ืืื ืืขื ืึทืจืืืงื ืืื ืืืึธืื ืืื ืฆื ืึทื ืืืขืงื ืื ืคึผืึทืกืึทืืืืึทืืื ืคืื ืืจืึทื ืกืคึผืขืจืึทื ื ืคึผืจืึทืงืกืืื ื, ืืืึธืก ืึทืืึทืื ืืืจ ืฆื ืจืืืขืจืขืงื ืึทืืข ืึธืืขืจ ืืืื ืคืื ืื ืคืึทืจืงืขืจ ืืืจื ืคืื ืืจืืืกื ืืืง ืคึผืจืึทืงืกื ืกืขืจืืืขืจืก ืืขืืึทืืจืข ืึทื ื ืึธืืืืกื ืืืจื ืงืืืืึทื ืฅ.
ืืืขื ืืื ืกืืึทืจืืขื ืกืึทืืืืื ื ืืขื ืคึผืจืึธืืืขื, ืืื ืืื ืืขืืืขื ืคืืืกื ืืื ืื ืคืึทืงื ืึทื ืืืึทื ืืืคึผืืึทืืขื ืืืืฉืึทื ืืื ืืืื ืืึทืืืึทืืืง ืคึผืจืึธืืืขื - ืื HTTPS ืคึผืจืึธืืึธืงืึธื. ืืื ืื ืืืืข ืึทืื ืืขื, ืขืก ืืขื ืขื ืืขืืืขื ืงืืื ืกืคึผืขืฆืืขื ืคึผืจืึธืืืขืืก ืืื ืืจืึทื ืกืคึผืขืจืึทื ื ืืืืคึผ ืคึผืจืึทืงืกืืื ื, ืึธืืขืจ ืืื HTTPS ืคึผืจืึทืงืกืืื ื, ืืจืึทืืืขืจื ืืึทืจืืื ืื ืืขืจืคืืจืึทื ืก ืืื ืืขื ืคึผืจืึธืืึธืงืึธื ืืื ืึทื ืก ืืื ืื ืืืืง ืขื ืืก.
ืืื ืื ืคึผืจืึธืกื ืืื ืกืืจืืงืฆืืขืก ืคึฟืึทืจ ืื Squid ืคืจืืงืกื ืกืขืจืืืขืจ, ืืื ืืคืืื ืคึฟืึธืจืฉืืึธืื ืืืฉืขื ืขืจืืืืื ื ืืืื ืืืืืขื ืข ืืึทืืืืึทืื ืืื ืื ืกืืึทืืืจื ืขืก ืืืืฃ ืงืืืืึทื ืฅ, ืืืึธืก ืืื ืืึทื ืฅ ืืืืื ืืื ืืื ืืกืืขืจ, ืืจืึทืฉืึทื ืึทื ืืื ืงืืงื ืืื ืึท MITM ืืึทืคืึทืื. ืืื ืืืืกื ืึทื ืืื ืืคืืฉ ืงืขื ืขื ืฉืืื ืืึธื ืขืคึผืขืก ืขื ืืขื, ืึธืืขืจ ืืขืจ ืึทืจืืืงื ืืื ืืืขืื ืึท ืคึผืจืึธืืืขื ืืื ืืจืืขืื ืืืคึฟื ื ืืฆื 3proxy ืคึฟืื ืื ืจืขืกืคึผืขืงืืขื 3APA3A.
ืืขืจื ืึธื, ืืืจ ืืืขืื ืงืืงื ืืื ืืขื ืคึผืจืึธืฆืขืก ืคืื ืืืืขื 3proxy ืคึฟืื ืืงืืจ, ืืืื ืงืึทื ืคืืืืขืจืืืฉืึทื, ืคืื ืืื ืกืขืืขืงืืืื ืคึผืจืึทืงืกืืื ื ื ืืฆื NAT, ืงืึทื ืึทื ืคืึทืจืฉืคึผืจืืืืื ื ืฆื ืขืืืขืืข ืคืื ืืจืืืกื ืืืง ืคึผืจืึทืงืกื ืกืขืจืืืขืจืก, ืืื ืืขืืื ื ืืื ืื ื ืืฆื ืคืื ืึท ืจืึทืืืขืจ ืืื ืกืืึทืืืง ืจืืฅ. ืืืจ ื ืืฆื Debian 9 x64 ืืื ืื ืึทืก. ืึธื ืืืืื!
ืื ืกืืึธืืื ื 3proxy ืืื ืืืืคื ืึท ืจืขืืืืขืจ ืคึผืจืึทืงืกื ืกืขืจืืืขืจ
1. ืื ืกืืึทืืืจื ifconfig (ืคึฟืื ืื ื ืขืฅ ืืืฉืืจืื ืคึผืขืงื)
apt-get install net-tools
2. ืื ืกืืึทืืืจื ืืืื ืืื ืงืึทืืึทื ืืขืจ
apt-get install mc
3. ืืืจ ืืืฆื ืืึธืื 2 ืื ืืขืจืคืืืกืื:
enp0s3 - ืคืื ืืจืืืกื ืืืง, ืงืืงื ืืืืฃ ืื ืืื ืืขืจื ืขื
enp0s8 - ืื ืขืจืืขื, ืืืื ืงืืงื ืืื ืื ืืืืข ื ืขืฅ
ืืืืฃ ืื ืืขืจืข ืืขืืืึทื-ืืืืืจื ืืืกืืจืืืืืฉืึทื ื, ืื ืื ืืขืจืคืืืกืื ืืขื ืขื ืืืืฉืึทืืืึทืื ืืขืจืืคื eth0 ืืื eth1.
