Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/wongsyrone/transocks-wong

A redsocks-like transparent IPv4/IPv6 TCP-to-SOCKS5 redirector (for Linux only)
https://github.com/wongsyrone/transocks-wong

ipv4 ipv6 proxy redsocks tcp-proxy transparent-proxy

Last synced: 3 months ago
JSON representation

A redsocks-like transparent IPv4/IPv6 TCP-to-SOCKS5 redirector (for Linux only)

Host: GitHub
URL: https://github.com/wongsyrone/transocks-wong
Owner: wongsyrone
License: gpl-2.0
Created: 2018-10-28T08:30:42.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2022-04-16T11:45:52.000Z (over 2 years ago)
Last Synced: 2024-04-24T12:18:00.648Z (7 months ago)
Topics: ipv4, ipv6, proxy, redsocks, tcp-proxy, transparent-proxy
Language: C
Homepage:
Size: 172 KB
Stars: 61
Watchers: 10
Forks: 15
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

awesome-network-stuff - **44**星 - like transparent IPv4/IPv6 TCP-to-SOCKS5 redirector (for Linux only) (<a id="d03d494700077f6a65092985c06bf8e8"></a>工具 / <a id="57b8e953d394bbed52df2a6976d98dfa"></a>Socks)

README

# transocks-wong

## Feature

- Event-driven non-blocking I/O model
- IPv4 and IPv6 support, IPv6 works in dual stack mode
- SOCKS5 works in noauth mode
- Buffer copy via bufferevent provided by libevent
- Zero copy via splice() syscall provided by modern Linux kernel

## Prerequisite

netfilter_conntrack, iptables NAT/REDIRECT, modern Linux kernel with IPv6 support

## Usage

Run `transocks-wong -h` to check help text. You can send `SIGHUP` to dump all connection we are handling,
and send `SIGUSR1` to close all connection manually, it's equivalent to restart the program.

As usual, send `SIGTERM` or `SIGINT` to terminate.

examples:

```
transocks-wong --listener-addr-port=[::]:8123 --socks5-addr-port=[::1]:1081 --pump-method=splicepump
transocks-wong --listener-addr-port=0.0.0.0:8123 --socks5-addr-port=127.0.0.1:1081
```

## Other Tips

DNSMasq can be used to add resolved ip address to the appropriate IPset.
```
# /etc/dnsmasq.conf
ipset=//setmefree,setmefree6
```

Use two IPset, one for IPv4, the other one for IPv6, to enable us to
redirect IPv4/IPv6 traffic simultaneously based on the matching result.
```
## /etc/firewall.user(OpenWrt)
# This file is interpreted as shell script.
# drop old one
ipset -! destroy setmefree
ipset -! destroy setmefree6
# new ipset syntax, create TCP ipset
ipset -! create setmefree hash:net family inet
ipset -! create setmefree6 hash:net family inet6
# example to add IP range
#telegram IPs
ipset -! add setmefree 91.108.56.0/23
ipset -! add setmefree 91.108.56.0/22
ipset -! add setmefree 91.108.4.0/22
ipset -! add setmefree 149.154.172.0/22
ipset -! add setmefree 149.154.168.0/22
ipset -! add setmefree 149.154.164.0/22
ipset -! add setmefree 109.239.140.0/24

ipset -! add setmefree6 2001:b28:f23f::/48
ipset -! add setmefree6 2001:b28:f23d::/48
ipset -! add setmefree6 2001:67c:4e8::/48
# TCP redirect to TCP transparent proxy listening port
iptables -t nat -I PREROUTING -p tcp -m set --match-set setmefree dst -j REDIRECT --to-port 8123
# requires ip6tables nat module
ip6tables -t nat -I PREROUTING -p tcp -m set --match-set setmefree6 dst -j REDIRECT --to-port 8123
```

## Credit to

- [transocks-ev](http://oss.tiggerswelt.net/transocks_ev/)
- [redsocks](https://github.com/darkk/redsocks)
- [transocks](https://github.com/cybozu-go/transocks)