Nyob rau hauv tsab xov xwm no kuv xav qhia txog qhov muaj peev xwm ntawm pob tshab proxying, uas tso cai rau koj hloov pauv tag nrho lossis ib feem ntawm kev khiav tsheb los ntawm cov neeg siv npe sab nraud uas tsis pom zoo los ntawm cov neeg siv khoom.
Thaum kuv pib daws qhov teeb meem no, kuv tau ntsib nrog qhov tseeb tias nws qhov kev siv tau muaj ib qho teeb meem tseem ceeb - HTTPS raws tu qauv. Nyob rau hauv cov hnub qub zoo, tsis muaj teeb meem tshwj xeeb nrog pob tshab HTTP proxying, tab sis nrog HTTPS proxying, browsers qhia cuam tshuam nrog cov txheej txheem thiab qhov ntawd yog qhov kev zoo siab xaus.
Nyob rau hauv cov lus qhia ib txwm rau Squid npe neeg rau zaub mov, lawv txawm hais tias tsim koj tus kheej daim ntawv pov thawj thiab txhim kho nws rau cov neeg siv khoom, uas yog ua tiav qhov tsis muaj tseeb, qhov tsis txaus ntseeg thiab zoo li MITM nres. Kuv paub tias Squid tuaj yeem ua ib yam dab tsi zoo sib xws, tab sis tsab xov xwm no yog hais txog kev ua pov thawj thiab ua haujlwm siv 3proxy los ntawm kev hwm 3APA3A.
Tom ntej no, peb yuav saib kom meej nyob rau hauv cov txheej txheem ntawm lub tsev 3proxy los ntawm qhov chaw, nws configuration, tag nrho thiab xaiv proxying siv NAT, channel tis rau ob peb lwm proxy servers, raws li zoo raws li kev siv ntawm ib tug router thiab zoo li qub txoj kev. Peb siv Debian 9 x64 ua OS. Pib!
Txhim kho 3proxy thiab khiav lub npe neeg rau zaub mov tsis tu ncua
1. Nruab ifconfig (los ntawm pob khoom siv net)
apt-get install net-tools
2. Nruab ib tag hmo Commander
apt-get install mc
3. Peb tam sim no muaj 2 interfaces:
enp0s3 - sab nraud, saib hauv Is Taws Nem
enp0s8 - sab hauv, yuav tsum saib mus rau hauv lub zos network
Hauv lwm qhov Debian-raws li kev faib tawm, cov kev sib tshuam feem ntau muaj npe eth0 thiab eth1.
ifconfig -a
interfacesenp0s3: chij = 4163 ib 1500
inet 192.168.23.11 netmask 255.255.255.0 tshaj tawm 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (Ethernet)
RX pob ntawv 6412 bytes 8676619 (8.2 MiB)
RX yuam kev 0 poob 0 overruns 0 ncej 0
TX packets 1726 bytes 289128 (282.3 KiB)
TX errors 0 drop 0 overruns 0 carrier 0 collisions 0
enp0s8: chij = 4098 ib 1500
ether 08:00:27:79:a7:e3 txqueuelen 1000 (Ethernet)
RX pob ntawv 0 bytes 0 (0.0 B)
RX yuam kev 0 poob 0 overruns 0 ncej 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 drop 0 overruns 0 carrier 0 collisions 0
lo: chij = 73 ib 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Local Loopback)
RX pob ntawv 0 bytes 0 (0.0 B)
RX yuam kev 0 poob 0 overruns 0 ncej 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 drop 0 overruns 0 carrier 0 collisions 0
Lub enp0s8 interface tsis siv tam sim no, peb yuav ua kom nws thaum peb xav siv Proxy NAT lossis NAT teeb tsa. Nws yog tom qab ntawd nws yuav yog qhov laj thawj los muab nws tus IP zoo li qub.