ifconfig -a
ืื ืขืจืคืืืกืืenp0s3: ืคืืึทืืก = 4163 mtu 1500
inet 192.168.23.11 ื ืขืืืึทืกืง 255.255.255.0 ืืจืึธืืงืึทืกื 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (ืขืืืขืจื ืขื)
ืจืงืก ืคึผืึทืงืืฅ 6412 ืืืืขืก 8676619 (8.2 MiB)
ืจืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืจืึทื 0
ืืงืก ืคึผืึทืงืืฅ 1726 ืืืืขืก 289128 (282.3 ืงืื)
ืืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืืจืขืืขืจ 0 ืงืึทืืืืฉืึทื ื 0
enp0s8: ืคืืึทืืก = 4098 mtu 1500
ether 08:00:27:79:a7:e3 txqueuelen 1000 (ืขืืืขืจื ืขื)
RX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืจืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืจืึทื 0
TX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืืจืขืืขืจ 0 ืงืึทืืืืฉืึทื ื 0
ืื: ืคืืึทืืก=73 mtu 65536
inet 127.0.0.1 ื ืขืืืึทืกืง 255.0.0.0
inet6 :: 1 ืคึผืจืขืคืืงืกืืขื 128 scopeid 0x10 ืฉืืืืฃ txqueuelen 1 (ืืึธืงืึทื ืืืคึผืืึทืงืง)
RX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืจืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืจืึทื 0
TX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืืจืขืืขืจ 0 ืงืึทืืืืฉืึทื ื 0
ืื enp0s8 ืฆืืืื ื ืืื ืืืฆื ื ืืฉื ืืขื ืืฆื, ืืืจ ืืืขืื ืืขืื ืขืก ืืืขื ืืืจ ืืืืื ืฆื ื ืืฆื Proxy NAT ืึธืืขืจ NAT ืงืึทื ืคืืืืขืจืืืฉืึทื. ืขืก ืืื ืืขืืึธืื ืึทื ืขืก ืืืึธืื ืืืื ืืึทืืืฉืืงืึทื ืฆื ืืึทืฉืืืืขื ืขืก ืึท ืกืืึทืืืง IP.
4. ืืึธืืืจ ืึธื ืืืืื ืฆื ืื ืกืืึทืืืจื 3proxy
4.1 ืื ืกืืึธืืื ื ืืงืขืจืืืง ืคึผืึทืงืึทืืืฉืึทื ืคึฟืึทืจ ืงืึทืืคึผืืืืื ื 3proxy ืคึฟืื ืงืืืืื
root@debian9:~# apt-get install build-essential libevent-dev libssl-dev -y
4.2. ืืึธืืืจ ืืึทืื ืึท ืืขืงืข ืคึฟืึทืจ ืืึทืื ืืึธืืืื ื ืื ืึทืจืงืืืื ืืื ืืงืืจืื
root@debian9:~# mkdir -p /opt/proxy
4.3. ืืื ืก ืืืื ืฆื ืืขื ืืขืงืข
root@debian9:~# cd /opt/proxy
4.4. ืืืฆื ืืึธืื ืืื ืื ืืจืืคืงืืคืืข ืื ืืขืฆืืข 3proxy ืคึผืขืงื. ืืื ืืขืจ ืฆืืื ืคืื ืฉืจืืืื, ืื ืืขืฆืืข ืกืืึทืืื ืืืขืจืกืืข ืืื ืืขืืืขื 0.8.12 (18/04/2018) ืืจืืคืงืืคืืข ืขืก ืคึฟืื ืืขืจ ืืึทืึทืืืขืจ 3proxy ืืืขืืืืืื
root@debian9:/opt/proxy# wget https://github.com/z3APA3A/3proxy/archive/0.8.12.tar.gz
4.5. ืืื ืก ืึทื ืคึผืึทืง ืื ืืึทืื ืืึธืืืื ืึทืจืงืืืื
root@debian9:/opt/proxy# tar zxvf 0.8.12.tar.gz
4.6. ืืืื ืฆื ืื ืึทื ืคึผืึทืงื ืืืขืืืืืึทืืขืจ ืฆื ืืืืขื ืืขื ืคึผืจืึธืืจืึทื
root@debian9:/opt/proxy# cd 3proxy-0.8.12
4.7. ืืืืึทืืขืจ, ืืืจ ืืึทืจืคึฟื ืฆื ืืืืื ืึท ืฉืืจื ืฆื ืื ืืขืืขืจ ืืขืงืข ืึทืืื ืึทื ืืื ืืืขืจ ืกืขืจืืืขืจ ืืื ืืึธืจ ืึทื ืึทื ืึทืืึทืก (ืขืก ืืึทืงืข ืึทืจืืขื, ืึทืืฅ ืืื ืึธืคึผืืขืฉืืขืื, ืงืืืขื ื IPs ืืขื ืขื ืคืึทืจืืึธืจืื)
root@debian9:/opt/proxy/3proxy-0.8.12# nano +29 src/proxy.h
ืืืื ืึท ืฉืืจื
#define ANONYMOUS 1
ืืจืืง Ctrl + x ืืื ืึทืจืืึทื ืฆื ืจืึทืืขืืืขื ืื ืขื ืืขืจืื ืืขื.
4.8. ืืื ืก ืึธื ืืืืื ืึทืกืขืืืึทืืื ื ืื ืคึผืจืึธืืจืึทื
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux
ืืึทืืืืึธืืืึทืื [2]: ืืึธืื ืื ืืืขืืืืืึทืืขืจ '/opt/proxy/3proxy-0.8.12/src/plugins/TransparentPlugin'
ืืึทืื [1]: ืืึธืื ืื ืืืขืืืืืึทืืขืจ '/opt/proxy/3proxy-0.8.12/src'
ืงืืื ืขืจืจืึธืจืก, ืืึธืืืจ ืคืึธืจืืขืฆื.
