Sengoliloeng sena ke rata ho senola menyetla ea ho etsa proxy e hlakileng, e u lumellang ho tsamaisa tsohle kapa karolo ea sephethephethe ka li-server tsa proxy tsa kantle tse sa bonoeng ke bareki.
Ha ke qala ho rarolla bothata bona, ke ne ke tobane le taba ea hore ts'ebetsong ea eona e na le bothata bo le bong ba bohlokoa - protocol ea HTTPS. Matsatsing a monate a khale, ho ne ho se na mathata a khethehileng ka proxy e hlakileng ea HTTP, empa ka proxying ea HTTPS, li-browser li tlaleha ho kena-kenana le protocol 'me ke moo thabo e fellang teng.
Litaelong tse tloaelehileng bakeng sa seva sa proxy ea Squid, ba bile ba fana ka maikutlo a ho hlahisa setifikeiti sa hau le ho se kenya ho bareki, e leng ntho e se nang thuso ka bonyane, e sa utloahaleng ebile e shebahala joaloka tlhaselo ea MITM. Kea tseba hore Squid e se e ka etsa ntho e tšoanang, empa sehlooho sena se bua ka mokhoa o tiisitsoeng le o sebetsang o sebelisang 3proxy ho tloha 3APA3A e hlomphuoang.
Ka mor'a moo, re tla sheba ka ho qaqileng mokhoa oa ho haha 3proxy ho tloha mohloling, tlhophiso ea eona, proxy e feletseng le e khethiloeng e sebelisa NAT, ho ajoa ha mocha ho li-server tse 'maloa tsa proxy tsa ka ntle, hammoho le tšebeliso ea router le litsela tse tsitsitseng. Re sebelisa Debian 9 x64 joalo ka OS. QALA!
Ho kenya 3proxy le ho tsamaisa seva ea proxy e tloaelehileng
1. Kenya ifconfig (ho tsoa sephutheloana sa lisebelisoa tsa net)
apt-get install net-tools
2. Kenya Molaoli oa Mantsiboea
apt-get install mc
3. Hona joale re na le likhokahano tse 2:
enp0s3 - kantle, e sheba Marang-rang
enp0s8 - ka hare, e tlameha ho sheba marang-rang a lehae
Liphaellong tse ling tse thehiloeng ho Debian li-interfaces hangata li bitsoa eth0 le eth1.
ifconfig -a
likaroloenp0s3: lifolakha=4163 batho ba 1500
inet 192.168.23.11 netmask 255.255.255.0 kgaso 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (Ethernet)
Lipakete tsa RX 6412 bytes 8676619 (8.2 MiB)
Liphoso tsa RX 0 li theohile 0 overruns 0 foreimi 0
Lipakete tsa TX 1726 bytes 289128 (282.3KiB)
Liphoso tsa TX 0 li theohile 0 overruns 0 carrier 0 collisions 0
enp0s8: lifolakha=4098 batho ba 1500
ether 08:00:27:79:a7:e3 txqueuelen 1000 (Ethernet)
Lipakete tsa RX 0 byte 0 (0.0 B)
Liphoso tsa RX 0 li theohile 0 overruns 0 foreimi 0
Lipakete tsa TX 0 byte 0 (0.0 B)
Liphoso tsa TX 0 li theohile 0 overruns 0 carrier 0 collisions 0
ponahalo: lifolakha=73 motho 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Loopback ea Lehae)
Lipakete tsa RX 0 byte 0 (0.0 B)
Liphoso tsa RX 0 li theohile 0 overruns 0 foreimi 0
Lipakete tsa TX 0 byte 0 (0.0 B)
Liphoso tsa TX 0 li theohile 0 overruns 0 carrier 0 collisions 0
Sehokelo sa enp0s8 ha se sebelisoe hajoale, re tla se nolofalletsa ha re batla ho sebelisa tlhophiso ea Proxy NAT kapa NAT. Ke ka nako eo e tla ba ho utloahalang ho e abela IP e tsitsitseng.
