Ruo otu afọ (ma ọ bụ abụọ) akwụsịla m ibipụta akụkọ a maka isi ihe kpatara ya - ebipụtala m akụkọ abụọ nke m kọwara usoro nke ịmepụta rawụta na SOCKS site na laptọọpụ nkịtị na Debian.
Agbanyeghị, kemgbe ahụ emelitere ụdị Debian kwụsiri ike na Buster, ọnụọgụ mmadụ zuru ezu akpọtụrụ m na nzuzo na-arịọ maka enyemaka na nhazi ahụ, nke pụtara na akụkọ m gara aga anaghị agwụ agwụ. Ọ dị mma, mụ onwe m chere na ụzọ ndị akọwapụtara n'ime ha anaghị ekpughe nke ọma mgbagwoju anya nke ịtọlite Linux maka ịgbagharị na SOCKS. Na mgbakwunye, edere ha maka Debian Stretch, na mgbe emelitechara na Buster, na sistemụ init sistemu, achọpụtara m obere mgbanwe na mmekọrịta nke ọrụ. Na n'ime isiokwu ndị ahụ n'onwe ha, ejighị m systemd-networkd, ọ bụ ezie na ọ kacha mma maka nhazi netwọk dị mgbagwoju anya.
Na mgbakwunye na mgbanwe ndị a dị n'elu, agbakwunyere ọrụ ndị a na nhazi m: nnabata - ọrụ maka ohere ohere virtualization, ntp iji mekọrịta oge nke ndị ahịa netwọkụ mpaghara, dnscrypt-proxy iji zoo njikọ site na DNS wee gbanyụọ mgbasa ozi na ndị ahịa netwọkụ mpaghara, yana kwa, dịka m kwuru na mbụ, sistemu-netwọk maka configuring netwọk interfaces.
Nke a bụ eserese ngọngọ dị mfe nke usoro ime nke rawụta dị otú ahụ.
Yabụ, ka m chetara gị ihe ebumnuche nke usoro isiokwu a bụ:
Megharịa njikọ OS niile na SOCKS, yana njikọ sitere na ngwaọrụ niile dị n'otu netwọkụ dị na laptọọpụ.
Laptọọpụ n'ọnọdụ m kwesịrị ịdị na-agagharị kpamkpam. Ya bụ, inye ohere iji gburugburu desktọọpụ ma ghara ijikọta ya na ọnọdụ anụ ahụ.
Isi ihe ikpeazụ na-egosi njikọ na ntugharị naanị site na interface ikuku arụnyere n'ime ya.
Ọfọn, na n'ezie, ịmepụta nduzi zuru oke, yana nyocha nke teknụzụ ndị dị mkpa na ihe ọmụma m dị ntakịrị.
Kedu ihe a ga-atụle n'isiokwu a:
gaa - budata ebe nchekwa ọrụ tun2 sọksachọrọ iji ụzọ okporo ụzọ TCP gaa SOCKS, yana imepụta_ap - edemede iji megharịa ntọala nke ebe nnweta mebere site na iji nnabata.
tun2 sọks - wuo ma wụnye ọrụ sistemu na sistemụ.
sistemu-netwọk - Hazie ikuku ikuku na oghere mebere, tebụl ntụgharị kwụ ọtọ na ntugharị ngwugwu.
imepụta_ap - wụnye ọrụ sistemu na sistemụ, hazie ma malite ebe nnweta mebere.
Usoro nhọrọ:
ntp - wụnye na hazie ihe nkesa ka mekọrịta oge na mebere ohere ebe ahịa.
dnscrypt-proxy - anyị ga-ezochi arịrịọ DNS, kpọga ha na SOCKS wee gbanyụọ ngalaba mgbasa ozi maka netwọkụ mpaghara.
Gịnị bụ ihe a niile?
Nke a bụ otu n'ime ụzọ isi chekwaa njikọ TCP na netwọkụ mpaghara. Isi uru bụ na a na-eme njikọ niile na SOCKS, ọ gwụla ma ewuru ha ụzọ kwụ ọtọ site na ọnụ ụzọ mbụ. Nke a pụtara na ịgaghị ezipụta ntọala nkesa SOCKS maka mmemme nke ọ bụla ma ọ bụ ndị ahịa na netwọkụ mpaghara - ha niile na-aga SOCKS na ndabara, ebe ọ bụ ọnụ ụzọ ndabara ruo mgbe anyị gosipụtara ihe ọzọ.
