Version bump - 0.65 and update docs.

This version is stable version.
semigodking · Oct 16, 2015 · fef52e0 · fef52e0
1 parent 68a479e
commit fef52e0
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 20 deletions.
diff --git a/Makefile b/Makefile
@@ -5,7 +5,7 @@ SRCS := $(OBJS:.o=.c)
 CONF := config.h
 DEPS := .depend
 OUT := redsocks2
-VERSION := 0.60
+VERSION := 0.65
 
 LIBS := -levent
 CFLAGS +=-fPIC -O3

diff --git a/README b/README
@@ -1,5 +1,5 @@
-This is a modified version of original redsocks and is useful for 
-anti-GFW (Great Fire Wall).
+This is a enhanced version of original redsocks.
+
 The content below is from original redsocks project.
 ---------------------------------------------------------------------
 This tool allows you to redirect any TCP connection to SOCKS or HTTPS

diff --git a/README.md b/README.md
@@ -2,8 +2,8 @@ REDSOCKS2
 =========
 This is a modified version of original redsocks.
 The name is changed to REDSOCKS2 to distinguish with original redsocks.
-This variant is useful for anti-GFW (Great Fire Wall). REDSOCKS2 contains
-several new features besides many bug fixes to original redsocks.
+REDSOCKS2 contains several new features besides many bug fixes to original
+redsocks.
 
 1. Redirect TCP connections which are blocked via proxy automatically without
 need of blacklist.
@@ -13,16 +13,14 @@ need of blacklist.
 5. Redirect TCP connections via specified network interface.
 6. UDP transparent proxy via shadowsocks proxy.
 
-If you feel my work done is helpful, please consider donation. Thanks. 
-**Accept donations by AliPay with account <semigodking@gmail.com>**
-
 [Chinese Reference](https://github.com/semigodking/redsocks/wiki)
 
 HOW TO BUILD
 ------------
 ###Prerequisites
 The following libraries are required.
 
+* libevent2
 * OpenSSL or PolarSSL
 
 ###Steps

diff --git a/debian/redsocks.conf b/debian/redsocks.conf
@@ -33,25 +33,55 @@ base {
 	redirector = iptables;
 }
 
-redsocks {
 	/* `local_ip' defaults to 127.0.0.1 for security reasons,
 	 * use 0.0.0.0 if you want to listen on every interface.
 	 * `local_*' are used as port to redirect to.
 	 */
 	local_ip = 127.0.0.1;
 	local_port = 12345;
 
+	// listen() queue length. Default value is SOMAXCONN and it should be
+	// good enough for most of us.
+	// listenq = 128; // SOMAXCONN equals 128 on my Linux box.
+
+	// `max_accept_backoff` is a delay to retry `accept()` after accept
+	// failure (e.g. due to lack of file descriptors). It's measured in
+	// milliseconds and maximal value is 65535. `min_accept_backoff` is
+	// used as initial backoff value and as a damper for `accept() after
+	// close()` logic.
+	// min_accept_backoff = 100;
+	// max_accept_backoff = 60000;
+
 	// `ip' and `port' are IP and tcp-port of proxy-server
 	// You can also use hostname instead of IP, only one (random)
 	// address of multihomed host will be used.
-	ip = 127.0.0.1;
+	// The two fields are meaningless when proxy type is 'direct'.
+	ip = example.org;
 	port = 1080;
 
-
 	// known types: socks4, socks5, http-connect, http-relay
+	// New types: direct, shadowsocks
 	type = socks5;
 
-	// login = "foobar";
+    // Specify interface for outgoing connections when 'direct' type
+    // is used. This is useful when you have multiple connections to
+    // internet or you have VPN connections.
+    // interface = tun0;
+
+	// Change this parameter to 1 if you want auto proxy feature. 
+	// When autoproxy is set to non-zero, the connection to target
+	// will be made directly first. If direct connection to target
+	// fails for timeout/connection refuse, redsocks will try to
+	// connect to target via the proxy.
+	autoproxy = 0;
+	// timeout is meaningful when 'autoproxy' is non-zero.
+	// It specified timeout value when trying to connect to destination
+	// directly. Default is 10 seconds. When it is set to 0, default
+	// timeout value will be used.
+	timeout = 10;
+
+	// login = "foobar";// field 'login' is reused as encryption
+					   // method of shadowsocks
 	// password = "baz";
 }
 
@@ -65,9 +95,13 @@ redudp {
 	// `ip' and `port' of socks5 proxy server.
 	ip = 10.0.0.1;
 	port = 1080;
-	login = username;
+	login = username;// field 'login' is reused as encryption
+					   // method of shadowsocks
 	password = pazzw0rd;
 
+	// know types: socks5, shadowsocks
+	type = socks5;
+
 	// kernel does not give us this information, so we have to duplicate it
 	// in both iptables rules and configuration file.  By the way, you can
 	// set `local_ip' to 127.45.67.89 if you need more than 65535 ports to
@@ -76,16 +110,51 @@ redudp {
 	dest_ip = 8.8.8.8;
 	dest_port = 53;
 
+        // Do not set it large if this section is for DNS requests. Otherwise,
+        // you may encounter out of file descriptor problem. For DNS requests,
+        // 10s is adequate.
 	udp_timeout = 30;
-	udp_timeout_stream = 180;
+	// udp_timeout_stream = 180;
 }
 
-dnstc {
-	// fake and really dumb DNS server that returns "truncated answer" to
-	// every query via UDP, RFC-compliant resolver should repeat same query
-	// via TCP in this case.
-	local_ip = 127.0.0.1;
-	local_port = 5300;
+tcpdns {
+	// Transform UDP DNS requests into TCP DNS requests.
+	// You can also redirect connections to external TCP DNS server to
+	// REDSOCKS transparent proxy via iptables.
+	local_ip = 192.168.1.1; // Local server to act as DNS server
+	local_port = 1053;      // UDP port to receive UDP DNS requests
+	tcpdns1 = 8.8.4.4;      // DNS server that supports TCP DNS requests
+	tcpdns2 = 8.8.8.8;      // DNS server that supports TCP DNS requests
+	timeout = 4;            // Timeout value for TCP DNS requests
 }
 
+autoproxy {
+    no_quick_check_seconds = 60; // Directly relay traffic to proxy if an IP
+                                 // is found blocked in cache and it has been
+                                 // added into cache no earlier than this
+                                 // specified number of seconds.
+                                 // Set it to 0 if you do not want to perform
+                                 // quick check when an IP is found in blocked
+                                 // IP cache, thus the connection will be
+                                 // redirected to proxy immediately.
+    quick_connect_timeout = 3;   // Timeout value when performing quick
+                                 // connection check if an IP is found blocked
+                                 // in cache.
+}
+
+ipcache {
+    // Configure IP cache
+    cache_size = 4;   // Maximum number of IP's in 1K. 
+    stale_time = 900; // Seconds to stale an IP in cache since it is added
+                      // into cahce.
+                      // Set it to 0 to disable cache stale.
+    port_check = 1;   // Whether to distinguish port number in address
+    cache_file = "/tmp/ipcache.txt"; // File used to store blocked IP's in cache.
+    autosave_interval = 3600; // Interval for saving ip cache into file.
+                              // Set it to 0 to disable autosave.
+    // When autosave_interval and stale_time are both 0, IP cache behaves like
+    // a static blacklist. 
+}
+
+
 // you can add more `redsocks' and `redudp' sections if you need.