{"id":15192321,"url":"https://github.com/paper-dragon/docker-transparent-proxy","last_synced_at":"2025-08-21T11:14:10.880Z","repository":{"id":235951369,"uuid":"788828282","full_name":"Paper-Dragon/docker-transparent-proxy","owner":"Paper-Dragon","description":"Docker透明代理，给容器分配一个公网地址。通过共享网络命名空间将正在运行的容器的网络提供给另一个工作容器。","archived":false,"fork":false,"pushed_at":"2024-10-05T15:18:09.000Z","size":34,"stargazers_count":14,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-21T11:08:59.604Z","etag":null,"topics":["clash","docker","docker-tproxy","private-network","proxy","proxy-server","tproxy","tun2proxy","warp-docker","zero-trust"],"latest_commit_sha":null,"homepage":"https://www.geekery.cn/","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Paper-Dragon.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-04-19T06:58:18.000Z","updated_at":"2025-08-04T13:06:18.000Z","dependencies_parsed_at":null,"dependency_job_id":"84285595-cb59-40b5-85ce-99ab848e34f0","html_url":"https://github.com/Paper-Dragon/docker-transparent-proxy","commit_stats":null,"previous_names":["paper-dragon/docker-transparent-proxy"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Paper-Dragon/docker-transparent-proxy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Paper-Dragon%2Fdocker-transparent-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Paper-Dragon%2Fdocker-transparent-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Paper-Dragon%2Fdocker-transparent-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Paper-Dragon%2Fdocker-transparent-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Paper-Dragon","download_url":"https://codeload.github.com/Paper-Dragon/docker-transparent-proxy/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Paper-Dragon%2Fdocker-transparent-proxy/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271469227,"owners_count":24765124,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-21T02:00:08.990Z","response_time":74,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["clash","docker","docker-tproxy","private-network","proxy","proxy-server","tproxy","tun2proxy","warp-docker","zero-trust"],"created_at":"2024-09-27T21:21:37.259Z","updated_at":"2025-08-21T11:14:10.855Z","avatar_url":"https://github.com/Paper-Dragon.png","language":null,"readme":"# Docker透明代理（Docker Transparent Proxy）\n\n实现给一个容器分配一个公网ip，并且连接到国际网络，采用了clash，warp，tun2proxy三种实现方式。\n\n## Docker透明代理\n\n- [Clash Core实现模式](#clash-core实现模式)\n  - [Clash Core功能](#clash-core功能)\n  - [Clash Core启动方法](#clash-core启动方法)\n  - [Clash配置文档](#clash配置文档)\n  - [Clash案例](#clash案例)\n\n- [Warp实现模式](#warp实现模式)\n\n  - [功能](#功能)\n\n  - [如何使用？](#如何使用)\n\n  - [启动模式](#启动模式)\n    - [Zero Turst模式](#zero-turst模式)\n      - [Zero-Turst模式启动日志](#zero-turst模式启动日志)\n    - [Warp Plus模式](#zarp-plus模式)\n      - [Warp-Plus模式启动日志](#warp-plus模式启动日志)\n    - [Free 模式](#free-模式)\n\n- [tun2proxy实现模式](#tun2proxy实现模式)\n\n  - [tun2proxy的局限性](#tun2proxy的局限性)\n  - [tun2proxy使用方法](#tun2proxy使用方法)\n\n- [声明](#声明)\n- [致谢](#致谢)\n- [协议](#致谢)\n\n## Clash Core实现模式\n\n更新了新版meta内核，安全性有保障。\n\n### Clash Core功能\n\n通过订阅机场的连接或者使用自己搭建的节点进行流量透明代理。\n\n### Clash Core启动方法\n\n编写 `config.yaml` 并添加节点，原有配置不要修改。