# Tor with polipo config for firefox



## Jim (Mar 3, 2015)

I have recently installed FreeBSD as well as several other applications. I am currently trying to configure my Firefox to work with security/tor and www/polipo. I have my browser working well with Polipo but I still can't seem to access the tor website. I have read multiple forums of the proper configuration for Polipo with tor, but I am unsure of the proper configuration.


----------



## Jim (Mar 3, 2015)

This is `polipo -v`

```
configFile /usr/local/etc/polipo/config Configuration file.
CHUNK_SIZE 8192 Unit of chunk memory allocation.
allowUnalignedRangeRequests boolean false Allow unaligned range requests (unreliable).
allowedClients list (not set) Networks from which clients are allowed to connect.
allowedPorts intlist 80-100, 1024-65535 Ports to which connections are allowed.
alwaysAddNoTransform boolean false If true, add a no-transform directive to all requests.
authCredentials atom (hidden) username:password.
authRealm atom (none) Authentication realm.
bigBufferSize integer 32768 Size of big buffers (max size of headers).
cacheIsShared boolean true If false, ignore s-maxage and private.
censorReferer tristate false Censor referer headers.
censoredHeaders list (empty list) Headers to censor.
chunkCriticalMark integer 24772608 Critical mark for chunk memory (0 = auto).
chunkHighMark integer 25165824 High mark for chunk memory.
chunkLowMark integer 18874368 Low mark for chunk memory (0 = auto).
clientTimeout time 2m Client-side timeout.
daemonise boolean false Run as a daemon
disableConfiguration boolean false Disable reconfiguring Polipo at runtime.
disableIndexing boolean true Disable indexing of the local cache.
disableLocalInterface boolean false Disable the local configuration pages.
disableProxy boolean false Whether to be a web server only.
disableServersList boolean true Disable the list of known servers.
disableVia boolean true Don't use Via headers.
diskCacheDirectoryPermissions integer 0750 Access rights for new directories.
diskCacheFilePermissions integer 0640 Access rights for new cache files.
diskCacheRoot atom /var/cache/polipo/ Root of the disk cache.
diskCacheTruncateSize integer 1048576 Size to which on-disk objects are truncated.
diskCacheTruncateTime time 4d12h Time after which on-disk objects are truncated.
diskCacheUnlinkTime time 32d Time after which on-disk objects are removed.
diskCacheWriteoutOnClose integer 65536 Number of bytes to write out eagerly.
displayName atom Polipo Server name displayed on error pages.
dnsGethostbynameTtl time 20m TTL for gethostbyname addresses.
dnsMaxTimeout time 1m Max timeout for DNS queries.
dnsNameServer atom 192.168.43.1 The name server to use.
dnsNegativeTtl time 2m TTL for negative DNS replies with no TTL.
dnsQueryIPv6 4-state happily Query for IPv6 addresses.
dnsUseGethostbyname 4-state reluctantly Use the system resolver.
dontCacheCookies boolean false Work around cachable cookies.
dontCacheRedirects boolean false If true, don't cache redirects.
dontTrustVaryETag tristate maybe Whether to trust the ETag when there's Vary.
expectContinue tristate maybe Send Expect-Continue to servers.
forbiddenFile atom /usr/local/etc/polipo/forbidden File specifying forbidden URLs.
forbiddenRedirectCode integer 302 Redirect code, 301 or 302.
forbiddenTunnelsFile atom (none) File specifying forbidden tunnels.
forbiddenUrl atom (none) URL to which forbidden requests should be redirected.
idleTime time 20s Time to remain idle before writing out.
