ConnectPort 443 | |
ConnectPort 563 | |
EOF | |
$ mkdir -p /usr/local/Cellar/tinyproxy/1.8.3/var/log/tinyproxy/ /usr/local/Cellar/tinyproxy/1.8.3/var/run/tinyproxy/ | |
$ chown -R nobody:nobody /usr/local/Cellar/tinyproxy/1.8.3/var/log/ /usr/local/Cellar/tinyproxy/1.8.3/var/run/ | |
$ #add app to allowed apps in firewall to allow binding socket | |
$ /usr/libexec/ApplicationFirewall/socketfilterfw --add /usr/local/Cellar/tinyproxy/1.8.3/sbin/tinyproxy | |
$ /usr/local/Cellar/tinyproxy/1.8.3/sbin/tinyproxy |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As of updating 10/23/2015 it's compiled with --localstatedir=/usr/local/var --sysconfdir=/usr/local/etc, so the config is in /usr/local/etc/tinyproxy.conf and the pidfile and log are in /usr/local/var/run/tinyproxy and /usr/local/var/log/tinyproxy