SHARE
TWEET

Untitled

a guest Sep 3rd, 2019 73 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Инструкции для установки пакетов и логирования.
  2. ## Proxing via Tor
  3. _Complex proxy to send some traffic via Tor._
  4. _Optional obfs4 is included._
  5.  
  6. First install packages:
  7. `pacman -S tor privoxy squid`
  8.  
  9.  
  10. Add to /etc/tor/torrc:
  11. `RunAsDaemon 0`
  12. `ExcludeExitNodes {ru}, {ua}, {by}, {kz}, {cn}`
  13. `ExitPolicy reject *:* # no exits allowed`
  14. `ExitPolicy reject6 *:* # no exits allowed`
  15.  
  16. Needed for logs:
  17. `mkdir /var/lib/tor`
  18. `sudo chown -R tor:tor /var/lib/tor`
  19.  
  20. Turn on Tor:
  21. `systemctl enable tor`
  22. `systemctl start tor`
  23.  
  24. Replace /etc/privoxy/config with ~/wiki/privoxy/config:
  25. `cp -rf /privoxy/config /etc/privoxy/config`
  26.  
  27. Prepare:
  28. `chown root:root /etc/privoxy/config`
  29.  
  30. Enable Privoxy:
  31. `systemctl enable privoxy`
  32. `systemctl start privoxy`
  33.  
  34. Cook Squid:
  35. Replace /etc/squid/squid.conf with ~/wiki/squid/squid.conf
  36. `cp -rf ~/wiki/squid/squid.conf /etc/squid/squid.conf`
  37.  
  38. Add lists:
  39. `cp ~/wiki/config /etc/squid/redirect-to-tor.dat`
  40. `cp /wiki/config /etc/squid/blacklist.dat`
  41.  
  42. Enable service:
  43. `systemctl enable squid.service`
  44.  
  45. Needed dirs:
  46. `mkdir /var/cache/squid`
  47. `mkdir /var/log/squid`
  48. `mkdir /etc/squid/acl/`
  49. `sudo chown -R proxy:proxy /var/cache/squid`
  50. `sudo chown -R proxy:proxy /var/log/squid`
  51.  
  52. Accept settings:
  53. `squid -k parse`
  54. `squid -k reconfigure`
  55. `systemctl enable squid`
  56. `systemctl start squid`
  57.  
  58. Add to /etc/environment to use proxy for all connections:
  59. `all_proxy=http://127/0.0.1:3128`
  60. `http_proxy=http://127.0.0.1:3128`
  61. `https_proxy=http://127.0.0.1:3128`
  62. `ftp_proxy=http://127.0.0.1:3128`
  63. `no_proxy=localhost,127.0.0.1,::1`
  64.  
  65.  
  66. ### Obfs hiding (optional):
  67. `trizen -S obfs4proxy`
  68.  
  69. Add to /etc/tor/trorrc:
  70. `BridgeRelay 1`
  71. `ORPort 9001`
  72. `ExtORPort auto`
  73. `ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy`
  74.  
  75.  
  76. squid.conf (из инстуркции):
  77. acl SSL_ports port 443
  78. acl Safe_ports port 80        # http
  79. acl Safe_ports port 21        # ftp
  80. acl Safe_ports port 443        # https
  81. acl Safe_ports port 70        # gopher
  82. acl Safe_ports port 210        # wais
  83. acl Safe_ports port 1025-65535    # unregistered ports
  84. acl Safe_ports port 280        # http-mgmt
  85. acl Safe_ports port 488        # gss-http
  86. acl Safe_ports port 591        # filemaker
  87. acl Safe_ports port 777        # multiling http
  88. acl CONNECT method CONNECT
  89.  
  90. # Blacklist
  91. acl banners dstdomain "/etc/squid/blacklist.dat"
  92.  
  93. # Redirect to Tor urls
  94. acl redirect-to-tor dstdomain "/etc/squid/redirect-to-tor.dat"
  95. acl redirect-to-onion dstdomain .onion
  96.  
  97. # Where we redirect
  98. cache_peer 127.0.0.1 parent 8118 0 no-query proxy-only default name=tor-proxy-01
  99. never_direct allow redirect-to-tor
  100. never_direct allow redirect-to-onion
  101. always_direct allow all !redirect-to-tor !redirect-to-onion
  102.  
  103. http_access deny banners
  104. http_access deny !Safe_ports
  105. http_access deny CONNECT !SSL_ports
  106. http_access allow localhost manager
  107. http_access deny manager
  108. http_access allow localhost
  109. http_access deny all
  110. http_port 3128
  111.  
  112. coredump_dir /var/spool/squid/
  113.  
  114. refresh_pattern ^ftp:        1440    20%    10080
  115. refresh_pattern ^gopher:    1440    0%    1440
  116. refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
  117. refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
  118. refresh_pattern .        0    20%    4320
  119.  
  120. shutdown_lifetime 3 seconds
  121.  
  122. redirect-to-tor.dat создаётся в том же каталоге в формате:
  123. rutracker.org
  124. 2ip.ru
  125. ...и так далее
  126.  
  127. blacklist.dat в том же каталоге в формате:
  128. .adchoices.com
  129. .adchoices.info
  130. .adchoices.net
  131. .adchoices.org
  132. .adchoices.uk
  133. .addthis.com
  134. ...и так далее, найдите сами что нужно для адблока.
  135.  
  136. config для privoxy:
  137. forward-socks4a / 127.0.0.1:9050 .
  138. confdir /etc/privoxy
  139. logdir /var/log/privoxy
  140. actionsfile default.action # Main actions file
  141. actionsfile user.action # User customizations
  142. filterfile default.filter
  143.  
  144. logfile logfile
  145.  
  146. debug 4096 # Startup banner and warnings
  147. debug 8192 # Errors
  148.  
  149. user-manual /usr/share/doc/privoxy/user-manual
  150. listen-address 127.0.0.1:8118
  151. toggle 1
  152. enable-remote-toggle 0
  153. enable-edit-actions 0
  154. enable-remote-http-toggle 0
  155. buffer-limit 4096
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top