Momwe Spotify ingakuthandizireni kuphunzira ma daemoni, ma RFC, ma network ndikulimbikitsa gwero lotseguka. Kapena zomwe zimachitika ngati simungathe kulipira, koma mukufunadi zabwino zamtengo wapatali.
Kunyumba
Patsiku lachitatu, zidadziwika kuti Spotify akuwonetsa zotsatsa kutengera dziko la IP adilesi. Zinadziwikanso kuti mβmaiko ena kutsatsa sikunatengedwe nkomwe. Mwachitsanzo, mu Republic of Belarus. Ndiyeno dongosolo "labwino" linakhazikitsidwa kuti liyimitse kutsatsa muakaunti yopanda phindu.
Pang'ono ndi Spotify
Nthawi zambiri, Spotify ali ndi ndondomeko yachilendo. M'bale wathu amayenera kupotozedwa kwambiri kuti agule ndalama: sinthani malo mu mbiri yake kupita kutsidya kwa nyanja, yang'anani khadi yoyenera yamphatso yomwe imangolipiridwa ndi PayPal, yomwe yakhala yodabwitsa posachedwapa ndipo ikufuna zolemba zambiri. Kawirikawiri, ndi ulendo, koma wa dongosolo losiyana. Ngakhale, anthu ambiri amachita izi chifukwa cha mafoni a m'manja, sindiri nawo chidwi. Chifukwa chake, chilichonse chomwe chili pansipa chidzangothandiza pamtundu wa desktop. Komanso, sipadzakhala kukulitsa kwa ntchito. Kungodula ena owonjezera.
Nβchifukwa chiyani zili zovuta kwambiri?
Ndipo ndimaganiza choncho polembetsa socks-proxy data mu Spotify config. Vuto lidakhala kuti kutsimikizika mu masokosi pogwiritsa ntchito malowedwe ndi mawu achinsinsi sikugwira ntchito. Kuphatikiza apo, opanga nthawi zonse amachita zina mozungulira projekiti: mwina kulola, ndikuletsa, kapena kuswa, zomwe zimapangitsa kuti pakhale zokambirana zapaintaneti.
Zinasankhidwa kuti tisadalire ntchito zosakhazikika ndikupeza chinthu chodalirika komanso chosangalatsa.
Penapake owerenga ayenera kufunsa: bwanji osatenga ssh ndi kiyi -D ndipo ndiko kutha kwake? Ndipo, kawirikawiri, iye adzakhala wolondola. Koma, choyamba, izi zimafunikirabe kukhala ndi ziwanda ndikupanga mabwenzi ndi autossh, kuti musaganize za kulumikizana komwe kunang'ambika. Ndipo chachiwiri: ndizosavuta komanso zosasangalatsa.
Ndicholinga choti
Monga mwachizolowezi, tiyeni tichoke kumanzere kupita kumanja, pamwamba mpaka pansi ndikufotokozera zonse zomwe tingafune kuti tikwaniritse lingaliro lathu "losavuta".
Choyamba muyenera woyimira
Ndipo pali njira zina zambiri nthawi imodzi:
- mutha kungopita ndikukatenga pamndandanda wotseguka wa ma proxy. Zotsika mtengo (kapena m'malo mwachabe), koma osadalirika ndipo nthawi yonse ya ma proxies oterowo amakhala ziro. Chifukwa chake, pangakhale kofunikira kuti mupeze / kulemba cholembera pamndandanda wazoyimira, zosefera ndi mtundu womwe mukufuna ndi dziko, ndipo funso lolowa m'malo mwa Spotify likhala lotseguka (chabwino, mwina kudzera munjirayo.
HTTP_PROXYsinthani ndikupanga chomangirira cha binary kuti magalimoto ena onse asatumizidwe pamenepo). - Mutha kugula proxy yofananira ndikudzipulumutsa kumavuto ambiri omwe tafotokozawa. Koma pamtengo wa projekiti, mutha kugula nthawi yomweyo premium pa Spotify, ndipo izi sizothandiza pa ntchito yoyambirira.
- Kwezani yanu. Monga mwina mumaganizira, ichi ndi chisankho chathu.
Mwamwayi zitha kukhala kuti muli ndi mnzanu wokhala ndi seva ku Republic of Belarus kapena dziko lina laling'ono. Muyenera kugwiritsa ntchito izi ndikutulutsa proxy yomwe mukufuna pamenepo. Othandizira apadera amatha kukhala okhutira ndi mnzanu wokhala ndi rauta kapena mapulogalamu ofanana. Koma kumeneko ndipo dziko ili momveka bwino silikugwirizana ndi chimango cha nkhaniyi.
