Mobile Proxy Service¶

The term "Mobile Proxy Service" might not be immediately clear. To put it simply, FIRERPA has a built-in HTTP proxy server. You can use this HTTP network proxy to access other sites through the mobile device's network.

For instance, you might want to perform network tests or troubleshoot issues from the same network IP as the device. FIRERPA's proxy feature allows you to use the device running FIRERPA as an HTTP network proxy server. This means you can use this feature to turn the mobile device into a proxy server, routing communication traffic through this device's network exit point. Alternatively, if you are capturing packets but don't want the traffic to originate from your local computer, you can set this proxy service as an upstream proxy for mitmproxy. This way, you can capture the packets while all communication traffic is still sent from the original device. Another use case is utilizing the idle networks of a large number of devices for IP proxy services.

Using the Proxy¶

You can configure the proxy in Firefox by going to Settings -> Manual proxy configuration, setting the proxy to 192.168.0.2 with port 65000, and checking Also use this proxy for HTTPS. This will give your Firefox the same outbound IP as the device.

You can also quickly try it out with the following curl command:

curl -x http://192.168.0.2:65000 https://httpbin.org/ip

You can also use it with Python requests:

requests.get("https://httpbin.org/ip", proxies={"http":"http://192.168.0.2:65000", "https": "http://192.168.0.2:65000"})

By default, this proxy requires no authentication. However, when you start it with --certificate (using a service certificate), the login username is lamda, and the password is the same as the remote desktop login token (note: this is the password from the service certificate file, not a custom password for the remote desktop). You can also set this password yourself by customizing tunnel2.password in properties.local.

For the case of using a service certificate as described above, use it as follows:

curl -x http://lamda:certificate_password@192.168.0.2:65000 https://httpbin.org/ip

Similarly, for Python requests, the format is as follows:

requests.get("https://httpbin.org/ip", proxies={"http":"http://lamda:certificate_password@192.168.0.2:65000", "https": "http://lamda:certificate_password@192.168.0.2:65000"})

Configuring the Proxy¶

You can configure the mobile proxy feature by writing the following configuration in properties.local. You can set up password authentication or make it send requests through the rmnet (4G/5G mobile network) interface instead of the default outbound network interface.

tunnel2.login=lamda
tunnel2.password=your_new_password

The outbound interface iface configuration is used to set the exit network for the mobile proxy. It has two configurable values: wlan and rmnet. When the iface value is wlan, it will automatically detect available wlan interfaces and select one to send requests. When iface is rmnet, it will attempt to enable mobile data (4G/5G, even if Wi-Fi is on) and send requests from the mobile network interface. If configured as rmnet or wlan but the corresponding interface has no network connectivity, the proxy will be unavailable. If this setting is not configured, requests will be sent using the default network.

tunnel2.iface=rmnet