4. Ha re qale ho kenya 3proxy
4.1 Ho kenya liphutheloana tsa mantlha bakeng sa ho bokella 3proxy ho tsoa mehloling
root@debian9:~# apt-get install build-essential libevent-dev libssl-dev -y
4.2. Ha re theheng foldara bakeng sa ho khoasolla polokelo ka mehloli
root@debian9:~# mkdir -p /opt/proxy
4.3. Ha re ee ho sephutheli sena
root@debian9:~# cd /opt/proxy
4.4. Joale ha re khoasolle sephutheloana sa morao-rao sa 3proxy. Nakong ea ho ngoloa, mofuta oa morao-rao o tsitsitseng e ne e le 0.8.12 (18/04/2018) Khoasolla ho tsoa webosaeteng ea semmuso ea 3proxy.
root@debian9:/opt/proxy# wget https://github.com/z3APA3A/3proxy/archive/0.8.12.tar.gz
4.5. Ha re lokolle polokelong ea polokelo e jarollotsoeng
root@debian9:/opt/proxy# tar zxvf 0.8.12.tar.gz
4.6. E-ea bukeng e sa buloang ho theha lenaneo
root@debian9:/opt/proxy# cd 3proxy-0.8.12
4.7. Ka mor'a moo, re hloka ho eketsa mohala ho file ea hlooho e le hore seva sa rona se se ke sa tsejoa ka ho feletseng (e hlile e sebetsa, ntho e 'ngoe le e' ngoe e hlahlojoa, li-IP tsa bareki li patiloe)
root@debian9:/opt/proxy/3proxy-0.8.12# nano +29 src/proxy.h
Kenya mola
#define ANONYMOUS 1
Tobetsa Ctrl+x le Enter ho boloka liphetoho.
4.8. A re qaleng ho bokella lenaneo
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux
Makelogetsa [2]: Tloha bukeng '/opt/proxy/3proxy-0.8.12/src/plugins/TransparentPlugin'
etsa [1]: Tloha bukeng '/opt/proxy/3proxy-0.8.12/src'
Ha ho liphoso, ha re tsoeleng pele.
4.9. Kenya lenaneo tsamaisong
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux install
4.10. E-ea bukeng ea motso 'me u hlahlobe hore na lenaneo le kentsoe hokae
root@debian9:/opt/proxy/3proxy-0.8.12# cd ~/
root@debian9:~# whereis 3proxy
3 proxy: /usr/local/bin/3proxy/usr/local/etc/3proxy
4.11. Ha re theheng foldara bakeng sa lifaele tsa tlhophiso le li-log bukeng ea lapeng ea mosebelisi
root@debian9:~# mkdir -p /home/joke/proxy/logs
4.12. Eya ho directory moo config e lokelang ho ba teng
root@debian9:~# cd /home/joke/proxy/
4.13. Theha faele e se nang letho 'me u kopitse config moo
root@debian9:/home/joke/proxy# cat > 3proxy.conf
3proxy.confdaemon
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
Setšoantšo sa 65536
mohlahlobi oa basebelisi: CL:1234
nako 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
potoloha 3
e matla
flush
lumella teko
likausi -p3128
moemeli -p8080
Ho boloka, tobetsa Ctrl + Z
4.14. Ha re theheng faele ea pid hore ho se be le liphoso nakong ea ho qala.
root@debian9:/home/joke/proxy# cat > 3proxy.pid
Ho boloka, tobetsa Ctrl + Z
4.15. Ha re hlahise seva ea moemeli!
root@debian9:/home/joke/proxy# 3proxy /home/joke/proxy/3proxy.conf
4.16. Ha re boneng hore na seva se mametse likoung
root@debian9:~/home/joke/proxy# netstat -nlp
netstat logLikhokahano tsa Marang-rang tse sebetsang (li-server feela)
Proto Recv-Q Send-Q Aterese ea Lehae Aterese ea Kantle ho Naha PID/Lebitso la Lenaneo
tcp 0 0 0.0.0.0:8080 0.0.0.0:* MAMELA 504/3proxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* MAMELA 338/sshd
tcp 0 0 0.0.0.0:3128 0.0.0.0:* MAMELA 504/3proxy
tcp6 0 0 :::22 :::* MAMELA 338/sshd
udp 0 0 0.0.0.0:68 0.0.0.0:* 352/dhclient
Joalo ka ha e ne e ngotsoe ho config, proxy ea rona ea webo e mamela port 8080, proxy ea Socks5 e mamela port 3128.
4.17. Ho qala ts'ebeletso ea proxy ka mor'a ho qala bocha, o hloka ho e kenyelletsa ho cron.
root@debian9:/home/joke/proxy# crontab -e
Kenya mola
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxy.conf
Re tobetsa Enter, kaha cron e lokela ho bona pheletso ea mohala oa mohala, ebe o boloka faele.
Ho lokela ho ba le molaetsa mabapi le ho kenya crontab e ncha.
crontab: ho kenya crontab e ncha
4.18. Ha re qaleng sistimi mme re leke ho hokela ho sebatli ho proxy. Ho hlahloba, re sebelisa sebatli sa Firefox (bakeng sa proxy ea tepo) le tlatsetso ea FoxyProxy bakeng sa likausi5 tse nang le netefatso.
root@debian9:/home/joke/proxy# reboot
4.19. Ka mor'a ho hlahloba ts'ebetso ea moemeli ka mor'a ho qala bocha, u ka sheba li-log. Sena se phethela ho seta seva ea moemeli.
3 proxy log1542573996.018 PROXY.8080 00000 tester 192.168.23.10:50915 217.12.15.54:443 1193 6939 0 CONNECT_ads.yahoo.com:443_HTTP
1542574289.634 SOCK5.3128 00000 tester 192.168.23.10:51193 54.192.13.69:443 0 0 0 CONNECT_normandy.cdn.mozilla.net:443
Ho theha le ho tsamaisa tlhophiso ea Transparent Proxy NAT
Tokisong ena, lisebelisoa tsohle tse marang-rang a ka hare li tla sebetsa ka mokhoa o pepeneneng Inthaneteng ka seva sa proxy se hole. Ka ho feletseng likamano tsohle tsa TCP li tla fetisetsoa ho e le 'ngoe kapa ho feta (ka sebele e atolosa bophara ba mocha, mohlala oa tlhophiso No. 2!) Li-server tsa proxy. Ts'ebeletso ea DNS e tla sebelisa bokhoni ba 3proxy (dnspr). UDP e ke ke ea "ea" kantle, kaha ha re e-so sebelise mochini o eang pele (o holofalitsoe ke kamehla ho Linux kernel).
1. Ke nako ea ho nolofalletsa sebopeho sa enp0s8
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces file# Faele ena e hlalosa marang-rang a marang-rang a fumanehang ho sistimi ea hau
# le mokhoa oa ho li kenya tšebetsong. Ho fumana lintlha tse ling, sheba li-interfaces(5).
mohloli /etc/network/interfaces.d/*
# Sesebelisoa sa marang-rang sa loopback
e kolohe
iface lo inet loopback
# Sesebelisoa sa mantlha sa marang-rang
lumella-hotplug enp0s3
iface enp0s3 inet dhcp
# Sebopeho sa marang-rang sa bobeli
lumella-hotplug enp0s8
iface enp0s8 inet static
aterese 192.168.201.254
letlooa 255.255.255.0
Mona re fane ka sebopeho sa enp0s8 aterese e tsitsitseng 192.168.201.254 le maske 255.255.255.0
Boloka Ctrl + X 'me u qale hape
root@debian9:~# reboot
2. Ho hlahloba li-interfaces
root@debian9:~# ifconfig
ifconfig logenp0s3: lifolakha=4163 batho ba 1500
inet 192.168.23.11 netmask 255.255.255.0 kgaso 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (Ethernet)
Lipakete tsa RX 61 bytes 7873 (7.6KiB)
Liphoso tsa RX 0 li theohile 0 overruns 0 foreimi 0
Lipakete tsa TX 65 bytes 10917 (10.6KiB)
Liphoso tsa TX 0 li theohile 0 overruns 0 carrier 0 collisions 0
enp0s8: lifolakha=4163 batho ba 1500
inet 192.168.201.254 netmask 255.255.255.0 kgaso 192.168.201.255
inet6 fe80::a00:27ff:fe79:a7e3 prefixlen 64 scopeid 0x20 ether 08:00:27:79:a7:e3 txqueuelen 1000 (Ethernet)
Lipakete tsa RX 0 byte 0 (0.0 B)
Liphoso tsa RX 0 li theohile 0 overruns 0 foreimi 0
Lipakete tsa TX 8 byte 648 (648.0 B)
Liphoso tsa TX 0 li theohile 0 overruns 0 carrier 0 collisions 0
ponahalo: lifolakha=73 motho 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1 (Loopback ea Lehae)
Lipakete tsa RX 0 byte 0 (0.0 B)
Liphoso tsa RX 0 li theohile 0 overruns 0 foreimi 0
Lipakete tsa TX 0 byte 0 (0.0 B)
Liphoso tsa TX 0 li theohile 0 overruns 0 carrier 0 collisions 0
3. Ntho e ngoe le e ngoe e tsamaile, joale o hloka ho hlophisa 3proxy bakeng sa proxy e hlakileng.
root@debian9:~# cd /home/joke/proxy/
root@debian9:/home/joke/proxy# cat > 3proxytransp.conf
Mohlala oa tlhophiso ea seva ea proxy e bonaletsang No. 1daemon
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
Setšoantšo sa 65536
nako 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
potoloha 3
flush
Auth iponly
dnspr
lumella *
motsoali 1000 likausi5 IP_ADDRESS OF EXTERNAL_PROXY 3128 tester 1234
plugin /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
4. Hona joale re qala 3proxy ka config e ncha
root@debian9:/home/joke/proxy# /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
5. Eketsa ho crontab hape
root@debian9:/home/joke/proxy# crontab -e
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
6. Ha re boneng hore na moemeli oa rona o mametse eng hona joale
root@debian9:~# netstat -nlp
netstat logLikhokahano tsa Marang-rang tse sebetsang (li-server feela)
Proto Recv-Q Send-Q Aterese ea Lehae Aterese ea Kantle ho Naha PID/Lebitso la Lenaneo
tcp 0 0 0.0.0.0:22 0.0.0.0:* MAMELA 349/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* MAMELA 354/3proxy
tcp6 0 0 :::22 :::* MAMELA 349/sshd
udp 0 0 0.0.0.0:53 0.0.0.0:* 354/3proxy
udp 0 0 0.0.0.0:68 0.0.0.0:* 367/dhclient
7. Hona joale moemeli o se a loketse ho amohela likhokahano leha e le life tsa TCP ho port 888, DNS ho port 53, e le hore li ka fetisetsoa ho proxy e hōle ea socks5 le DNS Google 8.8.8.8. Seo re lokelang ho se etsa feela ke ho lokisa netfilter (iptables) le melao ea DHCP bakeng sa ho fana ka liaterese.
8. Kenya sephutheloana sa iptables-persistent le dhcpd
root@debian9:~# apt-get install iptables-persistent isc-dhcp-server
9. Fetola faele ea ho qala ea dhcpd
root@debian9:~# nano /etc/dhcp/dhcpd.conf
dhcpd.conf# dhcpd.conf
#
# Faele ea tlhophiso ea mohlala bakeng sa ISC dhcpd
#
# Litlhaloso tsa khetho tse tloaelehileng ho marang-rang ohle a tšehetsoeng…
khetho domain name "example.org";
khetho domain name-server ns1.example.org, ns2.example.org;
Nako ea ho hira ka ho sa feleng 600;
max-lease-time 7200;
ddns-update-style ha e eo;
# Haeba seva sena sa DHCP e le seva sa semmuso sa DHCP sa lehae
# marang-rang, taelo ea bolaoli ha ea lokela ho fanoa.
matla
# Tlhophiso e fapaneng hanyane bakeng sa subnet ea kahare.
subnet 192.168.201.0 netmask 255.255.255.0 {
Meeli 192.168.201.10 192.168.201.250;
khetho domain name-server 192.168.201.254;
khetho li-routers 192.168.201.254;
khetho-aterese-aterese 192.168.201.255;
Nako ea ho hira ka ho sa feleng 600;
max-lease-time 7200;
}
11. Qala bocha 'me u hlahlobe tšebeletso boema-kepeng ba 67
root@debian9:~# reboot
root@debian9:~# netstat -nlp
netstat logLikhokahano tsa Marang-rang tse sebetsang (li-server feela)
Proto Recv-Q Send-Q Aterese ea Lehae Aterese ea Kantle ho Naha PID/Lebitso la Lenaneo
tcp 0 0 0.0.0.0:22 0.0.0.0:* MAMELA 389/sshd
tcp 0 0 0.0.0.0:888 0.0.0.0:* MAMELA 310/3proxy
tcp6 0 0 :::22 :::* MAMELA 389/sshd
udp 0 0 0.0.0.0:20364 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:53 0.0.0.0:* 310/3proxy
udp 0 0 0.0.0.0:67 0.0.0.0:* 393/dhcpd
udp 0 0 0.0.0.0:68 0.0.0.0:* 405/dhclient
udp6 0 0 :::31728 :::* 393/dhcpd
e tala 0 0 0.0.0.0:1 0.0.0.0:* 393/dhcpd
12. Se setseng ke ho tsamaisa likopo tsohle tsa tcp ho port 888 le ho boloka molao ho iptables.
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -p tcp -j REDIRECT --to-ports 888
root@debian9:~# iptables-save > /etc/iptables/rules.v4
13. Ho atolosa marang-rang a kanale, o ka sebelisa li-server tse 'maloa tsa proxy hang-hang. Kakaretso e tlameha ho ba 1000. Lihokelo tse ncha li thehiloe ka monyetla oa 0.2, 0.2, 0.2, 0.2, 0,1, 0,1 ho li-server tsa proxy tse boletsoeng.
Tlhokomeliso: haeba re e-na le proxy ea websaete, joale ho e-na le likausi5 re hloka ho ngola ho hokahanya, haeba likausi4, joale likausi4 (li-socks4 HA LI TŠEHETSE LOGIN / PASSWORD AURIZATION!)
Mohlala oa tlhophiso ea seva ea proxy e bonaletsang No. 2daemon
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
Setšoantšo sa 65536
maxconn 500
nako 1 5 30 60 180 1800 16 60
log /home/joke/proxy/logs/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
potoloha 3
flush
Auth iponly
dnspr
lumella *
motsoali 200 likausi5 IP_ADDRESS_EXTERNAL_PROXY#1 3128 tester 1234
motsoali 200 likausi5 IP_ADDRESS_EXTERNAL_PROXY#2 3128 tester 1234
motsoali 200 likausi5 IP_ADDRESS_EXTERNAL_PROXY#3 3128 tester 1234
motsoali 200 likausi5 IP_ADDRESS_EXTERNAL_PROXY#4 3128 tester 1234
motsoali 100 likausi5 IP_ADDRESS_EXTERNAL_PROXY#5 3128 tester 1234
motsoali 100 likausi5 IP_ADDRESS_EXTERNAL_PROXY#6 3128 tester 1234
plugin /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
Ho theha le ho tsamaisa NAT + Transparent Proxy configuration
Tokisong ena, re tla sebelisa mokhoa o tloaelehileng oa NAT ka ho khetha kapa ho pepeseha ka botlalo hoa liaterese kapa li-subnets. Basebelisi ba marang-rang ba ka hare ba tla sebetsa le lits'ebeletso tse itseng / subnets ntle le ho elelloa hore ba sebetsa ka proxy. Lihokelo tsohle tsa https li sebetsa hantle, ha ho litifikeiti tse hlokang ho hlahisoa/ho nkeloa sebaka.
Taba ea pele, ha re etse qeto ea hore na ke li-subnet/litšebeletso life tseo re batlang ho li emela. Ha re nke hore li-proxies tsa kantle li teng moo ts'ebeletso e kang pandora.com e sebetsang teng. Hona joale e sala e le ho tseba li-subnets / liaterese tsa eona.
1. Ping
root@debian9:~# ping pandora.com
PING pandora.com (208.85.40.20) 56 (84) li-byte tsa data.
2. Tlanya BGP 208.85.40.20 ho Google
Ha re ee setšeng
Hoa bonahala hore subnet eo ke e batlang ke AS40428 Pandora Media, Inc
Ho bula li-prefixes tsa v4
Mona ke li-subnet tse hlokahalang!
