Cloudish - an anonymizer: an howto

Please look at this picture:

Cloudish in a distributed environment works to the principal of; when someone is whispering in a crowd of talking people, it's difficult to find who it was that was whispering. For your websurfing this means: if your request is performed by a proxy-server who is also processing requests for other people, it's very hard (near impossible) to find out which request came from what client.
So what is happening when using a Cloudish-proxy: your request comes into your local Cloudish-proxy. Your local Cloudish-proxy then removes some of the headers transmitted by your browser and after that makes a secure encrypted connection to one of the other configurated Cloudish-proxies (A, B and C in the picture). Then, A, B or C (the one which got the request) will get the requested data and send it back to you. It is also possible that the Cloudish-proxy first connect to one of the other Cloudish-proxies and relays your request trough it. That way it'll be even more to trace back the request to you.

How to configure your Cloudish-proxy

Your cloudish.ini will look like this:
# switch on debugging. set to 0 for no debug-information
debug=1
# this will be the port which you will configure in your browser
# as the proxy-port it will use
http_proxy_listen_port=5000
# in case you want other Cloudish-proxies to relay request trough
# your Cloudish-proxy, set this to port to which it should listen
# on, or set it to 0 to disable
s_proxy_listen_port=5001
# just set this to 3.
fork_retries=3
# number of retries for a connect
max_n_connect_retries=3
# normally, you will set this to 0. if set to 1, your local
# Cloudish-proxy will also directly request data; something
# you do not want unless you are proxy A, B or C (see picture)
allow_local_gets=0
# wether to use the defined local_proxies or not
use_local_proxy=0
# the Cloudish proxy-servers it will connect to
cloudish_proxies=a:5001,b:5001,c:5001
# set this one to 1, redirects currently do not work
initial_redirect_level=1
# certificate and certificate password (for SSL)
server_certificate=server.pem
server_certificate_password=password

Configuration-file for Cloudish-proxy A:
debug=0
s_proxy_listen_port=5001
fork_retries=3
max_n_connect_retries=3
# of course you want local gets
allow_local_gets=1
# allow gets trough the ISP-proxy 
use_local_proxy=1
# this one is only for proxy A
local_proxies=isp_proxy_server:8080
# connect trough other Cloudish-proxies
cloudish_proxies=b:5001,c:5001
# set this one to 1, redirects currently do not work
initial_redirect_level=1
server_certificate=server.pem
server_certificate_password=password

Configuration-file for Cloudish-proxy B:
s_proxy_listen_port=5001
allow_local_gets=1
use_local_proxy=0
cloudish_proxies=a:5001,c:5001
server_certificate=server.pem
server_certificate_password=password

Configuration-file for Cloudish-proxy C:
s_proxy_listen_port=5001
allow_local_gets=1
use_local_proxy=0
cloudish_proxies=a:5001,b:5001
server_certificate=server.pem
server_certificate_password=password

How to create a key/certificate

That is simple:
openssl req -new -x509 -nodes -days 386 -out server.pem -keyout server.pem
This creates a key/cert. which is valid for 386 days.

How to configure your browser

Set the IP address of the WWW proxy-server to the IP address of the PC on which your Cloudish-proxy is running. If it is running on your local machine, enter "127.0.0.1". For the portnumber of the WWW-proxyserver, enter the portnumber which you entered in the "http_proxy_listen_port"-line of the Cloudish.ini file of your Cloudish-proxy. E.g.:

This manual in other languages

An article in Czech on Cloudish was published. From what I understand of it, it also explains how to install and configure things. Link.

Tips and Tricks

For performance reasons, it is suggested that you put a caching proxy-server between your web-browser and your local Cloudish-proxy.
Example:

In your browser, you have to set the WWW proxy-server address to the address of the caching proxy-server. In the configuration of the caching proxy-server, you set it to get all objects from a parent; which is in this case your local Cloudish-proxy.
For squid, add the following to the configuration-file:
cache_peer cloudish_proxy_hostname parent cloudish_http_port 0 default no-query
acl all src 0.0.0.0/0.0.0.0
never_direct allow all
Replace cloudish_proxy_hostname with the hostname or IP-address of your Cloudish-proxy. Replace cloudish_http_port with the port which you defined in your Cloudish configuration-file with "http_proxy_listen_port".


I hope this made things clear.