LeProxy is the HTTP/SOCKS proxy server for everybody!
LeProxy is designed for anonymous surfing, improved security and privacy plus circumventing geoblocking. It allows you to enjoy the web like it's meant to work and access your favorite online video platform without annoying country blocks while traveling.
LeProxy is a powerful, lightweight, fast and simple to use proxy server that you can host on your own server or PC at home and then access from anywhere. It supports optional authentication so you can share a server instance with your family and friends without having to worry about third parties. It provides compatibility with a large number of clients and services by accepting both common HTTP and SOCKS proxy protocols on a single listening port.
Table of contents
Note that this is an early beta version and that LeProxy is under active development. Many new features are going to be added in the future!
Install
LeProxy requires only PHP. PHP 7+ is highly recommended, but it runs on any system that uses PHP 5.4+ or HHVM. If you have not installed PHP already, on a recent Ubuntu/Debian system, simply run:
$ sudo apt-get install php7.0-cli(在ubuntu16.04下有这个包,在debian8下,没有这个包)
You can simply download the latest
leproxy-{version}.php file from our releases page:
The latest release can always simply be downloaded like this:
$ wget https://leproxy.org/leproxy-latest.php
(或者wget https://github.com/leproxy/leproxy/releases/download/v0.2.1/leproxy-0.2.1.php)
Downloaded the
leproxy-{version}.php file? You did it!! Really simple, huh?LeProxy is distributed as a PHP single file that contains everything you need to run LeProxy. The below examples assume you have saved this file asleproxy.phplocally, but you can use any name you want. If you're interested in the more technical details of this file, you may want to check out the development instructions below.
Usage
Once installed, you can start LeProxy by simply running:
$ php leproxy.php
By default, LeProxy will listen on the public address
0.0.0.0:8080. If you want to listen on another address, you can pass an explicit listening address. LeProxy will report an error if it fails to listen on the given address, you may try another address or use port 0 to pick a random free port. For example, if you do not want to allow accessing LeProxy from the outside and only want to listen on the local interface:$ php leproxy.php 127.0.0.1:8080
The listening address MUST be in the formip:portor justipor:port, with the above defaults being applied.
Note that LeProxy runs in protected mode by default, so that it only forwards requests from the local host and can not be abused as an open proxy. If you have ensured only legit users can access your system, you can pass the
--allow-unprotected flag to forward requests from all hosts. If you want to require the client to send username/password authentication details, you can include this as part of the listening address:$ php leproxy.php username:password@0.0.0.0:8080
If the username or password contains special characters, make sure to use URL encoded values (percent-encoding) such asp%40ssforp@ss.
By default, LeProxy allows connections to every destination address as given in each incoming proxy request. If you want to block access to certain destination hosts and/or ports, you may blacklist these by passing the
--block=<destination>argument. Any number of destination addresses can be given. Each destination address can be in the form host:port or just host or :port and host may contain the * wildcard to match anything. Subdomains for each host will automatically be blocked. For example, the following can be used to block access to youtube.com (and its subdomains such as www.youtube.com) and port 80 on all hosts (standard plaintext HTTP port):$ php leproxy.php --block=youtube.com --block=*:80
Note that the block list operates on the destination addresses as given in the incoming proxy request. Some clientsuse local DNS resolution and do not transmit hostnames, but only the resolved destination IP addresses (particularly common for the SOCKS protocol). Make sure to configure your client to use remote DNS resolution accordingly and/or also block access to relevant IP addresses.
As an alternative to listing each blocked destination as an individual command line argument, you may also pass a path to a
hosts file instead. You can either create a hosts file mapping yourself if you only want to block certain hosts or you may one of the many great hosts files. For example, you can download a hosts file from https://github.com/StevenBlack/hosts("hosts files from several well-curated sources like adaway.org, mvps.org, malwaredomainlist.com, someonewhocares.org, and potentially others") to use this as a very simple, yet effective adblocker. Note that LeProxy will only block domains (and all its subdomains) that match the IP 0.0.0.0 and ignore all other entries:$ cat hosts.txt
127.0.0.1 localhost
0.0.0.0 ads.example.com
0.0.0.0 socialnetwork.example
…
$ php leproxy.php --block-hosts=hosts.txt
By default, Leproxy creates a direct connection to the destination address for each incoming proxy request. In this mode, the destination doesn't see the original client address, but only the address of your LeProxy instance.
from https://github.com/leproxy/leproxy
-----
https reverse proxy with automatic Letsencrypt usage for multiple hostnames/backends.
Command leproxy implements https reverse proxy with automatic Letsencrypt usage for multiple hostnames/backends
Install:
go get github.com/artyom/leproxy
Run:
leproxy -addr :https -map /path/to/mapping.yml -cacheDir /path/to/letsencrypt
mapping.yml contains host-to-backend mapping, where backend can be specified as:
- http/https url for http(s) connections to backend without passing "Host" header from request;
- host:port for http over TCP connections to backend;
- absolute path for http over unix socket connections;
- @name for http over abstract unix socket connections (linux only);
- absolute path with trailing slash to serve files from given directory.
Example:
subdomain1.example.com: 127.0.0.1:8080
subdomain2.example.com: /var/run/http.socket
subdomain3.example.com: @abstractUnixSocket
uploads.example.com: https://uploads-bucket.s3.amazonaws.com
static.example.com: /var/www/
Note that when @name backend is specified, connection to abstract unix socket is made in a manner compatible with some other implementations like uWSGI, that calculate addrlen including trailing zero byte despite documentation not requiring that. It won't work with other implementations that calculate addrlen differently (i.e. by taking into account only strlen(addr) like Go, or even UNIX_PATH_MAX).
from https://github.com/artyom/leproxy
No comments:
Post a Comment