Build your own proxy (and listen to Pandora outside USA)

· by Peter · Read in about 3 min · (554 words) ·

I’ve always loved Pandora radio, but now Pandora is available only to US citizens. However there is a solution, if you happen to own a VPS located in States (and your provider allows proxy service) then you can setup your own proxy server and enjoy listening to Pandora (and not only that) from any location. It could be also useful for Americans who gone abroad. With proxy you can also bypass your company’s firewall, so if admins are blocking some websites you’ll just access them via your proxy. OK, lets do it then. Login to your server as root and follow below steps (installation of packages as described below would work on Debian and Ubuntu, if you happen to have different distro then you must install packages following rules for your OS):

  1. apt-get install clamav-daemon clamav-freshclam - this is absolutely optional, but if you’re going to have proxy on your VPS it’ll be good idea to have also some antivirus software.
  2. apt-get install squid - this will install Squid (proxy server).
  3. apt-get install apache2-utils - if you don’t have Apache installed, you’ll need at least its tools to be able to use htpasswd.
  4. Now it’s time to configure our server, execute vi /etc/squid/squid.conf and add/change configuration as follows:
    http_port 443 - it’s the port on which Squid would be operating, I’m using 443 as it’s the port of https protocol, so it’s usually not blocked by company admins.

auth_param basic children 5
auth_param basic realm Linux Class
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_user
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

(lines above are telling Squid how to authenticate the users and where is file which contains user names and passwords (/etc/squid/squid_user), it’s very basic authentication and communication with your proxy wouldn’t be encrypted, but it should be enough for surfing web)

acl class proxy_auth REQUIRED - this must be in acl section of configuration file, it tells server that authentication is required in order to access.

http_access allow class - this must be in http access section of configuration file, it tells server that authenticated users can access proxy.

  1. touch /etc/squid/squid_user - create users file.
  2. htpasswd /etc/squid/squid_user username - create user, you’ll be asked to provide password for newly created user after executing this command.
  3. /etc/init.d/squid restart - restart squid.

If you’re using firewall and blocking incoming traffic (very good idea), you need to allow connections to your proxy from the outside. Execute:
iptables -A INPUT -d [ip of your server] -p tcp -m tcp -dport 443 -j ACCEPT

Now it’s time to configure your browser. You can either pass all your browser traffic through proxy (please follow configuration procedure proper for your browser, you can easily find it in Google), or you can use great Firefox add-on FoxyProxy. It would allow you to access only selected websites trough proxy and rest of traffic would go through your normal connection. Configuration is pretty easy, after installation open FoxyProxy configuration (you can click FoxyProxy icon on FF taskbar). Now click Add New Proxy on Proxies tab and input connection details for your server:

Add proxy server

Then go to URL Patterns tab and click Add New Pattern, for Pandora your configuration should be as on picture below:

Add pattern

That’s it. Enjoy Pandora everywhere (don’t forget to provide Squid user name and password when prompted by FoxyProxy:))!

Sources:
http://beginlinux.com/server_training/proxy-server/1049-squid-proxy-authentication