N'isiokwu a, ọ ga-amasị m ikpughe ohere nke proxying transperent, nke na-enye gị ohere ịmegharị ihe niile ma ọ bụ akụkụ nke okporo ụzọ site na sava proxy mpụga nke ndị ahịa na-ahụghị ya.
Mgbe m malitere idozi nsogbu a, enwere m ihu n'eziokwu na mmejuputa ya nwere otu nsogbu dị mkpa - HTTPS protocol. N'oge ochie, enweghị nsogbu pụrụ iche na proxying HTTP transperent, mana na HTTPS proxying, ihe nchọgharị na-akọ nnyonye anya na protocol na nke ahụ bụ ebe obi ụtọ na-akwụsị.
N'ime ntuziaka a na-ahụkarị maka ihe nkesa proxy Squid, ha na-atụ aro ka ịmepụta asambodo nke gị ma wụnye ya na ndị ahịa, nke bụ nzuzu zuru oke ma ọ dịkarịa ala, enweghị isi ma yie ọgụ MITM. Amaara m na Squid nwere ike ime ihe yiri nke ahụ, mana akụkọ a bụ maka usoro egosipụtara na arụ ọrụ site na iji 3proxy sitere na 3APA3A a na-akwanyere ùgwù.
Ọzọ, anyị ga-eleba anya n'ụzọ zuru ezu na usoro nke ịmepụta 3proxy site na isi iyi, nhazi ya, proxying zuru ezu na nhọrọ site na iji NAT, nkesa ọwa na ọtụtụ sava proxy mpụga, yana iji rawụta na ụzọ static. Anyị na-eji Debian 9 x64 dị ka OS. Malite!
Ịwụnye 3proxy ma na-arụ ọrụ nkesa proxy oge niile
1. Wụnye ifconfig (site na ngwugwu net-tools)
apt-get install net-tools
2. Wụnye ọchịagha etiti abalị
apt-get install mc
3. Anyị nwere ugbu a 2 interfaces:
enp0s3 - mpụga, na-ele anya na ịntanetị
enp0s8 - esịtidem, ga-eleba anya na netwọk mpaghara
Na nkesa ndị ọzọ dabere na Debian, a na-akpọkarị ihu ihu eth0 na eth1.
ifconfig -a
ihuenp0s3: ọkọlọtọ = 4163 afọ 1500
inet 192.168.23.11 netmask 255.255.255.0 mgbasa ozi 192.168.23.255
inet6 fe80:: a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (Ethernet)
Ihe ngwugwu RX 6412 bytes 8676619 (8.2 MiB)
Njehie RX 0 kwụsịrị 0 overruns 0 frame 0
ngwugwu TX 1726 bytes 289128 (282.3 KiB)
Njehie TX 0 gbadara 0 overruns 0 ebu 0 ọgụ 0
enp0s8: ọkọlọtọ=4098 afọ 1500
ether 08:00:27:79:a7:e3 txqueuelen 1000 (Ethernet)
Ihe ngwugwu RX 0 bytes 0 (0.0 B)
Njehie RX 0 kwụsịrị 0 overruns 0 frame 0
ngwugwu TX 0 bytes 0 (0.0 B)
Njehie TX 0 gbadara 0 overruns 0 ebu 0 ọgụ 0
lee: ọkọlọtọ=73 nke 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: 1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Local Loopback)
Ihe ngwugwu RX 0 bytes 0 (0.0 B)
Njehie RX 0 kwụsịrị 0 overruns 0 frame 0
ngwugwu TX 0 bytes 0 (0.0 B)
Njehie TX 0 gbadara 0 overruns 0 ebu 0 ọgụ 0
The enp0s8 interface adịghị ugbu a, anyị ga-enyere ya mgbe anyị chọrọ iji Proxy NAT ma ọ bụ NAT nhazi. Ọ bụ mgbe ahụ ka ọ ga-abụ ihe ezi uche dị na ya ịnye ya IP static.