Chifukwa chake, zosankha zathu: Squid - osati zolimbikitsa, ndipo sindikufuna woyimira HTTP, pali kale zambiri za protocol iyi mozungulira. Ndipo m'dera la SOCKS palibe chanzeru kupatula sanaperekebe. Choncho, tiyeni titenge.
Osadikirira buku la Dante pakukhazikitsa ndikusintha. Iye ndipo sizosangalatsa kwenikweni. Pamakonzedwe osachepera muyenera kuponya mitundu yonse ya client pass, socks pass, lembani bwino ma interfaces ndipo musaiwale kuwonjezera socksmethod: username. Mu mawonekedwe awa, kuti atsimikizidwe, logopass idzatengedwa kuchokera kwa ogwiritsa ntchito. Ndipo gawo la chitetezo: kuletsa kulowa kwa localhost, kuletsa ogwiritsa ntchito, ndi zina zambiri - izi ndi zapayekha, kutengera malingaliro amunthu.
Ikani proxy yoyang'ana pa netiweki
Seweroli lili m'machitidwe awiri.
Chitani chimodzi
Takonza zoyimira, tsopano tikuyenera kuzipeza kuchokera pa intaneti yapadziko lonse lapansi. Ngati muli ndi makina okhala ndi IP yoyera m'dziko lomwe mukufuna, ndiye kuti mutha kudumpha mfundoyi mosamala. Tilibe (ife, monga tafotokozera pamwambapa, timakhala kunyumba za abwenzi) ndipo IP yoyera yapafupi ili kwinakwake ku Germany, kotero tidzaphunzira maukonde.
Chifukwa chake inde, wowerenga mwachidwi adzafunsanso: bwanji osatenga ntchito yomwe ilipo kapena zofanana? Ndipo adzakhalanso wolondola. Koma iyi ndi ntchito, iyeneranso kuchitiridwa ziwanda, imathanso kuwononga ndalama komanso simasewera. Chifukwa chake, tipanga njinga kuchokera kuzinthu zakale.
Ntchito: pali proxy kwinakwake kuseri kwa NAT, muyenera kuyipachika pa imodzi mwa madoko a VPS omwe ali ndi IP yoyera ndipo ali pamphepete mwa dziko lapansi.
Ndizomveka kuganiza kuti izi zitha kuthetsedwa ndi kutumiza madoko (komwe kumayendetsedwa kudzera muzomwe tatchulazi. ssh), kapena kuphatikiza ma hardware kukhala netiweki yeniyeni kudzera pa VPN. NDI ssh tikudziwa kugwira ntchito, autossh Ndizotopetsa kutenga, ndiye tiyeni titenge OpenVPN.
DigitalOcean ili ndi pankhaniyi. Ndilibe chowonjezerapo. Ndipo kasinthidwe kameneka kamatha kulumikizidwa mosavuta ndi kasitomala wa OpenVPN ndi systemd. Ingoyikeni (config) mkati /etc/openvpn/client/ ndipo musaiwale kusintha kuwonjezera kuti .conf. Pambuyo pake, kokerani utumiki [email protected]musaiwale kumuchitira iye enable ndipo kondwerani kuti zonse zidawuluka.
Inde, tifunika kuletsa kuwongolera kwa magalimoto ku VPN yomwe yangopangidwa kumene, chifukwa sitikufuna kuchepetsa liwiro pamakina a kasitomala podutsa magalimoto theka la mpira.
Ndipo inde, tifunika kulembetsa adilesi ya IP yokhazikika pa seva ya VPN kwa kasitomala wathu. Izi zidzafunika patsogolo pang'ono m'nkhaniyi. Kuti muchite izi muyenera kuyatsa ifconfig-pool-persist, sinthani ipp.txt, yophatikizidwa ndi OpenVPN ndikuthandizira kasitomala-config-dir, komanso kusintha masinthidwe a kasitomala omwe mukufuna powonjezera ifconfig-push ndi chigoba choyenera ndi adilesi ya IP yomwe mukufuna.
Chitani ziwiri
Tsopano tili ndi makina pa "network" omwe amayang'ana pa intaneti ndipo atha kugwiritsidwa ntchito pazinthu zodzikonda. Mwakutero, sinthaninso gawo la magalimoto kudzera pamenepo.
Kotero, ntchito yatsopano: muyenera kuzimitsa magalimoto akufika pa imodzi mwa madoko a VPS ndi IP yoyera kuti magalimotowa apite ku intaneti yomwe yangolumikizidwa kumene ndipo yankho likhoza kubwerera kuchokera kumeneko.
