[Privoxy-users] Binding to port 80

Justin Fielding justinfielding at gmail.com
Tue Sep 5 14:49:56 UTC 2017


Just in case this helps someone else in future; I ended up using SNIPROXY
combined with DNS entries to divert specific traffic to the proxy.

On 31 August 2017 at 16:13, Justin Fielding <justinfielding at gmail.com>
wrote:

> As you suggested Privoxy cannot intercept HTTPS traffic and even the HTTP
> traffic is having issues with invalid client header errors (yes I set the
> allow intercept flag in the config).
>
> Seems this solution won't work.  Back to the drawing board.
>
>
> Justin.
>
>
>
>
>
> On 31 August 2017 at 14:57, Justin Fielding <justinfielding at gmail.com>
> wrote:
>
>> Thanks Ruben.  As you suggested I have use iptables to redirect 80/443 to
>> 8118 and it seems to be working well.
>>
>> Justin.
>>
>> On 31 August 2017 at 14:55, Rubén Llorente <porting at use.startmail.com>
>> wrote:
>>
>>> Priviledged ports (such as port 80) require administrator (root)
>>> permissions.
>>>
>>> If you don't want to run privoxy as a privileged user, you can make
>>> privoxy listen at an unprivileged port (such as 8118) and then use some
>>> iptables trick to redirect traffic that hits your host at port 80 to
>>> port 8118. Doing this requires to have administrative control on the
>>> firewall of your host or its network.
>>>
>>> Transparent proxification for TLS/SSL traffic does not work, so
>>> redirecting to port 443 is useless.
>>>
>>> If you cannot run privileged applications and cannot administrate the
>>> firewall, you cannot use privileged ports.
>>>
>>> Justin Fielding <justinfielding at gmail.com> wrote:
>>> > Hi,
>>> >
>>> > I've just started playing around with Privoxy and it seems like just
>>> what I
>>> > need.  I have a requirement to intercept and divert web traffic for
>>> certain
>>> > domains and forward that to an upstream SOCKS proxy.
>>> >
>>> > This works great with my initial testing (in terms of privoxy
>>> identifying
>>> > and forwarding the correct traffic) but my issue is now redirecting all
>>> > HTTP traffic on the network via Privoxy.
>>> >
>>> > The only real option I have for doing this is to use a route-map on the
>>> > core network which diverts all traffic on ports 80/443 to the privoxy
>>> host.
>>> >
>>> > Now my issue.  I cannot change the destination port while diverting the
>>> > traffic (I can only change the next-hop IP) so need to bind privoxy to
>>> > ports 80/443.  Unfortunately when I try to bind to port 80 I get hte
>>> > following error:
>>> >
>>> > Fatal error: can't bind to INADDR_ANY:80: Permission denied
>>> >
>>> > Any ideas why I'm getting this and how to resolve?  Privoxy is running
>>> on a
>>> > dedicated Ubuntu VM and there should be no other processes binding to
>>> port
>>> > 80.
>>> >
>>> > Thanks,
>>> >
>>> > Justin.
>>>
>>> --
>>> OpenPGP Key Fingerprint:
>>> BB5A C2A2 2CAD ACB7 D50D  C081 1DB9 6FC4 5AB7 92FA
>>>
>>> _______________________________________________
>>> Privoxy-users mailing list
>>> Privoxy-users at lists.privoxy.org
>>> https://lists.privoxy.org/mailman/listinfo/privoxy-users
>>>
>>
>>
>


More information about the Privoxy-users mailing list