About Lumos
Lumos这个咒语为“荧光闪烁”,施法时候会在魔杖尖出现亮光。此后如若前方黑暗,我就为你喊出荧光闪烁吧!
Lumos带人寻找光明。
目标 - HTTP Socks5[TCP] 代理
- 支持权限验证
- 支持
relay模式,中继通过tls来保证安全性
使用说明
单机部署
编译
git clone git@github.com:jiuzhou-zhao/lumos.git cd lumos go build -o lumos ./cmd配置文件 -
config.yamlMode: proxy ProxyAddress: ":8000" DialTimeout: 30s Credentials: - "u1:p1"
Credentials可选,选择了则支持权限认证Mode设置为socks5则为socks5代理运行
./lumos
增加Local Relay Proxy 整套系统
克隆代码,编译 或者 直接下载
Release中的二进制包 - 获取lumos可执行程序 和scripts生成证书的工具链git clone git@github.com:jiuzhou-zhao/lumos.git cd lumos go build -o lumos ./cmd生成证书
./scripts/certs.sh
如果已经有证书,则不用此步骤
生成的证书会存放在
certs目录里注意:修改脚本中目录
server.conf中的alt_names字段来适配真正的域名所以,如果有多个服务器,要么为每个服务器都部署不同的证书,要么把所有域名 IP都加入
alt_names字段里拷贝
config-sample.yaml为config.yaml, 修改 - 参见ft目录分别在
local,relay,server上部署配置文件和lumos程序, 其中relay可以有多个- 配置文件中
Proxy可以取值local,relay,socks5,proxy - 数据流为
浏览器<->local<->relay<->relay<->proxy server[http or proxy]
- 配置文件中
各个节点执行命令
./lumos
配置文件模板 [local+proxy]
local - 例如sv1上配置的,relay在sv2上
Mode: local
ProxyAddress: ":8000"
RemoteProxyAddress: "sv2:8001"
Secure:
TLSEnableFlag:
ConnectServerUseTLS: true
ConnectServerTLSConfig:
Cert: ./certs/proxy-client.crt
Key: ./certs/proxy-client.key
RootCAs:
- ./certs/ca.crt
- ./certs/server.crt
DialTimeout: 30srelay - 例如sv2上配置的,proxy在sv3上
Mode: relay
ProxyAddress: ":8001"
RemoteProxyAddress: "sv3:8001"
Secure:
TLSEnableFlag:
ConnectServerUseTLS: true
ServerUseTLS: true
ConnectServerTLSConfig:
Cert: ./certs/proxy-client.crt
Key: ./certs/proxy-client.key
RootCAs:
- ./certs/ca.crt
- ./certs/server.crt
ServerTLSConfig:
Cert: ./certs/proxy-server.crt
Key: ./certs/proxy-server.key
RootCAs:
- ./certs/ca.crt
- ./certs/client.crt
DialTimeout: 30shttp proxy - 例如sv3上配置的
Mode: socks5
ProxyAddress: ":8001"
Secure:
TLSEnableFlag:
ServerUseTLS: true
ServerTLSConfig:
Cert: ./certs/proxy-server.crt
Key: ./certs/proxy-server.key
RootCAs:
- ./certs/ca.crt
- ./certs/client.crt
DialTimeout: 30s
Mode可改为socks5来变为socks5代理别忘记打开防火墙对应的端口.
from https://github.com/jiuzhou-zhao/lumos
No comments:
Post a Comment