#FuckYouHTTPProxy | How to use an HTTP proxy system-wide on Linux | How to do transparent proxying with corporates' HTTP proxies


  • Corporates use HTTP proxies.
  • HTTP proxies suck.
  • HTTP proxies implementation on Linux sucks than everything.
  • I have no control of the shitty proxy I'm talking about


HTTP proxies suck and corporates use HTTP proxies.
Ok, I already said that.
In the company I'm working in as security consultant, all machines connected to the intranet can't reach the internet. The only way to do so, is to use an internal HTTP proxy that does deep inspection of the internet traffic in order to block "malicious" sites, control downlodaded contents and so on. It's a mess, because also security related websites are blocked too.
The big problem comes when you are also involved in system operations, particullary with Linux systems: handling the proxy in Unix-like systems is a nightmare.
Yes, there is the http_proxy environment variable, you set it and almost every software will use its content to proxy network requests.
And what if you need to do some routing, for example to run Docker containers or virtual machines, or proxy-unaware applications?
It happens that, if you don't specify the http_proxy variable inside every single container or vm, they won't reach the internet.
Now, from