4.9. ืื ืกืืึทืืืจื ืื ืคึผืจืึธืืจืึทื ืืืืฃ ืื ืกืืกืืขื
root@debian9:/opt/proxy/3proxy-0.8.12# make -f Makefile.Linux install
4.10. ืืืื ืฆื ืื ืืืึธืจืฆื ืืืขืืืืืึทืืขืจ ืืื ืืฉืขืง ืืื ืื ืคึผืจืึธืืจืึทื ืืื ืืื ืกืืึทืืืจื
root@debian9:/opt/proxy/3proxy-0.8.12# cd ~/
root@debian9:~# whereis 3proxy
3proxy: /usr/local/bin/3proxy /usr/local/etc/3proxy
4.11. ืืึธืืืจ ืฉืึทืคึฟื ืึท ืืขืงืข ืคึฟืึทืจ ืงืึทื ืคืืืืขืจืืืฉืึทื ืืขืงืขืก ืืื ืืึธืืก ืืื ืืขืจ ืืึทื ืืฆืขืจ 'ืก ืืืื ืืืขืืืืืึทืืขืจ
root@debian9:~# mkdir -p /home/joke/proxy/logs
4.12. ืืืื ืฆื ืื ืืืขืืืืืึทืืขืจ ืืื ืื ืงืึทื ืคืืืืขืจืืืฉืึทื ืืึธื ืืืื
root@debian9:~# cd /home/joke/proxy/
4.13. ืฉืึทืคึฟื ืึท ืืืืืืง ืืขืงืข ืืื ื ืึธืืืึทืื ืื ืงืึทื ืคืืืืขืจืืืฉืึทื ืืึธืจื
root@debian9:/home/joke/proxy# cat > 3proxy.conf
3proxy.confืืืืืึทื
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
nscache 65536
ืืึทื ืืฆืขืจ ืืขืกืืขืจ: CL:1234
ืืืืืึทืืฅ 1 5 30 60 180 1800 16 60
ืงืืึธืฅ /home/joke/proxy/logs/3proxy.log D
ืืึธืืคืึธืจืืึทื "- +_ื% ื.%. % ื .% ืคึผ % E % ื % C: % c % ืจ: % ืจ % ืึธ % ืืื % ื % ื"
ืืจืืืขื 3
ืึธื ืฉืืึทืจืง
ืืืืึทื
ืืึธืื ืืขืกืืขืจ
ืกืึทืงืก -p3128
ืคืจืืงืกื -p8080
ืฆื ืจืึทืืขืืืขื, ืืจืืงื ืงืืจื + ื
4.14. ืืื ืก ืืึทืื ืึท ืคึผืื ืืขืงืข ืึทืืื ืึทื ืขืก ืืขื ืขื ืงืืื ืขืจืจืึธืจืก ืืขืฉืึทืก ืกืืึทืจืืึทืคึผ.
root@debian9:/home/joke/proxy# cat > 3proxy.pid
ืฆื ืจืึทืืขืืืขื, ืืจืืงื ืงืืจื + ื
4.15. ืืื ืก ืงืึทืืขืจ ืื ืคืจืืงืกื ืกืขืจืืืขืจ!
root@debian9:/home/joke/proxy# 3proxy /home/joke/proxy/3proxy.conf
4.16. ืืื ืก ืืขื ืืืื ืืขืจ ืกืขืจืืืขืจ ืืื ืฆืืืขืืขืจื ืืืืฃ ืคึผืึธืจืฅ
root@debian9:~/home/joke/proxy# netstat -nlp
ื ืขืืกืืึทื ืงืืึธืฅืึทืงืืืื ืืื ืืขืจื ืขื ืงืึทื ืขืงืฉืึทื ื (ืืืืื ืกืขืจืืืขืจืก)
ืคึผืจืึธืืึธ ืจืขืื-ืง ืฉืืงื-ืง ืืืงืืืข ืึทืืจืขืก ืคืจืขืื ืึทืืจืขืก ืฉืืึทื PID / ืคึผืจืึธืืจืึทื ื ืึธืืขื
tcp 0 0 0.0.0.0:8080 0.0.0.0:* ืืขืจื 504/3ืคึผืจืึธืงืกื
ืืงืคึผ 0 0 0.0.0.0:22 0.0.0.0:* ืืขืจื 338/ืฉื
tcp 0 0 0.0.0.0:3128 0.0.0.0:* ืืขืจื 504/3ืคึผืจืึธืงืกื
tcp6 0 0 :::22 :::* ืืขืจื 338/ืฉื
ืืืคึผ 0 0 0.0.0.0:68 0.0.0.0:* 352/ืืืงืืืขื ื
ืืื ืขืก ืืื ืืขืืืขื ืืขืฉืจืืื ืืื ืื ืงืึทื ืคืืืืขืจืืืฉืึทื, ืืื ืืืขืจ ืืืขื ืคืจืืงืกื ืืืกืึทื ื ืฆื ืคึผืึธืจื 8080, Socks5 ืคืจืืงืกื ืืืกืึทื ื ืฆื ืคึผืึธืจื 3128.
4.17. ืฆื ืึทืืืึธืกืืึทืจื ืื ืคึผืจืึทืงืกื ืืื ืกื ื ืึธื ืึท ืจืขืืึธืึธื, ืืืจ ืืึทืจืคึฟื ืฆื ืืืืื ืขืก ืฆื Cron.
root@debian9:/home/joke/proxy# crontab -e
ืืืื ืึท ืฉืืจื
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxy.conf
ืืืจ ืืจืืงื ืึทืจืืึทื, ืืื ื Cron ืืึธื ืืขื ืื ืกืืฃ ืคืื ืฉืืจื ืืึทืจืึทืงืืขืจ ืืื ืจืึทืืขืืืขื ืื ืืขืงืข.
ืขืก ืืึธื ืืืื ืึท ืึธื ืืึธื ืืืขืื ืื ืกืืึธืืื ื ืึท ื ืืึท ืงืจืึธื ืืึทื.
crontab: ืื ืกืืึธืืื ื ื ืืึท crontab
4.18. ืืึธืืืจ ืจืขืืึธืึธื ืื ืกืืกืืขื ืืื ืคึผืจืืืืจื ืฆื ืคืึทืจืืื ืื ืฆื ืื ืคืจืืงืกื ืืืจื ืืขื ืืืขืืขืจืขืจ. ืฆื ืงืึธื ืืจืึธืืืจื, ืืืจ ื ืืฆื ืื Firefox ืืืขืืขืจืขืจ (ืคึฟืึทืจ ืึท ืืืขื ืคืจืืงืกื) ืืื ืื FoxyProxy ืึทืืืฉืึทื ืคึฟืึทืจ ืกืึทืงืก 5 ืืื ืึธืืขื ืืึทืงืืืฉืึทื.
root@debian9:/home/joke/proxy# reboot
4.19. ื ืึธื ืงืึธื ืืจืึธืืืจืื ื ืื ืึธืคึผืขืจืึทืฆืืข ืคืื โโืื ืคึผืจืึทืงืกื ื ืึธื ืึท ืจืขืืึธืึธื, ืืืจ ืงืขื ืขื ืืขื ืื ืืึธืืก. ืืขื ืงืึทืืคึผืืืฅ ืื ืคึผืจืึทืงืกื ืกืขืจืืืขืจ ืกืขืืึทืคึผ.
