使用Privoxy 将socks5代理转成http代理
*** 作系统 CentOS 7
用yum命令看一下,是最新版本
直接安装 privoxy
配置文件位于目录: /etc/privoxy
修改绑定地址,搜索 ==listen-address== ,修改需要绑定的IP
设置socks5 转发,搜索 ==forward-socks5t== ,去掉注释,修改对应IP
配置不走代理,直接本地转发的
由于网络不稳定,经常出现503,增加转发重试
默认值是:0
默认值是:128
这个用于开启和关闭广告过滤和内容过滤,1表示开启,0表示关闭
默认值是:1
共享连接
是否保持活动的传出连接应该在不同的传入连接之间共享
拦截服务端禁止在iframe中加载的响应头,在user.action 末尾添加
只能处理http的连接
修改服务端的响应头,去掉设置cookie时的 HttpOnly ,让客户端可以通过js获取cookie
Privoxy 使用类似Perl的 s/// *** 作来实现对内容的替换修改
只能处理http的连接
在user.filter文件中新增
在user.action文件中新增
浏览器配置代理指向privoxy
访问地址: http://p.p/ 可以进入到privoxy的一个管理页面
访问地址: https://check.torproject.org/ 可以进入到一个tor检查页面
Shell代码nvidia@linux-z0ya:~/Desktop/privoxy-3.0.3-stable>make
***
*** To build this program, you must run
*** autoheader &&autoconf &&./configure and then run GNU make.
***
*** Shall I do this for you now? (y/n) y
autoheader: WARNING: Using auxiliary files such as `acconfig.h', `config.h.bot'
autoheader: WARNING: and `config.h.top', to define templates for `config.h.in'
autoheader: WARNING: is deprecated and discouraged.
autoheader:
autoheader: WARNING: Using the third argument of `AC_DEFINE' and
autoheader: WARNING: `AC_DEFINE_UNQUOTED' allows to define a template without
autoheader: WARNING: `acconfig.h':
autoheader:
autoheader: WARNING: AC_DEFINE([NEED_FUNC_MAIN], 1,
autoheader: [Define if a function `main' is needed.])
autoheader:
autoheader: WARNING: More sophisticated templates can also be produced, see the
autoheader: WARNING: documentation.
configure.in:662: warning: AC_CANONICAL_HOST invoked multiple times
autoconf/specific.m4:393: AC_MINGW32 is expanded from...
configure.in:662: the top level
configure.in:663: warning: AC_CANONICAL_HOST invoked multiple times
autoconf/specific.m4:363: AC_CYGWIN is expanded from...
configure.in:663: the top level
configure.in:662: warning: AC_CANONICAL_HOST invoked multiple times
autoconf/specific.m4:393: AC_MINGW32 is expanded from...
configure.in:662: the top level
configure.in:663: warning: AC_CANONICAL_HOST invoked multiple times
autoconf/specific.m4:363: AC_CYGWIN is expanded from...
configure.in:663: the top level
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking how to run the C preprocessor... gcc -E
checking for a BSD-compatible install... /usr/bin/install -c
checking whether ln -s works... yes
checking whether make sets $(MAKE)... yes
checking for gawk... gawk
checking for gdb... yes
checking for groups... /usr/bin/groups
checking for id... /usr/bin/id
configure: WARNING: There is no user 'privoxy' on this system
checking for user... none specified
checking for group... none specified
checking for w3m... w3m
checking for db2html... no
checking for docbook2html... no
checking for rpm... rpm
checking for jade... no
checking for openjade... no
checking for man2html... no
checking for /usr/share/sgml/docbook/dsssl-stylesheets... no
checking for /usr/share/sgml/docbkdsl... no
checking for /usr/share/sgml/docbook-dsssl... no
checking for /usr/local/share/sgml/docbook/dsssl/modular... no
checking for /usr/share/sgml/docbook/stylesheet/dsssl/modular/... no
checking for /usr/share/sgml/CATALOG.docbk30... no
checking for /usr/share/sgml/CATALOG.docbk31... no
checking for /usr/share/sgml/CATALOG.docbk31... no
checking for /usr/local/share/sgml/docbook/3.0/docbook.cat... no
checking for /usr/local/share/sgml/docbook/3.1/docbook.cat... no
checking for /usr/share/sgml/docbook/dtd/3.1/docbook.cat... no
checking for egrep... grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking pthread.h usability... yes
checking pthread.h presence... yes
checking for pthread.h... yes
Using POSIX threads
checking for gethostbyname in -lnsl... yes
checking for gethostbyaddr_r... yes
checking signature of gethostbyaddr_r... 8 args
checking for gethostbyname_r... yes
checking signature of gethostbyname_r... 6 args
checking for gmtime_r... yes
checking signature of gmtime_r... ok
checking for localtime_r... yes
checking signature of localtime_r... ok
checking for socklen_t... yes
checking for ANSI C header files... (cached) yes
checking for dirent.h that defines DIR... yes
checking for library containing opendir... none required
checking for an ANSI C-conforming const... yes
checking for size_t... yes
checking for pid_t... yes
checking whether time.h and sys/time.h may both be included... yes
checking whether struct tm is in sys/time.h or time.h... time.h
checking for int... yes
checking size of int... 4
checking for char *... yes
checking size of char *... 4
checking for long... yes
checking size of long... 4
checking for long long... yes
checking size of long long... 8
checking for size_t... (cached) yes
checking size of size_t... 4
checking OS.h usability... no
checking OS.h presence... no
checking for OS.h... no
checking arpa/inet.h usability... yes
checking arpa/inet.h presence... yes
checking for arpa/inet.h... yes
checking errno.h usability... yes
checking errno.h presence... yes
checking for errno.h... yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking locale.h usability... yes
checking locale.h presence... yes
checking for locale.h... yes
checking netdb.h usability... yes
checking netdb.h presence... yes
checking for netdb.h... yes
checking netinet/in.h usability... yes
checking netinet/in.h presence... yes
checking for netinet/in.h... yes
checking stddef.h usability... yes
checking stddef.h presence... yes
checking for stddef.h... yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking sys/ioctl.h usability... yes
checking sys/ioctl.h presence... yes
checking for sys/ioctl.h... yes
checking sys/socket.h usability... yes
checking sys/socket.h presence... yes
checking for sys/socket.h... yes
checking sys/time.h usability... yes
checking sys/time.h presence... yes
checking for sys/time.h... yes
checking sys/timeb.h usability... yes
checking sys/timeb.h presence... yes
checking for sys/timeb.h... yes
checking sys/wait.h usability... yes
checking sys/wait.h presence... yes
checking for sys/wait.h... yes
checking for unistd.h... (cached) yes
checking for strerror... yes
checking for bcopy... yes
checking for memmove... yes
checking whether gcc needs -traditional... no
checking whether setpgrp takes no argument... yes
checking return type of signal handlers... void
checking for atexit... yes
checking for getcwd... yes
checking for gethostbyaddr... yes
checking for gethostbyname... yes
checking for inet_ntoa... yes
checking for localtime_r... (cached) yes
checking for memchr... yes
checking for memmove... (cached) yes
checking for memset... yes
checking for regcomp... yes
checking for select... yes
checking for setlocale... yes
checking for socket... yes
checking for strchr... yes
checking for strdup... yes
checking for strerror... (cached) yes
checking for strftime... yes
checking for strstr... yes
checking for strtoul... yes
checking for pcre_compile in -lpcre... yes
checking pcre.h usability... yes
checking pcre.h presence... yes
checking for pcre.h... yes
checking for regcomp in -lpcreposix... yes
checking pcreposix.h usability... yes
checking pcreposix.h presence... yes
checking for pcreposix.h... yes
checking for pcrs_compile in -lpcrs... no
using libpcre
using built-in static pcrs
configure: creating ./config.status
config.status: creating GNUmakefile
config.status: creating doc/source/ldp.dsl
config.status: creating config.h
gmake[1]: Entering directory `/home/nvidia/Desktop/privoxy-3.0.3-stable'