4. Ka anyị malite ịwụnye 3proxy
4.1 Ịwụnye ngwugwu bụ isi maka ịchịkọta 3proxy site na isi mmalite
root@debian9:~# apt-get install build-essential libevent-dev libssl-dev -y
4.2. Ka anyị mepụta nchekwa maka nbudata ebe nchekwa ahụ nwere isi mmalite
root@debian9:~# mkdir -p /opt/proxy
4.3. Ka anyị gaa na folda a
root@debian9:~# cd /opt/proxy
4.4. Ugbu a, ka anyị budata ngwungwu 3proxy kacha ọhụrụ. N'oge edere, ụdị kwụsiri ike kachasị ọhụrụ bụ 0.8.12 (18/04/2018) Budata ya na webụsaịtị 3proxy gọọmentị.
root@debian9:/opt/proxy# wget https://github.com/z3APA3A/3proxy/archive/0.8.12.tar.gz
4.5. Ka anyị bupụ ihe ndekọ ebudatara
root@debian9:/opt/proxy# tar zxvf 0.8.12.tar.gz
4.6. Gaa na ndekọ na-enweghị ngwugwu iji wuo mmemme
root@debian9:/opt/proxy# cd 3proxy-0.8.12
4.7. Ọzọ, anyị kwesịrị ịgbakwunye ahịrị na faịlụ nkụnye eji isi mee ka ihe nkesa anyị wee bụrụ onye a na-amaghị aha (ọ na-arụ ọrụ n'ezie, a na-enyocha ihe niile, ezoro ezo IP ndị ahịa)
root@debian9:/opt/proxy/3proxy-0.8.12# nano +29 src/proxy.h
Tinye ahịrị
#define ANONYMOUS 1
Pịa Ctrl+x na Tinye ka ịchekwaa mgbanwe ndị a.
4.8. Ka anyị malite ịgbakọta mmemme
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux
Makelogmee [2]: Hapụ ndekọ '/opt/proxy/3proxy-0.8.12/src/plugins/TransparentPlugin'
mee [1]: Hapụ ndekọ '/opt/proxy/3proxy-0.8.12/src'
Enweghị mperi, ka anyị gaa n'ihu.
4.9. Wụnye mmemme na sistemụ
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux install
4.10. Gaa na ndekọ mgbọrọgwụ wee lelee ebe etinyere mmemme ahụ
root@debian9:/opt/proxy/3proxy-0.8.12# cd ~/
root@debian9:~# whereis 3proxy
3proxy: /usr/local/bin/3proxy/usr/local/etc/3proxy
4.11. Ka anyị mepụta folda maka faịlụ nhazi yana ndekọ na ndekọ ụlọ onye ọrụ
root@debian9:~# mkdir -p /home/joke/proxy/logs
4.12. Gaa na ndekọ ebe nhazi kwesịrị ịdị
root@debian9:~# cd /home/joke/proxy/
4.13. Mepụta faịlụ efu wee detuo nhazi ebe ahụ
root@debian9:/home/joke/proxy# cat > 3proxy.conf
3proxy.confdaemon
pidfile /home/joke/proxy/3proxy.pid
ihe nkesa 8.8.8.8
nscache 65536
onye nnwale:CL:1234
oge nkwụsị 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.% %N.%p %E %U %C:%c %R:%r %O %I %h %T"
bugharia 3
aut ike
iwepụ
ekwe tester
sọks -p3128
proxy -p8080
Ka ịchekwaa, pịa Ctrl + Z
4.14. Ka anyị mepụta faịlụ pid ka enweghị njehie n'oge mmalite.
root@debian9:/home/joke/proxy# cat > 3proxy.pid
Ka ịchekwaa, pịa Ctrl + Z
4.15. Ka anyị malite ihe nkesa proxy!
root@debian9:/home/joke/proxy# 3proxy /home/joke/proxy/3proxy.conf
4.16. Ka anyị hụ ma ihe nkesa na-ege ntị na ọdụ ụgbọ mmiri
root@debian9:~/home/joke/proxy# netstat -nlp
netstat ndekọNjikọ ịntanetị na-arụ ọrụ (naanị sava)
Proto Recv-Q Send-Q Adreesị mpaghara Adreesị mba ofesi steeti PID/aha mmemme
tcp 0 0 0.0.0.0:8080 0.0.0.0:* Ntị 504/3 proxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* Ntị 338/sshd
tcp 0 0 0.0.0.0:3128 0.0.0.0:* Ntị 504/3 proxy
tcp6 0 0 :::22 :::* Ntị 338/sshd
udp 0 0 0.0.0.0:68 0.0.0.0:* 352/dh ahịa
Dịka edere ya na nhazi ahụ, proxy webụ anyị na-ege ọdụ ụgbọ mmiri 8080, proxy Socks5 na-ege ntị ọdụ ụgbọ mmiri 3128.