3 ืคืจืืงืกื ืงืืึธืฅ1542573996.018 PROXY.8080 00000 ืืขืกืืขืจ 192.168.23.10:50915 217.12.15.54:443 1193 6939 0 CONNECT_ads.yahoo.com:443HTTP
1542574289.634 SOCK5.3128 00000 ืืขืกืืขืจ 192.168.23.10:51193 54.192.13.69:443 0 0 0 CONNECT_normandy.cdn.mozilla.net:443
ืืึทืฉืืขืืืงื ืืื ืืืืคื ืืจืึทื ืกืคึผืึทืจืขื ื ืคึผืจืึธืงืกื NAT โโืงืึทื ืคืืืืขืจืืืฉืึทื
ืืื ืืขื ืงืึทื ืคืืืืขืจืืืฉืึทื, ืึทืืข ืืขืืืืกืขืก ืืืืฃ ืื ืื ืขืจืืขื ื ืขืฅ ืืืขื ืืจืึทื ืกืคึผืขืจืึทื ื ืึทืจืืขืื ืืืืฃ ืื ืืื ืืขืจื ืขื ืืืจื ืึท ืืืืึทื ืคึผืจืึทืงืกื ืกืขืจืืืขืจ. ืืขืืึทืืจืข ืึทืืข ืืงืคึผ ืงืึทื ืขืงืฉืึทื ื ืืืขื ืืืื ืจืืืขืจืขืงืืื ืฆื ืืืื ืขืจ ืึธืืขืจ ืืขืจ (ืืึทืงืข ืืงืกืคึผืึทื ืื ืื ืงืึทื ืึทื ืืจืืื, ืงืึทื ืคืืืืขืจืืืฉืึทื ืืืึทืฉืคึผืื ื ืื 2!) ืคืจืืงืกื ืกืขืจืืืขืจืก. ืื ืื ืก ืืื ืกื ืืืขื ื ืืฆื 3proxy (dnspr) ืงืืืคึผืึทืืืืึทืืื. UDP ืืืขื ื ืืฉื "ืืืื" ืึทืืืืืขืจื, ืืืืึทื ืืืจ ืืขื ืขื ื ืืฉื ื ืึธื ื ืืฆื ืื ืคืึธืจืืืก ืืขืงืึทื ืืืึทื (ืคืึทืจืงืจืืคึผืื ืืืจื ืคืขืืืงืืึทื ืืื ืื ืืื ืืงืก ืงืขืจื).
1. ืขืก ืืื ืฆืืื ืฆื ืืขืื ืื enp0s8 ืฆืืืื ื
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces ืืขืงืข# ืืขืจ ืืขืงืข ืืืฉืจืืืื ืื ื ืขืฅ ืื ืืขืจืคืืืกืื ืื ืืืฆื ืืืืฃ ืืืื ืกืืกืืขื
# ืืื ืืื ืฆื ืึทืงืืึทืืืืื ืืื. ืคึฟืึทืจ ืืขืจ ืืื ืคึฟืึธืจืืึทืฆืืข, ืืขื ืื ืืขืจืคืืืกืื (5).
ืืงืืจ /etc/network/interfaces.d/*
# ืื ืืืคึผืืึทืงืง ื ืขืฅ ืฆืืืื ื
ืืึทืฉืื ืขืก
ืืืื ืขืก ืืื ื ืืฉื ืึท ืืืคึผืืึทืงืง
# ืื ืขืจืฉืืืง ื ืขืฅ ืฆืืืื ื
ืืึธืื-ืืึธืืคึผืืื ืขื ืคึผ0ืก3
iface enp0s3 inet dhcp
# ืื ืฆืืืืืืืง ื ืขืฅ ืฆืืืื ื
ืืึธืื-ืืึธืืคึผืืื ืขื ืคึผ0ืก8
iface enp0s8 ืื ืขื ืกืืึทืืืง
ืึทืืจืขืก 192.168.201.254
ื ืขืืืึทืกืง 255.255.255.0
ืืึธ ืืืจ ืึทืกืืื ื ืื enp0s8 ืฆืืืื ื ืึท ืกืืึทืืืง ืึทืืจืขืก 192.168.201.254 ืืื ืึท ืืึทืกืงืข 255.255.255.0
ืืื ืื ืงืึธื ืคืืืืจืึทืืืึธื Ctrl + X ืืื ืจืขืืึธืึธื
root@debian9:~# reboot
2. ืงืึธื ืืจืึธืืืจืื ื ืื ืื ืืขืจืคืืืกืื
root@debian9:~# ifconfig
ifconfig ืงืืึธืฅenp0s3: ืคืืึทืืก = 4163 mtu 1500
inet 192.168.23.11 ื ืขืืืึทืกืง 255.255.255.0 ืืจืึธืืงืึทืกื 192.168.23.255
inet6 fe80::a00:27ff:fec2:bae4 prefixlen 64 scopeid 0x20 ether 08:00:27:c2:ba:e4 txqueuelen 1000 (ืขืืืขืจื ืขื)
ืจืงืก ืคึผืึทืงืืฅ 61 ืืืืขืก 7873 (7.6 ืงืื)
ืจืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืจืึทื 0
ืืงืก ืคึผืึทืงืืฅ 65 ืืืืขืก 10917 (10.6 ืงืื)
ืืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืืจืขืืขืจ 0 ืงืึทืืืืฉืึทื ื 0
enp0s8: ืคืืึทืืก = 4163 mtu 1500
inet 192.168.201.254 ื ืขืืืึทืกืง 255.255.255.0 ืืจืึธืืงืึทืกื 192.168.201.255
inet6 fe80::a00:27ff:fe79:a7e3 prefixlen 64 scopeid 0x20 ether 08:00:27:79:a7:e3 txqueuelen 1000 (ืขืืืขืจื ืขื)
RX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืจืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืจืึทื 0
TX ืคึผืึทืงืืฅ 8 ืืืืขืก 648 (648.0 ื)
ืืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืืจืขืืขืจ 0 ืงืึทืืืืฉืึทื ื 0
ืื: ืคืืึทืืก=73 mtu 65536
inet 127.0.0.1 ื ืขืืืึทืกืง 255.0.0.0
inet6 :: 1 ืคึผืจืขืคืืงืกืืขื 128 scopeid 0x10 ืฉืืืืฃ txqueuelen 1 (ืืึธืงืึทื ืืืคึผืืึทืงืง)
RX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืจืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืจืึทื 0
TX ืคึผืึทืงืืฅ 0 ืืืืขืก 0 (0.0 ื)
ืืงืก ืขืจืจืึธืจืก 0 ืืจืึทืคึผื 0 ืึธืืืืขืจืจืึทื ื 0 ืืจืขืืขืจ 0 ืงืึทืืืืฉืึทื ื 0
3. ืึทืืฅ ืืขืืจืืขื ืืืืก, ืืืฆื ืืืจ ืืึทืจืคึฟื ืฆื ืงืึทื ืคืืืืขืจ 3proxy ืคึฟืึทืจ ืืจืึทื ืกืคึผืขืจืึทื ื ืคึผืจืึทืงืกืืื ื.
