Proxy
If you want to have control over what network traffic is directed to the campus and what not, you probably cannot use the surf eduvpn solution. Use SOCKS5 instead. It is safer, more privacy friendly and better documented.
Making a proxy
First make the proxy:
# inward ssh tunnel (if you have access to one) ssh -N -D 8080 ssh_server_ip # alternative reverse tunnel # todo: lookup the syntax
Using the proxy with firefox
Then tell programs to use this proxy, for instance firefox:
or probably better write a pcap file containing:
function FindProxyForURL(url, host){ if(dnsDomainIs(host, "ru.nl")) return "SOCKS5 127.0.0.1:8080" }
Keeping the proxy up and starting it when the computer starts
make a file called /etc/systemd/system/sshtunnel.service containing the following (replacing ssh_server_ip and local_user_name)
[Unit] Description=SSH Tunnel After=network.target [Service] Restart=always RestartSec=20 User=local_user_name ExecStart=/bin/ssh -NT -o ServerAliveInterval=60 -D 8080 ssh_server_ip [Install] WantedBy=multi-user.target
and enable it for each time the computer starts:
systemctl enable sshtunnel