N'ikpeazụ, anyị na-agbakwunye rawụta nke abụọ dị ka laptọọpụ n'ihu rawụta mbụ wee jiri njikọ ịntanetị nke rawụta mbụ maka arịrịọ SOCKS nke laptọọpụ ezoro ezo, nke n'aka nke ya na-aga ma na-ezochi arịrịọ sitere n'aka ndị ahịa LAN.
Site n'echiche nke onye na-eweta, anyị na-ejikọta ya na otu sava nwere okporo ụzọ ezoro ezo.
N'ihi ya, a na-ejikọta ngwaọrụ niile na ebe ịnweta ohere nke laptọọpụ.
Wụnye tun2socks na sistemụ
Ọ bụrụhaala na igwe gị nwere ịntanetị, budata ngwaọrụ niile dị mkpa.
apt update
apt install git make cmake
Budata ngwugwu badvpn
git clone https://github.com/ambrop72/badvpn
Otu nchekwa ga-apụta na sistemụ gị badvpn. Mepụta folda dị iche maka ihe nrụpụta
Onye njikwa netwọkụ-echere-online bụ ọrụ na-echere njikọ netwọkụ na-arụ ọrụ tupu systemd aga n'ihu ịmalite ọrụ ndị ọzọ dabere na ọnụnọ netwọkụ. Anyị na-agbanyụ ya ka anyị na-atụgharị gaa na analog nke netwọk sistemụ.
Ka anyị mee ya ozugbo:
systemctl enable systemd-networkd-wait-online
Hazie interface netwọk ikuku
Mepụta faịlụ nhazi sistemu-netwọk maka interface netwọk ikuku /etc/systemd/network/25-wlp6s0.network.
aha bụ aha interface ikuku gị. Jiri iwu mara ya ip a.
IPForward - ntuziaka na-enyere aka ntugharị ngwugwu na interface netwọk.
Address Ọ bụ ya na-ahụ maka ikenye adreesị IP na ikuku ikuku. Anyị na-akọwapụta ya n'ụzọ kwụ ọtọ n'ihi na site na ntụzịaka yiri ya DHCP=yes, systemd-networkd na-emepụta ụzọ ndabara na sistemụ. Mgbe ahụ, okporo ụzọ niile ga-esi na ụzọ ámá mbụ, ọ bụghị site na interface mebere n'ọdịnihu na subnet dị iche. Ị nwere ike ịlele ọnụ ụzọ ámá ndabara ugbu a site na iji iwu ahụ ip r
Mepụta ụzọ kwụ ọtọ maka sava SOCKS dịpụrụ adịpụ
Ọ bụrụ na ihe nkesa SOCKS gị abụghị mpaghara, kama ọ dịpụrụ adịpụ, mgbe ahụ ịkwesịrị ịmepụtara ya ụzọ kwụ ọtọ. Iji mee nke a, tinye akụkụ Route ruo na njedebe nke faịlụ nhazi ihu igwe ikuku ị jiri ọdịnaya ndị a mepụta:
[Route]
Gateway=192.168.1.1
Destination=0.0.0.0
Gateway - nke a bụ ọnụ ụzọ ámá ndabara ma ọ bụ adreesị nke ebe nnweta mbụ gị.
Destination - adreesị nkesa SOCKS.
Hazie wpa_supplicant maka sistemu-netwọk
systemd-networkd na-eji wpa_supplicant jikọọ na ebe nnweta echekwara. Mgbe ị na-agbalị 'ebuli' ikuku ikuku, systemd-networkd na-amalite ọrụ ahụ wpa_supplicant@имяebe Ọzọ bụ aha nke ikuku interface. Ọ bụrụ na ijibeghị sistemu-netwọk tupu oge a, mgbe ahụ ọrụ a nwere ike na-efu na sistemụ gị.
Ya mere mepụta ya na iwu:
systemctl enable wpa_supplicant@wlp6s0
Eji m ya wlp6s0 dị ka aha nke ikuku interface ya. Aha gị nwere ike ịdị iche. Ị nwere ike iji iwu ahụ mata ya ip l.
