M'nkhaniyi ndikufuna kuwulula kuthekera kwa proxying yowonekera, yomwe imakulolani kuti muwongolere zonse kapena gawo la magalimoto kudzera pa seva zakunja zakunja osazindikirika ndi makasitomala.
Nditayamba kuthetsa vutoli, ndinayang'anizana ndi mfundo yakuti kukhazikitsa kwake kunali ndi vuto limodzi lalikulu - protocol ya HTTPS. M'masiku akale, panalibe mavuto apadera ndi HTTP proxying yowonekera, koma ndi HTTPS proxying, asakatuli amafotokoza kusokoneza protocol ndipo ndipamene chimwemwe chimatha.
M'malangizo wamba a seva ya proxy ya Squid, amawonetsanso kupanga satifiketi yanu ndikuyiyika kwa makasitomala, zomwe ndi zopanda pake, zopanda nzeru komanso zikuwoneka ngati kuwukira kwa MITM. Ndikudziwa kuti Squid akhoza kale kuchita zofanana, koma nkhaniyi ikukhudzana ndi njira yotsimikiziridwa ndi yogwiritsira ntchito 3proxy kuchokera ku 3APA3A yolemekezeka.
Kenaka, tiwona mwatsatanetsatane ndondomeko yomanga 3proxy kuchokera ku gwero, kasinthidwe kake, pulojekiti yodzaza ndi yosankha pogwiritsa ntchito NAT, kugawa njira kumaseva angapo akunja akunja, komanso kugwiritsa ntchito rauta ndi njira zosasunthika. Timagwiritsa ntchito Debian 9 x64 ngati OS. Yamba!
Kuyika 3 proxy ndikuyendetsa seva yanthawi zonse
1. Ikani ifconfig (kuchokera pa net-Tools phukusi)
apt-get install net-tools
2. Kukhazikitsa Midnight Commander
apt-get install mc
3. Tsopano tili ndi zolumikizira ziwiri:
enp0s3 - kunja, kuyang'ana pa intaneti
enp0s8 - zamkati, ziyenera kuyang'ana pa netiweki yakomweko
Pazigawo zina zochokera ku Debian zolumikizira nthawi zambiri zimatchedwa eth0 ndi eth1.
ifconfig -a
polumikiziraenp0s3: mbendera = 4163 anthu 1500
inet 192.168.23.11 netmask 255.255.255.0 kuwulutsa 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 sikopeid 0x20 etha 08:00:27:c2:ba:e4 txqueuelen 1000 (Efaneti)
RX mapaketi 6412 mabayiti 8676619 (8.2 MiB)
Zolakwa za RX 0 zidagwetsa 0 overruns 0 chimango 0
TX mapaketi 1726 bytes 289128 (282.3KiB)
Zolakwa za TX 0 zidagwetsa 0 overruns 0 chonyamulira 0 kugunda 0
enp0s8: mbendera = 4098 anthu 1500
ether 08:00:27:79:a7:e3 txqueuelen 1000 (Efaneti)
RX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za RX 0 zidagwetsa 0 overruns 0 chimango 0
TX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za TX 0 zidagwetsa 0 overruns 0 chonyamulira 0 kugunda 0
lo: mbendera = 73 Mtengo wa 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Local Loopback)
RX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za RX 0 zidagwetsa 0 overruns 0 chimango 0
TX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za TX 0 zidagwetsa 0 overruns 0 chonyamulira 0 kugunda 0
Mawonekedwe a enp0s8 sakugwiritsidwa ntchito pano, tidzawathandiza tikafuna kugwiritsa ntchito Proxy NAT kapena kasinthidwe ka NAT. Apa ndiye kuti zingakhale zomveka kuyika IP yokhazikika.
