Comments (9)
darkk
commented on September 27, 2024
See https://github.com/darkk/redsocks/blob/master/redsocks.conf.example#L20
user can be set in the configuration file, is there anything wrong with it?
Here is relevant code: https://github.com/darkk/redsocks/blob/master/base.c#L325
from redsocks.
tlvince
commented on September 27, 2024
Ah, thanks for the reminder. This works fine, although it might be worth adding an option for added flexibility with init/service scripts.
from redsocks.
darkk
commented on September 27, 2024
I doubt. I have two arguments:
- UID is part of firewall configuration in case of redsocks (the easiest way to do firewall exception for redsocks is UID-based), so it should be somewhere near configuration file, it's not really part of "system" configuration.
nginxdoes not have it. See also http://yourlogicalfallacyis.com/appeal-to-authority :-)
Are these arguments valid from your point of view?
from redsocks.
tlvince
commented on September 27, 2024
Regarding 1), could you comment on my iptables rules? This doesn't
use a UID/GID approach, but I can see the benefits of using one.
Regarding 2), fair point ;) Although, it's not uncommon for daemons to
have a --user option (dnsmasq for one).
Regardless, I appreciate the discussion and the want to "keep it
simple".
from redsocks.
darkk
commented on September 27, 2024
Does this iptables rule set really work? It seems to me that redsocks itself will be redirected to back redsocks using this rule set.
from redsocks.
tlvince
commented on September 27, 2024
It works :)
I'm not an iptables expert but from my understanding, it first sets up
the redsocks chain and appends it to the OUTPUT chain. After sending any
packets on the whitelist back to OUTPUT, it redirects everything else to
port 31338, which redsocks is listening on.
from redsocks.
darkk
commented on September 27, 2024
Is your proxy located at local network? redsocks generates packets itself, so additional exception is needed if the proxy is outside of LAN.
from redsocks.
tlvince
commented on September 27, 2024
No, I'm connecting to a remote machine (via a socks tunnel). Connection
seems fine with these rules (public IP address changes before/after
redsocks is running).
from redsocks.
darkk
commented on September 27, 2024
${subj} is basically implemented long time ago.
Cleaning up open issues :)
from redsocks.
Related Issues (20)
- Use redsocks to achieve the p2p live video streaming for remote driverless vehicle surveillance. HOT 1
- send a HTTP Post in https to get an access token oauth server return an error HOT 1
- File descriptors never closed?? HOT 1
- redsocks not forwarding proxy requests in RHEL 8 HOT 8
- My redsocks proxy connection has stopped working - new security somewhere?
- Software will not compile on OpenBSD 7.0
- Log file permission denied HOT 2
- Broken pipe and dropping client messages in the log file HOT 2
- Configuration issue HOT 9
- Kill switch feature
- Kill switch feature
- Kill switch feature
- Redirect all traffic HOT 1
- Is redsocks able to redirect udp traffic by tproxy (not only for dns )? HOT 3
- Not fully working as a socksifying router HOT 1
- Compiling Redsocks on M1 MacOS Monterey 12.5 HOT 1
- [Bug] Two UAF related to redsocks_shutdown
- [Bug] UAF in http-relay.c
- Redirect does not seem to happen on my IPv6 only server. HOT 1
- Redsocks on Kubernetes?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from redsocks.