gcc -c -pipe -O2 -pthread -Wall actions.c -o actions.o
gcc -c -pipe -O2 -pthread -Wall cgi.c -o cgi.o
gcc -c -pipe -O2 -pthread -Wall cgiedit.c -o cgiedit.o
gcc -c -pipe -O2 -pthread -Wall cgisimple.c -o cgisimple.o
gcc -c -pipe -O2 -pthread -Wall deanimate.c -o deanimate.o
gcc -c -pipe -O2 -pthread -Wall encode.c -o encode.o
gcc -c -pipe -O2 -pthread -Wall errlog.c -o errlog.o
gcc -c -pipe -O2 -pthread -Wall filters.c -o filters.o
gcc -c -pipe -O2 -pthread -Wall gateway.c -o gateway.o
gcc -c -pipe -O2 -pthread -Wall jbsockets.c -o jbsockets.o
gcc -c -pipe -O2 -pthread -Wall jcc.c -o jcc.o
gcc -c -pipe -O2 -pthread -Wall killpopup.c -o killpopup.o
gcc -c -pipe -O2 -pthread -Wall list.c -o list.o
list.c: In function ‘list_is_valid’:
list.c:253: warning: statement with no effect
gcc -c -pipe -O2 -pthread -Wall loadcfg.c -o loadcfg.o
gcc -c -pipe -O2 -pthread -Wall loaders.c -o loaders.o
gcc -c -pipe -O2 -pthread -Wall miscutil.c -o miscutil.o
gcc -c -pipe -O2 -pthread -Wall parsers.c -o parsers.o
gcc -c -pipe -O2 -pthread -Wall ssplit.c -o ssplit.o
gcc -c -pipe -O2 -pthread -Wall urlmatch.c -o urlmatch.o
gcc -c -pipe -O2 -pthread -Wall pcrs.c -o pcrs.o
gcc -pthread -o privoxy actions.o cgi.o cgiedit.o cgisimple.o deanimate.o encode.o errlog.o filters.o gateway.o jbsockets.o jcc.o killpopup.o list.o loadcfg.o loaders.o miscutil.o parsers.o ssplit.o urlmatch.o pcrs.o -lnsl -lpcre -lpcreposix
grep -v '^#MASTER#' default.action.master >default.action
gmake[1]: Leaving directory `/home/nvidia/Desktop/privoxy-3.0.3-stable'
nvidia@linux-z0ya:~/Desktop/privoxy-3.0.3-stable>sudo su
root's password:
Sorry, try again.
root's password:
linux-z0ya:/home/nvidia/Desktop/privoxy-3.0.3-stable # make install
Creating directories, and preparing Privoxy 3.0.3 installation
chmod 0755 ./mkinstalldirs
Installing privoxy executable to /usr/local/sbin
/usr/bin/install -c -m 0755privoxy /usr/local/sbin
Installing FAQ, Manual, and other docs to /usr/local/share/doc/privoxy
Installing man page to /usr/local/man/man1/privoxy.1
/usr/bin/install -c -m 0664 privoxy.1 /usr/local/man/man1/privoxy.1
Rewriting config for this installation
sed 's+confdir .+confdir /usr/local/etc/privoxy+' config | \
sed 's+logdir .+logdir /var/log/privoxy+' >config.updated
mv config config.base
mv config.updated config
Installing templates to /usr/local/etc/privoxy/templates
id: privoxy: No such user
******************************************************************
WARNING! WARNING! installing config files as root!
It is strongly recommended to run privoxy as a non-root user,
and to install the config files as that user and/or group!
Please read INSTALL, and create a privoxy user and group!
*******************************************************************
make: *** [install] Error 1
linux-z0ya:/home/nvidia/Desktop/privoxy-3.0.3-stable #
除了上述功能外, privoxy很多时候结合其他的隧道工具使用,达到一些保护隐私的作用,本文简单介绍PAC。
ubuntu下可直接用apt安装(mac下面可用brew安装)
配置文件
privoxy 在ubuntu下的配置文件在/etc/privoxy下面,下面它的配置有哪些内容
上面这些配置就不详细介绍了,可以看官方文档
privoxy的所有功能由一系列的Action组成(链接里有所有支持的Action)
然后,所有的Action的是否启动的配置的入口在config这个文件里面,通过actionsfile这个指令来导入这些action
这种情况,一般可以结合浏览器的插件来使用,可以在插件使用gfwlst.txt来做智能路由。
当然,如果你不想在浏览器里面用插件,或者你没有条件用那种条件在客户端使用gfwlst.txt(是的,就是你想的那个),比如你希望你的手机也可以聪明的根据网站来路由,那可以给privoxy定制一个gfwlst.txt的PAC
然后在config里面注册这些个action就好了
配置网后重启一下就好了(重启命令见上面),之后把手机设置到这个privoxy的代理地址就好。
最后,如果大家有这个条件可以自由上网,大家还是不要用于来干违法或者打擦边球事,家长下决心要追查的话,是不可能逃掉的。用来学习的话,家长还是有一定的分寸的。
还有一点,privoxy+nat很容易实现定点攻击,可以把客户端所有的上网日志记录下来,用来做广告d出和一些不合法的事情,如盗取客户端的隐私信息(如账号密码之类),所以想提醒大家出门在外,尽量不要连那种公共的wifi。
回到开篇所说,privoxy它既能屏蔽广告页可以d出广告,任何事物都有两面性,技术也不例外,一念天堂,一念地狱,劝君自护念之。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)