Guest User

Untitled

a guest
Sep 3rd, 2019
500
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Инструкции для установки пакетов и логирования.
  2. ## Proxing via Tor
  3. _Complex proxy to send some traffic via Tor._
  4. _Optional obfs4 is included._
  5.  
  6. First install packages:
  7. `pacman -S tor privoxy squid`
  8.  
  9.  
  10. Add to /etc/tor/torrc:
  11. `RunAsDaemon 0`
  12. `ExcludeExitNodes {ru}, {ua}, {by}, {kz}, {cn}`
  13. `ExitPolicy reject *:* # no exits allowed`
  14. `ExitPolicy reject6 *:* # no exits allowed`
  15.  
  16. Needed for logs:
  17. `mkdir /var/lib/tor`
  18. `sudo chown -R tor:tor /var/lib/tor`
  19.  
  20. Turn on Tor:
  21. `systemctl enable tor`
  22. `systemctl start tor`
  23.  
  24. Replace /etc/privoxy/config with ~/wiki/privoxy/config:
  25. `cp -rf /privoxy/config /etc/privoxy/config`
  26.  
  27. Prepare:
  28. `chown root:root /etc/privoxy/config`
  29.  
  30. Enable Privoxy:
  31. `systemctl enable privoxy`
  32. `systemctl start privoxy`
  33.  
  34. Cook Squid:
  35. Replace /etc/squid/squid.conf with ~/wiki/squid/squid.conf
  36. `cp -rf ~/wiki/squid/squid.conf /etc/squid/squid.conf`
  37.  
  38. Add lists:
  39. `cp ~/wiki/config /etc/squid/redirect-to-tor.dat`
  40. `cp /wiki/config /etc/squid/blacklist.dat`
  41.  
  42. Enable service:
  43. `systemctl enable squid.service`
  44.  
  45. Needed dirs:
  46. `mkdir /var/cache/squid`
  47. `mkdir /var/log/squid`
  48. `mkdir /etc/squid/acl/`
  49. `sudo chown -R proxy:proxy /var/cache/squid`
  50. `sudo chown -R proxy:proxy /var/log/squid`
  51.  
  52. Accept settings:
  53. `squid -k parse`
  54. `squid -k reconfigure`
  55. `systemctl enable squid`
  56. `systemctl start squid`
  57.  
  58. Add to /etc/environment to use proxy for all connections:
  59. `all_proxy=http://127/0.0.1:3128`
  60. `http_proxy=http://127.0.0.1:3128`
  61. `https_proxy=http://127.0.0.1:3128`
  62. `ftp_proxy=http://127.0.0.1:3128`
  63. `no_proxy=localhost,127.0.0.1,::1`
  64.  
  65.  
  66. ### Obfs hiding (optional):
  67. `trizen -S obfs4proxy`
  68.  
  69. Add to /etc/tor/trorrc:
  70. `BridgeRelay 1`
  71. `ORPort 9001`
  72. `ExtORPort auto`
  73. `ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy`
  74.  
  75.  
  76. squid.conf (из инстуркции):
  77. acl SSL_ports port 443
  78. acl Safe_ports port 80 # http
  79. acl Safe_ports port 21 # ftp
  80. acl Safe_ports port 443 # https
  81. acl Safe_ports port 70 # gopher
  82. acl Safe_ports port 210 # wais
  83. acl Safe_ports port 1025-65535 # unregistered ports
  84. acl Safe_ports port 280 # http-mgmt
  85. acl Safe_ports port 488 # gss-http
  86. acl Safe_ports port 591 # filemaker
  87. acl Safe_ports port 777 # multiling http
  88. acl CONNECT method CONNECT
  89.  
  90. # Blacklist
  91. acl banners dstdomain "/etc/squid/blacklist.dat"
  92.  
  93. # Redirect to Tor urls
  94. acl redirect-to-tor dstdomain "/etc/squid/redirect-to-tor.dat"
  95. acl redirect-to-onion dstdomain .onion
  96.  
  97. # Where we redirect
  98. cache_peer 127.0.0.1 parent 8118 0 no-query proxy-only default name=tor-proxy-01
  99. never_direct allow redirect-to-tor
  100. never_direct allow redirect-to-onion
  101. always_direct allow all !redirect-to-tor !redirect-to-onion
  102.  
  103. http_access deny banners
  104. http_access deny !Safe_ports
  105. http_access deny CONNECT !SSL_ports
  106. http_access allow localhost manager
  107. http_access deny manager
  108. http_access allow localhost
  109. http_access deny all
  110. http_port 3128
  111.  
  112. coredump_dir /var/spool/squid/
  113.  
  114. refresh_pattern ^ftp: 1440 20% 10080
  115. refresh_pattern ^gopher: 1440 0% 1440
  116. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  117. refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
  118. refresh_pattern . 0 20% 4320
  119.  
  120. shutdown_lifetime 3 seconds
  121.  
  122. redirect-to-tor.dat создаётся в том же каталоге в формате:
  123. rutracker.org
  124. 2ip.ru
  125. ...и так далее
  126.  
  127. blacklist.dat в том же каталоге в формате:
  128. .adchoices.com
  129. .adchoices.info
  130. .adchoices.net
  131. .adchoices.org
  132. .adchoices.uk
  133. .addthis.com
  134. ...и так далее, найдите сами что нужно для адблока.
  135.  
  136. config для privoxy:
  137. forward-socks4a / 127.0.0.1:9050 .
  138. confdir /etc/privoxy
  139. logdir /var/log/privoxy
  140. actionsfile default.action # Main actions file
  141. actionsfile user.action # User customizations
  142. filterfile default.filter
  143.  
  144. logfile logfile
  145.  
  146. debug 4096 # Startup banner and warnings
  147. debug 8192 # Errors
  148.  
  149. user-manual /usr/share/doc/privoxy/user-manual
  150. listen-address 127.0.0.1:8118
  151. toggle 1
  152. enable-remote-toggle 0
  153. enable-edit-actions 0
  154. enable-remote-http-toggle 0
  155. buffer-limit 4096
RAW Paste Data