leafsummer
12/31/2015 - 2:14 AM
在OpenWrt上配置redsocks2
在OpenWrt上配置redsocks2
#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2011 OpenWrt.org
#
# auto startup script for redsocks2 on OpenWrt
# this file is located in directory /etc/init.d
# rename this file to redsocks
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
start() {
echo starting redsocks2...
/opt/bin/redsocks2 -c /etc/redsocks.conf
echo loading redsocks2 firewall rules...
load_firewall
echo done.
}
stop() {
echo stopping redsocks2...
killall -9 redsocks2
echo flushing redsocks2 firewall rules...
flush_firewall
echo done.
}
load_firewall() {
# create a new chain named REDSOCKS
iptables -t nat -N REDSOCKS
# Ignore LANs IP address
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
# Anything else should be redirected to redsocks's local port
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 1081
# Apply the rules
iptables -t nat -I zone_lan_prerouting -j REDSOCKS
}
flush_firewall() {
iptables -t nat -F REDSOCKS
sleep 1
iptables -t nat -D zone_lan_prerouting -j REDSOCKS
iptables -t nat -X REDSOCKS
}
base {
log_debug = off;
log_info = off;
daemon = on;
redirector= iptables;
}
redsocks {
# rename this address to local ip
local_ip = 192.168.1.1;
local_port = 1081;
# rename this ip to socks5 ip
ip = 192.168.1.1;
port = 1080;
type = socks5; // I use socks5 proxy for GFW'ed IP
autoproxy = 1; // I want autoproxy feature enabled on this section.
// The two lines above have same effect as
// type = autosocks5;
// in previous release.
// timeout is meaningful when 'autoproxy' is non-zero.
// It specified timeout value when trying to connect to destination
// directly. Default is 10 seconds. When it is set to 0, default
// timeout value will be used.
timeout = 10;
//type = http-connect;
//login = username;
//password = passwd;
}
redsocks2是一款透明socks5代理工具,能够实现智能代理的功能,这里是redsocks2在OpenWrt上的配置,配合shadowsocks使用。
redsocks.conf 是配置文件,放在/etc目录,将192.168.1.1改成路由器的地址.
redsocks2.sh 为自启动文件,改名为redsocks2放到/etc/init.d目录即可。自启动文件假设redsocks可执行文件在/opt/bin目录。
启动redsocks2: /etc/init.d/redsocks2 start
停止redsocks2: /etc/init.d/redsocks2 stop