I wanted to use my Android phone as a proxy server, meaning that I wanted to be able to use the IP on the phone as a proxy, so all requests and responses are received on the phone and forwarded back to the original requestor.
How do I do this?
Asked
Active
Viewed 7.0k times
4 Answers
12
If you're just interested in setting a proxy up over your Wifi, you can do that with Servers Ultimate quite easily, but I don't know why anyone would really want to do that. A much more useful option is to use mobile data, but as Kevin's answer said you're going to hit a lot of headaches, namely at the ISP level (Verizon, AT&T, etc). Chances are you won't get them to change their NAT policy for you.
It's hard to use your mobile data as a proxy because all incoming connections are blocked. But, if you have a laptop, and your phone connected to your laptop via adb, one option is to run a command like this:
adb forward tcp:6400 tcp:8080
This command forwards all TCP connections sent to your host (laptop)'s 6400 port to your phone's 8080 port. Next, set up a proxy server on your Servers Ultimate App running on port 8080. No root required! Finally, on your laptop, set up your browser to use a proxy server connected to port 6400 on your laptop. For example, open Firefox, go to Settings, Networks, and use 127.0.0.1 and port 6400 as a proxy. Here's what's going to happen:
Any requests from the laptop's browser will be proxied internally to port 6400, which adb will forward to port 8080 on your phone, which is a proxy server that accesses the outside internet using your mobile data!
If needed, you can also open the firewall in your router up to access your laptop's port 6400 over WiFi from other devices, although I recommend setting up some kind of security policy.
There are tons of tutorials for enabling developer options and adb on your laptop, it's easy.
Andrew T.
- 15,988
- 10
- 74
- 123
nick carraway
- 121
- 1
- 5
7
Servers Ultimate is an advanced app for turning your phone into a server. By the same developer, Proxy Server offers a more basic and solely "Proxy Server based" approach. As stated on its description:
Run your own Proxy Server on your device! The app can handle HTTP and HTTPS protocols and GET/POST requests. You can even set the app to forward all connections to a default host and port so you can use other protocols as well through the socket!
They later on add
For more servers and features have a look at our app Servers Ultimate
For some extra information about Servers Ultimate, check this article on LifeHacker, this article on XDA, and the apps own XDA thread.
SarpSTA
- 2,682
- 5
- 19
- 36
-
I"m trying to set this up in a way that I connect to the proxy server using the WiFi IP, and all outgoing connections would use the data connection. Is this possible? – Arya May 22 '18 at 04:47
-
-
Late to the train, but another app that I found useful is Every Proxy (writing this answer in December 2021, many of the suggestions don't exist anymore). – ptommasi Nov 30 '21 at 12:11
2
If your phone is rooted (or at least bootloader is unlocked), you can run tinyproxy (HTTP/HTTPS proxy) as init service. It works with both Wi-Fi and Mobile Data, in latter case you have to make sure your phone is accessible from internet. See How to connect to Android through SSH over 3G/4G public IP?
- Create a directory on
/dataor/system:~# mkdir -p /data/local/tinyproxy/tmp Create configuration file:
# /data/local/tinyproxy/tinyproxy.conf Port 8080 Timeout 600 LogFile "/tinyproxy.log" LogLevel Connect MaxClients 100 MinSpareServers 5 MaxSpareServers 20 StartServers 5 MaxRequestsPerChild 0 ViaProxyName "tinyproxy" #BasicAuth <username> <password>For further configuration options see documentation.
- Build
tinyproxyfrom source or may try this one. Move binary to/data/local/tinyproxy/and set permissions. UseAID_NOBODYor any other unused UID for service:~# cd /data/local/tinyproxy/ ~# chown -R 9999.9999 . ~# chmod 0755 . tmp tinyproxy ~# chmod 0644 tinyproxy.conf Add following lines to
/init.rcor any other.rcfile:# /system/etc/init/tinyproxy.rc service tinyproxy /system/bin/chroot /data/local/tinyproxy /tinyproxy -d -c /tinyproxy.conf seclabel u:r:magisk:s0 user 9999 group 9999 disabled capabilities NET_RAW NET_BIND_SERVICE SYS_CHROOT on property:sys.boot_completed=1 start tinyproxy
If using any firewall app, make sure to unblock incoming port 8080. Reboot device. tinyproxy server should be running with least privileges. Connect locally or remotely.
PS:
If phone isn't rooted or you want to further sandbox the proxy server, you can patch SELinux policy with following rules. Use Magisk supolicy tool or sepolicy-inject:
create tinyproxy
allow init tinyproxy process transition
allow init tinyproxy process { rlimitinh siginh noatsecure }
allow tinyproxy tinyproxy process { getsched fork }
allow tinyproxy toolbox_exec file { entrypoint read getattr execute }
allow tinyproxy tinyproxy dir { search write add_name remove_name }
allow tinyproxy tinyproxy lnk_file read
allow tinyproxy labeledfs filesystem associate
allow tinyproxy tinyproxy file { read open getattr create write append unlink execute execute_no_trans }
allow tinyproxy tinyproxy capability { sys_chroot net_raw }
allow tinyproxy tinyproxy unix_dgram_socket { create connect write }
allow tinyproxy tinyproxy tcp_socket { create connect accept read bind getattr write shutdown setopt listen }
allow tinyproxy port tcp_socket { name_connect name_bind }
allow tinyproxy node tcp_socket node_bind
allow tinyproxy tinyproxy udp_socket { create connect read getattr write bind }
allow tinyproxy node udp_socket node_bind
allow tinyproxy system_data_file file lock
allow tinyproxy tinyproxy file lock
- Check
dmesgforavcdenials to define any more required rules. - Replace
seclabel u:r:magisk:s0in service withseclabel u:r:tinyproxy:s0. - Set SELinux context:
~# chcon -R u:object_r:tinyproxy:s0 /data/local/tinyproxy
Now the service will run without Magisk too.
RELATED:
SOCKS proxy can be run with SSH, see:
Irfan Latif
- 20,353
- 3
- 70
- 213
-
great tutorial. but I can't get the chroot part to work on 2 different phones. each time it fails with:
chroot: exec /tinyproxy: No such file or directory- without chroot, tinyproxy works fine (although I have to create /tmp for it) – Eugen Feb 19 '22 at 21:15
1
I had some trouble getting Servers Ultimate's proxy server to work, and my first thought is that it is because my phone is not rooted. However, the problem here is actually not necessarily at the OS level, depending on your use case.
If you're trying to use your mobile data connection as a proxy, you might have some trouble, because most mobile data providers will block any ports that you'd normally be able to use to set up a proxy. Your best bet is to contact the mobile data provider and see if they have any ports that are open beyond the value of 1024 (Android blocks ports below this number for security reasons).
Alternatively, you can:
- Use a proxy server on Wifi, but make sure the proxy port is open in your router
- Root your phone so that you can set-up port forwarding to use your mobile data connection
- Root your phone so that you can use port values beneath 1024 which are usually open.
To realize this is the case, try running a Servers Ultimate proxy server on Wifi with its port open. You'll have something that functions, but if your goal is to use mobile data, you're out of luck for now.
Kevin
- 11
- 1
If you're just interested in setting a proxy up over your Wifi, you can do that with Servers Ultimate quite easily, but I don't know why anyone would really want to do that. A much more useful option is to use mobile data,Do agree that setting up a proxy over 4G (as opposed to over WiFi) is not possible with Servers Ultimate ? (I ask because I could set up a proxy over 4G and would like to know whether it is possible at all) – hartmut Jan 19 '19 at 17:17