Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Инструкции для установки пакетов и логирования.
- ## Proxing via Tor
- _Complex proxy to send some traffic via Tor._
- _Optional obfs4 is included._
- First install packages:
- `pacman -S tor privoxy squid`
- Add to /etc/tor/torrc:
- `RunAsDaemon 0`
- `ExcludeExitNodes {ru}, {ua}, {by}, {kz}, {cn}`
- `ExitPolicy reject *:* # no exits allowed`
- `ExitPolicy reject6 *:* # no exits allowed`
- Needed for logs:
- `mkdir /var/lib/tor`
- `sudo chown -R tor:tor /var/lib/tor`
- Turn on Tor:
- `systemctl enable tor`
- `systemctl start tor`
- Replace /etc/privoxy/config with ~/wiki/privoxy/config:
- `cp -rf /privoxy/config /etc/privoxy/config`
- Prepare:
- `chown root:root /etc/privoxy/config`
- Enable Privoxy:
- `systemctl enable privoxy`
- `systemctl start privoxy`
- Cook Squid:
- Replace /etc/squid/squid.conf with ~/wiki/squid/squid.conf
- `cp -rf ~/wiki/squid/squid.conf /etc/squid/squid.conf`
- Add lists:
- `cp ~/wiki/config /etc/squid/redirect-to-tor.dat`
- `cp /wiki/config /etc/squid/blacklist.dat`
- Enable service:
- `systemctl enable squid.service`
- Needed dirs:
- `mkdir /var/cache/squid`
- `mkdir /var/log/squid`
- `mkdir /etc/squid/acl/`
- `sudo chown -R proxy:proxy /var/cache/squid`
- `sudo chown -R proxy:proxy /var/log/squid`
- Accept settings:
- `squid -k parse`
- `squid -k reconfigure`
- `systemctl enable squid`
- `systemctl start squid`
- Add to /etc/environment to use proxy for all connections:
- `all_proxy=http://127/0.0.1:3128`
- `http_proxy=http://127.0.0.1:3128`
- `https_proxy=http://127.0.0.1:3128`
- `ftp_proxy=http://127.0.0.1:3128`
- `no_proxy=localhost,127.0.0.1,::1`
- ### Obfs hiding (optional):
- `trizen -S obfs4proxy`
- Add to /etc/tor/trorrc:
- `BridgeRelay 1`
- `ORPort 9001`
- `ExtORPort auto`
- `ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy`
- squid.conf (из инстуркции):
- acl SSL_ports port 443
- acl Safe_ports port 80 # http
- acl Safe_ports port 21 # ftp
- acl Safe_ports port 443 # https
- acl Safe_ports port 70 # gopher
- acl Safe_ports port 210 # wais
- acl Safe_ports port 1025-65535 # unregistered ports
- acl Safe_ports port 280 # http-mgmt
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
- acl CONNECT method CONNECT
- # Blacklist
- acl banners dstdomain "/etc/squid/blacklist.dat"
- # Redirect to Tor urls
- acl redirect-to-tor dstdomain "/etc/squid/redirect-to-tor.dat"
- acl redirect-to-onion dstdomain .onion
- # Where we redirect
- cache_peer 127.0.0.1 parent 8118 0 no-query proxy-only default name=tor-proxy-01
- never_direct allow redirect-to-tor
- never_direct allow redirect-to-onion
- always_direct allow all !redirect-to-tor !redirect-to-onion
- http_access deny banners
- http_access deny !Safe_ports
- http_access deny CONNECT !SSL_ports
- http_access allow localhost manager
- http_access deny manager
- http_access allow localhost
- http_access deny all
- http_port 3128
- coredump_dir /var/spool/squid/
- refresh_pattern ^ftp: 1440 20% 10080
- refresh_pattern ^gopher: 1440 0% 1440
- refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
- refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
- refresh_pattern . 0 20% 4320
- shutdown_lifetime 3 seconds
- redirect-to-tor.dat создаётся в том же каталоге в формате:
- rutracker.org
- 2ip.ru
- ...и так далее
- blacklist.dat в том же каталоге в формате:
- .adchoices.com
- .adchoices.info
- .adchoices.net
- .adchoices.org
- .adchoices.uk
- .addthis.com
- ...и так далее, найдите сами что нужно для адблока.
- config для privoxy:
- forward-socks4a / 127.0.0.1:9050 .
- confdir /etc/privoxy
- logdir /var/log/privoxy
- actionsfile default.action # Main actions file
- actionsfile user.action # User customizations
- filterfile default.filter
- logfile logfile
- debug 4096 # Startup banner and warnings
- debug 8192 # Errors
- user-manual /usr/share/doc/privoxy/user-manual
- listen-address 127.0.0.1:8118
- toggle 1
- enable-remote-toggle 0
- enable-edit-actions 0
- enable-remote-http-toggle 0
- buffer-limit 4096
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement