[Freedombox-discuss] connection/firewall problem with privoxy

Aaron Ferrucci aaron.ferrucci at gmail.com
Sun Feb 26 23:59:05 UTC 2017


I have a freedombox on my local network at ip address 192.168.1.137.

I'm trying to get Privoxy working, and I'm having a connection/firewall
problem. Some info:

 - I've enabled the privoxy app in the plinth web interface, and the
   diagnostics all pass.
 - When I use the proxy in firefox, I get this error (when viewing any web
   page): "the proxy server is refusing connections".
 - Using "nc", I can corroborate the problem:
    [client computer]$ nc -v 192.168.1.137 8118
    nc: connect to 192.168.1.137 port 8118 (tcp) failed: No route to host
 - on the freedombox, if I do
    [freedombox]$ service firewalld stop
   then the nc works fine:
    [client computer]$ nc -v 192.168.1.137 8118
    Connection to 192.168.1.137 8118 port [tcp/*] succeeded!

   (web browsing through the proxy works also)

So it seems to be a firewall issue on the freedombox.

Well, I don't want to leave my firewall disabled, so I had a closer look
at the firewall settings on the freedombox:

  [freedombox]$ firewall-cmd --zone=internal --list-services
  ssh mdns samba-client dhcpv6-client http https tor-socks ntp dns dhcp
  privoxy xmpp-server xmpp-client xmpp-bosh minetest-plinth

That seems right - a bunch of services, including privoxy, are on the
internal
zone. But here's something odd:

  [freedombox]$ firewall-cmd --zone=internal --list-ports

No output - that implies no ports are in the internal zone. This surprises
me,
because (for example) minetest works fine from the client computer to the
freedombox. Apparently port 30000 is open in the firewall. Probably my
surprise indicates my ignorance about how the firewall port settings work...
nevertheless, I persisted, and added port 8118 to zone internal:

  [freedombox]$ firewall-cmd --zone=internal --add-port 8118/tcp
  success
  [freedombox]$ firewall-cmd --zone=internal --list-ports
  8118/tcp

However, with this change in place, "nc" still can't connect from the client
computer, and with the proxy I get the "refusing connections" error.

Does anyone have a recommendation for what to try next? Thanks in advance
for any hints.
-Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20170226/428b3493/attachment.html>


More information about the Freedombox-discuss mailing list