\n\n### Clash配置文档\n\n [虚空终端 Docs](https://wiki.metacubex.one/config/)\n\n### Clash案例\n\nconfig.yaml实例\n\n```yaml\nmode: rule\nmixed-port: 7897\nsocks-port: 7898\nport: 7899\nallow-lan: false\nlog-level: info\nipv6: false\nsecret: ''\nexternal-controller: 0.0.0.0:9097\nbind-address: '*'\ndns:\n  enable: true\n  ipv6: false\n  default-nameserver:\n  - 223.5.5.5\n  - 119.29.29.29\n  enhanced-mode: fake-ip\n  fake-ip-range: 198.18.0.1/16\n  use-hosts: true\n  nameserver:\n  - https://doh.pub/dns-query\n  - https://dns.alidns.com/dns-query\n  fallback:\n  - https://doh.dns.sb/dns-query\n  - https://dns.cloudflare.com/dns-query\n  - https://dns.twnic.tw/dns-query\n  - tls://8.8.4.4:853\n  fallback-filter:\n    geoip: true\n    ipcidr:\n    - 240.0.0.0/4\n    - 0.0.0.0/32\n  fake-ip-filter:\n  - dns.msftncsi.com\n  - www.msftncsi.com\n  - www.msftconnecttest.com\ntun:\n  stack: gvisor\n  device: Meta\n  auto-route: true\n  auto-detect-interface: true\n  dns-hijack:\n  - any:53\n  strict-route: true\n  mtu: 9000\n  enable: true\nproxies:\n\n\n```\n\n启动\n\n```bash\ncd tproxy-clash\ndocker compose up -d\n```\n\n## Warp实现模式\n\n这个代码实现通过warp网络给一个容器分配一个公网ip，并且连接到国际网络。\n\n透明代理项目源码地址 [Warp Tproxy For Docker](https://github.com/Paper-Dragon/warp-tproxy-for-docker) 。\n\nDocker Hub地址 [jockerdragon/warp-tproxy](https://hub.docker.com/r/jockerdragon/warp-tproxy)。\n\n免费密钥获取： [geekery.cn](https://www.geekery.cn/free-service/cloudflare-warp.html)。\n\n适用于 `free` 或 `warp+` 和 `Zero Trust` 网络，因为不可明说的原因，大陆用户建议使用 `Zero Trust` 。\n\n### 功能\n\n它可以让单个Docker容器内部具有透明代理，且拥有一个与本机公网ip不同的公网ip。\n\n#### 如何使用？\n\n根据启动模式在 `docker-compose.yaml` 文件里设置变量。\n\n启动命令\n\n```bash\ndocker compose up -d\n```\n\n测试\n\n```bash\ndocker exec -it warp-transparent-proxy-warp-tproxy-1 bash\napt update \u0026\u0026 apt install curl -y\ncurl ifconfig.icu\ncurl cip.cc\n```\n\n### 启动模式\n\n详细介绍看 [Warp Tproxy For Docker](https://github.com/Paper-Dragon/warp-tproxy-for-docker/blob/container-tproxy/README.zh_CN.md)\n\n#### Zero Turst模式\n\n设置环境变量\n\n```bash\n# 使用zero trust方式\n- WARP_ORG_ID=paperdragxx\n- WARP_AUTH_CLIENT_ID=c4d31ea084c2940e17b714de890xxxxx.access\n- WARP_AUTH_CLIENT_SECRET=7120f34bd52ce19a90534ca804cdaeaa72bb03e9c5da10ee0279fdc7bcdxxxxx\n- WARP_UNIQUE_CLIENT_ID=aa7b5738-ff99-11ee-b4c1-72e2181b199b  # 可选\n```\n\n##### Zero-Turst模式启动日志\n\n```text\n[+] Starting dbus...\n[+] warp's TOS already accepted!\n[+] Starting warp-svc...\n[!] warp-svc in debug mode\n/entrypoint.sh: line 85: docker: command not found\n[!]  show warp svc log\nnohup: appending output to 'nohup.out'\n[!] wait for warp-svc to start in debug mode\n[+] wait warp-svc show status   ...\nStatus update: Connecting\n[+] Set warp license to Y9U8f53G-0C8Z9d1j-C37hg8c9 ... Success\n[+] New registration generated ... Error: Old registration is still around. Try running: \"warp-cli registration delete\"\n[+] Set warp mode to warp ... Success\n[+] Turn ON warp ... Success\n[+] Waiting for warp to connect...\n[+] warp connected!\n[+] All services started!