Ubuntu 使用 SocksV5 筆記

看 proxy 時,看到除了HTTP/HTTPS代理還有另外的代理方法,SOCKS 是相當於 TCP/IP 層的代理,V5版本就可以UDP/TCP 做代理了,也看到中國那邊之前也是用類似的socks 協定去做翻牆動作。他們還在github 討論怎麼才不會被翻牆軟體偵測到www,被抓到會被叫去喝茶。

protocal:

dante-server

Enviroment

using docker ubuntu:18.04

FROM ubuntu:18.04

MAINTAINER Yuyan "yuyan.tsai@advantech.com.tw"
LABEL Description="This dockerfile is dante-server test environment"
LABEL Vendor="Advantech"
LABEL Version="1.0"

# Install libraries
RUN apt-get update
RUN apt-get upgrade -y
RUN apt-get install vim -y
RUN apt-get install gcc -y
RUN apt-get install make -y
RUN apt-get install wget curl -y
# auto completion tool
RUN apt-get install bash-completion -y
# ping tool
RUN apt-get install iputils-ping
# htop tool (optional)
RUN apt-get install htop -y
# ifconfig tool
RUN apt install net-tools -y
# ip, route tool
RUN apt install iproute2 -y

ENTRYPOINT ["bash","-l"]
WORKDIR /root

Command

# apt install
$apt install dante-server -y
$danted -v

# file
$less /etc/init.d/danted
$vim /etc/danted.conf
$cat /var/log/socks.log

# test
$cat /var/log/socks.log

# service operation
$service danted start
$service danted stop
$service danted restart

/etc/danted.conf

internal: eth0 port = 1080
external: eth0
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobody

client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
client block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}
socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
socks block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}

proxychains

  1. apt install proxychains
  2. vim /etc/proxychains.conf
  3. proxychains curl https://myexternalip.com/raw
# ProxyList format
#       type  host  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#
#        Examples:
#
#               socks5  192.168.67.78   1080    lamer   secret
#               http    192.168.89.3    8080    justu   hidden
#               socks4  192.168.1.49    1080
#               http    192.168.39.93   8080
#
#
#       proxy types: http, socks4, socks5
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks5  172.18.0.3 1080

Test

開啟另一台不同ip的終端,已知dante-server ip為172.18.0.3.port為1080。
將委託172.18.0.3作為代理ip。

curl test

$curl -x socks5://172.18.0.3:1080 ifconfig.co

proxychains test

ex. proxychain [command]

  1. proxychain curl https://myexternalip.com/raw
  2. proxychain ~/Desktop/sokit-1.3.1-linux64/sokit

  目錄