root@debian9:~# cd /home/joke/proxy/
root@debian9:/home/joke/proxy# cat > 3proxytransp.conf
ืืืึทืฉืคึผืื ืงืึทื ืคืืืืขืจืืืฉืึทื ืคืื ืืจืึทื ืกืคึผืขืจืึทื ื ืคืจืืงืกื ืกืขืจืืืขืจ ื ืื 1ืืืืืึทื
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
nscache 65536
ืืืืืึทืืฅ 1 5 30 60 180 1800 16 60
ืงืืึธืฅ /home/joke/proxy/logs/3proxy.log D
ืืึธืืคืึธืจืืึทื "- +_ื% ื.%. % ื .% ืคึผ % E % ื % C: % c % ืจ: % ืจ % ืึธ % ืืื % ื % ื"
ืืจืืืขื 3
ืืืืึทื
ืึทืืื ืืคึผืึธื ืื
dnspr
ืืึธืื *
ืคืึธืืขืจ 1000 ืกืึทืงืก 5 IP_ADDRESS ืคืื EXTERNAL_PROXY 3128 ืืขืกืืขืจ 1234
ืคึผืืืืื /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
4. ืืืฆื ืืืจ ืงืึทืืขืจ 3proxy ืืื ืื ื ืืึท ืงืึธื ืคืื
root@debian9:/home/joke/proxy# /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
5. ืืืื ืฆื ืงืจืึธื ืืึทื ืืืืืขืจ
root@debian9:/home/joke/proxy# crontab -e
@reboot /usr/local/bin/3proxy /home/joke/proxy/3proxytransp.conf
6. ืืึธืืืจ ืืขื ืืืึธืก ืืื ืืืขืจ ืคืจืืงืกื ืืื ืืืฆื ืฆืืืขืืขืจื
root@debian9:~# netstat -nlp
ื ืขืืกืืึทื ืงืืึธืฅืึทืงืืืื ืืื ืืขืจื ืขื ืงืึทื ืขืงืฉืึทื ื (ืืืืื ืกืขืจืืืขืจืก)
ืคึผืจืึธืืึธ ืจืขืื-ืง ืฉืืงื-ืง ืืืงืืืข ืึทืืจืขืก ืคืจืขืื ืึทืืจืขืก ืฉืืึทื PID / ืคึผืจืึธืืจืึทื ื ืึธืืขื
ืืงืคึผ 0 0 0.0.0.0:22 0.0.0.0:* ืืขืจื 349/ืฉื
tcp 0 0 0.0.0.0:888 0.0.0.0:* ืืขืจื 354/3ืคึผืจืึธืงืกื
tcp6 0 0 :::22 :::* ืืขืจื 349/ืฉื
ืืืคึผ 0 0 0.0.0.0:53 0.0.0.0:* 354/3ืคึผืจืึธืงืกื
ืืืคึผ 0 0 0.0.0.0:68 0.0.0.0:* 367/ืืืงืืืขื ื
7. ืืืฆื ืื ืคึผืจืึทืงืกื ืืื ืืจืืื ืฆื ืึธื ื ืขืืขื ืงืืื ืืงืคึผ ืงืึทื ืขืงืฉืึทื ื ืืืืฃ ืคึผืึธืจื 888, ืื ืก ืืืืฃ ืคึผืึธืจื 53, ืึทืืื ืึทื ืืื ืงืขื ืขื ืืืื ืจืืืขืจืขืงืืื ืฆื ืื ืืืืึทื ืกืึทืงืก5 ืคืจืืงืกื ืืื ืื ืก ืืืื 8.8.8.8. ืื ืืืจ ืืึธืื ืฆื ืืึธื ืืื ืงืึทื ืคืืืืขืจ ื ืขืืคืืืืขืจ (ืืคึผืืึทืืืขืก) ืืื DHCP ืึผืืืื ืคึฟืึทืจ ืึทืจืืืกืืขืื ืืืขื ืื.