Ugbu a ọrụ emepụtara wpa_supplicant@wlp6s0 ga-amalite mgbe ikuku ikuku "buliri", Otú ọ dị, ya, n'aka nke ya, ga-achọ SSID na paswọọdụ ntọala nke ebe ohere na faịlụ. /etc/wpa_supplicant/wpa_supplicant-wlp6s0. Ya mere, ịkwesịrị ịmepụta ya site na iji ọrụ wpa_passphrase.
ebe SSID bụ aha ebe ịnweta gị, paswọọdụ bụ paswọọdụ, na wl6s0 - aha interface ikuku gị.
Bido interface mebere maka tun2socks
Mepụta faịlụ ka ịmalite interface mebere ọhụrụ na sistemụ/etc/systemd/network/25-tun2socks.netdev
[NetDev]
Name=tun2socks
Kind=tun
aha bụ aha nke systemd-networkd ga-ekenye na interface mebere n'ọdịnihu mgbe ebido ya.
ụdị bụ ụdị nke mebere interface. Site na aha ọrụ tun2socks, ị nwere ike iche na ọ na-eji interface dị ka tun.
Ubueze bụ ndọtị nke faịlụ na systemd-networkd Na-eji ibido oghere netwọkụ mebere. A na-akọwapụta adreesị na ntọala netwọkụ ndị ọzọ maka oghere ndị a .netwọk- faịlụ.
Mepụta faịlụ dị ka nke a /etc/systemd/network/25-tun2socks.network ya na ọdịnaya ndị a:
Name - aha nke mebere interface nke ị kwuru na Ubueze- faịlụ.
Address - adreesị IP ga-ekenye na mebere interface. Ga-abụrịrị n'otu netwọkụ ahụ dịka adreesị nke akọwapụtara na ọrụ tun2socks
Gateway - adreesị IP nke "Router" tun2 sọks, nke ị kọwapụtara mgbe ị na-emepụta ọrụ sistemu.
Ya mere interface ahụ tun2 sọks nwere adreesị 172.16.1.2, na ọrụ tun2 sọks - 172.16.1.1, ya bụ, ọ bụ ọnụ ụzọ maka njikọ niile sitere na interface mebere.
Hazie ebe nnweta mebere
Wụnye ndabere:
apt install util-linux procps hostapd iw haveged
Budata ebe nchekwa mepụta_ap gaa ụgbọ ala gị:
git clone https://github.com/oblique/create_ap
Gaa na nchekwa nchekwa dị na igwe gị:
cd create_ap
Wụnye na sistemụ:
make install
Otu nhazi ga-apụta na sistemụ gị /etc/create_ap.conf. Nke a bụ nhọrọ ndezi isi:
GATEWAY=10.0.0.1 - ọ ka mma ime ya subnet edobere iche.
NO_DNS=1 - gbanyụọ, ebe ọ bụ na a ga-ejikwa sistemụ arụmọrụ netwọọdụ sistemu.
NO_DNSMASQ=1 - gbanyụọ ya maka otu ihe kpatara ya.
WIFI_IFACE=wlp6s0 - Laptọọpụ ikuku interface.
INTERNET_IFACE=tun2socks - mebere interface emebere maka tun2socks.
SSID=hostapd - aha nke mebere ohere ebe.
PASSPHRASE=12345678 - paswọọdụ.
Echefula ime ka ọrụ ahụ rụọ ọrụ:
systemctl enable create_ap
Kwado ihe nkesa DHCP na sistemu-netwọk
Ọrụ ahụ create_ap malite interface mebere na sistemụ ahụ ap0. Na tiori, dnsmasq kwụgidere na interface a, mana gịnị kpatara ịwụnye mgbakwunye ọrụ ma ọ bụrụ na sistemụ netwọkụ nwere ihe nkesa DHCP arụnyere n'ime ya?
Iji mee ya, anyị ga-akọwapụta ntọala netwọk maka ebe mebere. Iji mee nke a, mepụta faịlụ /etc/systemd/network/25-ap0.network ya na ọdịnaya ndị a:
Mgbe ọrụ create_ap na-amalite interface mebere ap0, systemd-networkd ga-ekenye ya adreesị IP ozugbo wee mee ka ihe nkesa DHCP rụọ ọrụ.
