Hi everyone, I’m not professional Opensuse user but I like it very much. In Opensuse Leap 15, simply by setting tor proxy in Yast and restarting, I had a system-wide tor proxy like a vpn. But in Leap 15.1 this doesn’t work.
After setting proxy like this:
when I click on ‘Test Proxy Setting’ button, says ‘Proxy settings works correctly’, but after restarting system, actually proxy doesn’t work and it’s like when the proxy is disabled.
The output of ‘env | grep proxy’ command is as bellow (I don’t know if this is helpful or not, sorry):
Setting tor http proxy (127.0.0.1:8118) absolutely works on browsers and applications that have proxy setting but in my country Internet is very limited and I sometimes need to use proxy as system-wide and this is my only option.
I have never had a big need for a proxy. I have occasionally used one for special purposes. So I have never actually tried setting a proxy in Yast.
I’ll note, however, that your desktop environment might have its own proxy settings. For example, with KDE I can configure a proxy for the desktop. One of the options there is to use the system proxy configuration, and I would guess that it would then use what was set in Yast. But the default for KDE appears to be no proxy, and I think that means it would ignore what is set in Yast.
Your screenshot set up your YaST Proxy only for http and no other protocol.
That means that only apps that use http would be proxied, no other apps would connect through the proxy.
Also,
You are configuring your system proxy settings to point to a proxy server running on your local machine.
It might be important to know what proxy server you’re running on your machine.
When you talk about connecting through a proxy,
You have to be detailed about what apps need to be proxied and what kind of proxy you are connecting to… Whether it’s a “Web Proxy” only which also typically supports the “Web protocols” https and ftp,
Or whether the proxy is a SOCKS proxy.
If connecting to a Web proxy (ie only for web browsers), it can be useful to know if the proxy is configured to support WPAD.
If so, then all you need to do is open your web browser’s settings and tick the box that says to automatically connect to a web proxy.
WPAD works like DHCP, passing the proxy configuration to your browser to set up automatically on its own.
With this setting, you can move between networks with different web proxies and your web browser will automatically self-configure.
There is no such thing as system-wide proxy in Linux. It is up to individual applications to support proxy and in this case it is again up to individual applications how to configure proxy. While using environment variables like http_proxy is fairly common, it is by no means the only possibility.
Also note that YaST stores its settings in file that is processed by each shell individually when you launch it. The fact that these variables are present in interactive shell session does not mean they are already set when desktop components are started. You can check environment for any process that “ignores” proxy settings to determine whether environment variables are set for this process in the first place:
tr '\0' '
' < /proc/$PID/environ
I have feeling that what you really need is VPN, not proxy.
Actually,
System-wide proxy settings and Proxy Firewalls that support everything are quite common, and once upon a time YaST proxy used to be such a proxy client.
A Proxy (firewall) is just that… a type of firewall that is different than, for example the iptables/ebtables FW that is set up by default on every openSUSE which is often called a “window screen” firewall because all it does is simply block, allow, or forward.
A Proxy firewall is different in that instead of allowing network connections to pass through to the target, the client network connection is terminated at the proxy server, and then a brand new connection is created between the Proxy and the client’s target destination. When the target destination looks at the identity (source) of the network connection, it will see the Proxy instead of the original client.
Once one understands how a Proxy Firewall works, it can then also become apparent how much more secure a Proxy firewall is than a “window screen” firewall, and the kinds of filtering that can be done. You’ll see things like “application layer” firewalls, SOCKS, deep packet inspection (ie filtering for content) and more. It used to be that only proxy firewalls supported stateful packet inspection but I see that nowadays iptables is supposed to support that, possibly through conntrack. And, since a VPN was mentioned, yes a Proxy whether it filters or not can be used in place of a VPN for those who need to evade restrictive filtering, hiding the client identity which is why there are Proxy Lists for people who need to evade police states.
Based on the above, you should be able to see that although Web Proxies are very common (typically supporting only http/https/ftp) there is no reason why every other possible protocol can also be supported, and exists. There are many such well known Proxy Firewalls that proxy every connection, like Check Point and Forefront but it’s also quite common to run small proxies locally on your machine for various purposes… Dnscrypt-proxy is one instance where this is done to support encrypted client/server DNS queries.