下載依賴#
yum install -y libevent libevent-devel gcc
下載源碼#
https://github.com/darkk/redsocks
編譯源碼#
cd redsocks
make
快捷方式#
將 redsocks 複製到 /usr/bin
修改配置文件#
修改 proxy.sh(自動化腳本)和 /etc/redsocks.conf
proxy.sh(centos7)
#!/bin/bash
socks5_ip="192.168.31.200"
user="root"
line(){
echo -e "========================================="
}
startproxy(){
# 配置iptables策略
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d $socks5_ip -j RETURN
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 100.64.0.0/10 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 198.18.0.0/15 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
# 其他所有流量應該重定向到端口 12345
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345
# 任何由 `luser' 發起的 tcp 連接應該被重定向。
iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner $user -j REDSOCKS
# 開啟redsocks服務
nohup redsocks -c /etc/redsocks.conf > /dev/null 2>&1 &
redsocks_pid=$(ps -ef | grep 'redsocks' | grep -v 'grep' | awk '{ printf $2 }')
}
stopproxy(){
# 清除iptables策略
iptables -t nat -F
iptables -t nat -X
# 關閉redsocks服務
kill $redsocks_pid
wait $redsocks_pid 2>/dev/null
}
while true;do
line
echo -e "Redsocks自動化腳本【1.0】
【1】開啟全局代理
【2】關閉全局代理"
line
read -r -p "請輸入數字【1-2】:" num
if [ $num -eq 1 ]; then
startproxy
echo "【+】Redsocks已開啟。。。"
continue
elif [ $num -eq 2 ]; then
stopproxy
echo "【-】Redsocks已關閉。。。"
continue
else
echo -e "請輸入正確數字!!!"
fi
done
proxy.sh(kali)
#!/bin/bash
socks5_ip="192.168.31.121"
user="root"
red_prefix="\033[31m"
green_prefix="\033[32m"
purple_prefix="\033[35m"
font_suffix="\033[0m"
line(){
echo -e "========================================="
}
startproxy(){
# 配置iptables策略
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d $socks5_ip -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 198.18.0.0/15 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
# 其他所有流量應該重定向到端口 12345
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345
# 任何由 `luser' 發起的 tcp 連接應該被重定向。
iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner $user -j REDSOCKS
# 開啟redsocks服務
nohup redsocks -c /etc/redsocks.conf > /dev/null 2>&1 &
# 獲取redsocks進程id
redsocks_pid=$(ps -ef | grep 'redsocks' | grep -v 'grep' | awk '{ printf $2 }')
}
stopproxy(){
# 清除iptables策略
iptables -t nat -F
iptables -t nat -X
# 關閉redsocks服務
pkill redsocks
}
while true;do
if [ $(netstat -tanplu | grep redsocks | wc -l) -ne 0 ];then
line
echo -e " $purple_prefix Redsocks自動化腳本【1.0】$font_suffix
$green_prefix【當前狀態:開啟】$font_suffix
【1】開啟全局代理
【2】關閉全局代理"
line
else
line
echo -e " $purple_prefix Redsocks自動化腳本【1.0】$font_suffix
$red_prefix【當前狀態:停止】$font_suffix
【1】開啟全局代理
【2】關閉全局代理"
line
fi
read -r -p "請輸入數字【1-2】:" num
if [ $num -eq 1 ]; then
startproxy
echo -e "$green_prefix 【+】Redsocks已開啟。。。$font_suffix"
continue
elif [ $num -eq 2 ]; then
stopproxy
echo -e "$red_prefix【-】Redsocks已關閉。。。$font_suffix"
continue
else
echo -e "請輸入正確數字!!!"
fi
done
/etc/redsocks.conf
base {
// debug: connection progress
log_debug = off;
// info: start and end of client session
log_info = on;
/* possible `log' values are:
* stderr
* "file:/path/to/file"
* syslog:FACILITY facility is any of "daemon", "local0"..."local7"
*/
log = stderr;
// log = "file:/path/to/file";
// log = "syslog:local7";
// detach from console
daemon = off;
/* Change uid, gid and root directory, these options require root
* privilegies on startup.
* Note, your chroot may requre /etc/localtime if you write log to syslog.
* Log is opened before chroot & uid changing.
* Debian, Ubuntu and some other distributions use `nogroup` instead of
* `nobody`, so change it according to your system if you want redsocks
* to drop root privileges.
*/
// user = nobody;
// group = nobody;
// chroot = "/var/chroot";
/* possible `redirector' values are:
* iptables - for Linux
* ipf - for FreeBSD
* pf - for OpenBSD
* generic - some generic redirector that MAY work
*/
redirector = iptables;
/* Override per-socket values for TCP_KEEPIDLE, TCP_KEEPCNT,
* and TCP_KEEPINTVL. see man 7 tcp for details.