4.17. Iji malite ọrụ proxy na-akpaghị aka ka ịmalitegharịa, ịkwesịrị ịgbakwunye ya na cron.
root@debian9:/home/joke/proxy# crontab -e
Tinye ahịrị
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxy.conf
Anyị pịa Tinye, ebe ọ bụ na cron kwesịrị ịhụ njedebe nke akara ahịrị, wee chekwaa faịlụ ahụ.
Ekwesịrị inwe ozi gbasara ịwụnye crontab ọhụrụ.
crontab: ịwụnye crontab ọhụrụ
4.18. Ka anyị malitegharịa usoro ma gbalịa jikọọ site na ihe nchọgharị ahụ na proxy. Iji lelee, anyị na-eji ihe nchọgharị Firefox (maka onye nnọchiteanya webụ) yana mgbakwunye FoxyProxy maka sọks5 nwere nyocha.
root@debian9:/home/joke/proxy# reboot
4.19. Mgbe ịlele ọrụ nke proxy mgbe reboot, ị nwere ike ịlele ndekọ. Nke a na-emecha nhazi ihe nkesa proxy.
3 ndekọ proxy1542573996.018 PROXY.8080 00000 tester 192.168.23.10:50915 217.12.15.54:443 1193 6939 0 CONNECT_Ads.yahoo.com:443.
1542574289.634 SOCK5.3128 00000 nwale 192.168.23.10:51193 54.192.13.69:443 0 0 0 CONNECT_normandy.cdn.mozilla.net:443
Ịtọlite ma na-agba ọsọ Transparent Proxy NAT nhazi
Na nhazi a, ngwaọrụ niile dị na netwọkụ dị n'ime ga-arụ ọrụ nke ọma na ịntanetị site na sava proxy dịpụrụ adịpụ. A ga-ebugharị njikọ TCP niile na otu ma ọ bụ karịa (na-agbasawanye obosara ọwa, ihe atụ nhazi No. 2!) sava proxy. Ọrụ DNS ga-eji ike 3proxy (dnspr). UDP agaghị 'apụ' apụ, ebe ọ bụ na anyị ejibeghị usoro mbugharị (nwere nkwarụ na ndabara na Linux kernel).
1. Ọ bụ oge na-enyere ndị enp0s8 interface
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces faịlụ# Faịlụ a na-akọwa ọnụọgụ netwọkụ dị na sistemụ gị
# na otu esi agbalite ha. Maka ozi ndị ọzọ, lee interfaces(5).
isi iyi /etc/network/interfaces.d/*
# interface netwọk loopback
ụgbọala ya
iface lo inet loopback
# Ihe ntanetị netwọkụ mbụ
ekwe-hotplug enp0s3
iface enp0s3 inet dhcp
# interface netwọkụ nke abụọ
ekwe-hotplug enp0s8
iface enp0s8 inet static
Adreesị 192.168.201.254
netmask 255.255.255.0
N'ebe a, anyị kenyere enp0s8 interface adreesị static 192.168.201.254 na nkpuchi 255.255.255.0
Chekwaa config Ctrl + X wee malitegharịa
root@debian9:~# reboot
2. Atule interfaces
root@debian9:~# ifconfig
Ifconfig logenp0s3: ọkọlọtọ = 4163 afọ 1500
inet 192.168.23.11 netmask 255.255.255.0 mgbasa ozi 192.168.23.255
inet6 fe80:: a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (Ethernet)
Ihe ngwugwu RX 61 bytes 7873 (7.6 KiB)
Njehie RX 0 kwụsịrị 0 overruns 0 frame 0
ngwugwu TX 65 bytes 10917 (10.6 KiB)
Njehie TX 0 gbadara 0 overruns 0 ebu 0 ọgụ 0
enp0s8: ọkọlọtọ = 4163 afọ 1500
inet 192.168.201.254 netmask 255.255.255.0 mgbasa ozi 192.168.201.255
inet6 fe80:: a00:27ff:fe79:a7e3 prefixlen 64 scopeid 0x20 ether 08:00:27:79:a7:e3 txqueuelen 1000 (Ethernet)
Ihe ngwugwu RX 0 bytes 0 (0.0 B)
Njehie RX 0 kwụsịrị 0 overruns 0 frame 0
ngwugwu TX 8 bytes 648 (648.0 B)
Njehie TX 0 gbadara 0 overruns 0 ebu 0 ọgụ 0
lee: ọkọlọtọ=73 nke 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: 1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Local Loopback)
Ihe ngwugwu RX 0 bytes 0 (0.0 B)
Njehie RX 0 kwụsịrị 0 overruns 0 frame 0
ngwugwu TX 0 bytes 0 (0.0 B)