Yankho: ndithudi iptables! Ndi litinso pamene mudzakhala ndi mwaΕ΅i wabwino kwambiri woyeserera naye?
Kukonzekera kofunikira kungapezeke mwamsanga, m'maola atatu, mawu otukwana zana ndi mitsempha yambiri yowonongeka, chifukwa kusokoneza maukonde ndi njira yeniyeni.
Choyamba, muyenera kuloleza kulondolera magalimoto mu kernel. Chinthu ichi chimatchedwa ipv4.ip_forward ndipo imayatsidwa mosiyana pang'ono kutengera OS ndi manejala wa netiweki.
Kachiwiri, muyenera kusankha doko pa VPS ndikukulunga magalimoto onse kupitako kukhala gawo laling'ono. Izi zitha kuchitika, mwachitsanzo, motere:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 8080 -j DNAT --to-destination 10.8.0.2:8080Apa tikuwongolera magalimoto onse a TCP omwe akubwera ku doko 8080 la mawonekedwe akunja kupita ku makina okhala ndi IP 10.8.0.2 ndi doko lomwelo 8080.
Kwa iwo amene akufuna tsatanetsatane wauve wa ntchitoyo netfilter, iptables ndi njira zonse, ndikofunikira kulingalira kapena .
Kotero, tsopano mapaketi athu amawulukira ku subnet pafupifupi ndipo ... amakhala pamenepo. Momwemonso, kuyankha kuchokera ku proxy ya masokosi kumabwereranso kudzera pachipata chosasinthika pamakina omwe ali ndi Dante ndipo wolandirayo amatsitsa, chifukwa pamaneti sichizolowezi kutumiza pempho ku IP imodzi ndikulandila yankho kuchokera kwa wina. Chifukwa chake, tiyenera kupitiriza kusonkhanitsa.
Chifukwa chake, tsopano muyenera kuwongolera mapaketi onse kuchokera ku proxy kubwerera ku subnet yopita ku VPS yokhala ndi IP yoyera. Apa zinthu ndizovuta pang'ono, chifukwa ndi basi iptables sitikhala ndi zokwanira, chifukwa ngati tikonza adilesi yolowera tisanayende (PREROUTING), ndiye phukusi lathu silidzawulukira pa intaneti, ndipo ngati sitilikonza, phukusi lidzapita default gateway. Choncho, muyenera kuchita zotsatirazi: kukumbukira unyolo mangle, kuti mulembe mapaketi iptables ndi kuwakulunga patebulo lokhazikika lomwe lidzawatumize komwe akuyenera kupita.
Zosavuta kuzinena koma zovuta kuchita:
iptables -t mangle -A OUTPUT -p tcp --sport 8080 -j MARK --set-mark 0x80
ip rule add fwmark 0x80 table 80
ip route add default via 10.8.0.1 dev tun0 table 80Timatenga magalimoto otuluka, lembani chilichonse chomwe chikuwuluka padoko pomwe woyimirayo amakhala (8080 mwa ife), tumizani magalimoto onse patebulo lolowera ndi nambala 80 (kawirikawiri, chiwerengerocho sichidalira chilichonse, timangofuna. to) ndikuwonjezera lamulo limodzi, malinga ndi zomwe mapaketi onse omwe ali patebuloli amawulukira ku VPN subnet.
Zabwino! Tsopano mapaketi akuwulukira kubwerera ku VPS ... ndikufa kumeneko. Chifukwa VPS sadziwa choti achite nawo. Chifukwa chake, ngati simukuvutitsa, mutha kungowongolera magalimoto onse omwe amabwera kuchokera ku subnet kubwerera ku intaneti:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 172.42.1.10Pano, chirichonse chomwe chimachokera ku subnet 10.8.0.0 ndi chigoba cha 255.255.255.000 chikukulungidwa mu gwero-NAT ndikuwulukira ku mawonekedwe osasinthika, omwe amatembenuzidwa ku intaneti. Ndikofunika kuzindikira kuti chinthu ichi chidzagwira ntchito ngati tipititsa patsogolo doko, ndiko kuti, doko lomwe likubwera pa VPS likufanana ndi doko la proxy yathu. Kupanda kutero mudzavutikanso pangβono.
Penapake tsopano zonse ziyenera kuyamba kugwira ntchito. Ndipo zotsalira pang'ono: musaiwale kuonetsetsa kuti ma configs onse iptables ΠΈ route sizinapitirire pambuyo poyambitsanso. Za iptables pali mafayilo apadera ngati /etc/iptables/rules.v4(pankhani ya Ubuntu), koma pamayendedwe zonse zimakhala zovuta kwambiri. Ndinawakankhira mkati up/down Zolemba za OpenVPN, ngakhale ndikuganiza kuti zikanachitidwa moyenera.
