4.5 Proxies and VPN's

Although the Pi is not the most powerful device to use as a proxy of VPN, both due to cpu power as bandwidth, it is certainly easily possible. In my experience though, the drop in speed when routing traffic through the Pi is noticable which might put the following in the 'fun to tinker with' rather than the 'very useful' category.

Privoxy

Let's say you want to block ads on your Pi, or even or your phone or other devices. Simply run a proxy on the Pi that blocks all ip-addresses that serve ads (or trackers, or malicious software, etc.) and route all traffic from your phone (or other pc) through the proxy. Easy-peasy!

Update: before I continue, check out this easier way that makes traffic a lot quicker than the method mentioned below. Instead of routing all traffic through the Pi, you can configure it as a DNS server that routes all ad-domains to the Pi. I won't explain how as you can read all that on the project's repo: https://github.com/pi-hole/pi-hole

I'm using the steps as described here: 1. Install using the same old sudo apt-get install privoxy. 2. Configure. Change the ip in the following file to the (local) ip of your Pi:

    sudo nano /etc/privoxy/config

Search for a line that says listen-address, insert the ip of your Pi and uncomment the line. Next, open the port in iptables (see the chapter on security), by editing /etc/iptables.up.conf and running iptables-restore < /etc/iptables.up.conf. Opening the port on the router should not be needed when you're only going to use it from within the LAN to the outside world. If you want to (and are able to) route your mobile data traffic over a proxy, open a port on your router and enter the outside ip of your Pi as the proxy ip on your phone.

Next, restart the Privoxy service by typing sudo service privoxy restart. Done! Your proxy is now set up. Next step is to block ads, untrusted websites, sites you'd like to block, etc.

Block ads, trackers and other IP-addresses you don't like

First, backup your hosts file:

    sudo cp /etc/hosts /etc/hosts.old

Then, create your own or download one from somewhere (backed up here, and append it to the original. It should take effect immediately, try it out by trying to visit a blocked ip in a browser or using wget; it should return with a 404.

(Source: 1)

OpenVPN

There's a very complete guide on setting up OpenVPN on your Pi right here. I haven't tried it out yet, but when I do, any remarks I might have will end up here.