Total Pageviews

Wednesday 1 August 2018

一个把socks proxy转化为http proxy的工具-h2s

h2s是一个把socks5代理转换为http/https代理的工具,同时支持socks5,http,https(终端智能翻墙).

h2s是一个把socks5代理转换为http,https代理的小工具,同时支持socks5,http,https,支持GFW配置智能翻墙.

安装

go get -u -v github.com/u35s/h2s

启动

h2s默认会读取当前文件夹下的config.json配置,也可以用-c指定配置文件
h2s -c example.config.json
h2s也可以通过命令行参数指定相关参数
h2s -s "socks5.com:8388" -P "0.0.0.0:8088" -b "0.0.0.0" -l 1080 
  • -P 本地http,https代理地址 eg: 0.0.0.0:8088
  • -s socks5服务器地址,当此地址包含端口时会忽略-p参数
  • -p socks5服务器端口
  • -b 本地socks5代理地址 eg: 127.0.0.1
  • -l 本地socks5代理地址端口 eg: 1080
  • -m 加密方法 default: aes-256-cfb
  • -d 开启调试日志
  • -gfw 指定gfw配置文件,最新的gfw可以从github生成,gfw文件中指定的域名将会走代理,其余的默认不走代理
  • -fgfw 是否所有流量都走代理

测试

终端下执行
root@hostname https_proxy=127.0.0.1:8088 http_proxy=127.0.0.1:8088 curl -v ip.cn
* Rebuilt URL to: ip.cn/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8088 (#0)
> GET http://ip.cn/ HTTP/1.1
> Host: ip.cn
> User-Agent: curl/7.54.0
> Accept: */*
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Server: nginx/1.8.0
< Date: Fri, 12 Jan 2018 12:58:41 GMT
< Content-Type: text/html; charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Vary: Accept-Encoding
< X-Powered-By: PHP/5.6.32-1~dotdeb+7.1
<
当前 IP:47.89.180.x 来自:美国 阿里云
* Connection #0 to host 127.0.0.1 left intact
from https://github.com/u35s/h2s
-----------
A simple tool that wraps HTTP/HTTPS proxies into a SOCKS5 proxy. 

Travis GoDoc Release Go Report Card License
h2s is a tiny CLI tool that wraps one or multiple HTTP or HTTPS proxies into a SOCKS5 proxy. It does something like polipo and privoxy do, but in a reversed way.
There are already some SOCKS to HTTP tools out there, but I can hardly find a reversed one (HTTP to SOCKS), so I decided to make one on my own.

Install

You can view the release page for handy prebuilt binaries.

Build from Source

h2s relies on stadard libs only.
$ go get -u -v github.com/Equim-chan/h2s/cmd/h2s

Configure

An example config file:
{
  // bind is the address h2s will listen to.
  // Note that since HTTP/HTTPS proxy support only TCP, the h2s wrapped SOCKS5
  // proxy consequently support only TCP as well.
  "bind": "127.0.0.1:1080",

  // upstreams are HTTP proxy upstreams.
  // h2s will do a simple round-robin load balance.
  "upstreams": [{
    // If no port is specified, 80 is assumed by default.
    "address": "proxy1.example.com",
  }, {
    "address": "proxy2.example.com:3128",

    // username and password are optional for HTTP authentication.
    "username": "Alice",
    "password": "secret here"
  }, {
    // An HTTPS proxy (HTTP over TLS) upstream.
    // You have to specify port explicitly (usually 443), and set the tls field.
    "address": "secure.proxy.example.com:443",
    "username": "Secure",
    "password": "Yeah!",

    // h2s only provides some basic TLS settings. If you are an advanced user and
    // looking for other settings, you may use stunnel(1) to handle TLS instead,
    // and simply leave a naive TCP interface to h2s.
    "tls": {
      // If empty, serverName is set to the hostname from address.
      // Most users could just leave it empty.
      "serverName": "secure.proxy.example.com",

      // Do not set to true unless you know what you are doing.
      "insecureSkipVerify": false,

      // rootCA is useful for self-signed certs. Be careful with it.
      // If the server has a trusted cert, you don't have to set it.
      "rootCA": "/path/to/the/ca/cert",

      // certFile and keyFile are advanced options for client authentication.
      // Most users could just leave it empty.
      "certFile": "/path/to/the/client/cert",
      "keyFile": "/path/to/the/client/key"
    }
  }],

  // accounts is an optional array of accounts for SOCKS5 authentication
  // with no accounts, authentication is disabled
  "accounts": [{
    "username": "test server",
    "password": "test"
  }],

  // timeout optionally sets timeout value when dialing to a upstream
  // default "20s"
  "timeout": "20s",
  // retries optionally specifies the max retries count of dialing to upstreams
  // default 3.
  "retries": 3
}

Usage

$ h2s [-config h2s.json]
 from  https://github.com/Equim-chan/h2s

No comments:

Post a Comment