proxy - doubility-sky/daydayup GitHub Wiki

VPN

  • IPsec VPN Server Auto Setup Scripts Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest.
  • DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN
  • n2n is a light VPN software which makes it easy to create virtual networks bypassing intermediate firewalls.
  • L2PT VPN connection on Windows10 must set in regedit: Create an option DWORD(32bits) AssumeUDPEncapsulationContextOnSendRule and value 2 in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent

WireGuard

Symbol annotation

  • -SVR short for Server
  • -cli short for client side program
  • -svr short for server side program
  • -- is short for lcoal connection
  • ··· is short for remote connection

SOCKS

SOCKS Protocol Version 5

  • SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server.
  • SOCKS5 additionally provides authentication so only authorized users may access a server.
  • Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.
  • SOCKS performs at Layer 5 of the OSI model (the session layer, an intermediate layer between the presentation layer and the transport layer).
  • SOCKS server accepts incoming client connection on TCP port 1080.

shadowsocks

  • Shadowsocks 笔记
  • A fast tunnel proxy that helps you bypass firewalls.
  • Features:
    • TCP & UDP support
    • User management API
    • TCP Fast Open
    • Workers and graceful restart
    • Destination IP blacklist
  • whitepaper, github-repo
  • shadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes.
    Shadowsocks-libev is written in pure C and depends on libev. It's designed to be a lightweight implementation of shadowsocks protocol, in order to keep the resource usage as low as possible.
  • Redirect attack on Shadowsocks stream ciphers
    • Do not use : shadowsocks-py, shadowsocoks-go, shadowsocoks-nodejs.
    • Only Use: shadowsocks-libev, go-shadowsocks2 and only use the AEAD ciphers

solution

   user-device          PROXY-SVR
          \             /
        SS-cli ··· SS-svr ··· target
  • SS short for shadowsocks

kcptun

  • A Stable & Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64

solution

      user-device               PROXY-SVR
     /           \            /           \
 SS-cli -- kcptun-cli ··· kcptun-svr -- SS-svr ··· target
  • kcptun-cli may running on another intermediate server

udp2raw

A Tunnel which turns UDP Traffic into Encrypted FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls(or Unstable UDP Environment). It can defend Replay-Attack and supports Multiplexing. It also acts as a Connection Stabilizer.

solution

          user-device                                  PROXY-SVR
      /                 \                         /                  \
 SS-cli -- kcptun-cli -- udp2raw-cli ··· udp2raw-svr -- kcptun-svr -- SS-svr ··· target
  • kcptun-cli, udp2raw-cli may running on another intermediate server

v2ray

A platform for building proxies to bypass network restrictions. https://www.v2ray.com/

torjan

  • trojan-go: A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW.

gost

GO Simple Tunnel - a simple tunnel written in golang

OpenWrt

Tools

  • SwitchyOmega Chromium Extension: Manage and switch between multiple proxies quickly & easily.
  • Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).
  • proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
    • proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
  • Proxifier allows network applications that do not support working through proxy servers to operate through a SOCKS or HTTPS proxy and chains.
    • NOTE: Resolve hostnames through proxy
  • Surge: Advanced Network Toolbox for Mac & iOS

Outline

Outline is an open source project created by Jigsaw to provide a safer way for news organizations and journalists to access the internet.

  • Outline Client is a cross-platform VPN or proxy client for Windows, macOS, iOS, Android, and ChromeOS. The Outline Client is designed for use with the Outline Server software, but it is fully compatible with any Shadowsocks server.
  • Outline Server Outline Manager, developed by Jigsaw. The Outline Manager application creates and manages Outline servers, powered by Shadowsocks. It uses the Electron framework to offer support for Windows, macOS and Linux. https://getoutline.org/

Ruls

FAQs

  • method aes-256-gcm not supported
    • pip install https://github.com/shadowsocks/shadowsocks/archive/master.zip -U
    • sudo apt-get install -y libsodium*
  • 'Cannot open BPF device' error on c.open()
    • sudo chmod o+r /dev/bpf* should help in reading of Berkley Packet Filter.
    • sudo chmod o+r+w /dev/bpf* for udp2raw on macOS