ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > fproxy v83 - server wakiil maxalli ah oo loogu talagalay shaandhaynta http(yada) taraafikada

fproxy v83 - server wakiil maxalli ah oo loogu talagalay shaandhaynta http(yada) taraafikada

Nooca 83aad ee kaydinta iyo ka-hortagga spam proxy server ee isticmaalka shakhsi ahaaneed ee leh goobaha dabacsan ayaa la daabacay.

Hawlaha ugu muhiimsan (wax walba waa la beddeli karaa):

  1. shaandhaynta waxyaabaha aan loo baahnayn (liiska cad / madow ee URL-yada, mamnuucida cookies);
  2. kaydinta qasabka ah iyo kaydinta xogta la helay (badanaa ku haboon sawirada iyo qoraalada);
  3. hagaajinta waxa ku jira boggaga shabakadda ee duullimaadyada (adigoo tafatiraya koodhka isha ee C, waxaa jira tusaale loogu beddelayo boggaga qulqulka qulqulka ee isku xirka asalka);
  4. Liisaska madow/caddaan ee shahaadooyinka iyo ku dhejinta shahaado si waafaqsan liiska;
  5. Beddelka cinwaanka IP-ga / domain / dariiqa / borotokoolka codsiga http iyadoo loo eegayo qaabeynta (nooca la dheereeyey ee /etc/hosts);
  6. http/https sniffer

Ku fiican in lagu daawado boggaga internetka gaabis ah ama qalab gaabis ah (mahadsanid dhibcaha 1 iyo 2, kuwaas oo wax walba markii hore la bilaabay), laakiin guud ahaan faa'iido leh xaalad kasta.

Ujeedooyinka amniga iyo si loo fududeeyo macquulnimada hawlgalka, server-ka wakiilku wuxuu u qaybsan yahay saddex qaybood: server TLS (joojinta isku xirka browserka), module proxy-ka, iyo macmiilka joojiya xidhiidhada baxaya.

Barnaamijka waxaa loogu talagalay isticmaalka shakhsi ahaaneed, taas oo ah, dhammaan qaabeynta iyo tusaha leh xogta server-ka wakiil ee hadda jira waxay ku xiran yihiin isticmaale gaar ah, ama xitaa profile browser gaar ah. Farsamo ahaan waa suurtogal in la maamulo wakiil sida daemon-ballaaran, laakiin foomkan way adagtahay in la isticmaalo mid ka mid ah hawlihiisa ugu muhiimsan - wax kasta oo gardarro ah, maaddaama browser kastaa uu yeelan karo xogtiisa kaydsan oo ay tahay in laga sooco midba midka kale dartiis ammaan.

Tusaalaha liiska xannibi:

diid nosub dhan share.yandex.ru browser-updater.yandex.net diid nosub dhan a.ria.ru # ? diidi nosub spec vk.com weydiimo /share.php diido nosub spec yastatic.net query /pcode/adfox/loader.js query /share2/share.js diid nosub spec www.youtube.com query /subscribe_widget diid nosub spec pano.img .ria.ru weydiimo /adriver/flashplagin/movie.swf diido nosub spec a.ria.ru query /ping deny nosub spec n-ssl.ria.ru query /polling deny nosub spec apis.google.com query /js/plusone .js diiday nosub spec yandex.ru pref /clck/safeclick/ pref /clck/click/ pref /clck/jclck/ diido dhammaan su'aalaha gaarka ah /tnc # index.ru proxied counter exact /tnc.js # index.ru proxied counter query /pixel.gif # spammers qaarkood ayaa isticmaala tan

Tusaalaha liiska dariiqa:

https://my.local.site set proxy none set target http://127.0.0.1:1234/localsite set http_host new.host:1234 .intel.com resolve off set proxy socks5://127.0.0.1:3333

Haddii ay dhacdo in laga cusboonaysiiyo nooc ka weyn 78, waa in aad beddeshaa khasnadda: u tag tusaha shaqada ee server-ka wakiilka isticmaalaha (uid/gid) ee server-ka wakiilnimada oo socodsii fproxy-cacheconv-78 (sida caadiga ah barnaamijkan laguma ururin).

Isbedelada nuqulkii ugu dambeeyay ee la daabacay (80):

  1. fproxy-dashboard hadda waxay haysataa ikhtiyaar ay ku muujiso cabbirada nuxurka bytes halkii ay ka ahaan lahayd kbytes;
  2. taageerada server-yada buggy ee iska indha tiraya madaxa "Connection: close";
  3. taageerada server-yada buggy ee soo celiya madaxa "Content-Encoding: aqoonsiga" ee khaldan;
  4. diraya ikhtiyaarka TLS ALPN;
  5. hagaajinta TLS terminator ee xisbiga dibadda (macmiilka): hadda waxay taageertaa ma aha oo kaliya TLS, laakiin sidoo kale isku xirka caadiga ah, waxay taageertaa hawlgalka sida daemon madax-bannaan oo leh codsiyada wakiilka ugu weyn ee shabakadda, iyo sidoo kale u gudbin kartaa xiriirkeeda baxaya iyada oo loo marayo wakiil kale, sidaas darteed u oggolaanaya qaybinta dabacsanaan ee hawlaha u dhexeeya qanjidhada xaaladaha xidhiidhka internetka ee liita iyo / ama baahida loo qabo in la abaabulo "wax soo saarka" taraafikada meel server fog oo heerar kala duwan ah oo kalsooni ah; Nooca cusub ayaa sidoo kale ku habboon in gacanta laga isticmaalo khadka taliska sida konsole TLS macmiilka oo leh taageero wakiil;
  6. shirka ayaa la fududeeyay, hadda waxaa jira Makefile ah halkii qoraallada qolof ah
  7. Xirmooyinka deb ee horay loo dhisay ayaa lagu habeeyay kaydka (nooca Debian 8-12)
  8. faylka qaabeynta ayaa isbedelaya, gadaal-ku-dhac la'aan
  9. Habayn cusub oo lagu maareeyo hab-socodka codsiga, kaas oo isku daray qaab-dhismeedka hore ee kala duwan ee resolv iyo awood u-gudbinta xidhiidhada baxaya ee server-ka fog, oo sidoo kale helay dhowr ikhtiyaar oo cusub: hadda waxaad dooran kartaa macmiilka aad u isticmaali karto url kasta (protocol, domain, port, path) , oo wakiil loo diri doono, iyada oo loo marayo server-kiisa DNS ciwaanka IP-ga ayaa lagu go'aamin doonaa (oo ay ku jiraan ergada ikhtiyaarka ah ee hawshan oo ah http dibadeed ama socks5), ama geli ciwaanka gacanta, iyo sidoo kale beddel borotokoolka, dekedda ama url-ka horgalayaasha -A
  10. taageero dheeraad ah oo loogu talagalay shahaadooyinka SAN ee ciwaannada IP-ga ee macmiilka iyo server-ka labadaba (browserayaashu waxay dhawaan joojiyeen aqbalaadda ciwaannada IP ee CommonName)

Qorshayaasha mustaqbalka:

  1. taageerada CGI/FastCGI/.so hooks for mit processing of content from sites
  2. proxy profile iyo maamulaha qaabaynta
  3. maamulka isdhexgalka ee hubinta shahaadooyinka goobaha fog iyo liisaska xannibaadda

Source: linux.org.ru

Add a comment