# How to access unfiltered web through another site?



## vukuv (Jul 9, 2009)

Hello 

Certain sites are filtered by firewall rules and we can not access these sites.

I like to access my Freebsd system at home from work  and be able to access a web browser through the freebsd system at home so that I am not blocked by the firewall rules in place.

Sites such as Yahoo and gmail are blocked and I like to be able to:

go to a web site ( my home freebsd site)
Login and be able to launch a web browser through that connection.
The connection must be through web ( SSH and any other programs are already blocked). Once I login to my BSD system through web, I like to launch a web browser and gain access to web.

Alternative would be, to again access the BSD system at home and launch a vm (a lightweight vm)

Can you point me to the right direction?

How about if I need to give access to other people as well? How would that work? Can I create a subnet 10.x.x.x and be able to serve web for others as well.

Ultimatly the goal is to provide the users with a very EASY setup so that NON technical people can gain access to everything on the web through that web connection to the freebsd site at my home.

Also what happens if my site gets blocked?

Thank you in advance.


----------



## DutchDaemon (Jul 9, 2009)

You could install a proxy server on port 80 at home and open it up to the IP address you're currently working from. Then point your web browser to 'proxy.at.home port 80' and surf the web using your proxy at home as the gateway. Make sure your proxy only handles requests from your current IP address and/or set up authentication on the proxy.


----------



## SirDice (Jul 9, 2009)

If the admins did their job properly you won't be able to use a proxy server. I know I would fix it that way.


----------



## phoenix (Jul 9, 2009)

The OpenSSH client (ssh) can be used to create a SOCKS proxy connection for use with a local web browser, using the -D command-line option.

`#  ssh -D 8080 some.remote.ssh.server`

Then you can configure your web browser to use localhost:8080 as a SOCKS proxy. All web page requests will be tunneled through SSH to the remote server, and then out to the remote web server. It will look like the HTTP request came from the remote SSH box, instead of from your local box.

Of course, this will only work if you are able to connect out directly from your PC, through their firewall, to some random IPort on the Internnet.    A properly configured network will only allow you to access resources on the local network (local DNS server, local mail server, local web proxy server, etc) and not allow direct outgoing connections.


----------



## lme@ (Jul 10, 2009)

If you run the proxy server on port 80 or 443 you should be able to connect to it through the firewall.


----------



## SirDice (Jul 10, 2009)

Not if the admins force the OP to use their proxy server. They're probably using one as it's the easiest way to block access to certain sites.


----------



## DutchDaemon (Jul 10, 2009)

You mean the admin proxies transparently? That will still leave port 443 unfiltered, because SSL can't be proxied transparently (local termination aside). You should be able to CONNECT over that port. Of course if the web browser itself is locked down (no access to settings like 'proxy server'), you're done for. That's how it's done at my job anyway.


----------