4. Cia peb pib txhim kho 3proxy
4.1 Txhim kho cov pob hauv paus rau kev sau 3proxy los ntawm qhov chaw
root@debian9:~# apt-get install build-essential libevent-dev libssl-dev -y
4.2. Cia peb tsim ib daim nplaub tshev rau rub tawm cov ntaub ntawv nrog cov peev txheej
root@debian9:~# mkdir -p /opt/proxy
4.3. Wb mus rau daim nplaub tshev no
root@debian9:~# cd /opt/proxy
4.4. Tam sim no cia peb rub tawm qhov tseeb 3proxy pob. Thaum lub sijhawm sau ntawv, qhov tseeb ruaj khov version yog 0.8.12 (18/04/2018) Download tau los ntawm official 3proxy lub vev xaib
root@debian9:/opt/proxy# wget https://github.com/z3APA3A/3proxy/archive/0.8.12.tar.gz
4.5. Cia peb unpack lub downloaded archive
root@debian9:/opt/proxy# tar zxvf 0.8.12.tar.gz
4.6. Mus rau lub unpacked directory los tsim qhov kev pab cuam
root@debian9:/opt/proxy# cd 3proxy-0.8.12
4.7. Tom ntej no, peb yuav tsum tau ntxiv ib kab rau cov ntaub ntawv header kom peb cov neeg rau zaub mov tsis qhia npe kiag li (nws ua haujlwm tiag tiag, txhua yam raug kuaj xyuas, tus neeg siv khoom IP tau muab zais)
root@debian9:/opt/proxy/3proxy-0.8.12# nano +29 src/proxy.h
Ntxiv ib kab
#define ANONYMOUS 1
Nias Ctrl + x thiab Enter kom txuag tau cov kev hloov pauv.
4.8. Cia peb pib sib dhos qhov kev pab cuam
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux
Makelogmake[2]: Tawm directory '/opt/proxy/3proxy-0.8.12/src/plugins/TransparentPlugin'
make[1]: Tawm directory '/opt/proxy/3proxy-0.8.12/src'
Tsis muaj qhov yuam kev, cia peb mus ntxiv.
4.9. Nruab qhov program ntawm qhov system
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux install
4.10. Mus rau hauv paus directory thiab xyuas qhov twg qhov kev pab cuam raug ntsia
root@debian9:/opt/proxy/3proxy-0.8.12# cd ~/
root@debian9:~# whereis 3proxy
3proxy: /usr/local/bin/3proxy /usr/local/etc/3proxy
4.11. Cia peb tsim ib daim nplaub tshev rau configuration cov ntaub ntawv thiab cav nyob rau hauv tus neeg siv lub tsev directory
root@debian9:~# mkdir -p /home/joke/proxy/logs
4.12. Mus rau cov npe uas qhov kev teeb tsa yuav tsum yog
root@debian9:~# cd /home/joke/proxy/
4.13. Tsim ib cov ntaub ntawv khoob thiab luam cov config muaj
root@debian9:/home/joke/proxy# cat > 3proxy.conf
3 proxy.confdaemon
pidfile /home/joke/proxy/3proxy.pid
npe 8.8.8.8
ib 65536
Cov neeg siv khoom kuaj: CL: 1234
Cov duab 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O%I %h %T"
tig 3
auth zog
dej ntws yaug
tso cai tester
p3128 ua
npe p8080
Txhawm rau txuag, nias Ctrl + Z
4.14 ib. Cia peb tsim cov ntaub ntawv pid kom tsis muaj qhov yuam kev thaum pib.
root@debian9:/home/joke/proxy# cat > 3proxy.pid
Txhawm rau txuag, nias Ctrl + Z
4.15. Cia peb pib lub npe server!
root@debian9:/home/joke/proxy# 3proxy /home/joke/proxy/3proxy.conf
4.16. Cia peb saib seb lub server puas mloog ntawm cov chaw nres nkoj
root@debian9:~/home/joke/proxy# netstat -nlp
netstat logActive Internet kev twb kev txuas (tsuas yog servers)
Proto Recv-Q Xa-Q Chaw Nyob Hauv Zos Chaw Nyob txawv teb chaws Lub Xeev PID/Program npe
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 504/3proxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 338/sshd
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 504/3proxy
tcp6 0 0 :::22 :::* LISTEN 338/sshd
udp 0 0 0.0.0.0:68 0.0.0.0:* 352/dhclient
Raws li nws tau sau nyob rau hauv config, lub web proxy mloog ntawm chaw nres nkoj 8080, Socks5 proxy - 3128.
