因為需要架設socks4的server(在公司電腦需要轉接才能連接網際網路),網路上可以找到的資料很少再加上看到這篇的
關係(要閱讀socks設定的文件對新手而言是有困難的不是嗎?),就研究了一下相關資料。其實以前曾找過但放棄了(socks主機大概很少人需要,相關
資料太少),這次再嘗試終於成功了。我測試過的套件有tsocks
、socks4-server、dante-server。其中設定檔看來最簡單的是socks4-server,只可惜無法成功,最後反而是看來設定檔
比較複雜的dante-server成功了。以下是相關步驟及說明:
1.安裝dante-server
#apt-get install dante-server
2.編輯設定檔
#vi /etc/danted.conf
我成功運作SOCKS4 Server的設定檔如下,以刪除多餘#標記起來的說明以利閱讀。範例中我的Server有兩個ip分別負責接受連線(192.168.1.78)以及往外連線(192.168.1.9)。
# the server will log both via syslog, to stdout and to /var/log/lotsoflogs
#logoutput: syslog stdout /var/log/lotsoflogs
logoutput: stderr
# The server will bind to the address 10.1.1.1, port 1080 and will only
# accept connections going to that address.
#internal: 10.1.1.1 port = 1080
# Alternatively, the interface name can be used instead of the address.
#logoutput: syslog stdout /var/log/lotsoflogs
logoutput: stderr
# The server will bind to the address 10.1.1.1, port 1080 and will only
# accept connections going to that address.
#internal: 10.1.1.1 port = 1080
# Alternatively, the interface name can be used instead of the address.
#設定socks主機對內接受連線之網卡的ip及port
internal: 192.168.1.78 port = 1080
# all outgoing connections from the server will use the IP address
# 195.168.1.1
internal: 192.168.1.78 port = 1080
# all outgoing connections from the server will use the IP address
# 195.168.1.1
#設定主機對外連線往網際網路之網卡的ip
external: 192.168.1.9
# list over acceptable methods, order of preference.
# A method not set here will never be selected.
#
# If the method field is not set in a rule, the global
# method is filled in for that rule.
# methods for socks-rules.
method: none #rfc931
# methods for client-rules.
clientmethod: none
# when doing something that can require privilege, it will use the
# userid:
user.privileged: proxy
# when running as usual, it will use the unprivileged userid of:
user.notprivileged: nobody
# If you compiled with libwrap support, what userid should it use
# when executing your libwrap commands? "libwrap".
user.libwrap: nobody
# This is identical to above, but allows clients without a rfc931 (ident)
# too. In practise this means the socksserver will try to get a rfc931
# reply first (the above rule), if that fails, it tries this rule.
external: 192.168.1.9
# list over acceptable methods, order of preference.
# A method not set here will never be selected.
#
# If the method field is not set in a rule, the global
# method is filled in for that rule.
# methods for socks-rules.
method: none #rfc931
# methods for client-rules.
clientmethod: none
# when doing something that can require privilege, it will use the
# userid:
user.privileged: proxy
# when running as usual, it will use the unprivileged userid of:
user.notprivileged: nobody
# If you compiled with libwrap support, what userid should it use
# when executing your libwrap commands? "libwrap".
user.libwrap: nobody
# This is identical to above, but allows clients without a rfc931 (ident)
# too. In practise this means the socksserver will try to get a rfc931
# reply first (the above rule), if that fails, it tries this rule.
#設定內部網路可連線socks主機的ip及port
client pass {
from: 192.168.1.0/24 port 1-65535 to: 0.0.0.0/0
}
# everyone from our internal network, 10.0.0.0/8 is allowed to use
# tcp and udp for everything else.
client pass {
from: 192.168.1.0/24 port 1-65535 to: 0.0.0.0/0
}
# everyone from our internal network, 10.0.0.0/8 is allowed to use
# tcp and udp for everything else.
#設定內部網路可連接socks主機的ip及協定
pass {
from: 192.168.1.0/24 to: 0.0.0.0/0
protocol: tcp udp
}
pass {
from: 192.168.1.0/24 to: 0.0.0.0/0
protocol: tcp udp
}
將上述設定檔完成後,重新開啟dante-server(#/etc/init.d/danted restart)就可以接受連線了,像我的Bitcoin錢包的軟體就設定成socks4連線方式是:
- IP:192.168.1.78
- port:1080
- socks協定版本:4
寫完收工~
Because the need to set up the socks4 the server (on company my computer needs an adapter to connect the Internet)and Novice reading the configuration is more difficult is not it?, i studied the relevant information. Previously actually looked, but gave up (probably very few people need information related to) this attempt finally succeeded. I tested the package tsocks, socks4-server, dante-server.socks4-server's configuration file seems to be the easiest , but unfortunately can not be successful, last but seems more complex configuration dante-server successful. The following is the relevant steps and instructions:
