Only allow navigation on specific domains and urls (blocking the rest) using PRIVOXY on my VELICA router

I've set up privoxy 3.0.24-1 on my VELICA with OpenWrt (15.05).

The proxy is running and listening on port 8118.

I would like to filter url from my wireguard interface. I am you not using explicit proxy configuration (in the browser) but transparent redirect via iptables rules to redirect port 80 and 443 to 8118

iptables -t nat -A PREROUTING -i wg0 -p tcp --dport 443 -j REDIRECT --to-port 8118

iptables -t nat -A PREROUTING -i wg0 -p tcp --dport 80 -j REDIRECT --to-port 8118

I tried setting a example of blocking by only allowing 2 domains in a block rule:

{ -block}
.mediaset.it
.disney.com

This rule can be found under the file user.action, which I include in my config in /etc/config/privoxy. Both options 'toggle' and 'enforce_blocks' are set to 1. However, I do not see any filtered url from wireguard connections, the proxy doesn't block anything...

Any idea on that matter?

Is this something that can be achieved? And how?

Jwh,

I think you mean: GL.iNet GL-B2200 as your 'Velica'.
OpenWrt (15.05) is an (very) old version, why this old or is OEM version firmware?
Be aware if / when updating that several steps have to be made!

Wireguard I don't know, but Privoxy does normally work from WAN to LAN and has Luci web interface which works fine.
Maybe you have to change the path of Privoxy to point to your wireguard interface, but that I don't know.

DG.

1 Like

As I recall, Wireguard wasn't introduced in OpenWrt until version 17, it had some issues that weren't fixed until version 18. It has to be some OEM version.

Also see: Can I install WireGuard on OpenWrt 15.05.1? - #4 by hnyman

I would assume you bind/configure the proxy to that interface for outbound traffic.

1 Like

Yes, you are correct and you are also correct when you say it is OEM, I will upload OpenWrt 22.04 and I will update the message in case of issues with Privoxy

Yes OEM version and I will upgrade soon

1 Like