Njehie TX 0 gbadara 0 overruns 0 ebu 0 ọgụ 0
3. Ihe niile na-arụ ọrụ, ugbu a ịkwesịrị ịhazi 3proxy maka proxying transperent.
root@debian9:~# cd /home/joke/proxy/
root@debian9:/home/joke/proxy# cat > 3proxytransp.conf
Nhazi ihe atụ nke sava proxy transperent No. 1daemon
pidfile /home/joke/proxy/3proxy.pid
ihe nkesa 8.8.8.8
nscache 65536
oge nkwụsị 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.% %N.%p %E %U %C:%c %R:%r %O %I %h %T"
bugharia 3
iwepụ
auth iPodly
dnspr
kwe*
nne na nna 1000 socks5 IP_ADDRESS OF EXTERNAL_PROXY 3128 tester 1234
plugin /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
4. Ugbu a, anyị na-amalite 3proxy na ọhụrụ config
root@debian9:/home/joke/proxy# /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
5. Tinye na crontab ọzọ
root@debian9:/home/joke/proxy# crontab -e
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
6. Ka anyị hụ ihe proxy anyị na-ege ugbu a
root@debian9:~# netstat -nlp
netstat ndekọNjikọ ịntanetị na-arụ ọrụ (naanị sava)
Proto Recv-Q Send-Q Adreesị mpaghara Adreesị mba ofesi steeti PID/aha mmemme
tcp 0 0 0.0.0.0:22 0.0.0.0:* Ntị 349/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* Ntị 354/3 proxy
tcp6 0 0 :::22 :::* Ntị 349/sshd
udp 0 0 0.0.0.0:53 0.0.0.0:* 354/3 proxy
udp 0 0 0.0.0.0:68 0.0.0.0:* 367/dh ahịa
7. Ugbu a proxy dị njikere ịnakwere njikọ TCP ọ bụla na ọdụ ụgbọ mmiri 888, DNS na ọdụ ụgbọ mmiri 53, ka ha wee nwee ike ibugharị ya na socks5 proxy na DNS Google 8.8.8.8. Naanị ihe anyị ga-eme bụ ịhazi netfilter (iptables) na iwu DHCP maka ịnye adreesị.
8. Wụnye ngwugwu iptables-na-adịgide adịgide na dhcpd
root@debian9:~# apt-get install iptables-persistent isc-dhcp-server
9. Dezie faịlụ mmalite dcpd
root@debian9:~# nano /etc/dhcp/dhcpd.conf
dhcpd.conf#dhcpd.conf
#
# Faịlụ nhazi ihe nlele maka ISC dhcpd
#
Nkọwa # nhọrọ a na-ahụkarị na netwọkụ niile akwadoro…
ngalaba-aha nhọrọ "example.org";
nhọrọ ngalaba-aha-sava ns1.example.org, ns2.example.org;
ndabara-mgbazinye-oge 600;
max-lease-oge 7200;
ddns-mmelite-ụdị ọ nweghị;
# Ọ bụrụ na ihe nkesa DHCP a bụ sava DHCP gọọmentị maka ndị obodo
# netwọkụ, ntuziaka ikike kwesịrị enweghị nkọwa.
ikike;