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
199.116.164.0/24
199.116.165.0/24
208.85.40.0/24
208.85.41.0/24
208.85.42.0/23
208.85.42.0/24
208.85.43.0/24
208.85.44.0/24
208.85.46.0/23
208.85.46.0/24
208.85.47.0/24
3. Ho fokotsa palo ea subnets, u lokela ho etsa aggregation. Eya sebakeng le ho kopitsa lethathamo la rona moo. Ka lebaka leo - li-subnet tse 6 sebakeng sa 14.
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
208.85.40.0/22
208.85.44.0/24
208.85.46.0/23
4. Melao e hlakileng ea iptables
root@debian9:~# iptables -F
root@debian9:~# iptables -X
root@debian9:~# iptables -t nat -F
root@debian9:~# iptables -t nat -X
Numella mochini oa pele le oa NAT
root@debian9:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@debian9:~# iptables -A FORWARD -i enp0s3 -o enp0s8 -j ACCEPT
root@debian9:~# iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
root@debian9:~# iptables -t nat -A POSTROUTING -o enp0s3 -s 192.168.201.0/24 -j MASQUERADE
Ho etsa bonnete ba hore ho ea pele ho lumelloa ka ho sa feleng ka mor'a ho qala bocha, a re fetoleng faele
root@debian9:~# nano /etc/sysctl.conf
'Me u hlakole mohala
net.ipv4.ip_forward = 1
Ctrl+X ho boloka faele
5. Re thatela li-subnets tsa pandora.com ka proxy
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
6. A re bolokeng melao
root@debian9:~# iptables-save > /etc/iptables/rules.v4
Ho theha le ho tsamaisa Transparent Proxy ka ho hlophisoa ha router
Tokisong ena, seva ea proxy e pepeneneng e ka ba PC e arohaneng kapa mochini o sebetsang ka morao ho router ea lapeng / ea khoebo. Ho lekane ho ngolisa litsela tse tsitsitseng ho router kapa lisebelisoa 'me subnet eohle e tla sebelisa proxy ntle le tlhokahalo ea litlhophiso leha e le life tse eketsehileng.
BOHLOKOA! Hoa hlokahala hore heke ea rona e fumane IP e tsitsitseng ho tloha ho router, kapa e lokisetsoe hore e be static ka boeona.
1. Lokisa aterese e tsitsitseng ea heke (adapter ea enp0s3)
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces file# Faele ena e hlalosa marang-rang a marang-rang a fumanehang ho sistimi ea hau
# le mokhoa oa ho li kenya tšebetsong. Ho fumana lintlha tse ling, sheba li-interfaces(5).
mohloli /etc/network/interfaces.d/*
# Sesebelisoa sa marang-rang sa loopback
e kolohe
iface lo inet loopback
# Sesebelisoa sa mantlha sa marang-rang
lumella-hotplug enp0s3
iface enp0s3 inet static
aterese 192.168.23.2
letlooa 255.255.255.0
heke 192.168.23.254
# Sebopeho sa marang-rang sa bobeli
lumella-hotplug enp0s8
iface enp0s8 inet static
aterese 192.168.201.254
letlooa 255.255.255.0
2. Lumella lisebelisoa ho tsoa ho subnet ea 192.168.23.0/24 ho sebelisa proxying
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.23.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
3. A re bolokeng melao
root@debian9:~# iptables-save > /etc/iptables/rules.v4
4. Ha re ngolise li-subnets ho router
Lenane la marang-rang a router199.116.161.0 255.255.255.0 192.168.23.2
199.116.162.0 255.255.255.0 192.168.23.2
199.116.164.0 255.255.254.0 192.168.23.2
208.85.40.0 255.255.252.0 192.168.23.2
208.85.44.0 255.255.255.0 192.168.23.2
208.85.46.0 255.255.254.0 192.168.23.2
Lisebelisoa/matlotlo a sebelisitsoeng
1. Websaete ea molao ea lenaneo la 3proxy
2. Litaelo tsa ho kenya 3proxy ho tloha mohloling
3. Lekala la ntlafatso ea 3proxy ho GitHub
Source: www.habr.com