Kwa chaka chathunthu (kapena ziwiri) ndidasiya kusindikiza nkhaniyi pazifukwa zazikulu - ndinali nditasindikiza kale zolemba ziwiri momwe ndidafotokozera njira yopangira rauta mu SOCKS kuchokera pa laputopu wamba ndi Debian.
Komabe, kuyambira nthawi imeneyo mtundu wokhazikika wa Debian wasinthidwa ku Buster, chiwerengero chokwanira cha anthu chandilumikizana ndi ine mwachinsinsi kupempha thandizo pakukhazikitsa, zomwe zikutanthauza kuti zolemba zanga zam'mbuyo sizikutha. Chabwino, ine ndekha ndimaganiza kuti njira zomwe zafotokozedwamo sizikuwululira zovuta zonse zakukhazikitsa Linux yoyendetsera mu SOCKS. Kuonjezera apo, iwo amalembedwa kwa Debian Stretch, ndipo nditatha kupititsa patsogolo ku Buster, mu systemd init system, ndinawona kusintha kwakung'ono pakuyanjana kwa mautumiki. Ndipo m'nkhani zomwe, sindinagwiritse ntchito systemd-networkd, ngakhale kuti ndizoyenera kwambiri kusinthika kwa maukonde.
Kuphatikiza pa zosintha zomwe zili pamwambapa, mautumiki otsatirawa adawonjezedwa pakusintha kwanga: hostapd - service for access point virtualization, ntp kulunzanitsa nthawi yamakasitomala amdera lanu, dnscrypt-proxy kubisa maulumikizidwe kudzera pa DNS ndikuletsa kutsatsa kwamakasitomala amderali, komanso, monga ndanena kale, systemd-networkd pokonza zolumikizira netiweki.
Nayi chithunzi chosavuta cha block chamkati cha rauta yotere.
Choncho, ndiroleni ndikukumbutseni zolinga za nkhanizi:
Sinthani maulumikizidwe onse a OS kupita ku SOCKS, komanso maulumikizidwe ochokera kuzipangizo zonse pamanetiweki omwewo monga laputopu.
Laputopu kwa ine iyenera kukhalabe yokhazikika. Ndiko kuti, kupereka mwayi wogwiritsa ntchito malo apakompyuta komanso osamangirizidwa ku malo enieni.
Mfundo yomaliza imatanthawuza kulumikiza ndi kuyendetsa kokha kudzera mu mawonekedwe opanda zingwe.
Chabwino, ndipo ndithudi, kupangidwa kwa kalozera wokwanira, komanso kusanthula kwa matekinoloje oyenerera kuti ndidziwe bwino kwambiri.
Zomwe zidzafotokozedwe m'nkhaniyi:
Pitani - tsitsani nkhokwe za polojekiti 2 masokosiyofunikira kuyendetsa magalimoto a TCP kupita ku SOCKS, ndi pangani_ap - script yosinthira kukhazikitsidwa kwa malo ofikira ogwiritsa ntchito hostapd.
2 masokosi - pangani ndikukhazikitsa ntchito ya systemd padongosolo.
pangani_ap - khazikitsani ntchito ya systemd pamakina, sinthani ndikuyambitsa malo ofikira.
Zosankha zomwe mungafune:
ntp - khazikitsani ndikusintha seva kuti igwirizanitse nthawi pamakasitomala ofikira.
dnscrypt-proxy - tidzalembera zopempha za DNS, kuzitumiza ku SOCKS ndikuletsa madera otsatsa pamanetiweki.
Kodi zonsezi ndi za chiyani?
Iyi ndi imodzi mwa njira zotetezera kulumikizidwa kwa TCP pa netiweki yakomweko. Ubwino waukulu ndikuti maulumikizidwe onse amapangidwa mu SOCKS, pokhapokha ngati njira yokhazikika imapangidwira kudzera pachipata choyambirira. Izi zikutanthauza kuti simuyenera kufotokozera makonda a seva ya SOCKS pamapulogalamu apawokha kapena makasitomala pamanetiweki - onse amapita ku SOCKS mwachisawawa, chifukwa ndiye khomo lolowera mpaka titawonetsa.
Kwenikweni timawonjezera rauta yachiwiri yotsekera ngati laputopu kutsogolo kwa rauta yoyambirira ndikugwiritsa ntchito intaneti ya rauta yoyambirira pazofunsira za SOCKS zosungidwa kale za laputopu, zomwe zimatsata ndikusunga zopempha kuchokera kwa makasitomala a LAN.
Kuchokera kumalingaliro a operekera, timalumikizidwa nthawi zonse ndi seva imodzi yokhala ndi magalimoto obisika.
Chifukwa chake, zida zonse zimalumikizidwa ndi malo ofikira a laputopu.