8. ืื ืกืืึทืืืจื ืื iptables-persistent ืืื dhcpd ืคึผืขืงื
root@debian9:~# apt-get install iptables-persistent isc-dhcp-server
9. ืจืขืืึทืืืจื ืื ืืืงืคึผื ืกืืึทืจืืึทืคึผ ืืขืงืข
root@debian9:~# nano /etc/dhcp/dhcpd.conf
dhcpd.conf# dhcpd.conf
#
# ืืืกืืขืจ ืงืึทื ืคืืืืขืจืืืฉืึทื ืืขืงืข ืคึฟืึทืจ ISC dhcpd
#
# ืึธืคึผืฆืืข ืืขืคึฟืื ืืฆืืข ืคึผืจืึธืกื ืคึฟืึทืจ ืึทืืข ืืขืฉืืืฆื ื ืขืืืืึธืจืงืก ...
ืึธืคึผืฆืืข ืคืขืื ื ืึธืืขื "example.org";
ืึธืคึผืฆืืข ืคืขืื ื ืึธืืขื ืกืขืจืืืขืจืก ns1.example.org, ns2.example.org;
ืคืขืืืงืืึทื-ืืื ืืขื-ืฆืืึทื 600;
ืืึทืงืก-ืืื ืืขื-ืฆืืื 7200;
ddns-update-style ืืึธืจื ืื;
# ืืืื ืืขืจ DHCP ืกืขืจืืืขืจ ืืื ืืขืจ ืืึทืึทืืืขืจ DHCP ืกืขืจืืืขืจ ืคึฟืึทืจ ืื ืืืืข
# ื ืขืฅ, ืื ืึทืืึธืจืึทืืืืืืื ืืืจืขืงืืืื ืืึธื ืืืื ืึทื ืงืึทืืขื ืืึทื.
ืึทืืึธืจืึทืืืืืืื;
# ื ืืืกื ืึทื ืืขืจืฉ ืงืึทื ืคืืืืขืจืืืฉืึทื ืคึฟืึทืจ ืึทื ืื ืขืจืืขื ืกืืื ืขื.
ืกืืื ืขื 192.168.201.0 ื ืขืืืึทืกืง 255.255.255.0 {
ืงืืื 192.168.201.10 192.168.201.250;
ืึธืคึผืฆืืข ืคืขืื ื ืึธืืขื ืกืขืจืืืขืจืก 192.168.201.254;
ืึธืคึผืฆืืข ืจืึธืืืขืจืก 192.168.201.254;
ืึธืคึผืฆืืข ืืจืึธืืงืึทืกื-ืึทืืจืขืก 192.168.201.255;
ืคืขืืืงืืึทื-ืืื ืืขื-ืฆืืึทื 600;
ืืึทืงืก-ืืื ืืขื-ืฆืืื 7200;
}
11. ืจืขืืึธืึธื ืืื ืงืึธื ืืจืึธืืืจื ืื ืืื ืกื ืืืืฃ ืคึผืึธืจื 67
root@debian9:~# reboot
root@debian9:~# netstat -nlp
ื ืขืืกืืึทื ืงืืึธืฅืึทืงืืืื ืืื ืืขืจื ืขื ืงืึทื ืขืงืฉืึทื ื (ืืืืื ืกืขืจืืืขืจืก)
ืคึผืจืึธืืึธ ืจืขืื-ืง ืฉืืงื-ืง ืืืงืืืข ืึทืืจืขืก ืคืจืขืื ืึทืืจืขืก ืฉืืึทื PID / ืคึผืจืึธืืจืึทื ื ืึธืืขื
ืืงืคึผ 0 0 0.0.0.0:22 0.0.0.0:* ืืขืจื 389/ืฉื
tcp 0 0 0.0.0.0:888 0.0.0.0:* ืืขืจื 310/3ืคึผืจืึธืงืกื
tcp6 0 0 :::22 :::* ืืขืจื 389/ืฉื
ืืืคึผ 0 0 0.0.0.0:20364 0.0.0.0:* 393/dhcpd
ืืืคึผ 0 0 0.0.0.0:53 0.0.0.0:* 310/3ืคึผืจืึธืงืกื
ืืืคึผ 0 0 0.0.0.0:67 0.0.0.0:* 393/dhcpd
ืืืคึผ 0 0 0.0.0.0:68 0.0.0.0:* 405/ืืืงืืืขื ื
udp6 0 0 :::31728 :::* 393/dhcpd
ืจืื 0 0 0.0.0.0:1 0.0.0.0:* 393/ืืืงืคึผื
12. ืึทืืข ืืืึธืก ืืืืืื ืืื ืฆื ืจืืืขืจืขืงื ืึทืืข ืืงืคึผ ืจืืงืืืขืก ืฆื ืคึผืึธืจื 888 ืืื ืจืึทืืขืืืขื ืื ืืขืจืฉื ืืื iptables
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -p tcp -j REDIRECT --to-ports 888
root@debian9:~# iptables-save > /etc/iptables/rules.v4
13. ืฆื ืืงืกืคึผืึทื ื ืื ืงืึทื ืึทื ืืึทื ืืืืืื, ืืืจ ืงืขื ืขื ื ืืฆื ืขืืืขืืข ืคืจืืงืกื ืกืขืจืืืขืจืก ืืื ืึทืืึธื. ืื ืืึทื ืฅ ืืืื ืืืื 1000. ื ืื ืงืึทื ืขืงืฉืึทื ื ืืขื ืขื ืืขืืจืื ืืขื ืืื ืึท ืืึทืฉืืึธืขืก ืคืื 0.2, 0.2, 0.2, 0.2, 0,1, 0,1 ืฆื ืื ืกืคึผืขืกืืคืืขื ืคึผืจืึทืงืกื ืกืขืจืืืขืจืก.
ืืึทืืขืจืงืื ื: ืืืื ืืืจ ืืึธืื ืึท ืืืขื ืคืจืืงืกื, ืึทื ืฉืืึธื ืคืื ืกืึทืงืก 5 ืืืจ ืืึทืจืคึฟื ืฆื ืฉืจืืึทืื ืงืึธื ื ืขืงื, ืืืื ืกืึทืงืก 4, ืกืึธืงืก 4 (ืกืึธืงืงืก 4 ืืื ื ืืฉื ืฉืืืฆื ืืึธืืื / ืคึผืึทืจืึธื ืึทืืืืึธืจืืืึทืืืึธื!)