Ụdọ EmitDNS=yes и DNS=10.0.0.1 nyefee ntọala nkesa DNS na ngwaọrụ ejikọrọ na ebe nnweta.
Ọ bụrụ na ị naghị eme atụmatụ iji sava DNS mpaghara - n'ọnọdụ m ọ bụ dnscrypt-proxy - ị nwere ike iwunye. DNS=10.0.0.1 в DNS=192.168.1.1ebe 192.168.1.1 - adreesị nke ọnụ ụzọ ámá mbụ gị. Mgbe ahụ, arịrịọ DNS maka ndị ọbịa gị na netwọkụ mpaghara ga-aga ezoro ezo site na sava ndị na-eweta ya.
EmitNTP=yes и NTP=192.168.1.1 nyefee ntọala NTP.
Otu na-aga maka ahịrị NTP=10.0.0.1.
Wụnye ma hazie sava NTP
Wụnye na sistemụ:
apt install ntp
Dezie nhazi /etc/ntp.conf. Kwupụta adreesị nke ọdọ mmiri ọkọlọtọ:
Tinye adreesị nkesa ọha, dịka ọmụmaatụ Google Public NTP:
server time1.google.com ibrust
server time2.google.com ibrust
server time3.google.com ibrust
server time4.google.com ibrust
Nye ndị ahịa ohere ịnweta ihe nkesa na netwọk gị:
restrict 10.0.0.0 mask 255.255.255.0
Kwado mgbasa ozi na netwọk gị:
broadcast 10.0.0.255
N'ikpeazụ, tinye adreesị nke sava ndị a na tebụl ntụgharị kwụ ọtọ. Iji mee nke a, mepee faịlụ nhazi nhazi ikuku ikuku /etc/systemd/network/25-wlp6s0.network ma gbakwunye na njedebe nke ngalaba Route.
Mgbe ịmalitegharịa ma ọ bụ malitegharịa, ị ga-enwe ohere ịnweta nke abụọ na-eduga ndị ọbịa na ngwaọrụ LAN gaa SOCKS.
Nke a bụ ihe mmepụta ahụ dị ip a laptọọpụ oge niile:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: tun2socks: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 500
link/none
inet 172.16.1.2/24 brd 172.16.1.255 scope global tun2socks
valid_lft forever preferred_lft forever
inet6 fe80::122b:260:6590:1b0e/64 scope link stable-privacy
valid_lft forever preferred_lft forever
3: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether e8:11:32:0e:01:50 brd ff:ff:ff:ff:ff:ff
4: wlp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 4c:ed:de:cb:cf:85 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global wlp6s0
valid_lft forever preferred_lft forever
inet6 fe80::4eed:deff:fecb:cf85/64 scope link
valid_lft forever preferred_lft forever
5: ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 4c:ed:de:cb:cf:86 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 brd 10.0.0.255 scope global ap0
valid_lft forever preferred_lft forever
inet6 fe80::4eed:deff:fecb:cf86/64 scope link
valid_lft forever preferred_lft forever
N'ihi ya,
Onye na-eweta ya na-ahụ naanị njikọ ezoro ezo na sava SOCKS gị, nke pụtara na ha ahụghị ihe ọ bụla.
Ma ọ na-ahụ arịrịọ NTP gị, iji gbochie nke a, wepụ ụzọ kwụ ọtọ maka sava NTP. Agbanyeghị, ejighi n'aka na sava SOCKS gị na-enye ohere maka usoro NTP.
Crutch hụrụ na Debain 10
Ọ bụrụ na ị nwaa ịmalitegharịa ọrụ netwọk site na njikwa, ọ ga-ada na mperi. Nke a bụ n'ihi na akụkụ nke ya n'ụdị nke mebere interface na-ejikọta na ọrụ tun2socks, nke pụtara na-eji ya. Ka ịmalitegharịa ọrụ netwọk, ị ga-ebu ụzọ kwụsị ọrụ tun2socks. Ma, echere m, ọ bụrụ na ị gụọ ruo ọgwụgwụ, nke a abụghị nsogbu maka gị!