\n---\nwarp-svc config: /var/lib/cloudflare-warp/conf.json\n---\n[+] warp status: Status update: Connected\n\n[+] You can check it with warp local tproxy in container:\n    E.g.:\n      curl https://cloudflare.com/cdn-cgi/trace (inside container)\n```\n\n#### Warp Plus模式\n\n必须在宿主机内安装wireguard  `apt update \u0026\u0026 apt install wireguard -y`\n\n```bash\n# 使用key方式\n- WARP_LICENSE=Y9U8f53G-0C8Z9d1j-C37hg8c9\n```\n\n##### Warp-Plus模式启动日志\n\n```text\n *  正在执行任务: docker compose --file '/root/docker-transparent-proxy/tproxy-warp/docker-compose.yaml' --project-name 'warp-transparent-proxy' logs --follow --tail '1000' \n\nWARN[0000] /root/docker-transparent-proxy/tproxy-warp/docker-compose.yaml: `version` is obsolete \nwarp-tproxy-1  | [+] Starting dbus...\nwarp-tproxy-1  | [+] Bypassing warp's TOS ...\nwarp-tproxy-1  | [+] Starting warp-svc...\nwarp-tproxy-1  | [+] Waiting for warp to connect...\nwarp-tproxy-1  | Status update: Unable to connect. Reason: Registration Missing\nwarp-tproxy-1  | [+] New registration generated ... Success\nwarp-tproxy-1  | [+] Set warp mode to warp ... Success\nwarp-tproxy-1  | [+] Turn ON warp ... Success\nwarp-tproxy-1  | [+] Waiting for warp to connect...\n[+] warp connected!\nwarp-tproxy-1  | [+] All services started!\nwarp-tproxy-1  | ---\nwarp-tproxy-1  | warp-svc config: /var/lib/cloudflare-warp/conf.json\nwarp-tproxy-1  | ---\nwarp-tproxy-1  | [+] warp status: Status update: Connected\nwarp-tproxy-1  | \nwarp-tproxy-1  | [+] You can check it with warp local tproxy in container:\nwarp-tproxy-1  |     E.g.:\nwarp-tproxy-1  |       curl https://cloudflare.com/cdn-cgi/trace (inside container)\n\n```\n\n### Free 模式\n\n在大陆地区极低概率连接成功，不建议使用。\n\n## tun2proxy实现模式\n\n#### tun2proxy的局限性\n\n仅支持socks或者http代理\n\n[tun2proxy/tun2proxy](https://github.com/tun2proxy/tun2proxy)\n\n### tun2proxy使用方法\n\n#### compose方式\n\n```bash\ncd tproxy-tun2proxy\n# edit compose file filled proxy protocol\ndocker compose up -d\n```\n\n#### 命令行方式\n\n```bash\ndocker run -d \\\n -v /dev/net/tun:/dev/net/tun \\\n --sysctl net.ipv6.conf.default.disable_ipv6=0 \\\n --cap-add NET_ADMIN \\\n --name tun2proxy \\\n ghcr.io/tun2proxy/tun2proxy:latest --dns virtual --proxy proto://[username[:password]@]host:port\n# proto is one of socks4, socks5, http. For example: socks5://myname:password@127.0.0.1:1080\n\n```\n\n通过共享网络命名空间将正在运行的容器的网络提供给另一个工作容器（类似于 Kubernetes sidecar）：\n\n```bash\ndocker run -it \\\n --network \"container:tun2proxy\" \\\n ubuntu:latest\n```\n\n这样，工作容器就可以访问 tun2proxy 容器的网络了。\n\n## 声明\n\n本项目仅供学习，非法使用必追究法律责任，下载后请于24小时内删除。\n\n自行下载所造成任何后果与作者无关!!\n\n## 致谢\n\n- [Warp Tproxy For Docker](https://github.com/Paper-Dragon/warp-tproxy-for-docker/blob/container-tproxy/README.zh_CN.md)\n- [Cloudflare](cloudflare.com)\n- [MetaCubeX](https://wiki.metacubex.one/config/)\n- [Docker](https://hub.docker.com)\n- Github\n- GFW 🤣\n  - [防火长城GFW](https://wikipredia.net/zh/Great_Firewall_of_China#Campaigns_and_crackdowns)\n  - [金盾工程](https://wikipredia.net/zh/Golden_Shield_Project)\n\n## 协议\n\nMIT\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaper-dragon%2Fdocker-transparent-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpaper-dragon%2Fdocker-transparent-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaper-dragon%2Fdocker-transparent-proxy/lists"}