4. Tiyeni tiyambe kukhazikitsa 3proxy
4.1 Kuyika maphukusi opangira 3proxy kuchokera kumagwero
root@debian9:~# apt-get install build-essential libevent-dev libssl-dev -y
4.2. Tiyeni tipange chikwatu chotsitsa zakale ndi magwero
root@debian9:~# mkdir -p /opt/proxy
4.3. Tiyeni tipite ku foda iyi
root@debian9:~# cd /opt/proxy
4.4. Tsopano tiyeni titsitse phukusi laposachedwa la 3proxy. Panthawi yolemba, mtundu waposachedwa kwambiri unali 0.8.12 (18/04/2018) Tsitsani kuchokera patsamba lovomerezeka la 3proxy
root@debian9:/opt/proxy# wget https://github.com/z3APA3A/3proxy/archive/0.8.12.tar.gz
4.5. Tiyeni tichotse zosungidwa zomwe zidatsitsidwa
root@debian9:/opt/proxy# tar zxvf 0.8.12.tar.gz
4.6. Pitani ku chikwatu chosapakidwa kuti mupange pulogalamuyo
root@debian9:/opt/proxy# cd 3proxy-0.8.12
4.7. Kenaka, tifunika kuwonjezera mzere ku fayilo yamutu kuti seva yathu ikhale yosadziwika (imagwira ntchito, zonse zimafufuzidwa, ma IP a kasitomala amabisika)
root@debian9:/opt/proxy/3proxy-0.8.12# nano +29 src/proxy.h
Onjezani mzere
#define ANONYMOUS 1
Dinani Ctrl+x ndi Enter kuti musunge zosinthazo.
4.8. Tiyeni tiyambe kusonkhanitsa pulogalamu
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux
Makelogpangani [2]: Kusiya chikwatu '/opt/proxy/3proxy-0.8.12/src/plugins/TransparentPlugin'
pangani [1]: Kusiya chikwatu '/opt/proxy/3proxy-0.8.12/src'
Palibe zolakwika, tiyeni tipitilize.
4.9. Kukhazikitsa pulogalamu pa dongosolo
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux install
4.10. Pitani ku chikwatu cha mizu ndikuwona komwe pulogalamuyo idayikidwa
root@debian9:/opt/proxy/3proxy-0.8.12# cd ~/
root@debian9:~# whereis 3proxy
3 proxy: /usr/local/bin/3proxy/usr/local/etc/3proxy
4.11. Tiyeni tipange chikwatu cha mafayilo osinthira ndi zolemba mu bukhu lanyumba la wogwiritsa ntchito
root@debian9:~# mkdir -p /home/joke/proxy/logs
4.12. Pitani ku chikwatu chomwe config chiyenera kukhala
root@debian9:~# cd /home/joke/proxy/
4.13. Pangani fayilo yopanda kanthu ndikukopera config pamenepo
root@debian9:/home/joke/proxy# cat > 3proxy.conf
3proxy.confdaemon
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
Chithunzi cha 65536
ogwiritsa ntchito: CL: 1234
nthawi 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
tembenuza 3
auth wamphamvu
chamadzi
kulola woyesa
masokosi -p3128
woyimira -p8080
Kuti musunge, dinani Ctrl + Z
4.14. Tiyeni tipange fayilo ya pid kuti pasakhale zolakwika pakuyambitsa.
root@debian9:/home/joke/proxy# cat > 3proxy.pid
Kuti musunge, dinani Ctrl + Z
4.15. Tiyeni tiyambitse seva ya proxy!
root@debian9:/home/joke/proxy# 3proxy /home/joke/proxy/3proxy.conf
4.16. Tiyeni tiwone ngati seva ikumvetsera pamadoko
root@debian9:~/home/joke/proxy# netstat -nlp
netstat logMaulaliki apaintaneti (maseva okha)
Proto Recv-Q Send-Q Adilesi Yako Adilesi Yakunja State PID/Dzina la Pulogalamu
tcp 0 0 0.0.0.0:8080 0.0.0.0:* Mverani 504/3proxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* Mverani 338/sshd
tcp 0 0 0.0.0.0:3128 0.0.0.0:* Mverani 504/3proxy
tcp6 0 0 :::22 :::* Mverani 338/sshd
udp 0 0 0.0.0.0:68 0.0.0.0:* 352/dhclient
Monga momwe zinalembedwera mu config, pulojekiti yathu yapaintaneti imamvera doko 8080, woyimira Socks5 amamvera doko 3128.