ืืืึทืฉืคึผืื ืงืึทื ืคืืืืขืจืืืฉืึทื ืคืื ืืจืึทื ืกืคึผืขืจืึทื ื ืคืจืืงืกื ืกืขืจืืืขืจ ื ืื 2ืืืืืึทื
pidfile /home/joke/proxy/3proxy.pid
nserver 8.8.8.8
nscache 65536
maxconn 500
ืืืืืึทืืฅ 1 5 30 60 180 1800 16 60
ืงืืึธืฅ /home/joke/proxy/logs/3proxy.log D
ืืึธืืคืึธืจืืึทื "- +_ื% ื.%. % ื .% ืคึผ % E % ื % C: % c % ืจ: % ืจ % ืึธ % ืืื % ื % ื"
ืืจืืืขื 3
ืืืืึทื
ืึทืืื ืืคึผืึธื ืื
dnspr
ืืึธืื *
ืคืึธืืขืจ 200 ืกืึทืงืก5 IP_ADDRESS_EXTERNAL_PROXY#1 3128 ืืขืกืืขืจ 1234
ืคืึธืืขืจ 200 ืกืึทืงืก5 IP_ADDRESS_EXTERNAL_PROXY#2 3128 ืืขืกืืขืจ 1234
ืคืึธืืขืจ 200 ืกืึทืงืก5 IP_ADDRESS_EXTERNAL_PROXY#3 3128 ืืขืกืืขืจ 1234
ืคืึธืืขืจ 200 ืกืึทืงืก5 IP_ADDRESS_EXTERNAL_PROXY#4 3128 ืืขืกืืขืจ 1234
ืคืึธืืขืจ 100 ืกืึทืงืก5 IP_ADDRESS_EXTERNAL_PROXY#5 3128 ืืขืกืืขืจ 1234
ืคืึธืืขืจ 100 ืกืึทืงืก5 IP_ADDRESS_EXTERNAL_PROXY#6 3128 ืืขืกืืขืจ 1234
ืคึผืืืืื /opt/proxy/3proxy-0.8.12/src/TransparentPlugin.ld.so transparent_plugin
tcppm -i0.0.0.0 888 127.0.0.1 11111
ืืึทืฉืืขืืืงื ืืื ืืืืคื NAT + ืืจืึทื ืกืคึผืึทืจืขื ื ืคึผืจืึธืงืกื ืงืึทื ืคืืืืขืจืืืฉืึทื
ืืื ืืขื ืงืึทื ืคืืืืขืจืืืฉืึทื, ืืืจ ืืืขืื ื ืืฆื ืื ืืขืืืืื ืืืขื NAT ืืขืงืึทื ืืืึทื ืืื ืกืขืืขืงืืืื ืึธืืขืจ ืคืื ืืจืึทื ืกืคึผืขืจืึทื ื ืคึผืจืึทืงืกืืื ื ืคืื ืืืื ืึทืืจืขืกืขืก ืึธืืขืจ ืกืืื ืขืฅ. ืืื ืขืจืืขืืขืจ ื ืขืฅ ื ืืฆืขืจืก ืืืขืื ืึทืจืืขืื ืืื ืืืืขืจ ืืึทืืื ืื ืืก / ืกืืื ืขืฅ ืึธื ืืคืืื ืจืืึทืืืืืื ื ืึทื ืืื ืึทืจืืขืื ืืืจื ืึท ืคืจืืงืกื. ืึทืืข ืืืืคึผืก ืงืึทื ืขืงืฉืึทื ื ืึทืจืืขื ืืื, ืงืืื ืกืขืจืืืคืืงืึทืฅ ืืึทืจืคึฟื ืฆื ืืืื ืืืฉืขื ืขืจืืืืึทื / ืจืืคึผืืืืกื.
ืขืจืฉืืขืจ, ืืึธืื ืืื ืื ืืึทืฉืืืกื ืืืึธืก ืกืืื ืขืฅ / ืืึทืืื ืื ืืก ืืืจ ืืืืื ืฆื ืคึผืจืึทืงืกื. ืืึธืืืจ ืืืขืจื ืขืืขื ืึทื ืคืื ืืจืืืกื ืืืง ืคึผืจืึทืงืกืื ืืขื ืขื ืืืื ืืื ืึท ืกืขืจืืืืก ืืื pandora.com ืึทืคึผืขืจืืืฅ. ืืืฆื ืขืก ืืืืืื ืฆื ืืึทืฉืืืืขื ืืืึทื ืกืืื ืขืฅ / ืืืขื ืื.
1. ืคึผืื ื
root@debian9:~# ping pandora.com
PING pandora.com (208.85.40.20) 56 (84) ืืืืขืก ืคืื ืืึทืื.
2. ืืืคึผ BGP 208.85.40.20 ืืื Google
ืืื ืก ืืืื ืฆื ืื ืคึผืืึทืฅ
ืขืก ืงืขื ืขื ืืืื ืืขืืขื ืึทื ืื ืกืืื ืขื ืืื ืืื ืงืืงื ืคึฟืึทืจ ืืื AS40428 Pandora Media, Inc
ืขืคื v4 ืคึผืจืขืคืืงืก
ืืึธ ืืขื ืขื ืื ืคืืจืืื ืื ืกืืื ืขืฅ!
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
199.116.164.0/24
199.116.165.0/24
208.85.40.0/24
208.85.41.0/24
208.85.42.0/23
208.85.42.0/24
208.85.43.0/24
208.85.44.0/24
208.85.46.0/23
208.85.46.0/24
208.85.47.0/24
3. ืฆื ืจืขืืืฆืืจื ืื ื ืืืขืจ ืคืื ืกืืื ืขืฅ, ืืืจ ืืึทืจืคึฟื ืฆื ืืืจืืคืืจื ืึทืืืจืขืืึทืืืึธื. ืืืื ืฆื ืื ืคึผืืึทืฅ
199.116.161.0/24
199.116.162.0/24
199.116.164.0/23
208.85.40.0/22
208.85.44.0/24
208.85.46.0/23
4. ืงืืึธืจ ืืคึผืืึทืืืขืก ืึผืืืื
root@debian9:~# iptables -F
root@debian9:~# iptables -X
root@debian9:~# iptables -t nat -F
root@debian9:~# iptables -t nat -X
ืืขืื ืื ืคืึธืจืืืก ืืื NAT ืืขืงืึทื ืืืึทื
root@debian9:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@debian9:~# iptables -A FORWARD -i enp0s3 -o enp0s8 -j ACCEPT
root@debian9:~# iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
root@debian9:~# iptables -t nat -A POSTROUTING -o enp0s3 -s 192.168.201.0/24 -j MASQUERADE
ืฆื ืขื ืฉืืจ ืึทื ืคืึธืจืืืก ืืื ืขื ืืืืึทืื ืคึผืขืจืืึทื ืึทื ืืื ื ืึธื ืึท ืจืขืืึธืึธื, ืืึธืื ืืื ืื ืืืืฉื ืื ืืขืงืข
root@debian9:~# nano /etc/sysctl.conf
ืืื ื ืขื ืึทืืืขืง ืื ืฉืืจื
net.ipv4.ip_forward = 1
Ctrl + X ืฆื ืจืึทืืขืืืขื ืื ืืขืงืข
5. ืืืจ ืืึทื ืืืืงืืขื pandora.com ืกืืื ืขืฅ ืืื ืึท ืคืจืืงืกื
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.201.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
6. ืืึธืืืจ ืืึทืืื ืื ืึผืืืื
root@debian9:~# iptables-save > /etc/iptables/rules.v4
ืืึทืฉืืขืืืงื ืืื ืืืืคื ืื ืืจืึทื ืกืคึผืึทืจืขื ื ืคึผืจืึธืงืกื ืืืจื ืจืึทืืืขืจ ืงืึทื ืคืืืืขืจืืืฉืึทื
ืืื ืืขื ืงืึทื ืคืืืืขืจืืืฉืึทื, ืื ืืจืึทื ืกืคึผืขืจืึทื ื ืคืจืืงืกื ืกืขืจืืืขืจ ืงืขื ืขื ืืืื ืึท ืืึทืืื ืืขืจ ืคึผืืกื ืึธืืขืจ ืึท ืืืืจืืืึทื ืืึทืฉืื ืืื ืืขืจ ืึท ืืืื / ืคึฟืืจืืข ืจืึทืืืขืจ. ืขืก ืืื ืืขื ืื ืฆื ืคืึทืจืฉืจืืึทืื ืกืืึทืืืง ืจืืฅ ืืืืฃ ืื ืจืึทืืืขืจ ืึธืืขืจ ืืืืืืืกืึทื ืืื ืื ืืื ืฆืข ืกืืื ืขื ืืืขื ื ืืฆื ืึท ืคึผืจืึทืงืกื ืึธื ืื ื ืืื ืคึฟืึทืจ ื ืึธื ืกืขืืืื ืืก.