1.install dante-server
#apt-get install dante-server
2.edit configuration
#vi /etc/danted.conf
SOCKS4 Server successful operation the following profile, to facilitate the reading to remove the extra # mark up. Example my Server the two ip responsible accept connections (192.168.1.78) out connections (192.168.1.9).
# the server will log both via syslog, to stdout and to /var/log/lotsoflogs
#logoutput: syslog stdout /var/log/lotsoflogs
logoutput: stderr
# The server will bind to the address 10.1.1.1, port 1080 and will only
# accept connections going to that address.
#internal: 10.1.1.1 port = 1080
# Alternatively, the interface name can be used instead of the address.
#logoutput: syslog stdout /var/log/lotsoflogs
logoutput: stderr
# The server will bind to the address 10.1.1.1, port 1080 and will only
# accept connections going to that address.
#internal: 10.1.1.1 port = 1080
# Alternatively, the interface name can be used instead of the address.
#Set internal NIC connections of socks host ip and port
internal: 192.168.1.78 port = 1080
# all outgoing connections from the server will use the IP address
# 195.168.1.1
internal: 192.168.1.78 port = 1080
# all outgoing connections from the server will use the IP address
# 195.168.1.1
#Set host foreign connection to the Internet NIC ip
external: 192.168.1.9
# list over acceptable methods, order of preference.
# A method not set here will never be selected.
#
# If the method field is not set in a rule, the global
# method is filled in for that rule.
# methods for socks-rules.
method: none #rfc931
# methods for client-rules.
clientmethod: none
# when doing something that can require privilege, it will use the
# userid:
user.privileged: proxy
# when running as usual, it will use the unprivileged userid of:
user.notprivileged: nobody
# If you compiled with libwrap support, what userid should it use
# when executing your libwrap commands? "libwrap".
user.libwrap: nobody
# This is identical to above, but allows clients without a rfc931 (ident)
# too. In practise this means the socksserver will try to get a rfc931
# reply first (the above rule), if that fails, it tries this rule.
external: 192.168.1.9
# list over acceptable methods, order of preference.
# A method not set here will never be selected.
#
# If the method field is not set in a rule, the global
# method is filled in for that rule.
# methods for socks-rules.
method: none #rfc931
# methods for client-rules.
clientmethod: none
# when doing something that can require privilege, it will use the
# userid:
user.privileged: proxy
# when running as usual, it will use the unprivileged userid of:
user.notprivileged: nobody
# If you compiled with libwrap support, what userid should it use
# when executing your libwrap commands? "libwrap".
user.libwrap: nobody
# This is identical to above, but allows clients without a rfc931 (ident)
# too. In practise this means the socksserver will try to get a rfc931
# reply first (the above rule), if that fails, it tries this rule.
#Set intranet connections socks host ip and port
client pass {
from: 192.168.1.0/24 port 1-65535 to: 0.0.0.0/0
}
# everyone from our internal network, 10.0.0.0/8 is allowed to use
# tcp and udp for everything else.
#Set the internal network can be connected the socks host ip protocolclient pass {
from: 192.168.1.0/24 port 1-65535 to: 0.0.0.0/0
}
# everyone from our internal network, 10.0.0.0/8 is allowed to use
# tcp and udp for everything else.
pass {
from: 192.168.1.0/24 to: 0.0.0.0/0
protocol: tcp udp
}
SOCKS4 Server successful operation the following profile, to facilitate the reading to remove the extra # mark up. Example my Server the two ip responsible accept connections (192.168.1.78) out connections (192.168.1.9).
- IP:192.168.1.78
- port:1080
- socks protocol :4
Finish...
bitcoin:1CFLQP293jMDd2PJfaAnzQQHvdMD7oAB1J
bitcoin:1CFLQP293jMDd2PJfaAnzQQHvdMD7oAB1J
沒有留言:
張貼留言