4.17. Kuti muyambe ntchito ya proxy mukayambiranso, muyenera kuwonjezera pa cron.
root@debian9:/home/joke/proxy# crontab -e
Onjezani mzere
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxy.conf
Timakanikiza Enter, popeza cron ayenera kuwona mapeto a mzere, ndikusunga fayilo.
Payenera kukhala uthenga wokhudza kukhazikitsa crontab yatsopano.
crontab: kukhazikitsa crontab yatsopano
4.18. Tiyeni tiyambitsenso dongosolo ndikuyesera kulumikiza pa msakatuli kupita ku proxy. Kuti tiwone, timagwiritsa ntchito msakatuli wa Firefox (othandizira webusayiti) ndi chowonjezera cha FoxyProxy cha socks5 ndi kutsimikizika.
root@debian9:/home/joke/proxy# reboot
4.19. Pambuyo poyang'ana ntchito ya proxy pambuyo poyambiranso, mukhoza kuwona zipika. Izi zimamaliza kukhazikitsa seva ya proxy.
3 chizindikiro cha proxy1542573996.018 PROXY.8080 00000 tester 192.168.23.10:50915 217.12.15.54:443 1193 6939 0 CONNECT_ads.yahoo.com:443_HTTP
1542574289.634 SOCK5.3128 00000 tester 192.168.23.10:51193 54.192.13.69:443 0 0 0 CONNECT_normandy.cdn.mozilla.net:443
Kukhazikitsa ndi kuyendetsa Transparent Proxy NAT kasinthidwe
Mukusintha uku, zida zonse za netiweki yamkati zizigwira ntchito pa intaneti kudzera pa seva yakutali. Mwamtheradi maulumikizidwe onse a TCP adzatumizidwa ku chimodzi kapena zingapo (amakulitsadi m'lifupi mwa njira, chitsanzo chokonzekera No. 2!) Ntchito ya DNS idzagwiritsa ntchito mphamvu za 3proxy (dnspr). UDP "sidzapita" kunja, popeza sitinagwiritse ntchito njira yopititsira patsogolo (yoyimitsidwa mwachisawawa mu Linux kernel).
1. Ndi nthawi kuti athe mawonekedwe enp0s8
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces file# Fayilo iyi ikufotokoza mawonekedwe a netiweki omwe amapezeka pakompyuta yanu
# ndi momwe mungayambitsire. Kuti mudziwe zambiri, onani zolumikizira (5).
gwero /etc/network/interfaces.d/*
# Mawonekedwe a loopback network
kuyendetsa
iface lo inet loopback
# Mawonekedwe oyambira a netiweki
lola-hotplug enp0s3
iface enp0s3 inet dhcp
# Mawonekedwe achiwiri a network
lola-hotplug enp0s8
iface enp0s8 inet static
Adilesi 192.168.201.254
mthunzi wa 255.255.255.0
Apa tidapereka mawonekedwe a enp0s8 adilesi yokhazikika 192.168.201.254 ndi chigoba 255.255.255.0
Sungani Ctrl + X ndikuyambitsanso
root@debian9:~# reboot
2. Kuyang'ana zolumikizira
root@debian9:~# ifconfig
ifconfig logenp0s3: mbendera = 4163 anthu 1500
inet 192.168.23.11 netmask 255.255.255.0 kuwulutsa 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 sikopeid 0x20 etha 08:00:27:c2:ba:e4 txqueuelen 1000 (Efaneti)
RX mapaketi 61 bytes 7873 (7.6KiB)
Zolakwa za RX 0 zidagwetsa 0 overruns 0 chimango 0
TX mapaketi 65 bytes 10917 (10.6KiB)
Zolakwa za TX 0 zidagwetsa 0 overruns 0 chonyamulira 0 kugunda 0
enp0s8: mbendera = 4163 anthu 1500
inet 192.168.201.254 netmask 255.255.255.0 kuwulutsa 192.168.201.255
inet6 fe80::a00:27ff:fe79:a7e3 prefixlen 64 sikopeid 0x20 etha 08:00:27:79:a7:e3 txqueuelen 1000 (Efaneti)
RX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za RX 0 zidagwetsa 0 overruns 0 chimango 0
TX mapaketi 8 mabayiti 648 (648.0 B)
Zolakwa za TX 0 zidagwetsa 0 overruns 0 chonyamulira 0 kugunda 0
lo: mbendera = 73 Mtengo wa 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Local Loopback)
RX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za RX 0 zidagwetsa 0 overruns 0 chimango 0
TX mapaketi 0 mabayiti 0 (0.0 B)
Zolakwa za TX 0 zidagwetsa 0 overruns 0 chonyamulira 0 kugunda 0
3. Chilichonse chinayenda bwino, tsopano muyenera kukonza 3proxy for transparent proxying.
root@debian9:~# cd /home/joke/proxy/
root@debian9:/home/joke/proxy# cat > 3proxytransp.conf
Kukonzekera kwachitsanzo kwa seva ya proxy yowonekera Nodaemon
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
Chithunzi cha 65536
nthawi 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
tembenuza 3
chamadzi
Auth apo
dnspr
kulola *
kholo 1000 socks5 IP_ADDRESS OF EXTERNAL_PROXY 3128 tester 1234
pulogalamu yowonjezera /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
4. Tsopano tikuyambitsa 3proxy ndi kasinthidwe katsopano
root@debian9:/home/joke/proxy# /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
5. Onjezani ku crontab kachiwiri
root@debian9:/home/joke/proxy# crontab -e
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
6. Tiyeni tiwone zomwe woyimira wathu akumvera tsopano
root@debian9:~# netstat -nlp
netstat logMaulaliki apaintaneti (maseva okha)
Proto Recv-Q Send-Q Adilesi Yako Adilesi Yakunja State PID/Dzina la Pulogalamu
tcp 0 0 0.0.0.0:22 0.0.0.0:* Mverani 349/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* Mverani 354/3proxy
tcp6 0 0 :::22 :::* Mverani 349/sshd
udp 0 0 0.0.0.0:53 0.0.0.0:* 354/3proxy
udp 0 0 0.0.0.0:68 0.0.0.0:* 367/dhclient
7. Tsopano wothandizirayo ali wokonzeka kuvomereza kugwirizana kulikonse kwa TCP pa doko 888, DNS pa doko 53, kotero kuti akhoza kutumizidwa ku proxy yakutali ya socks5 ndi DNS Google 8.8.8.8. Zomwe tiyenera kuchita ndikukonza netfilter (iptables) ndi malamulo a DHCP popereka maadiresi.
8. Ikani phukusi la iptables-persistent ndi dhcpd
root@debian9:~# apt-get install iptables-persistent isc-dhcp-server
9. Sinthani fayilo yoyambira ya dhcpd
root@debian9:~# nano /etc/dhcp/dhcpd.conf
dhcpd.conf# dhcpd.conf
#
# Fayilo yosinthira zitsanzo za ISC dhcpd
#
# matanthauzidwe osankha omwe amapezeka pamanetiweki onse othandiziraβ¦
kusankha domain-name "example.org";
kusankha domain-name-servers ns1.example.org, ns2.example.org;
-kusintha-nthawi-600;
nthawi yobwereketsa kwambiri 7200;
ddns-update-style palibe;
# Ngati seva ya DHCP iyi ndi seva yovomerezeka ya DHCP yakumaloko
# network, malangizo ovomerezeka akuyenera kuperekedwanso.
odalirika;
