ms/transocks
2
0
Fork 1
mirror of https://github.com/stefan01/transocks.git synced 2025-02-22 03:30:45 +07:00
Code
transocks - a transparent SOCKS5/HTTP proxy
1 Commit 1 Branch 0 Tags 67 KiB
Go 100%
4fa2892a52
Go to file
Yamamoto, Hirotaka 4fa2892a52 Initial commit
2016-03-08 16:16:36 +09:00
cmd/transocks Initial commit 2016-03-08 16:16:36 +09:00
.gitignore Initial commit 2016-03-08 16:16:36 +09:00
.travis.yml Initial commit 2016-03-08 16:16:36 +09:00
config.go Initial commit 2016-03-08 16:16:36 +09:00
DESIGN.md Initial commit 2016-03-08 16:16:36 +09:00
http_tunnel_test.go Initial commit 2016-03-08 16:16:36 +09:00
http_tunnel.go Initial commit 2016-03-08 16:16:36 +09:00
LICENSE Initial commit 2016-03-08 16:16:36 +09:00
original_dst_linux_test.go Initial commit 2016-03-08 16:16:36 +09:00
original_dst_linux.go Initial commit 2016-03-08 16:16:36 +09:00
original_dst_stub.go Initial commit 2016-03-08 16:16:36 +09:00
README.md Initial commit 2016-03-08 16:16:36 +09:00
server.go Initial commit 2016-03-08 16:16:36 +09:00

README.md

GoDoc Build Status

transocks - a transparent SOCKS5/HTTP proxy

transocks is a background service to redirect TCP connections transparently to a SOCKS5 server or a HTTP proxy server like Squid.

Currently, transocks supports only Linux iptables with DNAT/REDIRECT target.

Features

  • IPv4 and IPv6

    Both IPv4 and IPv6 are supported. Note that nf_conntrack_ipv4 or nf_conntrack_ipv6 kernel modules must be loaded beforehand.

  • SOCKS5 and HTTP proxy (CONNECT)

    We recommend using SOCKS5 server if available.

    HTTP proxies often prohibits CONNECT method to make connections to ports other than 443. Make sure your HTTP proxy allows CONNECT to the ports you want.

  • Library and executable

    transocks comes with a handy executable. You may use the library to create your own.

Usage

transocks [-h] [-f CONFIG]

The default configuration file path is /usr/local/etc/transocks.toml.

transocks does not have daemon mode. Use systemd or upstart to run it on your background.

Install

Use Go 1.5 or better.

go get github.com/cybozu-go/transocks
go install github.com/cybozu-go/transocks/cmd/transocks

Configuration file format

transocks.toml is a TOML file.

listen and proxy_url are mandatory. Other items are optional.

# listening address of transocks.
listen = "localhost:1081"

proxy_url = "socks5://10.20.30.40:1080"  # for SOCKS5 server
#proxy_url = "http://10.20.30.40:3128"   # for HTTP proxy server

log_level = "info"
log_file = "/var/log/transocks.log"

Redirecting connections by iptables

Use DNAT or REDIRECT target in OUTPUT chain of the nat table.

Save the following example to a file, then execute: sudo iptables-restore < FILE

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:TRANSOCKS - [0:0]
-A OUTPUT -p tcp -j TRANSOCKS
-A TRANSOCKS -d 0.0.0.0/8 -j RETURN
-A TRANSOCKS -d 10.0.0.0/8 -j RETURN
-A TRANSOCKS -d 127.0.0.0/8 -j RETURN
-A TRANSOCKS -d 169.254.0.0/16 -j RETURN
-A TRANSOCKS -d 172.16.0.0/12 -j RETURN
-A TRANSOCKS -d 192.168.0.0/16 -j RETURN
-A TRANSOCKS -d 224.0.0.0/4 -j RETURN
-A TRANSOCKS -d 240.0.0.0/4 -j RETURN
-A TRANSOCKS -p tcp -j REDIRECT --to-ports 1081
COMMIT

Library usage

Read the documentation.

License

MIT

Author

@ymmt2005