Note: This guide was tested using Ubuntu 8.10. Previous versions may not work.

This is a HowTo for setting up Upside-Down-Ternet on Ubuntu. Basically, when a user browses the web, all the images are flipped upside-down. While it's not useful, it's quite a good April Fool's prank.

The process uses a transparent proxy, web server, and script to flip the images. Web traffic is routed to the proxy, instead of the default gateway, which is intercepted by the proxy which then downloads and modifies the images and then serves them back to the client browser.

Setting up the proxy

The proxy used in this guide is Squid v2.7.


There are two versions of Squid in the repositories, Squid 2.7 (package name squid) and Squid 3 (package name squid3), the former will be installed.

sudo apt-get install squid


Squid's configuration file is located at /etc/squid/squid.conf. The file comes pre-configured with default settings which you should not delete. Modify the file as follows:

  • On the line starting with #http_access allow localnet, change it to read:

acl localnet src [your network range, e.g.]
http_access allow localnet
  • On the line starting with http_port 3128, append transparent so it reads:

http_port 3128 transparent
  • Find the section TAG: url_rewrite_program. At the bottom of the section you should see #Default: none. Replace that line with

url_rewrite_program /usr/local/bin/

Reload the configuration file:

sudo service squid reload

Setting up the webserver

Apache 2 will be used as the web server.


sudo apt-get install apache2


Apache's default configuration file works fine and does not need to be changed.

However, as Apache is going to be serving the modified images, a directory where those images are stored needs to be created. Create a directory where the images are to be stored and set the correct directory permissions:

sudo mkdir /var/www/images
sudo chown www-data:www-data /var/www/images
sudo chmod 775 /var/www/images

Add the user proxy to the group www-data, so squid can write to the /var/www/images directory.

sudo usermod -aG www-data proxy

The images retrieved by Squid are owned by the user and group proxy. Add www-data (the user Apache runs under) to the proxy group so Apache can access the images:

sudo usermod -aG proxy www-data

Restart Apache to load changes:

service apache2 restart

Image Script

Create and edit a file called '' in /usr/local/bin. Paste the following:

$count = 0;
$pid = $$;
while (<>) {
        chomp $_;
        if ($_ =~ /(.*\.jpg)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg");
                print "$pid-$count.jpg\n";
        elsif ($_ =~ /(.*\.gif)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif");
                print "$pid-$count.gif\n";

        elsif ($_ =~ /(.*\.png)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.png", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.png");
                print "$pid-$count.png\n";

        else {
                print "$_\n";;

Change the scripts file permissions:

sudo chmod 755 /usr/local/bin/

Install mogrify, the program that flips the images. Mogrify is a part of imagemagick:

sudo apt-get install imagemagick

Note that you can change the script to blur or swirl the images instead of flipping them. Just edit the script and replace the -flip option with any valid mogrify option.

Networking Setup

Finally, run the following commands to turn your computer into a gateway and redirect traffic to the proxy:

#delete all rules
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -X

# Enable routing.
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

# Masquerade.
sudo iptables -t nat -A POSTROUTING -j MASQUERADE

# Transparent proxying
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128

You'll then need to configure your users' default gateway to point to your computer's IP address. This varies by setup so it's not detailed here.

That's it, you're done, enjoy.

Cleaning Up

You will end up with a lot of images in your /var/www/images/ directory. Simply add this to your /etc/crontab file:

*/10 * * * * proxy rm /var/www/images/*

This will clear the /var/www/images/ directory every 10 minutes.


Upside-Down-TernetHowTo (last edited 2012-02-04 15:05:33 by russelldavies)