Centos 7 下配置 redsocks 代理

  1. 安装 redsocks:
$ sudo yum install libevent-devel git gcc
$ git clone darkk/redsocks
$ cd ~/redsocks
$ make
$ cp ~/redsocks/redsocks /usr/local/bin/


2. 添加规则 sudo vim /etc/redsocks:

base {
        log_debug = off;
        log_info = on;
        log = stderr;
        daemon = off;
        redirector = iptables;
}
redsocks {

        local_ip = 127.0.0.1;
        local_port = 33333;

        ip = xx.xx.xx.xx;
        port = xx;

        type = socks5;
        // 登陆代理的账号密码,如果有
        login = "username";
        password = "password";
}


3. 添加 iptables 规则,把 TCP 请求转发给 127.0.0.1:33333 端口

# Create new chain
iptables -t nat -N REDSOCKS || iptables -t nat -F

# Ignore LANs and some other reserved addresses.
iptables -t nat -p tcp -A REDSOCKS -d 192.168.0.0/16 -j REDIRECT --to-ports 33333
iptables -t nat -A REDSOCKS -p tcp -j RETURN
# iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner vagrant -j REDSOCKS # 替换 vagrant 成你的 user
iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner root -j REDSOCKS


4. 把上面几条 iptables 配置持久化(不同发行版可能会不一样)

比如 Ubuntu 下是 sudo apt install iptables-persistent 然后 sudo netfilter-persistent save

centos 下 持久化

$ iptables-save > /etc/sysconfig/iptables

开机启动

$ sudo vim /etc/rc.d/rc.local

iptables-restore < /etc/sysconfig/iptables


5. 启动

$ nohup sudo /usr/local/bin/redsocks -c /etc/redsocks.conf &

停止的话直接kill -9


6. 参考文章

cnblogs.com/zhenyuyaodi

jianshu.com/p/afa6f9e90

编辑于 2019-09-03