Then click the pencil mark, then open it with the notepad option as shown below.ĭelete all the contents of the config.yaml earlier. Net application, first Download & Install Net Runtime 5 using the link below: If you experience an error when opening the Clash. This application looks simpler than Clash For Windows and is easier to use. Windows users themselves can use the Clash NET application. Run mitmproxy sudo -u mitmproxyuser -H bash -c '$HOME/.See also How to Create OpenClash Config on SubconverterĬOPY or DOWNLOAD the clash account that you have created.ĭownload and Import Clash to Application CLASH. To avoid circularity, run mitmproxy as the user mitmproxyuser. This will redirect the packets from all users other than mitmproxyuser on the machine to mitmproxy. Sudo ip6tables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 443 -j REDIRECT -to-port 8080 Sudo ip6tables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 80 -j REDIRECT -to-port 8080 Sudo iptables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 443 -j REDIRECT -to-port 8080 sudo iptables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 80 -j REDIRECT -to-port 8080 If you run into issues, iptables -t nat -F is a heavy handed way to flush (clear) all the rules from the iptables nat table (which includes any other rules you had configured). ![]() Then, configure iptables to redirect all traffic from our local machine to mitmproxy. Sudo -u mitmproxyuser -H bash -c 'cd ~ & pip install -user mitmproxy' sysctl -w .send_redirects=0Ĭreate a user to run the mitmproxy sudo useradd -create-home mitmproxyuser If your test device is on the same physical network, your machine shouldn’t inform the device that there’s a shorter route available by skipping the proxy. Work-around to redirect traffic originating from the machine itself (Linux)įrom mitmproxy docs. If you want to persist this across reboots, you need to adjust your /etc/nf or a newly created /etc/sysctl.d/nf (see here). If you want your iptables reset use: iptables -FĪll changes done with sysctl and iptables are reset on reboot. Now your http and https traffic should be redirected through :7777 Sudo iptables -t nat -A PREROUTING -p tcp -dport 80 -j REDSOCKS Sudo iptables -t nat -A PREROUTING -p tcp -dport 443 -j REDSOCKS Sudo iptables -t nat -A OUTPUT -p tcp -dport 80 -j REDSOCKS Sudo iptables -t nat -A OUTPUT -p tcp -dport 443 -j REDSOCKS Sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT -to-ports 12345 Sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN this should be customized to your needs, but if you like to redirect all HTTP and HTTPS packets through the proxy. now that redsocks is running and ready, let's change the iptables rules to use redsocks. ![]() You can also check if redsocks is bound to local port 12345 with netstat -tulpn (if you get "bind: Address already in use" try killall redsocks) ![]() now run redsocks with the config file destination as follows sudo redsocks -c /etc/nfĬhange with the destination of your nf (note that you can use any local_port other than 12345,it's the local port that we will set an iptable rule to redirect the traffic to, so if you use another, make sure to use it in later steps below) known types: socks4, socks5, http-connect, http-relay
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |