REDSOCKS2 Automatic proxy settings

Redsock2 can redirect some proxy services that do not support transparent proxies, so that transparent proxies can be implemented

Redsock2 installation is straightforward, just make it,

Ubuntu needs

Apt-get intsll libevent-2.0-5 Libssl-dev

After the installation is complete, copy the REDSOCKS2 directly to the relevant directory.

I used it to do the gateway, and then tested, HTTP and HTTPS can not go together, to separate

#http. conf

Base {log_debug = off;  Log_info = off;  daemon = on; Redirector= iptables;}  redsocks {local_ip = 192.168.1.1; local_port = 1080; #https. conf with 1081 IP = 192.168.1.1; Port = 8787; Type = Http-relay; #https. conf with http-connect timeout = 12; Autoproxy = 1;} autoproxy {no_quick_check_seconds = 0;} Ipcache {cache_size = 4; cache_file = "/home/user/conf/cache.http"; stale_time = 7200; autosave_interval = 3600; port_che ck = 1;}

In addition the gateway also made Dnat use this after found no way to open the port. And then add one more configuration

Direct.conf

Base {log_debug = off;  Log_info = off;  daemon = on; Redirector= iptables;}  redsocks {local_ip = 192.168.1.1; local_port = 1090; interface = eth0; type = direct; timeout = 1; autoproxy = 0; #这里就关闭自动代理了, the IP here is directly released.}

Related iptables settings

#!/bin/bashiptables-restore</etc/network/iptables.up.rulesiptables -t nat -n  Rshttpsiptables -t nat -a rshttps -o lo -j returniptables -t  nat -a rshttps -d 0.0.0.0/8 -j returniptables -t nat -a  rshttps -d 10.0.0.0/8 -j returniptables -t nat -a rshttps - d 127.0.0.0/8 -j returniptables -t nat -a rshttps -d 169.254.0.0/ 16 -j returniptables -t nat -a rshttps -d 172.16.0.0/12 -j  Returniptables -t nat -a rshttps -d 172.17.0.0/12 -j returniptables  -t nat -A RSHTTPS -d 192.168.0.0/16 -j RETURNiptables -t  nat -a rshttps -d 224.0.0.0/4 -j returniptables -t nat -a  rshttps -d 240.0.0.0/4 -j returniptables -t nat -a rshttps -p tcp -j redirect -- to-port 1081iptables -t nat -i prerouting -p tcp --dport 443  -j RSHTTPS#iptables -t nat -I PREROUTING -p udp -j  Rshttpsiptables -t nat -n rshttpiptables -t nat -a rshttp -o  lo -j RETURNiptables -t nat -A RSHTTP -d 0.0.0.0/8 -j  returniptables -t nat -a rshttp -d 10.0.0.0/8 -j returniptables - T nat -a rshttp -d 127.0.0.0/8 -j returniptables -t nat -a  rshttp -d 169.254.0.0/16 -j returniptables -t nat -a rshttp  -d 172.16.0.0/12 -j RETURNiptables -t nat -A RSHTTP -d  172.17.0.0/12 -j returniptables -t nat -a rshttp -d 192.168.0.0/16 -j returniptables -t nat  -a rshttp -d 224.0.0.0/4 -j returniptables -t nat -a rshttp  -d 240.0.0.0/4 -j returniptables -t nat -a rshttp -p tcp  -j REDIRECT --to-port 1080iptables -t nat -I PREROUTING -p  Tcp --dport 80 -j rshttpiptables -t nat -n rsdirectiptables -t  nat -a rsdirect -p tcp -j redirect --to-port 1090iptables - t nat -i prerouting -p tcp -d 208.67.220.220 -j rsdirect# below this one does not add, External network is not able to connect to the relevant ipiptables -t nat -i prerouting -p tcp -s 192.168.1.12 of the Intranet  --sport 3389 -j rsdirectpkill redsocks2redsocks2 -c /home/user/conf/ http.confredsocks2 -C /home/user/conf/https.confredsocks2 -c /home/user/conf/direct.conf 

REDSOCKS2 Automatic proxy settings