Manual installation of Proxywise

Proxywise uses redsocks to do all the magic. Hence the first step is to install 'redsocks'.

Download from https://github.com/darkk/redsocks (Arch linux users may use 'yaourt' to install/remove 'redsocks-git' and skip to 'Proxywise' installation)

'redsocks' requires on 'libevent' source files to compile.

$ git clone https://github.com/darkk/redsocks.git
$ cd redsocks
$ make
$ cp redsocks /usr/local/sbin/

Post installation script should be executed after this.
Now we install 'Proxywise'

$ git clone https://github.com/anandogc/proxywise.git
$ cd proxywise
$ sudo cp -r etc /
$ sudo cp -r usr /

The post-install (postinst), pre-install (preinst), and pre-removal (prerm) scripts are there in proxywise/debian folder. 'postinst' must be executed after performing the above task.

If one wants to install it else where, '/etc/init/proxywise.conf' and '/etc/systemd/system/proxywise.service' must be modified appropriately.

Hurray !!. Its done.

Subnet Mask

Let us dissect a few subnet mask and see what does it mean. Let us start with a simple example.

10.0.0.0/8:

In an IPv4 there are four parts. Each of them can vary from 0-255. You may know that an 8 bit integer is required to store values from 0-255. Hence each part of an IPv4 is 8bit long.

The '/8' means that first 8 bits are held fixed and rest can vary. In other words since each part is 8 bit long, the first part is fixed and the rest can vary. So it ranges from

10.000.000.000 to 10.255.255.255


172.16.0.0/12:
Here first 12 bits are held fixed and rest can vary.

'172' consumes 8 bits and first 4 bits of 16 are held fixed.

Decimal 16 = Binary 0001 0000.
Decimal 31 = Binary 0001 1111.

So we see that by keeping the first four bits of 16 fixed, we can go from 16 to 31.
Hence 172.16.0.0/12 can vary from

172.16.000.000 to 172.31.255.255


192.168.0.0/16:
Here first 16 bits are fixed. So 192 and 168 are held fixed and rest can vary.

192.168.000.000 to 192.168.255.255

Proxywise

Proxywise is a tool that can be used to redirect all outgoing connections through a given proxy.

There are software that have proxy settings in them such as web-browsers. But there are other software that are not proxy aware such as 'Ubuntu Software Center' and other package managers.

To add to the problem, there is a bug in version of 'libproxy' included in Ubuntu-14.04 due to which  torrent clients such as 'QBittorrent' are unable to download via proxy.

Using Proxywise, all connections can be redirected through the proxy.
Presently it diverts all connections of protocol tcp, and icmp.

On the underlying layer it uses redsocks, that works well for tcp and icmp protocols but it returns "truncated answer" to every query via UDP. RFC-compliant resolver should repeat same query via TCP in this case - so the request can be redirected using usual redsocks facilities.


If you find any issues while using it please comment below.

---

Proxywise is presently available for Ubuntu-12.04 and Ubuntu-14.04. Other linux users may install manually and try the terminal interface.


Adding the repository and installing
Do a no-proxy login from browser and issue following commands

$ sudo add-apt-repository ppa:anandogc/proxywise
$ sudo apt-get update
$ sudo apt-get install proxywise

Setting up the profiles

Upon successful installation click the dash ( ) and launch 'Proxywise'. A 'P' logo will appear on the panel.
Click on it and open 'Configure'


The 'Proxywise Configuration Tool' will open.
Using this tool you can add various profiles.
Note: You may choose not to store 'Username' and/or 'Password' when you are using a shared computer. Then it will ask you credentials every time you apply a profile.

Ignore Hosts
Typically the IP addresses within the campus can not be accessed through proxy server. Hence these set of IP addresses must be ignored by Proxywise. Three IPv4 ranges are used in Private Network: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.

'Ignore Hosts' list can contain

1. Server name, e.g. blogger.com
2. IP address, e.g. 216.58.220.46
3. Subnet Mask e.g. 10.0.0.0/8

The default values in 'Ignore Hosts' tab should work in most cases.

Cheers
Now we are ready to activate Proxywise. Just click on the 'P' icon on the panel and activate the profile of your choice.




Terminal interface
To open the 'Proxywise Configuration Tool' type

$ proxywise-config

and fill it up as described above.

Upon adding the profiles and setting 'Ignore Hosts' using 'Proxywise Configuration Tool', the 'proxywise' command can be used to activate a profile.

$ proxywise --help
usage: proxywise [-h] [-l] [-a] [-n] [{bsnl,nkn,proxy}]

positional arguments:
  {bsnl,nkn,proxy}  profile to be activated

optional arguments:
  -h, --help        show this help message and exit
  -l, --list        list available profiles
  -a, --activate    activate last used proxy
  -n, --no-proxy    disable active profile

To activate the 'nkn' profile, just type

$ proxywise nkn
nkn activated.

To get the active profile, just type

$ proxywise
nkn is active.

To deactivate any active profile, type.

$ proxywise -n
Active profile disabled.

Bash completion is also supported, it will show you suggestions

$ proxywise [tab][tab]
bsnl   nkn    proxy

After a computer restart, use '-a' to activate the last used profile.

$ proxywise -a

Where are the credentials stored?
All profile details are stored in Gnome-Keyring. This encrypts all details using your login password. Hence they get decrypted and become available only when you log in to your account.