ืืืืืืืง! ืขืก ืืื ื ืืืืืง ืึทื ืืื ืืืขืจ ืืืืืืืื ื ืขืื ืึท ืกืืึทืืืง IP ืคืื ืื ืจืึทืืืขืจ, ืึธืืขืจ ืืื ืงืึทื ืคืืืืขืจื ืฆื ืืืื ืกืืึทืืืง ืืื.
1. ืงืึทื ืคืืืืขืจ ืึท ืกืืึทืืืง ืืืืืืืื ืึทืืจืขืก (enp0s3 ืึทืืึทืคึผืืขืจ)
root@debian9:~# nano /etc/network/interfaces
/etc/network/interfaces ืืขืงืข# ืืขืจ ืืขืงืข ืืืฉืจืืืื ืื ื ืขืฅ ืื ืืขืจืคืืืกืื ืื ืืืฆื ืืืืฃ ืืืื ืกืืกืืขื
# ืืื ืืื ืฆื ืึทืงืืึทืืืืื ืืื. ืคึฟืึทืจ ืืขืจ ืืื ืคึฟืึธืจืืึทืฆืืข, ืืขื ืื ืืขืจืคืืืกืื (5).
ืืงืืจ /etc/network/interfaces.d/*
# ืื ืืืคึผืืึทืงืง ื ืขืฅ ืฆืืืื ื
ืืึทืฉืื ืขืก
ืืืื ืขืก ืืื ื ืืฉื ืึท ืืืคึผืืึทืงืง
# ืื ืขืจืฉืืืง ื ืขืฅ ืฆืืืื ื
ืืึธืื-ืืึธืืคึผืืื ืขื ืคึผ0ืก3
iface enp0s3 ืื ืขื ืกืืึทืืืง
ืึทืืจืขืก 192.168.23.2
ื ืขืืืึทืกืง 255.255.255.0
ืืืืขืจ 192.168.23.254
# ืื ืฆืืืืืืืง ื ืขืฅ ืฆืืืื ื
ืืึธืื-ืืึธืืคึผืืื ืขื ืคึผ0ืก8
iface enp0s8 ืื ืขื ืกืืึทืืืง
ืึทืืจืขืก 192.168.201.254
ื ืขืืืึทืกืง 255.255.255.0
2. ืืึธืื ืืขืืืืกืขืก ืคึฟืื ืื 192.168.23.0/24 ืกืืื ืขื ืฆื ื ืืฆื ืคึผืจืึทืงืกืืื ื
root@debian9:~# iptables -t nat -A PREROUTING -s 192.168.23.0/24 -d 199.116.161.0/24,199.116.162.0/24,199.116.164.0/23,208.85.40.0/22,208.85.44.0/24,208.85.46.0/23 -p tcp -j REDIRECT --to-ports 888
3. ืืึธืืืจ ืืึทืืื ืื ืึผืืืื
root@debian9:~# iptables-save > /etc/iptables/rules.v4
4. ืืื ืก ืจืขืืืกืืจืืจื ืกืืื ืขืฅ ืืืืฃ ืื ืจืึทืืืขืจ
ืจืึธืืืขืจ ื ืขืฅ ืจืฉืืืืงืกื ืืืงืก ืงืกื ืืืงืก ืงืกื ืืืงืก
ืงืกื ืืืงืก ืงืกื ืืืงืก ืงืกื ืืืงืก
ืงืกื ืืืงืก ืงืกื ืืืงืก ืงืกื ืืืงืก
ืงืกื ืืืงืก ืงืกื ืืืงืก ืงืกื ืืืงืก
ืงืกื ืืืงืก ืงืกื ืืืงืก ืงืกื ืืืงืก
ืงืกื ืืืงืก ืงืกื ืืืงืก ืงืกื ืืืงืก
ืืึทืืขืจืืึทืืก / ืจืขืกืืจืกื ืืขื ืืฆื
1. ืึทืคืืฉืึทื ืืืขืืืืึทืื ืคืื ืื 3ืคึผืจืึธืงืกื ืคึผืจืึธืืจืึทื
2. ืื ืกืืจืึทืงืฉืึทื ื ืคึฟืึทืจ ืื ืกืืึธืืื ื 3proxy ืคึฟืื ืืงืืจ
3. 3ืคึผืจืึธืงืกื ืึทื ืืืืืงืืื ื ืฆืืืืึทื ืืืืฃ ืืืืืื
ืืงืืจ: www.habr.com