Skip to content

代理服务

Jump to bottom
lanzhiwang edited this page Oct 19, 2018 · 11 revisions

代理服务

原理


                                  | = = = => |                     | = = = => |
proxychains telnet targethost.com |          | shadowsocks_clients |          | shadowsocks_servers
                                  | <= = = = |                     | <= = = = |
                                               127.0.0.1:1080                   0.0.0.0:8388



        | = = = => |         | = = = => |                     | = = = => |
Browser |          | privoxy |          | shadowsocks_clients |          | shadowsocks_servers
        | <= = = = |         | <= = = = |                     | <= = = = |
                     127.0.0.1:8118       127.0.0.1:1080                   0.0.0.0:8388

sshpass

# sshpass

# An ssh password provider.
# It works by creating a TTY, feeding the password into it, and then redirecting stdin to the ssh session.

# Connect to a remote server using a password supplied on a file descriptor (in this case, stdin):
  sshpass -d 0 ssh user@hostname

# Connect to a remote server with the password supplied as an option, and automatically accept unknown ssh keys:
  sshpass -p password ssh -o StrictHostKeyChecking=no user@hostname

# Connect to a remote server using the first line of a file as the password, automatically accept unknown ssh keys, and launch a command:
  sshpass -f file ssh -o StrictHostKeyChecking=no user@hostname "command"

$

shadowsocks

  • 原理
        | = = = => |
Clients |          | Servers
        | <= = = = |
127.0.0.1:1080      0.0.0.0:8388
  • Servers
# 安装服务端
$ pip install shadowsocks
$ sudo apt install shadowsocks
$ dpkg -L shadowsocks
/etc/init.d/shadowsocks
/etc/shadowsocks/config.json
/usr/bin/sslocal
/usr/bin/ssserver
$ ssserver -h
usage: ssserver [OPTION]...
A fast tunnel proxy that helps you bypass firewalls.

You can supply configurations via either config file or command line arguments.

Proxy options:
  -c CONFIG              path to config file
  -s SERVER_ADDR         server address, default: 0.0.0.0
  -p SERVER_PORT         server port, default: 8388
  -k PASSWORD            password
  -m METHOD              encryption method, default: aes-256-cfb
  -t TIMEOUT             timeout in seconds, default: 300
  --fast-open            use TCP_FASTOPEN, requires Linux 3.7+
  --workers WORKERS      number of workers, available on Unix/Linux
  --forbidden-ip IPLIST  comma seperated IP list forbidden to connect
  --manager-address ADDR optional server manager UDP address, see wiki

General options:
  -h, --help             show this help message and exit
  -d start/stop/restart  daemon mode
  --pid-file PID_FILE    pid file for daemon mode
  --log-file LOG_FILE    log file for daemon mode
  --user USER            username to run as
  -v, -vv                verbose mode
  -q, -qq                quiet mode, only show warnings/errors
  --version              show version information

Online help: <https://github.com/shadowsocks/shadowsocks>

$
# 服务端配置
/etc/shadowsocks/config.json
{
    "server":"my_server_ip",
    "server_port":8388,
    "local_port":1080,
    "password":"barfoo!",
    "timeout":600,
    "method":"chacha20-ietf-poly1305"
}
# 启动服务端
$ ssserver -c /etc/shadowsocks/config.json -d start
  • Clients
# 安装客户端
$ pip install shadowsocks
$ sudo apt install shadowsocks
$ dpkg -L shadowsocks
/etc/init.d/shadowsocks
/etc/shadowsocks/config.json
/usr/bin/sslocal
/usr/bin/ssserver
$ sslocal -h
usage: sslocal [OPTION]...
A fast tunnel proxy that helps you bypass firewalls.

You can supply configurations via either config file or command line arguments.

Proxy options:
  -c CONFIG              path to config file
  -s SERVER_ADDR         server address
  -p SERVER_PORT         server port, default: 8388
  -b LOCAL_ADDR          local binding address, default: 127.0.0.1
  -l LOCAL_PORT          local port, default: 1080
  -k PASSWORD            password
  -m METHOD              encryption method, default: aes-256-cfb
  -t TIMEOUT             timeout in seconds, default: 300
  --fast-open            use TCP_FASTOPEN, requires Linux 3.7+

General options:
  -h, --help             show this help message and exit
  -d start/stop/restart  daemon mode
  --pid-file PID_FILE    pid file for daemon mode
  --log-file LOG_FILE    log file for daemon mode
  --user USER            username to run as
  -v, -vv                verbose mode
  -q, -qq                quiet mode, only show warnings/errors
  --version              show version information

Online help: <https://github.com/shadowsocks/shadowsocks>

$
# 客户端配置
~/config.json
{
    "server":"my_server_ip",
    "server_port":8388,
    "local_port":1080,
    "password":"barfoo!",
    "timeout":600,
    "method":"chacha20-ietf-poly1305"
}
# 启动服务端
$ sslocal -c ~/config.json

privoxy

  • 原理
        | = = = => |                     | = = = => |
privoxy |          | shadowsocks_clients |          | shadowsocks_servers
        | <= = = = |                     | <= = = = |
127.0.0.1:8118       127.0.0.1:1080                   0.0.0.0:8388


$ sudo apt-get install privoxy
$ dpkg -L  privoxy
/etc/init.d/privoxy
/etc/privoxy
/lib/systemd/system/privoxy.service
/usr/bin/privoxy-log-parser
/usr/bin/privoxy-regression-test
/usr/sbin/privoxy
/var/log/privoxy
$
Clone this wiki locally