Installing lightweight proxy server on raspberry pi


As I live in Armenia, I have a lot of friends across the CIS region who live under internet oppression regimes. For an example the Russians cannot access Instagram, Twitter without a vpn, and many other resources. That makes it very important to them to use proxy/vpn to bypass the DPI, which government regimes use for censorship. Here in Armenia we have clean internet with no censorship, so if I setup a proxy for my friends they can use it to access the free on censorship internet.

In most of the guides I found on the internet they are using privoxy, which is insecure because it has no authentication system built-in, and if left as it is, your proxy IP address will be used by port scanners for various bad stuff like spamming. Such behavior risks your ip address getting marked as spam, or getting used by hackers to make you a suspect of cybercrime.

That is why I found a better solution for creating a proxy server called 3proxy. It is pretty lightweight, and has almost no footprint on raspberrypi and also very flexible. You can even create bandwidth rules for each user and monitor their usage in webadmin interface.

Installation & configuration

git clone
cd 3proxy
ln -s Makefile.Linux Makefile
sudo su
make install
nano /etc/3proxy/conf/3proxy.cfg

This will install 3proxy and run 3proxy as root. It is not a good security practice, but I don't care. Just using make install without sudo permissons leads to permission error and I don't want to dig into it, so I just made everything run as root.

By default the proxy server does not allow all connections except from localhost. So you need to explicitly allow them, as I did in the config file:

nscache 65536

config /conf/3proxy.cfg
monitor /conf/3proxy.cfg

log /logs/3proxy-%y%m%d.log D
rotate 60
counter /count/3proxy.3cf

users $/conf/passwd

include /conf/counters
include /conf/bandlimiters

auth strong
allow *
proxy -n
allow marat * *
admin -p8080

Then you need to restart the daemon to get the configuration update applied via sudo  systemctl start 3proxy.service. After that you can register accounts on proxy via this script, and supply your username and password next to it: /etc/3proxy/conf/

After that you should be able to connect to socks proxy at port :1080, and http proxy at :3128, with credentials you registered with the adduser script.

I highly recommend combining your proxy server with open source browser extension SwitchyOmega. It allows you to set traffic routing rules to automatically switch between your host internet and proxy, based on website you visit.


Популярные сообщения из этого блога

DOS атака при помощи Python

Ведем телеграм канал через питон

Django migrations не видит изменения моделей