How to force all Linux apps to use SOCKS proxy
Matthew Harrington 
Using Linux, I need a way to route all network traffic of interface enp2s0 through SOCKS4 192.168.1.2:1080 (or any SOCKS proxy for that matter) – something like Proxifier in Windows. The proxy works fine when manually set in Chrome or Firefox.
OS: Linux Mint 19.1
Things I tried:
I set the proxy manually in network settings, but it's just like I didn't set it; Chrome still connects directly. Here's a screenshot:
Proxychains is working great, but I have to manually launch each app individually from the terminal.
I don't know how to use redsocks or iptables (yet).
I hope there's a GUI like Proxifier for Linux, but a terminal (CLI)-based solution is okay.
12 Answers
for the impatient just do the following; assuming that the proxy is example.com:7777 and it's socks5 (change it with your own later)
- first install redsocks
sudo apt-get install redsocks
, make an empty file anywhere and name it redsocks.conf (or whatever), I'll assume it's here /etc/redsocks.conf (change it with your own).
- edit the file you created (redsocks.conf) as follows
base { log_debug = on; log_info = on; log = "stderr"; daemon = off; redirector = iptables; } redsocks { local_ip = 127.0.0.1; local_port = 12345; ip = example.com; port = 7777; type = socks5; // known types: socks4, socks5, http-connect, http-relay // login = username; // password = password; }
change example.com 7777 with your proxy,
(note that you can use any local_port other than 12345,it's the local port that we will set an iptable rule to redirect the traffic to, so if you use another, make sure to use it in later steps below)
-- now run redsocks with the config file destination as follows
sudo redsocks -c /etc/redsocks.confchange with the destination of your redsocks.conf
(if you get "bind: Address already in use" try killall redsocks)
you can also check if redsocks is bound to local port 12345 with netstat -tulpn
-- now that redsocks is running and ready, let's change the iptables rules to use redsocks. this should be customized to your needs, but if you like to redirect all HTTP and HTTPS packets through the proxy. Define the following rules.
sudo iptables -t nat -N REDSOCKS
sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345
sudo iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDSOCKS
sudo iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDSOCKS
sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDSOCKS
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDSOCKSnow your http and https traffic should be redirected through example.com:7777
if you want your iptables reset use:
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -Xadditional tip: if you have vpn on your iphone or android, you can use it for free in your pc whatever the OS is. just connect the phone vpn app, and establish a socks proxy server ( in android you can use 'servers ultimate' app) then use the proxy in your pc as above, now all your pc traffic is routed through your phone vpn. neat.
1You need to forward all outgoing local traffic using iptables. Not aware of any GUI programs that do it. My use of iptables is limited to either very simple written scripts to call it to build a router, etc or to do a typical host based firewall setup with ufw. There is a GUI for ufw (gufw, imagine that) but I've never used it.
This (closed for being off topic) question/answer should get you started.
1