* `redsocks' relies on SO_KEEPALIVE option heavily. */
//tcp_keepalive_time = 0;
//tcp_keepalive_probes = 0;
//tcp_keepalive_intvl = 0;
// Every `redsocks` connection needs two file descriptors for sockets.
// If `splice` is enabled, it also needs four file descriptors for
// pipes. `redudp` is not accounted at the moment. When max number of
// connection is reached, redsocks tries to close idle connections. If
// there are no idle connections, it stops accept()'ing new
// connections, although kernel continues to fill listenq.
// Set maximum number of open file descriptors (also known as `ulimit -n`).
// 0 -- do not modify startup limit (default)
// rlimit_nofile = 0;
// Set maximum number of served connections. Default is to deduce safe
// limit from `splice` setting and RLIMIT_NOFILE.
// redsocks_conn_max = 0;
// Close connections idle for N seconds when/if connection count
// limit is hit.
// 0 -- do not close idle connections
// 7440 -- 2 hours 4 minutes, see RFC 5382 (default)
// connpres_idle_timeout = 7440;
// `max_accept_backoff` is a delay in milliseconds to retry `accept()`
// after failure (e.g. due to lack of file descriptors). It's just a
// safety net for misconfigured `redsocks_conn_max`, you should tune
// redsocks_conn_max if accept backoff happens.
// max_accept_backoff = 60000;
}
redsocks {
/* `local_ip' defaults to 127.0.0.1 for security reasons,
* use 0.0.0.0 if you want to listen on every interface.
* `local_*' are used as port to redirect to.
*/
local_ip = 127.0.0.1;
local_port = 12345;
// listen() queue length. Default value is SOMAXCONN and it should be
// good enough for most of us.
// listenq = 128; // SOMAXCONN equals 128 on my Linux box.
// Enable or disable faster data pump based on splice(2) syscall.
// Default value depends on your kernel version, true for 2.6.27.13+
// splice = false;
// `ip' and `port' are IP and tcp-port of proxy-server
// You can also use hostname instead of IP, only one (random)
// address of multihomed host will be used.
ip = 192.168.31.200;
port = 2801;
// known types: socks4, socks5, http-connect, http-relay
type = socks5;
// login = "foobar";
// password = "baz";
// known ways to disclose client IP to the proxy:
// false -- disclose nothing
// http-connect supports:
// X-Forwarded-For -- X-Forwarded-For: IP
// Forwarded_ip -- Forwarded: for=IP # see RFC7239
// Forwarded_ipport -- Forwarded: for="IP:port" # see RFC7239
// disclose_src = false;
// various ways to handle proxy failure
// close -- just close connection (default)
// forward_http_err -- forward HTTP error page from proxy as-is
// on_proxy_fail = close;
}
redudp {
// `local_ip' should not be 0.0.0.0 as it's also used for outgoing
// packets that are sent as replies - and it should be fixed
// if we want NAT to work properly.
local_ip = 127.0.0.1;
local_port = 10053;
// `ip' and `port' of socks5 proxy server.
ip = 10.0.0.1;
port = 1080;
login = username;
password = pazzw0rd;
// redsocks knows about two options while redirecting UDP packets at
// linux: TPROXY and REDIRECT. TPROXY requires more complex routing
// configuration and fresh kernel (>= 2.6.37 according to squid
// developers[1]) but has hack-free way to get original destination
// address, REDIRECT is easier to configure, but requires `dest_ip` and
// `dest_port` to be set, limiting packet redirection to single
// destination.
// [1] http://wiki.squid-cache.org/Features/Tproxy4
dest_ip = 8.8.8.8;
dest_port = 53;
udp_timeout = 30;
udp_timeout_stream = 180;
}
dnstc {
// 假的和非常簡單的 DNS 伺服器,對每個查詢通過 UDP 返回 "truncated answer",符合 RFC 的解析器應該在這種情況下通過 TCP 重複相同的查詢。
local_ip = 127.0.0.1;
local_port = 5300;
}
dnsu2t {
// 假的和稍微不那麼簡單的 DNS 伺服器,將幾個 UDP 查詢轉換為單個管道化的 TCP DNS 查詢流。
local_ip = 127.0.0.1;
local_port = 5313;
// 參見 https://en.wikipedia.org/wiki/Public_recursive_name_server
// 注意:到這個 ${ip}:${port} 的 TCP 連接不會通過代理,配置您的防火牆規則如果您希望這樣。
remote_ip = 8.8.8.8;
remote_port = 53;
// 發送到遠程伺服器的同時在途 DNS 查詢的最大數量。
// 一些公共 DNS 伺服器似乎限制它,並在高數量的在途請求時終止連接,因此這是在請求延遲和可用性之間的權衡。在途請求不會被緩存,因此在 DNS/TCP 連接終止的情況下會丟失。
// inflight_max = 16;
// 遠程端點的 I/O 超時。默認值相當保守,對應於維基百科中公共伺服器的最高超時。
// remote_timeout = 30;
}
// 如果需要,您可以添加更多的 `redsocks` 和 `redudp` 部分。