4.17 ib. Txhawm rau autostart qhov kev pabcuam npe tom qab rov pib dua, koj yuav tsum ntxiv nws rau cron.
root@debian9:/home/joke/proxy# crontab -e
Ntxiv ib kab
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxy.conf
Peb nias Enter, vim cron yuav tsum pom qhov kawg ntawm kab cim, thiab txuag cov ntaub ntawv.
Yuav tsum muaj lus hais txog kev txhim kho crontab tshiab.
crontab: txhim kho crontab tshiab
4.18. Cia peb reboot lub system thiab sim txuas los ntawm browser mus rau lub npe. Txhawm rau kuaj xyuas, peb siv Firefox browser (rau lub vev xaib npe) thiab FoxyProxy add-on rau thom khwm 5 nrog kev lees paub.
root@debian9:/home/joke/proxy# reboot
4.19 ib. Tom qab kuaj xyuas cov haujlwm ntawm lub npe tom qab rov pib dua, koj tuaj yeem saib cov cav. Qhov no ua kom tiav lub npe neeg rau zaub mov teeb.
3 npe proxy1542573996.018 PROXY.8080 00000 tester 192.168.23.10:50915 217.12.15.54:443 1193 6939 0 CONNECT_ads.yahoo.com:443_HTTP/1.1.
1542574289.634 SOCK5.3128 00000 tester 192.168.23.10:51193 54.192.13.69:443 0 0 0 CONNECT_normandy.cdn.mozilla.net:443
Teeb tsa thiab khiav Transparent Proxy NAT configuration
Hauv qhov kev teeb tsa no, txhua yam khoom siv ntawm lub network sab hauv yuav pob tshab ua haujlwm hauv Is Taws Nem los ntawm cov chaw taws teeb npe neeg rau zaub mov. kiag li txhua qhov kev sib txuas TCP yuav raug xa mus rau ib lossis ntau dua (tseem nthuav dav cov channel dav, kev teeb tsa piv txwv No. 2!) cov servers npe. Qhov kev pabcuam DNS yuav siv 3proxy (dnspr) muaj peev xwm. UDP yuav tsis "tawm mus" sab nraud, vim peb tseem tsis tau siv cov txheej txheem rau pem hauv ntej (neeg xiam oob qhab los ntawm lub neej ntawd hauv Linux ntsiav).
1. Nws yog lub sij hawm los pab kom lub enp0s8 interface
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces cov ntaub ntawv# Cov ntaub ntawv no piav qhia txog kev sib txuas hauv network muaj nyob ntawm koj lub cev
# thiab yuav ua li cas qhib lawv. Yog xav paub ntxiv, saib interfaces(5).
qhov chaw /etc/network/interfaces.d/*
# Loopback network interface
nws pib lo
iface lo inet nraub qaum
# Thawj lub network interface
pub-hotplug enp0s3
iface enp0s3 inet dhcp
# Qhov thib ob network interface
pub-hotplug enp0s8
iface enp0s8 inet zoo li qub
chaw nyob 192.168.201.254
netmask 255.255.255.0
Ntawm no peb muab lub enp0s8 interface qhov chaw nyob zoo li qub 192.168.201.254 thiab daim npog qhov ncauj 255.255.255.0
Txuag lub config Ctrl + X thiab reboot
root@debian9:~# reboot
2. Xyuas cov interfaces
root@debian9:~# ifconfig
ifconfig logenp0s3: chij = 4163 ib 1500
inet 192.168.23.11 netmask 255.255.255.0 tshaj tawm 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (Ethernet)
RX pob ntawv 61 bytes 7873 (7.6 KiB)
RX yuam kev 0 poob 0 overruns 0 ncej 0
TX packets 65 bytes 10917 (10.6 KiB)
TX errors 0 drop 0 overruns 0 carrier 0 collisions 0
enp0s8: chij = 4163 ib 1500
inet 192.168.201.254 netmask 255.255.255.0 tshaj tawm 192.168.201.255
inet6 fe80::a00:27ff:fe79:a7e3 prefixlen 64 scopeid 0x20 ether 08:00:27:79:a7:e3 txqueuelen 1000 (Ethernet)
RX pob ntawv 0 bytes 0 (0.0 B)
RX yuam kev 0 poob 0 overruns 0 ncej 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 drop 0 overruns 0 carrier 0 collisions 0
lo: chij = 73 ib 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Local Loopback)
RX pob ntawv 0 bytes 0 (0.0 B)
RX yuam kev 0 poob 0 overruns 0 ncej 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 drop 0 overruns 0 carrier 0 collisions 0
