-
Notifications
You must be signed in to change notification settings - Fork 737
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Questions, comments, bugreports and feature requests #3 #560
Comments
- Question about roundrobin - Hello ! I would like to know if it's possible to randomly assign an output proxy ? For example I have two working proxy on that configuration (one different port for each proxy : 7185 & 7186, each proxy on a different network interface : ups185 & ups186)
Is it possible to assign these two proxy on the same port and randomly select one or the other as the output ?
I hope you will understand my question, thanks a lot for this great proxy server 👍 |
Use |
But is it possible using interface names ? Because all my interfaces have the same IPs and I cannot change it (it's 4G dongles) |
in this case start few 'proxy' bound to different interfaces |
Thanks so much for your help !! |
Hello ! I would like to deny an IP to connect to the proxy, how can I achieve that ? I already tried : deny * THE_IP_ADDRESS * But it didn't worked, I still se connexion from that IP in my logs. Thanks a lot |
It probably means either the sequence of commands is wrong (e.g. you have matching allow rule prior to deny) or you have auth none or you did not applied configuration after changes. |
Hello ! Is it possible to show a custom HTML page instead of HTTP error code ? (403, 502, 500...) If not do you think is it hard to implement by editing the source code ? Thanks a lot :) |
@APX403 |
how can i redirect http traffic of domain list to another proxy ? |
@fluxx03 allow .... |
list1 is redirected via parent1, list2 via parent2 and the rest of the traffic is not redirected. |
Hello I'm using ProxyCap and PuTTY in order to send UDP connections from Windows apps to my 3proxy SOCKS server.
TCP connections work perfectly, but UDP connections are not established. https://www.proxycap.com/faq.html
Config:
UDP Logs:
TCP Logs:
Rules Config: Proxy Config: PuTTY Config: |
Testing with SocksCap v4.7: UDP proxy test log:
TCP proxy test log:
|
According to this log, 3proxy received control (TCP) connection and accepted UDPASSOC command, but no UDP traffic reached 3proxy. You can add |
How to set
Like this? |
real IP address is expected instead of 0.0.0.0 here, because proxy reports this IP to client, so it can use it to accept incoming traffic. |
Real public IP (v4) of my VPS?
|
Internal is an address you expecting client connection to come to (an address you specify as proxy address), external is an address you expect outgoing connection to go from, probably it's real IP. |
Does not work with the above config. |
UDPASSOC works in latest versions. Check firewall issues. UDPASSOC requires access to ephemeral UDP ports. |
|
Try to eliminate putty and use sockscap directly with 3proxy (internal interface in this case must be set to real IP address) |
you can also check the traffic with tcpdmp on internal interface to see if any UDP packets are received by proxy. |
Thank you so much.
Works well on port 1080 with eliminating PuTTY.
As I said, the UDP ports on the server side should be open otherwise, no communication will be received. And now I have to find a way to make that connection through PuTTY. |
Do you have any suggestions for sending |
In |
Probably sshd does not support UDP or does not support parent SOCKSv5 for UDP |
Except |
in the case of https, proxy does not see specific file, it only can see connection between client and server. Single connection may be used for many requests. |
Hi, I'm curious on how to do external failover with 3proxy
It works great, just a simple problem is when the interface 3proxy uses down (not fully interface down, just the internet fails), it will still force that external IP to do the requests. Is there a way to failover that external from currently Thanks |
@bagusnl I would've defined 2 ports in 3proxy (e.g. 10000 for access via custom interface and 10001 via default gateway) and then would've installed glider https://github.com/nadoo/glider and ran it with this recipe
so it listens on 16000 , checks 2 endpoints, and when 1st is down, uses 2nd for outgoing routing. |
Hi! How build 3proxy with mbedtls library? It possible? Thanks. |
3proxy itself does not require and does not depend on TLS library, only SSLPlugin requires TLS and it uses OpenSSL. Generally, in order to use mbedtls you need to rewrite SSLPlugin to use mbedtls. |
Hello @z3APA3A, I hope you are doing good ! I have a quick question reguarding the logs for the SOCKS protocol : When using HTTPS we are able to see the domains in the logs but sadly with SOCKS protocol we only see a list of IP address and our ACL to block specifics domains seems to not work Logs example :
Is there any way to force DNS resolution on proxy server side ? Thanks a lot for your help 👍 |
yes, indeed, socks5 allows a client resolve DNS on its side, and initiate connection to an IP. I personally solved your issue by transparently redirecting HTTP\HTTPS traffic after 3proxy to Sniproxy, which accepts web traffic and analyzes it (HTTP by Host header, HTTPS by TLS SNI name) and makes a decision, bypass or block. |
Use --socks5-hostname or socks5h:// proxy URI for curl. |
Is it possible to use a curl -x https:/user:pass@proxy:port |
If you mean additional TLS for client to proxy connection, there is no way to do it in 3proxy currently, you can install |
Hello @z3APA3A I tried to use the new feature We have a simple setup with custom auth and SOCKS4 request is sent with curl: |
Hello @z3APA3A I hope you are doing good ! There is a things that I am not able to understand properly, when we are using our 3proxy proxies with curl we see in the logs that it use HTTP/1.1 with CONNECT Is it a normal thing or a configuration problem ? Why does it not use HTTP/2.0 by default ? Thanks a lot for your help |
CONNECT is a command which instructs proxy to establish connection, HTTP version is not important here, so there is no reason to upgrade connection to HTTP/2. Client handshakes another HTTP session inside established connection, so it can use HTTP/2 with destination server. |
Hi is it possible to ban several websites that contain the word "bank"? Any URL containing the word bank and how to insert it in deny? deny * Thanks a lot for your support! |
to reject bank in hostname. If you need to filter URIs, you need PCREPlugin + SSLPlugin + install custom root certificate for every client, because most sites are currently https and request is sent inside TLS. |
Is it possible to manually rotate the logs using logrotate or something similar? |
to force 3proxy to close and open log file and re-read configuration, or just change the name of log file. P.S. |
What is the default log format? It emits logs like this:
|
Line 142 in 5e2b2a3
|
как сделать так чтобы два интернет интерфейса работали одновременно source routing? |
Hi. How can only allow request from specific IPs, I have:
is this correct? as I still can get traffic from other IPs. thanks |
@botzill In your example you limit destination IP (3rd parameter) rather than source IP (2nd parameter), see description or allow / deny |
@bottookku можно выбирать интерфейс через -De, но лучше source routing. |
For feature requests and bugreports please create an issue.
If you have any questions or comments you can create an issue or write to 3proxy@3proxy.ru.
Please read at least FAQ and How To before asking:
https://3proxy.org/doc/
https://3proxy.org/documents/
begins in #395 #11
The text was updated successfully, but these errors were encountered: