zoukankan      html  css  js  c++  java

  • 搭建redsocks 测试环境

    1. 先来谈谈pc的测试环境

    socks5代理,因为要在centos下设置,没有yum到socks, 就安装ss5,wget http://jaist.dl.sourceforge.net/project/ss5/ss5/3.8.9-8/ss5-3.8.9-8.tar.gz,参考这个网页解决:https://blog.csdn.net/zjiang1994/article/details/74925039。然后解压,./configure && make install

    chmod a+x /etc/init.d/ss5
    service ss5 start

    vim /etc/opt/ss5/ss5.conf,把这两处的注释打开(就是auth,permit这两行)

    测试,用mac的safari,把代理socks选上,填上centos的地址,端口号填上1080。测试下是否work。

    版主总结了下命令集:

    yum install gcc openldap-devel pam-devel openssl-devel
    wget http://jaist.dl.sourceforge.net/project/ss5/ss5/3.8.9-8/ss5-3.8.9-8.tar.gz
    tar -vzx -f ss5-3.8.9-8.tar.gz
    cd ss5-3.8.9/
    ./configure
    make
    make install
    chmod a+x /etc/init.d/ss5
    service ss5 start
    vim /etc/opt/ss5/ss5.conf
    # 修改配置文件 service ss5 restart

    其次是redsocks的配置,用缺省的example,改名为my.conf,

    redsocks {
    /* `local_ip' defaults to 127.0.0.1 for security reasons,
    * use 0.0.0.0 if you want to listen on every interface.
    * `local_*' are used as port to redirect to.
    */
    local_ip = 127.0.0.1;
    local_port = 1080;

    // listen() queue length. Default value is SOMAXCONN and it should be
    // good enough for most of us.
    // listenq = 128; // SOMAXCONN equals 128 on my Linux box.

    // `max_accept_backoff` is a delay to retry `accept()` after accept
    // failure (e.g. due to lack of file descriptors). It's measured in
    // milliseconds and maximal value is 65535. `min_accept_backoff` is
    // used as initial backoff value and as a damper for `accept() after
    // close()` logic.
    // min_accept_backoff = 100;
    // max_accept_backoff = 60000;

    // `ip' and `port' are IP and tcp-port of proxy-server
    // You can also use hostname instead of IP, only one (random)
    // address of multihomed host will be used.
    // The two fields are meaningless when proxy type is 'direct'.
    ip = 192.168.1.108;
    port = 1080;

    剩下的udp和socks5的都给删掉。我们只需要tcp代理。

    iptables文件内容是:

    sudo iptables -t nat -A OUTPUT -d 192.168.1.108 -j RETURN

    sudo iptables -t nat -A OUTPUT -d 10.0.0.0/8 -j RETURN
    sudo iptables -t nat -A OUTPUT -d 172.16.0.0/16 -j RETURN
    sudo iptables -t nat -A OUTPUT -d 192.168.0.0/16 -j RETURN

    sudo iptables -t nat -A OUTPUT -d 127.0.0.0/8 -j RETURN

    sudo iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-ports 1080

    iptables -t nat -F, 是清除所有的设置;

    iptables -t nat -L, 是列表显示目前的设置。

    实际上localpot用1080不合适,应该选用个别的值,比如1081。 

    iptables内容,把对1080的输出都给return掉,本地output出去的redirect到端口,1080上,而redsocks配置文件监听的就是这个端口。

    redsocks配置主要是参考这个链接来做的:http://www.right.com.cn/forum/thread-138122-1-1.html
  • 相关阅读:
    centos7上以RPM方式安装MySQL5.6
    区别和详解:jQuery extend()和jQuery.fn.extend()
    jQuery笔记总结
    CSS Hack的一些知识
    12种不宜使用的javascript的语法
    64位Win7系统下vs2010调试无法连接oracle解决办法
    HashCode()与equals()深入理解
    Java ArrayList自动扩容机制
    Java基础知识
    MySQL的MVCC机制
  • 原文地址:https://www.cnblogs.com/tangxiaosheng/p/9202746.html
Copyright © 2011-2022 走看看