3. Txhua yam ua tiav, tam sim no koj yuav tsum teeb tsa 3proxy rau pob tshab proxying.
root@debian9:~# cd /home/joke/proxy/
root@debian9:/home/joke/proxy# cat > 3proxytransp.conf
Transparent Proxy Configuration Piv txwv #1daemon
pidfile /home/joke/proxy/3proxy.pid
npe 8.8.8.8
ib 65536
Cov duab 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O%I %h %T"
tig 3
dej ntws yaug
auth iponly
dnspr ua
tso cai *
niam txiv 1000 thom khwm5 IP_ADDRESS_EXTERNAL_PROXY 3128 tester 1234
plugin /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so pob tshab_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
4. Tam sim no peb tso tawm 3proxy nrog cov teeb tsa tshiab
root@debian9:/home/joke/proxy# /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
5. Ntxiv rau crontab dua
root@debian9:/home/joke/proxy# crontab -e
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
6. Cia peb saib seb peb tus neeg sawv cev tau mloog dab tsi tam sim no
root@debian9:~# netstat -nlp
netstat logActive Internet kev twb kev txuas (tsuas yog servers)
Proto Recv-Q Xa-Q Chaw Nyob Hauv Zos Chaw Nyob txawv teb chaws Lub Xeev PID/Program npe
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 349/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* LISTEN 354/3proxy
tcp6 0 0 :::22 :::* LISTEN 349/sshd
udp 0 0 0.0.0.0:53 0.0.0.0:* 354/3proxy
udp 0 0 0.0.0.0:68 0.0.0.0:* 367/dhclient
7. Tam sim no lub npe tau npaj los lees txais txhua qhov kev sib txuas TCP ntawm chaw nres nkoj 888, DNS ntawm chaw nres nkoj 53, yog li ntawd lawv tuaj yeem xa rov qab mus rau cov chaw taws teeb socks5 npe thiab DNS Google 8.8.8.8. Txhua yam peb yuav tsum tau ua yog teeb tsa netfilter (iptables) thiab DHCP cov cai rau muab qhov chaw nyob.
8. Nruab lub iptables-persistent thiab dhcpd pob
root@debian9:~# apt-get install iptables-persistent isc-dhcp-server
9. Kho cov ntaub ntawv dhcpd pib
root@debian9:~# nano /etc/dhcp/dhcpd.conf
dhcpd.conf# dhcpd.conf ib
#
# Cov qauv teeb tsa rau ISC dhcpd
#
# kev xaiv txhais tau rau txhua lub network txhawb nqaβ¦
xaiv domain-name "example.org";
xaiv domain-name-servers ns1.example.org, ns2.example.org;
default-daim ntawv xauj tsev-lub sij hawm 600;
max-tshaj-lub sij hawm 7200;
ddns-hloov-style tsis muaj;
# Yog tias DHCP server no yog DHCP server rau hauv zos
# network, cov lus qhia kev tso cai yuav tsum tsis tau hais.
kev cai;
