zoukankan      html  css  js  c++  java

  • centos7 最小安装后,编译配置redsocks

    前期准备

    yum update 
yum install git
yum group install "Development Tools"	
yum install libevent libevent-devel

    拉代码编译

    git clone https://github.com/darkk/redsocks
cd redsocks
make
cp redsocks /usr/bin/redsocks #放到$PATH里

    添加iptable规则

    iptables -t nat -N REDSOCKS #在nat表里创建一个REDSOCKS的链

#不需要重定向的规则
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN

#重写向规则 12345是REDSOCKS默认的端口
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345

#出去的流量重定向
iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDSOCKS
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDSOCKS

#目标地址转换(DNAT)流量重定向
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDSOCKS
iptables -t nat -A PREROUTING -p tcp --dport 1080 -j REDSOCKS

#可选 重定向crosp用户的tcp流量 
#iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner crosp -j REDSOCKS

#查看链nat表中的链
iptables -L -t nat

    在redsocks 目录创建 redsocks.config

    base {
 log_debug = on;
 log_info = on;
 log = "stderr";
 daemon = off;
 redirector = iptables;
}

redsocks {
    // Local IP listen to
    local_ip = 127.0.0.1;
    // Port to listen to
    local_port = 12345;
    // Remote proxy address
    ip = 192.168.1.106;
    port = 1080;
    // Proxy type
    //socks4, socks5, http-connect, http-relay
    type = socks5;
    // Username to authorize on proxy server
    //login = anonymous;
    // Password for a proxy user
    //password = verystrongpassword;
    // Do not disclose real IP
    disclose_src = false;
}

    测试

    启动redsocks

    ./redsocks -c ./redsocks.conf

    关闭

    关闭重定把这个规则修改成RETURN就行了,下次要使用再换回REDIRECT --to-ports 12345

    iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345

    查一下序号

    iptables -L -n --line-number -t nat


    iptables -R REDSOCKS 9 -j RETURN  -t nat

    下次换回来就

    iptables -R REDSOCKS 9 -p tcp  -j REDIRECT --to-ports 12345  -t nat
  • 相关阅读:
    echarts之tooltip
    js随笔
    在wex5平台grid显示问题
    JSON.parse()和JSON.stringify()区别
    在wex5平台grid里面的gridselect下拉不能显示汉字问题
    wex5平台放入tabs组件后运行时显示空白
    正整数求n不用sqrt
    leetcode1143最长公共子序列
    美团Java一面(2020.3.19)
    leetcode138. 复制带随机指针的链表
  • 原文地址:https://www.cnblogs.com/nocanstillbb/p/12100852.html
Copyright © 2011-2022 走看看