Ikani tun2socks pa dongosolo
Malingana ngati makina anu ali ndi intaneti, tsitsani zida zonse zofunika.
apt update
apt install git make cmake
Tsitsani phukusi la badvpn
git clone https://github.com/ambrop72/badvpn
Foda idzawonekera pa dongosolo lanu badvpn. Pangani chikwatu chosiyana cha kumanga
Address ali ndi udindo wopereka adilesi ya IP ku mawonekedwe opanda zingwe. Timazifotokoza mokhazikika chifukwa ndi malangizo ofanana DHCP=yes, systemd-networkd imapanga chipata chokhazikika pamakina. Ndiye magalimoto onse adzadutsa pachipata choyambirira, osati kupyolera mu mawonekedwe amtsogolo pa subnet yosiyana. Mutha kuyang'ana chipata chomwe chilipo pano ndi lamulo ip r
Pangani njira yokhazikika ya seva yakutali ya SOCKS
Ngati seva yanu ya SOCKS siili yakwanuko, koma yakutali, ndiye kuti muyenera kupanga njira yokhazikika. Kuti muchite izi, yonjezerani gawo Route mpaka kumapeto kwa fayilo yosinthira mawonekedwe opanda zingwe yomwe mudapanga ndi izi:
[Route]
Gateway=192.168.1.1
Destination=0.0.0.0
Gateway - iyi ndiye khomo lokhazikika kapena adilesi ya malo anu oyamba olowera.
Destination - adilesi ya seva ya SOCKS.
Konzani wpa_supplicant kwa systemd-networkd
systemd-networkd imagwiritsa ntchito wpa_supplicant kuti ilumikizane ndi malo otetezedwa. Mukayesa "kukweza" mawonekedwe opanda zingwe, systemd-networkd imayamba ntchitoyo wpa_supplicant@ΠΈΠΌΡkumene dzina ndi dzina la mawonekedwe opanda zingwe. Ngati simunagwiritse ntchito systemd-networkd izi zisanachitike, ndiye kuti ntchitoyi ikusowa pa dongosolo lanu.
Chifukwa chake pangani ndi lamulo:
systemctl enable wpa_supplicant@wlp6s0
Ndinagwiritsa ntchito wlp6s0 monga dzina la mawonekedwe ake opanda zingwe. Dzina lanu likhoza kukhala losiyana. Mutha kuzindikira ndi lamulo ip l.
Tsopano ntchito yopangidwa wpa_supplicant@wlp6s0 idzayambitsidwa pomwe mawonekedwe opanda zingwe "akwezedwa", komabe, nawonso, adzayang'ana ma SSID ndi ma password a malo olowera mufayilo. /etc/wpa_supplicant/wpa_supplicant-wlp6s0. Chifukwa chake, muyenera kupanga pogwiritsa ntchito zofunikira wpa_passphrase.
Name - dzina la mawonekedwe enieni omwe mudatchulapo zoo-fayilo.
Address - IP adilesi yomwe idzaperekedwa ku mawonekedwe enieni. Iyenera kukhala pa netiweki yomweyi ndi adilesi yomwe mwatchula mu sevisi ya tun2socks
Gateway - adilesi ya IP ya "rauta" 2 masokosi, zomwe mudazitchula popanga ntchito ya systemd.
Choncho mawonekedwe 2 masokosi ali ndi adilesi 172.16.1.2, ndi utumiki 2 masokosi - 172.16.1.1, ndiko kuti, ndi chipata cha maulumikizidwe onse kuchokera ku mawonekedwe enieni.
Konzani malo ofikira
Ikani zodalira:
apt install util-linux procps hostapd iw haveged
Tsitsani nkhokwe pangani_ap ku galimoto yanu:
git clone https://github.com/oblique/create_ap
Pitani ku chikwatu chosungira pamakina anu:
cd create_ap
Ikani padongosolo:
make install
Zosintha zidzawonekera pa dongosolo lanu /etc/create_ap.conf. Nazi njira zazikulu zosinthira:
Utumiki create_ap imayambitsa mawonekedwe enieni mu dongosolo ap0. Mwachidziwitso, dnsmasq imapachikidwa pamawonekedwe awa, koma bwanji kukhazikitsa mautumiki owonjezera ngati systemd-networkd ili ndi seva yomangidwa mu DHCP?
Kuti tichite izi, tidzafotokozera makonda a netiweki a point virtual. Kuti muchite izi, pangani fayilo /etc/systemd/network/25-ap0.network ndi izi:
Pambuyo pa create_ap service imayambitsa mawonekedwe enieni ap0, systemd-networkd idzazipatsa zokha adilesi ya IP ndikuyambitsa seva ya DHCP.
Zingwe EmitDNS=yes ΠΈ DNS=10.0.0.1 tumizani zoikamo za seva ya DNS kuzipangizo zolumikizidwa ndi malo ofikira.
Ngati simukukonzekera kugwiritsa ntchito seva yapafupi ya DNS - kwa ine ndi dnscrypt-proxy - mutha kukhazikitsa DNS=10.0.0.1 Π² DNS=192.168.1.1kumene 192.168.1.1 - adilesi yachipata chanu choyambirira. Kenako zopempha za DNS za omwe akukulandirani komanso netiweki yakomweko sizikhala zobisika kudzera pa seva za woperekayo.
EmitNTP=yes ΠΈ NTP=192.168.1.1 kusamutsa makonda a NTP.
Zomwezo zimapitanso pamzere NTP=10.0.0.1.
Ikani ndikusintha seva ya NTP
Ikani padongosolo:
apt install ntp
Sinthani config /etc/ntp.conf. Ndemanga za maadiresi a madzi osambira: