I no longer use iPredator/relakks and I did improve the setup slightly but never updated the blog – maybe I should have.

unsafe :

Hi, I respect that you’ve put so much work into this, I might have done the some time ago, but you render a vpn useless. Why not buy a premium proxy instead when all you want is a proxy? Also did you know that your local proxy server most likely is even slower than apache, which is already a slow fat beast? Don’t believe? Benchmark using ab/weighttp.

Indeed. However this is only a small part of what my setup involved, I had additional routing configured such that any client using that server as a gateway would also route out over the VPN. I wasn’t using this simply just as a HTTP proxy (that was more a quick FoxyProxy thing for any other machine wanting ‘temporary privacy’).

Plus I also like using a local proxy to be sure what headers are stripped from the HTTP requests and I most certainly do not doubt your benchmark claims.

unsafe :

Now the real interesting part isn’t your setup, but iptables rules.
Why don’t you protect yourself from vpn-disconnects using iptables instead, that happen quite often with relakks? You heard right, ipredator IS relakks, which is know to log and drop connections in the midst of downloads revealing your real ip.

Now that was always on my “TODO” list, but I didn’t use it much as a HTTP proxy really and the NAT routing (which was my primary use-case) would fail if the VPN dropped so it got left at the wayside. (Good spot though!)

Now the real interesting part isn’t your setup, but iptables rules.
Why don’t you protect yourself from vpn-disconnects using iptables instead, that happen quite often with relakks? You heard right, ipredator IS relakks, which is know to log and drop connections in the midst of downloads revealing your real ip.

I’ve bought it yesterday out of boredom, should have bought an mp3 player instead, however that’s my findings after a day.