Manga kuchuluka kwa kuchuluka kwa pulogalamuyi ndi projekiti
Chifukwa chake, tili ndi projekiti yotsimikizika m'dziko lomwe tikufuna, yopezeka kudzera pa adilesi yoyera ya IP. Chotsalira ndikuchigwiritsa ntchito ndikuwongolera magalimoto kuchokera ku Spotify kumeneko. Koma pali nuance, monga tafotokozera pamwambapa, lolowera-achinsinsi kwa tidzakulowereni mu Spotify sachiza, kotero ife kuyang'ana mmene kuzungulira izo.
Choyamba, tiyeni tikumbukire . Zinthu zabwino, koma zimawononga ndalama zambiri ngati nyenyezi ($ 40). Ndi ndalama izi tikhoza kugula umafunika ndi kuchita nazo. Chifukwa chake, tiyang'ana ma analogi omasuka komanso otseguka pa Mac (inde, tikufuna kumvera nyimbo pa Mac). Tiyeni tipeze chida chimodzi chonse: . Ndipo mokondwa tidzapita kumukantha.
Koma chisangalalocho chidzakhala chanthawi yayitali, chifukwa zikuwonekeratu kuti muyenera kuyambitsa njira yosinthira ndikuwonjezera kernel mu MacOS, sungani mawonekedwe osavuta ndikumvetsetsa kuti chida ichi chili ndi vuto lomwelo monga Spotify: sichingadutse kutsimikizika pogwiritsa ntchito lolowera-achinsinsi pa masokosi-proxy.
Penapake pano ndi nthawi yoti mutengeke ndikugula mtengo wapatali ... koma ayi! Tiyeni tiyese kupempha kuti zikonzedwe, ndi open source! Tiyeni tichite . Ndipo poyankha timapeza nkhani yokhumudwitsa ya momwe wosamalira yekhayo alibenso MacBook komanso ku gehena nayo, osati kukonza.
Tidzakhumudwanso. Koma ndiye tidzakumbukira unyamata wathu ndi C, kuyatsa njira yosinthira ku Dante, kukumba ma kilobytes mazana a zipika, kupita Kuti mudziwe zambiri za protocol ya SOCKS5, tiyeni tiwone Xcode ndikupeza vuto. Ndikokwanira kukonza munthu m'modzi pamndandanda wamakhodi omwe kasitomala amapereka kuti atsimikizire ndipo chilichonse chimayamba kugwira ntchito ngati wotchi. Timakondwera, timasonkhanitsa kumasulidwa kwa binary, timachita ndipo timapita kulowa kwa dzuwa ndi kupita ku mfundo ina.
Chitani nokha
Proximac ikangogwira ntchito, iyenera kuyiwalika ndikuyiwalika. Pali njira imodzi yoyambira yomwe ili yoyenera izi, yomwe imapezeka mu MacOS, ndiyo .
Timachipeza mwamsanga ndipo tikudziwa kuti izi siziri choncho systemd ndipo apa ndi pafupifupi scoop ndi xml. Palibe masinthidwe apamwamba kwa inu, palibe malamulo ngati status, restart, daemon-reload. Mtundu wovuta basi start-stop, list-grep, unload-load ndi zina zambiri zosamvetseka. Kugonjetsa zonsezi timalemba plist, kutsitsa. sizikugwira ntchito. Timaphunzira njira yochotsera chiwandacho, kuchichotsa, kumvetsetsa zomwe zilipo ENV Π΄Π°ΠΆΠ΅ PATH sitinapereke yanthawi zonse, timatsutsana, timayibweretsa (kuwonjezera /sbin ΠΈ /usr/local/bin) ndipo potsiriza ndife okondwa ndi autostart ndi ntchito yokhazikika.
Exhale
Chotsatira chake nchiyani? Sabata yaulendo, malo osungira nyama ogwada kuchokera ku mautumiki omwe ali okondedwa pamtima ndipo amachita zomwe zimafunikira. Kudziwa pang'ono m'magawo okayikitsa aukadaulo, gwero lotseguka pang'ono ndikumwetulira pankhope yanu kuchokera pamalingaliro "Ndachita!"
PS: uku sikuyitanira kunyalanyazidwa kwa ma capitalist, kupulumutsa pa machesi kapena chinyengo chonse, koma chingosonyeza kuthekera kwa kafukufuku ndi chitukuko komwe, nthawi zambiri, simumayembekezera.
Source: www.habr.com