Prayer does not change God, but it changes him who prays.
nobles5e / cproxy Goto Github PK
View Code? Open in Web Editor NEWEasy per application transparent proxy built on cgroup.
License: GNU Affero General Public License v3.0
cproxy's Introduction
cproxy's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
zjsxwc gotounix rustbunker magneval nujz dkingalpha nugine light4 blacknon iq-scm deltared1a acodervic zzsoszz newrain7803 old101cproxy's Issues
provide option to overide dns server in tproxy mode
So that we can use a different dns server instead of /etc/resolv.conf in the proxied process.
curl wget 无法正常支持
curl wget 无法正常支持
$ curl -x 127.0.0.1:8888 ip.sb
91.200.242.210
$ sudo ./cproxy --port 8888 -- curl ip.sb
Bad Request
$ sudo ./cproxy --port 8888 -- wget google.com
--2022-10-14 15:56:45-- http://google.com/
Resolving google.com (google.com)... 142.250.204.142, 2404:6800:4005:80e::200e
Connecting to google.com (google.com)|142.250.204.142|:80... connected.
HTTP request sent, awaiting response... 400 Bad Request
2022-10-14 15:56:45 ERROR 400: Bad Request.
Error: iptables exit with 4
Error info :
└─# ./.cargo/bin/cproxy --port 60080 --redirect-dns -- bash
iptables v1.8.5 (nf_tables): RULE_APPEND failed (Invalid argument): rule in chain nozomi_tproxy_out_2556086
Error: iptables -t nat -A nozomi_tproxy_out_2556086 -p tcp -m cgroup --path cproxy-2556086 -j REDIRECT --to-ports 60080 exit with 4
┌──(root💀kali)-[/home/kali]
└─# iptables -t nat -nvL 1 ⨯
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
465 106K DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
0 0 nozomi_tproxy_out_2556086 all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
Chain nozomi_tproxy_out_2556086 (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN udp -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 RETURN tcp -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 REDIRECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 cgroup 2556086 redir ports 60080
my system info:
└─# uname -a
Linux kali 5.9.0-kali1-amd64 #1 SMP Debian 5.9.1-1kali2 (2020-10-29) x86_64 GNU/Linux
└─# ./.cargo/bin/cproxy --version
cproxy 4.1.2
└─# iptables --version
iptables v1.8.5 (nf_tables)
transparent proxy on other ip ?
Thanks for this awesome repo! I wonder if this app support proxy on another machine, such as a router on the same lan?
[Feature request] target a specific interface
It'll be like:
curl ifconfig.me --interface eth1With cproxy1:
cproxy --interface eth1 -- curl ifconfig.meFootnotes
跟clash的redir-port无法打通
跟clash的redir-port无法打通
clash的redir-port和tproxy是等同的吗?
iptables cannot be used with setuid
I've encountered iptables errors recently:
$ cproxy mpv xxxx
Error: Running ["iptables", "-t", "nat", "-N", "nozomi_redirect_out_23962"] exited with error; status code: 111
It may be related to a change introduced in iptables 1.8.8, that iptables cannot be called by a setuid executable. See https://git.netfilter.org/iptables/commit/?id=ef7781eb1437a2d6fd37eb3567c599e3ea682b96
I'm not sure how to deal with it, but I think Linux capabilities is an option.
IPv6 Support?
It seems that cproxy is not supporting IPv6 proxying?
