Pages

Sunday, 5 April 2020

Linux桌面系统的IITG Transparent Proxy

A bunch of Linux applications without the requirement of a per-app proxy setting.


IITG Transparent Proxy would like to thank the following for their contributions:
(Past, present and future) Users, Testers and Debuggers
Redsocks (http://darkk.net.ru/redsocks/) - an opensource transparent socks redirector that wouldn't work by itself in IITG.
ProxyDroid (http://code.google.com/p/proxydroid/) - the open source android app that worked and showed how it can be done.
Mini fake DNS server (http://code.activestate.com/recipes/491264-mini-fake-dns-server/) - a small fake dns server conforming to protocol.
Me (Suhail Sherif) and Ajaykumar Kannan - for developing it.
iptables - for being so awesome.

TODO - Removing cache entries, Licensing, GUI, packaging and Improvements (Includes analysis of the working of the IITG DNS)

HOWTO:
(Most of these commands may need superuser priveleges)

The easy way (aka the noob way :D)
./easyStart.sh to start the transparent proxy and ./easyStop.sh to stop the proxy. You can edit easyStart.sh if you don't want to enter the proxy details each time.I've included an example.

The more difficult way:
One-time : In the redsocks folder, "make" to get the executable. If make fails, you will need to compile libevent. I've included the tar file for it. Or you can download it online. 
Run the following:
./script start
sudo python fakeDNS.py
(defaultIPs has some domains and ip addresses that you might want to have preconfigured)
sh redsocksConfig.sh    
(username and password are optional. You can edit this file to make it prompt you for the username and password if you don't like your credentials in plaintext in your history. And have it delete the redsocksauto.conf that it creates in the redsocks folder.)

To stop:
Run sh script stop
(Optionally) stop fakeDNS and redsocks.

IMPORTANT:
Edit /etc/resolv.conf and add a line 'nameserver 127.0.0.1' at the top. Or add 127.0.0.1 to your DNS serverlist. The former seems cooler.

Beware! Non-authentic DNS servers can be used VERY convincingly for phishing. Make sure you are in control of your configuration.


frm https://github.com/suhailsherif/IITG-Transparent-Proxy

相关项目:https://github.com/kunal15595/iitg-tproxy