OpenVPN、L2TP 或 PPTP 客户端代理（http 或 socks 4/5）

Question

因此，我最终使用 Dante 作为我的 Socks 代理服务器，并使用 OpenVPN 服务器分配的 IP 作为外部 IP，并且我可以连接到代理，并且流量将通过 OpenVPN 路由，但问题是我所有的操作系统流量都经过 OpenVPN，这是我不希望的，我只希望我的 Socks 流量通过它，而 OpenVPN 只监听它。

我使用了route-noexec并pull-filter ignore redirect-gateway经过逐一测试，发现问题是没有流量从袜子中经过。

我的 /etc/danted.conf：

logoutput: /var/log/socks.log
internal: ens192 port = 1080
external: 172.25.0.10
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobody

client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
client block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}
socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
socks block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}

systemctl 状态 openvpn@dl19-T：

root@CaptainMarvel:~# systemctl status openvpn@dl19-T
● [email protected] - OpenVPN connection to dl19-T
     Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2023-01-22 07:09:42 EST; 13s ago
       Docs: man:openvpn(8)
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
   Main PID: 13527 (openvpn)
     Status: "Initialization Sequence Completed"
      Tasks: 1 (limit: 629145)
     Memory: 1.0M
        CPU: 33ms
     CGroup: /system.slice/system-openvpn.slice/[email protected]
             └─13527 /usr/sbin/openvpn --daemon ovpn-dl19-T --status /run/openvpn/dl19-T.status 10 --cd /etc/openvpn --config /etc/openvpn/dl19-T.conf --writepid /run/openvpn/dl19-T.pid

Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: ROUTE_GATEWAY 192.168.11.111/255.255.255.0 IFACE=ens192 HWADDR=00:0c:29:2d:7f:1b
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: TUN/TAP device tun0 opened
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_iface_mtu_set: mtu 1500 for tun0
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_iface_up: set tun0 up
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_addr_v4_add: 172.25.0.10/24 dev tun0
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 87.248.155.111/32 via 192.168.11.111 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 0.0.0.0/1 via 172.25.0.1 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 128.0.0.0/1 via 172.25.0.1 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: Initialization Sequence Completed

Answer 1

因此，我最终使用 Dante 作为我的 Socks 代理服务器，并使用 OpenVPN 服务器分配的 IP 作为外部 IP，并且我可以连接到代理，并且流量将通过 OpenVPN 路由，但问题是我所有的操作系统流量都经过 OpenVPN，这是我不希望的，我只希望我的 Socks 流量通过它，而 OpenVPN 只监听它。

我使用了route-noexec并pull-filter ignore redirect-gateway经过逐一测试，发现问题是没有流量从袜子中经过。

我的 /etc/danted.conf：

logoutput: /var/log/socks.log
internal: ens192 port = 1080
external: 172.25.0.10
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobody

client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
client block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}
socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
socks block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}

systemctl 状态 openvpn@dl19-T：

root@CaptainMarvel:~# systemctl status openvpn@dl19-T
● [email protected] - OpenVPN connection to dl19-T
     Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2023-01-22 07:09:42 EST; 13s ago
       Docs: man:openvpn(8)
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
   Main PID: 13527 (openvpn)
     Status: "Initialization Sequence Completed"
      Tasks: 1 (limit: 629145)
     Memory: 1.0M
        CPU: 33ms
     CGroup: /system.slice/system-openvpn.slice/[email protected]
             └─13527 /usr/sbin/openvpn --daemon ovpn-dl19-T --status /run/openvpn/dl19-T.status 10 --cd /etc/openvpn --config /etc/openvpn/dl19-T.conf --writepid /run/openvpn/dl19-T.pid

Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: ROUTE_GATEWAY 192.168.11.111/255.255.255.0 IFACE=ens192 HWADDR=00:0c:29:2d:7f:1b
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: TUN/TAP device tun0 opened
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_iface_mtu_set: mtu 1500 for tun0
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_iface_up: set tun0 up
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_addr_v4_add: 172.25.0.10/24 dev tun0
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 87.248.155.111/32 via 192.168.11.111 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 0.0.0.0/1 via 172.25.0.1 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: net_route_v4_add: 128.0.0.0/1 via 172.25.0.1 dev [NULL] table 0 metric -1
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Jan 22 07:09:45 CaptainMarvel ovpn-dl19-T[13527]: Initialization Sequence Completed

OpenVPN、L2TP 或 PPTP 客户端代理（http 或 socks 4/5）

答案1

相关内容