panicked error
$uname -a
Linux LightgrayBleak-VM 5.4.0-131-generic #147-Ubuntu SMP Fri Oct 14 17:07:22 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
$iptables -V
iptables v1.8.4 (legacy)
$ls /sys/fs/cgroup/
blkio cpuacct cpuset freezer memory net_cls,net_prio perf_event rdma unified
cpu cpu,cpuacct devices hugetlb net_cls net_prio pids systemd
$cproxy --port 59999 --mode tproxy -- curl 1.1.1.1
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cloudflare</center>
</body>
</html>
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Error { kind: RemoveFailed, cause: Some(Os { code: 16, kind: ResourceBusy, message: "Resource busy" }) }', src/guards.rs:41:26
stack backtrace:
0: 0x7fb3eb0bfea0 - std::backtrace_rs::backtrace::libunwind::trace::hb16dbf761681cfc0
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/../../backtrace/src/backtrace/libunwind.rs:90:5
1: 0x7fb3eb0bfea0 - std::backtrace_rs::backtrace::trace_unsynchronized::h53bc5f57122de54d
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
2: 0x7fb3eb0bfea0 - std::sys_common::backtrace::_print_fmt::h7e86959aa36cde43
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/sys_common/backtrace.rs:67:5
3: 0x7fb3eb0bfea0 - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::hf42958820747a8ac
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/sys_common/backtrace.rs:46:22
4: 0x7fb3eb0f96ac - core::fmt::write::h6f5ededa5074697e
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/core/src/fmt/mod.rs:1115:17
5: 0x7fb3eb0bd375 - std::io::Write::write_fmt::hdb84dc6c28fda870
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/io/mod.rs:1665:15
6: 0x7fb3eb0c21cb - std::sys_common::backtrace::_print::hbb646398d13d0dcb
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/sys_common/backtrace.rs:49:5
7: 0x7fb3eb0c21cb - std::sys_common::backtrace::print::ha3796c9cf0c5a732
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/sys_common/backtrace.rs:36:9
8: 0x7fb3eb0c21cb - std::panicking::default_hook::{{closure}}::hb85a09d7e9a16432
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:208:50
9: 0x7fb3eb0c1ca1 - std::panicking::default_hook::hdc924e74cb190bbb
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:225:9
10: 0x7fb3eb0c2894 - std::panicking::rust_panic_with_hook::hd63b080e78590a80
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:622:17
11: 0x7fb3eb0c2377 - std::panicking::begin_panic_handler::{{closure}}::h27bfba1f7e931f90
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:519:13
12: 0x7fb3eb0c033c - std::sys_common::backtrace::__rust_end_short_backtrace::h2cc025f6c95b1f82
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/sys_common/backtrace.rs:141:18
13: 0x7fb3eb0c22d9 - rust_begin_unwind
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:515:5
14: 0x7fb3eaf32081 - core::panicking::panic_fmt::h9f5a85773697c5f5
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/core/src/panicking.rs:92:14
15: 0x7fb3eaf32173 - core::result::unwrap_failed::h43465fb8e3273283
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/core/src/result.rs:1599:5
16: 0x7fb3eaf33c3a - <cproxy::guards::CGroupGuard as core::ops::drop::Drop>::drop::he0f5772e67446932
17: 0x7fb3eaf723dd - core::ptr::drop_in_place<cproxy::guards::TProxyGuard>::h5bc32170f22a3d77
18: 0x7fb3eaf75398 - cproxy::main::h7becfa773d4442f6
19: 0x7fb3eaf77e53 - std::sys_common::backtrace::__rust_begin_short_backtrace::h51261908630a884f
20: 0x7fb3eaf65f9d - std::rt::lang_start::{{closure}}::h670ee57be18ae9fa
21: 0x7fb3eb0c2cf0 - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h5edb75ac3af12064
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/core/src/ops/function.rs:259:13
22: 0x7fb3eb0c2cf0 - std::panicking::try::do_call::h4398f4e6da05592f
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:401:40
23: 0x7fb3eb0c2cf0 - std::panicking::try::h3fe03463ab3f9a9d
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:365:19
24: 0x7fb3eb0c2cf0 - std::panic::catch_unwind::h3f31a496b3e5f0e5
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panic.rs:434:14
25: 0x7fb3eb0c2cf0 - std::rt::lang_start_internal::{{closure}}::h24e3f631c8bb6bd5
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/rt.rs:45:48
26: 0x7fb3eb0c2cf0 - std::panicking::try::do_call::h9268f45ee0925288
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:401:40
27: 0x7fb3eb0c2cf0 - std::panicking::try::he93fcdbaacc3daf7
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panicking.rs:365:19
28: 0x7fb3eb0c2cf0 - std::panic::catch_unwind::hca9f2323bf3773b4
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/panic.rs:434:14
29: 0x7fb3eb0c2cf0 - std::rt::lang_start_internal::hfee0032b3594c35b
at /rustc/c8dfcfe046a7680554bf4eb612bad840e7631c4b/library/std/src/rt.rs:45:20
30: 0x7fb3eaf75872 - main
[功能需求]是否可以增加选项使用局域网已有的socks5代理服务器?
举例局域网内已经有socks5代理 10.0.0.5:1080
是否可以增加选项使用局域网已有的这个socks5代理服务器?
例如使用格式是:
cproxy --ip 10.0.0.5 --port 1080 --redirect-dns --
谢谢!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.