# Nhazi dịtụ iche maka subnet dị n'ime.
subnet 192.168.201.0 netmask 255.255.255.0 {
dị nso 192.168.201.10 192.168.201.250;
nhọrọ ngalaba-aha-sava 192.168.201.254;
nhọrọ routers 192.168.201.254;
nhọrọ mgbasa ozi-adreesị 192.168.201.255;
ndabara-mgbazinye-oge 600;
max-lease-oge 7200;
}
11. Malitegharịa ma lelee ọrụ na ọdụ ụgbọ mmiri 67
root@debian9:~# reboot
root@debian9:~# netstat -nlp
netstat ndekọNjikọ ịntanetị na-arụ ọrụ (naanị sava)
Proto Recv-Q Send-Q Adreesị mpaghara Adreesị mba ofesi steeti PID/aha mmemme
tcp 0 0 0.0.0.0:22 0.0.0.0:* Ntị 389/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* Ntị 310/3 proxy
tcp6 0 0 :::22 :::* Ntị 389/sshd
udp 0 0 0.0.0.0:20364 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:53 0.0.0.0:* 310/3 proxy
udp 0 0 0.0.0.0:67 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:68 0.0.0.0:* 405/dh ahịa
udp6 0 0 :::31728 ::* 393/dhcpd
raw 0 0 0.0.0.0:1 0.0.0.0:* 393/dhcpd
12. Naanị ihe fọdụrụ bụ ịtụgharị arịrịọ tcp niile na ọdụ ụgbọ mmiri 888 wee chekwaa iwu na iptables.
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -p tcp -j REDIRECT --to-ports 888
root@debian9:~# iptables-save > /etc/iptables/rules.v4
13. Iji gbasaa bandwidth ọwa, ị nwere ike iji ọtụtụ sava proxy n'otu oge. Ngụkọta ahụ ga-abụrịrị 1000. Ejikọtara njikọ ọhụrụ na ihe gbasara 0.2, 0.2, 0.2, 0.2, 0,1, 0,1 na sava proxy akọwapụtara.
Mara: ọ bụrụ na anyị nwere proxy webụ, yabụ kama socks5 anyị kwesịrị ide njikọ, ọ bụrụ socks4, wee socks4 (socks4 anaghị akwado ikike ịbanye/Password!)
Nhazi ihe atụ nke sava proxy transperent No. 2daemon
pidfile /home/joke/proxy/3proxy.pid
ihe nkesa 8.8.8.8
nscache 65536
maxconn 500
oge nkwụsị 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.% %N.%p %E %U %C:%c %R:%r %O %I %h %T"
bugharia 3
iwepụ
auth iPodly
dnspr
kwe*
nne na nna 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#1 3128 tester 1234
nne na nna 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#2 3128 tester 1234
nne na nna 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#3 3128 tester 1234
nne na nna 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#4 3128 tester 1234
nne na nna 100 socks5 IP_ADDRESS_EXTERNAL_PROXY#5 3128 tester 1234
nne na nna 100 socks5 IP_ADDRESS_EXTERNAL_PROXY#6 3128 tester 1234
plugin /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
Ịtọlite ma na-arụ ọrụ NAT + Transparent Proxy nhazi
N'ime nhazi a, anyị ga-eji usoro NAT a na-emebu site na ịhọrọ ma ọ bụ n'ụzọ zuru ezu proxying nke adreesị onye ọ bụla ma ọ bụ subnets. Ndị ọrụ netwọkụ dị n'ime ga-eji ụfọdụ ọrụ/subnet rụọ ọrụ n'amaghị na ha na-arụ ọrụ site na proxy. Njikọ https niile na-arụ ọrụ nke ọma, ọ nweghị asambodo achọrọ ka ewepụta/ dochie.
Nke mbụ, ka anyị kpebie subnets/ọrụ anyị chọrọ proxy. Ka anyị were na proxies mpụga dị ebe ọrụ dịka pandora.com na-arụ ọrụ. Ugbu a ọ ka dị iji chọpụta subnets/adreesị ya.
1. Ping
root@debian9:~# ping pandora.com
PING pandora.com (208.85.40.20) 56 (84) octets nke data.
2. Pịnye BGP 208.85.40.20 n'ime Google
Ka anyị gaa na saịtị ahụ
Enwere ike ịhụ na subnet m na-achọ bụ AS40428 Pandora Media, Inc
Na-emepe prefixes v4
Nke a bụ subnets achọrọ!
