这部分我们列举一些iptables的实用脚本。供大家参考学习~
实例一:使用redsocks做全局代理
1、首先安装编译redsocks
redsocks下载地址:https://github.com/darkk/redsocks
2、配置redsocks,配置如下
base { log_debug = on; log_info = on; daemon = on; redirector = iptables; } redsocks { local_ip = 127.0.0.1; local_port = 6666; ip = 10.102.248.16; <---- proxy server IP. port = 1080; type = socks5; } redudp { local_ip = 127.0.0.1; local_port = 8888; ip = 10.102.248.16; port = 1080; } dnstc { local_ip = 127.0.0.1; local_port = 5300; }
3、iptables脚本如下
iptables -t nat -N REDSOCKS || true iptables -t nat -F REDSOCKS iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 6666 iptables -t nat -A REDSOCKS -p udp -j REDIRECT --to-ports 8888 iptables -t nat -A OUTPUT -p tcp -j REDSOCKS
4、运行redsocks
./redsocks -c ./redsocks.conf