# Ib qho kev sib txawv me ntsis rau lub subnet sab hauv.
subnet 192.168.201.0 netmask 255.255.255.0 {
khwv tau 192.168.201.10 192.168.201.250;
xaiv domain-name-servers 192.168.201.254;
kev xaiv cov routers 192.168.201.254;
xaiv tshaj tawm-chaw nyob 192.168.201.255;
default-daim ntawv xauj tsev-lub sij hawm 600;
max-tshaj-lub sij hawm 7200;
}
11. Reboot thiab xyuas cov kev pabcuam ntawm chaw nres nkoj 67
root@debian9:~# reboot
root@debian9:~# netstat -nlp
netstat logActive Internet kev twb kev txuas (tsuas yog servers)
Proto Recv-Q Xa-Q Chaw Nyob Hauv Zos Chaw Nyob txawv teb chaws Lub Xeev PID/Program npe
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 389/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* LISTEN 310/3proxy
tcp6 0 0 :::22 :::* LISTEN 389/sshd
udp 0 0 0.0.0.0:20364 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:53 0.0.0.0:* 310/3proxy
udp 0 0 0.0.0.0:67 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:68 0.0.0.0:* 405/dhclient
udp6 0 0 :::31728 :::* 393/dhcpd
raw 0 0:0.0.0.0 1:* 0.0.0.0/dhcpd
12. Txhua yam uas tseem tshuav yog hloov pauv txhua qhov kev thov tcp mus rau qhov chaw nres nkoj 888 thiab txuag txoj cai hauv iptables
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -p tcp -j REDIRECT --to-ports 888
root@debian9:~# iptables-save > /etc/iptables/rules.v4
13. Txhawm rau nthuav cov channel bandwidth, koj tuaj yeem siv ntau lub npe servers ib zaug. Tag nrho yuav tsum yog 1000. Cov kev sib txuas tshiab tau tsim nrog qhov tshwm sim ntawm 0.2, 0.2, 0.2, 0.2, 0,1, 0,1 rau cov npe npe servers.
Nco tseg: yog tias peb muaj lub vev xaib npe, tom qab ntawd hloov cov thom khwm5 peb yuav tsum tau sau txuas, yog thom khwm4, ces thom khwm4 (socks4 TSIS TAU TXAIS LOGIN/PASSWORD AUTHORIZATION!)
Transparent Proxy Configuration Piv txwv #2daemon
pidfile /home/joke/proxy/3proxy.pid
npe 8.8.8.8
ib 65536
maxconn 500
Cov duab 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O%I %h %T"
tig 3
dej ntws yaug
auth iponly
dnspr ua
tso cai *
niam txiv 200 thom khwm5 IP_ADDRESS OF EXTERNAL_PROXY#1 3128 tester 1234
niam txiv 200 thom khwm5 IP_ADDRESS OF EXTERNAL_PROXY#2 3128 tester 1234
niam txiv 200 thom khwm5 IP_ADDRESS OF EXTERNAL_PROXY#3 3128 tester 1234
niam txiv 200 thom khwm5 IP_ADDRESS OF EXTERNAL_PROXY#4 3128 tester 1234
niam txiv 100 thom khwm5 IP_ADDRESS OF EXTERNAL_PROXY#5 3128 tester 1234
niam txiv 100 thom khwm5 IP_ADDRESS OF EXTERNAL_PROXY#6 3128 tester 1234
plugin /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so pob tshab_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
Teeb tsa thiab khiav NAT + Transparent Proxy configuration
Hauv qhov kev teeb tsa no, peb yuav siv cov txheej txheem NAT ib txwm muaj nrog kev xaiv lossis tag nrho pob tshab proxying ntawm tus kheej chaw nyob lossis subnets. Cov neeg siv network sab hauv yuav ua haujlwm nrog qee cov kev pabcuam / subnets yam tsis tau paub tias lawv ua haujlwm los ntawm lub npe. Txhua qhov kev sib txuas https ua haujlwm zoo, tsis muaj daim ntawv pov thawj yuav tsum tau tsim / hloov.
Ua ntej, cia peb txiav txim siab seb cov subnets / cov kev pabcuam twg peb xav tau npe. Cia peb xav tias cov neeg sawv cev sab nraud nyob qhov twg qhov kev pabcuam zoo li pandora.com ua haujlwm. Tam sim no nws tseem yuav txiav txim siab nws cov subnets / chaw nyob.
1. Ping
root@debian9:~# ping pandora.com
PING pandora.com (208.85.40.20) 56(84) bytes ntawm cov ntaub ntawv.
2. Ntaus BGP 208.85.40.20 rau hauv Google
Wb mus rau qhov chaw
Nws tuaj yeem pom tias lub subnet kuv tab tom nrhiav yog AS40428 Pandora Media, Inc
Qhib prefixes v4
Nov yog cov subnets xav tau!
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
199.116.164.0/24
199.116.165.0/24
208.85.40.0/24
208.85.41.0/24
208.85.42.0/23
208.85.42.0/24
208.85.43.0/24
208.85.44.0/24
208.85.46.0/23
208.85.46.0/24
208.85.47.0/24
3. Txhawm rau txo cov subnets, koj yuav tsum ua kom muaj kev sib sau ua ke. Mus rau ntawm qhov chaw thiab luam peb daim ntawv teev npe nyob ntawd. Raws li qhov tshwm sim - 6 subnets tsis yog 14.
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
208.85.40.0/22
208.85.44.0/24
208.85.46.0/23
4. Clear iptables cov cai
root@debian9:~# iptables -F
root@debian9:~# iptables -X
root@debian9:~# iptables -t nat -F
root@debian9:~# iptables -t nat -X
Pab txhawb rau pem hauv ntej thiab NAT mechanism
root@debian9:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@debian9:~# iptables -A FORWARD -i enp0s3 -o enp0s8 -j ACCEPT
root@debian9:~# iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
root@debian9:~# iptables -t nat -A POSTROUTING -o enp0s3 -s 192.168.201.0/24 -j MASQUERADE
Nyob rau hauv thiaj li rau pem hauv ntej kom enabled mus tas li tom qab reboot, peb yuav hloov cov ntaub ntawv
root@debian9:~# nano /etc/sysctl.conf
Thiab uncomment tus kab
net.ipv4.ip_forward = 1
Ctrl + X kom txuag tau cov ntaub ntawv
5. Peb qhwv pandora.com subnets hauv lub npe
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
6. Cia peb ua raws li txoj cai
root@debian9:~# iptables-save > /etc/iptables/rules.v4
Teeb tsa thiab khiav Transparent Proxy ntawm router configuration
Hauv qhov kev teeb tsa no, pob tshab neeg rau zaub mov tuaj yeem yog lub PC cais lossis lub tshuab virtual tom qab lub tsev / tuam txhab router. Nws yog txaus los sau npe cov kev zoo li qub rau ntawm lub router lossis cov khoom siv thiab tag nrho cov subnet yuav siv lub npe tsis tas yuav muaj kev teeb tsa ntxiv.
TSEEM CEEB! Nws yog ib qho tsim nyog uas peb lub rooj vag tau txais tus IP zoo li qub los ntawm lub router, lossis raug teeb tsa kom zoo li qub.
1. Kho qhov chaw nyob qhov rooj zoo li qub (enp0s3 adapter)
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces cov ntaub ntawv# Cov ntaub ntawv no piav qhia txog kev sib txuas hauv network muaj nyob ntawm koj lub cev
# thiab yuav ua li cas qhib lawv. Yog xav paub ntxiv, saib interfaces(5).
qhov chaw /etc/network/interfaces.d/*
# Loopback network interface
nws pib lo
iface lo inet nraub qaum
# Thawj lub network interface
pub-hotplug enp0s3
iface enp0s3 inet zoo li qub
chaw nyob 192.168.23.2
netmask 255.255.255.0
rooj vag 192.168.23.254
# Qhov thib ob network interface
pub-hotplug enp0s8
iface enp0s8 inet zoo li qub
chaw nyob 192.168.201.254
netmask 255.255.255.0
2. Tso cai rau cov khoom siv los ntawm 192.168.23.0/24 subnet siv proxying
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.23.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
3. Cia peb ua raws li txoj cai
root@debian9:~# iptables-save > /etc/iptables/rules.v4
4. Wb sau subnets ntawm lub router
Router network lis199.116.161.0 255.255.255.0 192.168.23.2
199.116.162.0 255.255.255.0 192.168.23.2
199.116.164.0 255.255.254.0 192.168.23.2
208.85.40.0 255.255.252.0 192.168.23.2
208.85.44.0 255.255.255.0 192.168.23.2
208.85.46.0 255.255.254.0 192.168.23.2
Cov ntaub ntawv / cov ntaub ntawv siv
1. Lub vev xaib official ntawm 3proxy program
2. Cov lus qhia rau kev txhim kho 3proxy los ntawm qhov chaw
3. 3proxy txoj kev loj hlob ceg ntawm GitHub
Tau qhov twg los: www.hab.com