# Kusintha kosiyana pang'ono kwa subnet yamkati.
subnet 192.168.201.0 ukonde wa 255.255.255.0 {
osiyanasiyana 192.168.201.10 192.168.201.250;
kusankha domain-name-servers 192.168.201.254;
osankha njira 192.168.201.254;
adilesi yakusankhira 192.168.201.255;
-kusintha-nthawi-600;
nthawi yobwereketsa kwambiri 7200;
}
11. Yambitsaninso ndikuyang'ana ntchito padoko 67
root@debian9:~# reboot
root@debian9:~# netstat -nlp
netstat logMaulaliki apaintaneti (maseva okha)
Proto Recv-Q Send-Q Adilesi Yako Adilesi Yakunja State PID/Dzina la Pulogalamu
tcp 0 0 0.0.0.0:22 0.0.0.0:* Mverani 389/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* Mverani 310/3proxy
tcp6 0 0 :::22 :::* Mverani 389/sshd
udp 0 0 0.0.0.0:20364 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:53 0.0.0.0:* 310/3proxy
udp 0 0 0.0.0.0:67 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:68 0.0.0.0:* 405/dhclient
udp6 0 0 :::31728 :::* 393/dhcpd
yaiwisi 0 0 0.0.0.0:1 0.0.0.0:* 393/dhcpd
12. Chotsalira ndikuwongolera zopempha zonse za tcp ku port 888 ndikusunga lamulo mu iptables.
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -p tcp -j REDIRECT --to-ports 888
root@debian9:~# iptables-save > /etc/iptables/rules.v4
13. Kuti muwonjezere bandwidth ya tchanelo, mutha kugwiritsa ntchito ma seva angapo oyimira nthawi imodzi. Chiwerengerocho chiyenera kukhala 1000. Malumikizidwe atsopano amakhazikitsidwa ndi mwayi wa 0.2, 0.2, 0.2, 0.2, 0,1, 0,1 kwa ma seva ovomerezeka omwe atchulidwa.
Zindikirani: ngati tili ndi proxy ya intaneti, ndiye kuti m'malo mwa masokosi5 tiyenera kulemba kugwirizana, ngati masokosi4, ndiye masokosi4 (masokisi4 SIKUTHANDIZA KULOGWA / KULELEKA KWA PASSWORD!)
Kukonzekera kwachitsanzo kwa seva ya proxy yowonekera Nodaemon
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
Chithunzi cha 65536
maxconn 500
nthawi 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
tembenuza 3
chamadzi
Auth apo
dnspr
kulola *
kholo 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#1 3128 tester 1234
kholo 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#2 3128 tester 1234
kholo 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#3 3128 tester 1234
kholo 200 socks5 IP_ADDRESS_EXTERNAL_PROXY#4 3128 tester 1234
kholo 100 socks5 IP_ADDRESS_EXTERNAL_PROXY#5 3128 tester 1234
kholo 100 socks5 IP_ADDRESS_EXTERNAL_PROXY#6 3128 tester 1234
pulogalamu yowonjezera /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
Kukhazikitsa ndi kuyendetsa NAT + Transparent Proxy kasinthidwe
Pakukonza uku, tidzagwiritsa ntchito njira yanthawi zonse ya NAT yokhala ndi ma proxying osankhidwa kapena owonekera bwino pama adilesi kapena ma subnets. Ogwiritsa ntchito maukonde amkati adzagwira ntchito ndi mautumiki ena / ma subnet osazindikira kuti akugwira ntchito kudzera pa proxy. Maulumikizidwe onse a https amagwira ntchito bwino, palibe satifiketi yomwe iyenera kupangidwa / kusinthidwa.
Choyamba, tiyeni tisankhe ma subnets/ntchito zomwe tikufuna kuyimira. Tiyerekeze kuti ma proxies akunja ali komwe ntchito ngati pandora.com imagwira ntchito. Tsopano ikuyenera kudziwa ma subnets / ma adilesi.
1. Ping
root@debian9:~# ping pandora.com
PING pandora.com (208.85.40.20) 56(84) bytes of data.
2. Lembani BGP 208.85.40.20 mu Google
Tiyeni tipite kutsambali
Zitha kuwoneka kuti subnet yomwe ndikuyang'ana ndi AS40428 Pandora Media, Inc
Kutsegula ma prefixes a v4
Nawa ma subnets ofunikira!