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
199.116.164.0/24
199.116.165.0/24
208.85.40.0/24
208.85.41.0/24
208.85.42.0/23
208.85.42.0/24
208.85.43.0/24
208.85.44.0/24
208.85.46.0/23
208.85.46.0/24
208.85.47.0/24
3. Iji belata ọnụ ọgụgụ nke subnets, ịkwesịrị ịme nchịkọta. Gaa na saịtị ahụ ma detuo ndepụta anyị ebe ahụ. N'ihi ya - 6 subnets kama 14.
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
208.85.40.0/22
208.85.44.0/24
208.85.46.0/23
4. Kọwaa iwu iptables
root@debian9:~# iptables -F
root@debian9:~# iptables -X
root@debian9:~# iptables -t nat -F
root@debian9:~# iptables -t nat -X
Kwado usoro mbugharị na NAT
root@debian9:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@debian9:~# iptables -A FORWARD -i enp0s3 -o enp0s8 -j ACCEPT
root@debian9:~# iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
root@debian9:~# iptables -t nat -A POSTROUTING -o enp0s3 -s 192.168.201.0/24 -j MASQUERADE
Iji hụ na agbanyere mbugharị ahụ kpamkpam ka ịmalitegharịa, ka anyị gbanwee faịlụ ahụ
root@debian9:~# nano /etc/sysctl.conf
Na uncomment akara
net.ipv4.ip_forward = 1
Ctrl + X ka ịchekwaa faịlụ ahụ
5. Anyị kechie subnets pandora.com na proxy
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
6. Ka anyị dobe iwu
root@debian9:~# iptables-save > /etc/iptables/rules.v4
Ịtọlite ma na-agba ọsọ Proxy Transparent site na nhazi rawụta
Na nhazi a, ihe nkesa proxy na-ahụ anya nwere ike ịbụ PC dị iche ma ọ bụ igwe mebere n'azụ rawụta ụlọ / ụlọ ọrụ. O zuru ezu ịdebanye aha static ụzọ na rawụta ma ọ bụ ngwaọrụ na dum subnet ga-eji a proxy na-enweghị mkpa ọ bụla ọzọ ntọala.
Ọ dị mkpa! Ọ dị mkpa na ọnụ ụzọ ámá anyị na-enweta IP static site na rawụta, ma ọ bụ ahaziri ka ọ bụrụ static n'onwe ya.
1. Hazie adreesị ọnụ ụzọ ámá static (ihe nkwụnye enp0s3)
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces faịlụ# Faịlụ a na-akọwa ọnụọgụ netwọkụ dị na sistemụ gị
# na otu esi agbalite ha. Maka ozi ndị ọzọ, lee interfaces(5).
isi iyi /etc/network/interfaces.d/*
# interface netwọk loopback
ụgbọala ya
iface lo inet loopback
# Ihe ntanetị netwọkụ mbụ
ekwe-hotplug enp0s3
iface enp0s3 inet static
Adreesị 192.168.23.2
netmask 255.255.255.0
ọnụ ụzọ ámá 192.168.23.254
# interface netwọkụ nke abụọ
ekwe-hotplug enp0s8
iface enp0s8 inet static
Adreesị 192.168.201.254
netmask 255.255.255.0
2. Kwe ka ngwaọrụ sitere na subnet 192.168.23.0/24 jiri proxying
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.23.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
3. Ka anyị dobe iwu
root@debian9:~# iptables-save > /etc/iptables/rules.v4
4. Ka anyị debanye aha subnets na rawụta
Ndepụta netwọk router199.116.161.0 255.255.255.0 192.168.23.2
199.116.162.0 255.255.255.0 192.168.23.2
199.116.164.0 255.255.254.0 192.168.23.2
208.85.40.0 255.255.252.0 192.168.23.2
208.85.44.0 255.255.255.0 192.168.23.2
208.85.46.0 255.255.254.0 192.168.23.2
Akụrụngwa/akụrụngwa ejiri
1. Ebe nrụọrụ weebụ gọọmentị nke mmemme 3proxy
2. Ntuziaka maka ịwụnye 3proxy site na isi iyi
3. Alaka mmepe proxy na GitHub
isi: www.habr.com