我正在寻找一种方法来在 Windows 或 Linux 上打开一个绑定到 OpenVPN 或 L2TP 或 PPTP 客户端的代理服务器,这样连接到代理的用户就会连接到 VPN 服务器和主机(代理服务器),无论是 Linux 还是 Windows,都不应该将任何流量路由到 VPN 客户端,除了从代理端来往的流量。
用户 <---> 代理服务器 <---> openvpn 客户端 <----> 互联网
到目前为止,我发现了类似的建议:运行 ForceBindIP 将 freesshd 绑定到 openvpn 客户端的 TUN 接口,并使用 putty 连接到 freesshd 和 putty 公开 socks5,但它没有起作用。
非常感谢您的帮助
PS:我是 Linux 世界的新手:)
答案1
因此,我最终使用 Dante 作为我的 Socks 代理服务器,并使用 OpenVPN 服务器分配的 IP 作为外部 IP,并且我可以连接到代理,并且流量将通过 OpenVPN 路由,但问题是我所有的操作系统流量都经过 OpenVPN,这是我不希望的,我只希望我的 Socks 流量通过它,而 OpenVPN 只监听它。
我使用了route-noexec
并pull-filter ignore redirect-gateway
经过逐一测试,发现问题是没有流量从袜子中经过。
我的 /etc/danted.conf:
logoutput: /var/log/socks.log
internal: ens192 port = 1080
external: 172.25.0.10
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
socks block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
systemctl 状态 openvpn@dl19-T:
root@CaptainMarvel:~# systemctl status openvpn@dl19-T
● [email protected] - OpenVPN connection to dl19-T
Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: active (running) since Sun 2023-01-22 07:09:42 EST; 13s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Main PID: 13527 (openvpn)
Status: "Initialization Sequence Completed"
Tasks: 1 (limit: 629145)
Memory: 1.0M
CPU: 33ms
CGroup: /system.slice/system-openvpn.slice/[email protected]
└─13527 /usr/sbin/openvpn --daemon ovpn-dl19-T --status /run/openvpn/dl19-T.status 10 --cd /etc/openvpn --config /etc/openvpn/dl19-T.conf --writepid /run/openvpn/dl19-T.pid
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: ROUTE_GATEWAY 192.168.11.111/255.255.255.0 IFACE=ens192 HWADDR=00:0c:29:2d:7f:1b
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: TUN/TAP device tun0 opened
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_iface_mtu_set: mtu 1500 for tun0
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_iface_up: set tun0 up
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_addr_v4_add: 172.25.0.10/24 dev tun0
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 87.248.155.111/32 via 192.168.11.111 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 0.0.0.0/1 via 172.25.0.1 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 128.0.0.0/1 via 172.25.0.1 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: Initialization Sequence Completed