[Freedombox-discuss] connection/firewall problem with privoxy

James Valleroy jvalleroy at mailbox.org
Mon Feb 27 11:34:58 UTC 2017 

On 02/26/2017 06:59 PM, Aaron Ferrucci wrote:
> I have a freedombox on my local network at ip address 192.168.1.137.
> 
> I'm trying to get Privoxy working, and I'm having a connection/firewall
> problem. Some info:
> 
>  - I've enabled the privoxy app in the plinth web interface, and the
>    diagnostics all pass.
>  - When I use the proxy in firefox, I get this error (when viewing any web
>    page): "the proxy server is refusing connections".
>  - Using "nc", I can corroborate the problem:
>     [client computer]$ nc -v 192.168.1.137 8118
>     nc: connect to 192.168.1.137 port 8118 (tcp) failed: No route to host
>  - on the freedombox, if I do
>     [freedombox]$ service firewalld stop
>    then the nc works fine:
>     [client computer]$ nc -v 192.168.1.137 8118
>     Connection to 192.168.1.137 8118 port [tcp/*] succeeded!
> 
>    (web browsing through the proxy works also)
> 
> So it seems to be a firewall issue on the freedombox.
> 
> Well, I don't want to leave my firewall disabled, so I had a closer look
> at the firewall settings on the freedombox:
> 
>   [freedombox]$ firewall-cmd --zone=internal --list-services
>   ssh mdns samba-client dhcpv6-client http https tor-socks ntp dns dhcp
>   privoxy xmpp-server xmpp-client xmpp-bosh minetest-plinth
> 
> That seems right - a bunch of services, including privoxy, are on the
> internal
> zone. But here's something odd:
> 
>   [freedombox]$ firewall-cmd --zone=internal --list-ports
> 
> No output - that implies no ports are in the internal zone. This
> surprises me,

This is expected: the privoxy service contains the port information, so
a separate port entry isn't needed.

Did you check if your local network connection on the freedombox is also
in the correct firewall zone (internal)?

--
James

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20170227/3bb05e78/attachment.sig>

More information about the Freedombox-discuss mailing list