Skip to content

BigmenPixel0/system-proxy-guide

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
README.md
README.md
 
 

Repository files navigation

How to route all traffic through a proxy

Method 1

Use socksify-me.

Method 2 (deprecated)

Attention! Everything has been tested only on the ArchLinux distribution! It is possible that the commands will be different.

First, we need to supply some packages:

$ sudo pacman -S nftables iptables-nft firewalld

and redsocks from the AUR:

$ git clone https://aur.archlinux.org/redsocks.git
$ cd redsocks
$ makepkg -sric

Next, we need to change the redsocks config and bring it to this form:

base {
 log_debug = on;
 log_info = on;
 log = "stderr";
 daemon = off;
 redirector = iptables;
}
redsocks {
    // Local IP listen to
    local_ip = 127.0.0.1;
    // Port to listen to
    local_port = 1081;
    // Remote proxy address
    ip = 127.0.0.1;
    port = YOUR_SOCKS5_LOCAL_PORT;
    // Proxy type
    type = socks5;
}

You need to change "YOUR_SOCKS5_LOCAL_PORT" to your value.

Save the config and turn on firewalld and redsocks services:

$ sudo systemctl enable --now firewalld.service redsocks.service

Now we need to configure firewalld to route traffic on port 1081:

$ sudo firewall-cmd --direct --add-chain ipv4 nat REDSOCKS

$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 0.0.0.0/8 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 10.0.0.0/8 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 127.0.0.0/8 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 169.254.0.0/16 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 172.16.0.0/12 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 192.168.0.0/16 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 224.0.0.0/4 -j RETURN
$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -d 240.0.0.0/4 -j RETURN

$ sudo firewall-cmd --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -m owner --uid-owner "UID_OF_USER_WHICH_RUN_PROXY_CLIENT" -j RETURN

$ sudo firewall-cmd --direct --add-rule ipv4 nat REDSOCKS 0 -p tcp -j REDIRECT --to-ports 1081

$ sudo firewall-cmd --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -j REDSOCKS

For example, instead of "UID_OF_USER_WHICH_RUN_PROXY_CLIENT" I wrote 84 - shadowsocks uid.

Now try curl ifconfig.me. If that worked, run:

$ sudo firewall-cmd --runtime-to-permanent

in order to save all changes. Enjoy!

About

A guide with which you can route all internet traffic through a proxy.

Topics

linux http proxy traffic socks5 firewalld redsocks nftables

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy