iptables实例

这部分我们列举一些iptables的实用脚本。供大家参考学习~

实例一:使用redsocks做全局代理

1、首先安装编译redsocks

redsocks下载地址:https://github.com/darkk/redsocks

2、配置redsocks,配置如下

base {
log_debug = on;
log_info = on;
daemon = on;
redirector = iptables;
}

redsocks {
local_ip = 127.0.0.1;
local_port = 6666;
ip = 10.102.248.16; <---- proxy server IP.
port = 1080;
type = socks5;
}

redudp {
local_ip = 127.0.0.1;
local_port = 8888;
ip = 10.102.248.16;
port = 1080;
}

dnstc {
local_ip = 127.0.0.1;
local_port = 5300;
} 

3、iptables脚本如下

iptables -t nat -N REDSOCKS || true
iptables -t nat -F REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 6666
iptables -t nat -A REDSOCKS -p udp -j REDIRECT --to-ports 8888
iptables -t nat -A OUTPUT -p tcp -j REDSOCKS

4、运行redsocks

./redsocks -c ./redsocks.conf

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
永久连接: http://www.nfvschool.cn/?p=308
标签:

发表评论