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
199.116.164.0/24
199.116.165.0/24
208.85.40.0/24
208.85.41.0/24
208.85.42.0/23
208.85.42.0/24
208.85.43.0/24
208.85.44.0/24
208.85.46.0/23
208.85.46.0/24
208.85.47.0/24
3. Kuti muchepetse chiwerengero cha ma subnets, muyenera kuchita aggregation. Pitani patsamba ndi kukopera mndandanda wathu pamenepo. Zotsatira zake - ma subnet 6 m'malo mwa 14.
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
208.85.40.0/22
208.85.44.0/24
208.85.46.0/23
4. Malamulo omveka a iptables
root@debian9:~# iptables -F
root@debian9:~# iptables -X
root@debian9:~# iptables -t nat -F
root@debian9:~# iptables -t nat -X
Yambitsani njira yapatsogolo ndi NAT
root@debian9:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@debian9:~# iptables -A FORWARD -i enp0s3 -o enp0s8 -j ACCEPT
root@debian9:~# iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
root@debian9:~# iptables -t nat -A POSTROUTING -o enp0s3 -s 192.168.201.0/24 -j MASQUERADE
Kuonetsetsa kuti kutsogolo kumayatsidwa kwamuyaya pambuyo poyambiranso, tiyeni tisinthe fayilo
root@debian9:~# nano /etc/sysctl.conf
Ndipo tsegulani mzere
net.ipv4.ip_forward = 1
Ctrl + X kuti musunge fayilo
5. Timakulunga ma subnets a pandora.com mu proxy
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
6. Tiyeni tisunge malamulo
root@debian9:~# iptables-save > /etc/iptables/rules.v4
Kukhazikitsa ndi kuyendetsa Transparent Proxy kudzera pa kasinthidwe ka rauta
Pakukonza uku, seva ya proxy yowonekera ikhoza kukhala PC yosiyana kapena makina enieni kuseri kwa rauta yakunyumba / kampani. Ndikokwanira kulembetsa mayendedwe osasunthika pa rauta kapena zida ndipo subnet yonse idzagwiritsa ntchito proxy popanda kufunikira kowonjezera zina.
ZOFUNIKA! Ndikofunikira kuti chipata chathu chilandire IP yokhazikika kuchokera pa rauta, kapena imakonzedwa kuti ikhale yokhazikika.
1. Konzani adilesi yolowera pachipata (adaputala ya enp0s3)
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces file# Fayilo iyi ikufotokoza mawonekedwe a netiweki omwe amapezeka pakompyuta yanu
# ndi momwe mungayambitsire. Kuti mudziwe zambiri, onani zolumikizira (5).
gwero /etc/network/interfaces.d/*
# Mawonekedwe a loopback network
kuyendetsa
iface lo inet loopback
# Mawonekedwe oyambira a netiweki
lola-hotplug enp0s3
iface enp0s3 inet static
Adilesi 192.168.23.2
mthunzi wa 255.255.255.0
192.168.23.254 chipatala
# Mawonekedwe achiwiri a network
lola-hotplug enp0s8
iface enp0s8 inet static
Adilesi 192.168.201.254
mthunzi wa 255.255.255.0
2. Lolani zida zochokera ku subnet ya 192.168.23.0/24 kuti zigwiritse ntchito projekiti
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.23.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
3. Tiyeni tisunge malamulo
root@debian9:~# iptables-save > /etc/iptables/rules.v4
4. Tiyeni tilembetse ma subnets pa rauta
Mndandanda wa maukonde a rauta199.116.161.0 255.255.255.0 192.168.23.2
199.116.162.0 255.255.255.0 192.168.23.2
199.116.164.0 255.255.254.0 192.168.23.2
208.85.40.0 255.255.252.0 192.168.23.2
208.85.44.0 255.255.255.0 192.168.23.2
208.85.46.0 255.255.254.0 192.168.23.2
Zipangizo/zinthu zogwiritsidwa ntchito
1. Webusaiti yovomerezeka ya pulogalamu ya 3proxy
2. Malangizo oyika 3proxy kuchokera kugwero
3. Nthambi yachitukuko cha 3 pa GitHub
Source: www.habr.com