[ITEM]
[/ITEM]
17.11.2018
33
Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature. 'User Comments' is not an appropriate place for a CentOS-5 question.
Redsocks is the tool that allows you to proxify(redirect) network traffic through a SOCKS4, SOCKS5 or HTTPs proxy server. It works on the lowest level, the kernel level ( iptables). The other possible way is to use application level proxy, when the proxy client is implemented in the same language as an application is written in. Redsocks operates on the lowest system level, that’s why all running application don’t even have an idea that network traffic is sent through a proxy server, as a result it is called a transparent proxy redirector. Prerequisites If you are reading this article, you should probably have an idea why do you need to use a proxy server.
Furthermore, you should be acquainted with basic proxy terms and definitions in order to understand everything described in this tutorial. It wouldn’t hurt to have some Linux administration skills as well.
For this tutorial I will be using Centos 7 Minimal installation, it has only the most essential applications installed. But you are free to use any distro, you may skip some steps then. How does Redsocks work?
Before start installing Redsocks, I think it is always worth to know how something works internally. And it will help to understand this tool better and therefore troubleshoot issues.
First of all, Redsocks leverages features provided by the Linux kernel firewall ( Netfilter module) I hope this diagram will help you to understand the flow of a packet while using Redsocks. Here is a brief explanation how does a packet get redirected to Redsocks. • When a packet is sent from an app in the system it is handled by the kernel, it triggers the NT_ hooks (defined in ).
• The ip_tables kernel module registers at netfilter’s hooks and proceed them according to defined rules. • We are defining rules using the iptables command line utility (these rules will be described later in this article). And they are defined in the way that some or mostly all packets are redirected to the local process listening on a port, 12345 in case of Redsocks.
• All redirected packets are handled by Redsokcs conforming to the configuration file rules. • Redsocks redirects packets to proxy servers. Step 1 — Getting Redsocks source code First and foremost, you need to update repositories and installed software on the system. Iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner crosp -j REDSOCKS One more important point, avoid using the root user in iptables rules or you may get stuck in the infinite loop.
Here is I’ve encountered because of my inattention. Having set iptables rules the final step is to configure Redsocks itself using the configuration file. Step 4 — Configuring Redsocks Create a file with the name redsocks.conf in the same directory (or any other directory) where the binary file is located. And let’s start by defining the base section of the configuration file as follows. Iptables -t nat -A REDSOCKS -p tcp -m random --mode random --probability 0.5 -j REDIRECT --to-ports 83333 iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345 There are lot of other ways to define iptables rules for using with multiple proxies, for instance you can use the mangle table, create another chain (ex. REDSOCKS_HTTP) and so on. Step 5 — Testing proxies with Redsocks Now it is time to test our configuration.
- Author: admin
- Category: Category
Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature. 'User Comments' is not an appropriate place for a CentOS-5 question.
Redsocks is the tool that allows you to proxify(redirect) network traffic through a SOCKS4, SOCKS5 or HTTPs proxy server. It works on the lowest level, the kernel level ( iptables). The other possible way is to use application level proxy, when the proxy client is implemented in the same language as an application is written in. Redsocks operates on the lowest system level, that’s why all running application don’t even have an idea that network traffic is sent through a proxy server, as a result it is called a transparent proxy redirector. Prerequisites If you are reading this article, you should probably have an idea why do you need to use a proxy server.
Furthermore, you should be acquainted with basic proxy terms and definitions in order to understand everything described in this tutorial. It wouldn’t hurt to have some Linux administration skills as well.
For this tutorial I will be using Centos 7 Minimal installation, it has only the most essential applications installed. But you are free to use any distro, you may skip some steps then. How does Redsocks work?
Before start installing Redsocks, I think it is always worth to know how something works internally. And it will help to understand this tool better and therefore troubleshoot issues.
First of all, Redsocks leverages features provided by the Linux kernel firewall ( Netfilter module) I hope this diagram will help you to understand the flow of a packet while using Redsocks. Here is a brief explanation how does a packet get redirected to Redsocks. • When a packet is sent from an app in the system it is handled by the kernel, it triggers the NT_ hooks (defined in ).
• The ip_tables kernel module registers at netfilter’s hooks and proceed them according to defined rules. • We are defining rules using the iptables command line utility (these rules will be described later in this article). And they are defined in the way that some or mostly all packets are redirected to the local process listening on a port, 12345 in case of Redsocks.
• All redirected packets are handled by Redsokcs conforming to the configuration file rules. • Redsocks redirects packets to proxy servers. Step 1 — Getting Redsocks source code First and foremost, you need to update repositories and installed software on the system. Iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner crosp -j REDSOCKS One more important point, avoid using the root user in iptables rules or you may get stuck in the infinite loop.
Here is I’ve encountered because of my inattention. Having set iptables rules the final step is to configure Redsocks itself using the configuration file. Step 4 — Configuring Redsocks Create a file with the name redsocks.conf in the same directory (or any other directory) where the binary file is located. And let’s start by defining the base section of the configuration file as follows. Iptables -t nat -A REDSOCKS -p tcp -m random --mode random --probability 0.5 -j REDIRECT --to-ports 83333 iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345 There are lot of other ways to define iptables rules for using with multiple proxies, for instance you can use the mangle table, create another chain (ex. REDSOCKS_HTTP) and so on. Step 5 — Testing proxies with Redsocks Now it is time to test our configuration.