laxHttpParser boolean true Ignore unknown HTTP headers.
localDocumentRoot atom /usr/local/share/polipo/www/ Root of the local tree.
logFacility atom user Syslog facility to use.
logFile atom (none) Log file (stderr if empty and logSyslog is unset, /var/log/polipo if empty and daemonise is true).
logFilePermissions integer 0640 Access rights of the logFile.
logLevel integer 0x7 Logging level (max = 0xFF).
logSyslog boolean false Log to syslog.
maxAge time 14d1h Max age for objects without Expires header.
maxAgeFraction float 0.100000 Fresh fraction of modification time.
maxConnectionAge time 21m Maximum age of a server-side connection.
maxConnectionRequests integer 400 Maximum number of requests on a server-side connection.
maxDiskCacheEntrySize integer -1 Maximum size of objects cached on disk.
maxDiskEntries integer 32 File descriptors used by the on-disk cache.
maxExpiresAge time 30d1h Max age for objects with Expires header.
maxNoModifiedAge time 23m Max age for objects without Last-modified.
maxObjectsWhenIdle integer 32 Number of objects to write at a time when idle.
maxPipelineTrain integer 10 Maximum number of requests pipelined at a time.
maxSideBuffering integer 1500 Maximum buffering for PUT and POST requests.
maxWriteoutWhenIdle integer 65536 Amount of data to write at a time when idle.
mindlesslyCacheVary boolean false If true, mindlessly cache negotiated objects.
objectHashTableSize integer 32768 Size of the object hash table (0 = auto).
objectHighMark integer 2048 High object count mark.
parentAuthCredentials atom (hidden) username:password.
parentProxy atom (none) Parent proxy (host:port).
pidFile atom (none) File with pid of running daemon.
pipelineAdditionalRequests tristate maybe Pipeline requests on an active connection.
pmmFirstSize integer 0 The size of the first PMM chunk.
pmmSize integer 0 The size of a PMM chunk.
preciseExpiry boolean false Whether to consider all files for purging.
proxyAddress atom 127.0.0.1 The IP address on which the proxy listens.
proxyName atom jim The name by which the proxy is known.
proxyOffline boolean false Avoid contacting remote servers.
proxyPort integer 8123 The TCP port on which the proxy listens.
publicObjectLowMark integer 1024 Low object count mark (0 = auto).
redirector atom (none) Squid-style redirector.
redirectorRedirectCode integer 302 Redirect code to use with redirector.
relaxTransparency tristate false Avoid contacting remote servers.
replyUnpipelineSize integer 1048576 Size for a pipeline break.
replyUnpipelineTime time 20s Estimated time for a pipeline break.
scrubLogs boolean false If true, don't include URLs in logs.
serverExpireTime time 1d Time during which server data is valid.
serverIdleTimeout time 45s Server-side idle timeout.
serverMaxSlots integer 8 Maximum number of connections per broken server.
serverSlots integer 2 Maximum number of connections per server.
serverSlots1 integer 4 Maximum number of connections per HTTP/1.0 server.
serverTimeout time 1m30s Server-side timeout.
smallRequestTime time 10s Estimated time for a small request.
socksParentProxy atom (none) SOCKS parent proxy (host:port)
socksProxyType atom socks5 One of socks4a or socks5
socksUserName atom (empty) SOCKS4a user name
tunnelAllowedPorts intlist 22, 80, 109-110, 143, 443, 873, 993, 995, 2401, 5222-5223, 9418 Ports to which tunnelled connections are allowed.
uncachableFile atom (none) File specifying uncachable URLs.
useTemporarySourceAddress tristate maybe Prefer IPv6 temporary source address.
```


----------



## Jim (Mar 3, 2015)

This is my Polipo config

```
pre.cjk { font-family: "Courier",monospace; }p { margin-bottom: 0.1in; line-height: 120%; }
### Basic configuration
### *******************

# Uncomment one of these if you want to allow remote clients to
# connect:

# proxyAddress = "::0" # both IPv4 and IPv6
proxyAddress = "127.0.0.1" # IPv4 only

# If you do that, you'll want to restrict the set of hosts allowed to
# connect:

# allowedClients = 127.0.0.1, 134.157.168.57
# allowedClients = 127.0.0.1, 134.157.168.0/24

# Uncomment this if you want your Polipo to identify itself by
# something else than the host name:

# proxyName = ""

# Uncomment this if there's only one user using this instance of Polipo:

# cacheIsShared = false

# Uncomment this if you want to use a parent proxy:

# parentProxy = "squid.example.org:3128"

# Uncomment this if you want to use a parent SOCKS proxy:

#socksParentProxy = "jim:9050"
#socksProxyType = socks5

# Uncomment this if you want to scrub private information from the log:

# scrubLogs = true


### Memory
### ******

# Uncomment this if you want Polipo to use a ridiculously small amount
# of memory (a hundred C-64 worth or so):

# chunkHighMark = 819200
# objectHighMark = 128

# Uncomment this if you've got plenty of memory:

# chunkHighMark = 50331648
# objectHighMark = 16384

# Access rights for new cache files.
diskCacheFilePermissions=0640
# Access rights for new directories.
diskCacheDirectoryPermissions=0750


### On-disk data
### ************

# Uncomment this if you want to disable the on-disk cache:

# diskCacheRoot = ""

# Uncomment this if you want to put the on-disk cache in a
# non-standard location:

# diskCacheRoot = "~/.polipo-cache/"

# Uncomment this if you want to disable the local web server:

# localDocumentRoot = ""

# Uncomment this if you want to enable the pages under /polipo/index?
# and /polipo/servers?. This is a serious privacy leak if your proxy
# is shared.

# disableIndexing = false
# disableServersList = false


### Domain Name System
### ******************

# Uncomment this if you want to contact IPv4 hosts only (and make DNS
# queries somewhat faster):

# dnsQueryIPv6 = no

# Uncomment this if you want Polipo to prefer IPv4 to IPv6 for
# double-stack hosts:

# dnsQueryIPv6 = reluctantly

# Uncomment this to disable Polipo's DNS resolver and use the system's
# default resolver instead. If you do that, Polipo will freeze during
# every DNS query:

# dnsUseGethostbyname = yes


### HTTP
### ****

# Uncomment this if you want to enable detection of proxy loops.
# This will cause your hostname (or whatever you put into proxyName
# above) to be included in every request:

# disableVia=false

# Uncomment this if you want to slightly reduce the amount of
# information that you leak about yourself:

# censoredHeaders = from, accept-language
# censorReferer = maybe

# Uncomment this if you're paranoid. This will break a lot of sites,
# though:

# censoredHeaders = set-cookie, cookie, cookie2, from, accept-language
# censorReferer = true

# Uncomment this if you want to use Poor Man's Multiplexing; increase
# the sizes if you're on a fast line. They should each amount to a few
# seconds' worth of transfer; if pmmSize is small, you'll want
# pmmFirstSize to be larger.

# Note that PMM is somewhat unreliable.

# pmmFirstSize = 16384
# pmmSize = 8192

# Uncomment this if your user-agent does something reasonable with
# Warning headers (most don't):

# relaxTransparency = maybe

# Uncomment this if you never want to revalidate instances for which
# data is available (this is not a good idea):

# relaxTransparency = yes

# Uncomment this if you have no network:

# proxyOffline = yes

# Uncomment this if you want to avoid revalidating instances with a
# Vary header (this is not a good idea):

# mindlesslyCacheVary = true

# Uncomment this if you want to add a no-transform directive to all
# outgoing requests.

# alwaysAddNoTransform = true
```


----------



## rabfulton (Mar 4, 2015)

Have you tried following this how-to?

https://forums.freebsd.org/threads/howto-use-tor-network-and-web-proxy.40307/


----------



## junovitch@ (Mar 4, 2015)

I did a quick Google search on it and saw this:  https://wiki.archlinux.org/index.php/polipo

For this part:

```
#socksParentProxy = "jim:9050"
#socksProxyType = socks5
```

Unless you have "jim" in your /etc/hosts or resolvable by DNS, that's not going to work.  You'll probably want to use this as shown on the Arch Wiki page linked above or the How To guide rabfulton just posted.

```
socksParentProxy = "localhost:9050"
socksProxyType = socks5
```


----------

