需求
ROS软路由不支持直拨SCOKS5,曲线救国
ROS拨CENTOS8架设得PPTP服务器,PPTP流量(CENTOS8电脑)转成SCOKS5流量再发送出去
编辑PPP认证文件/etc/ppp/chap-secrets,添加用户名和密码
# Secrets for authentication using CHAP
# client server secret IP addresses
user1 pptpd 123456 *
user2 pptpd 123456 192.168.2.243
sudo systemctl restart pptpd
sudo systemctl enable pptpd
sudo systemctl status pptpd
wget -N –no-check-certificate https://raw.githubusercontent.com/pouyaam/iptables-pf/refs/heads/main/iptables-pf.sh && chmod +x iptables-pf.sh && bash iptables-pf.sh
https://www.cnblogs.com/yun-xx/p/17432150.html
sudo vim /etc/sysctl.conf
sudo sysctl -p
*nat :PREROUTING ACCEPT :INPUT ACCEPT :OUTPUT ACCEPT :POSTROUTING ACCEPT # Create new chain :REDSOCKS - #指定源ip转发数据到指定端口 -A PREROUTING -i ppp+ -s 192.168.0.234 -p tcp -j REDIRECT --to 31338 -A PREROUTING -i ppp+ -s 192.168.0.235 -p tcp -j REDIRECT --to 31339 # Ignore LANs and some other reserved addresses. # See http://en.wikipedia.org/wiki/Reserved_IP_addresses#Reserved_IPv4_addresses # and http://tools.ietf.org/html/rfc5735 for full list of reserved networks. -A REDSOCKS -d 0.0.0.0/8 -j RETURN -A REDSOCKS -d 10.0.0.0/8 -j RETURN -A REDSOCKS -d 127.0.0.0/8 -j RETURN -A REDSOCKS -d 169.254.0.0/16 -j RETURN -A REDSOCKS -d 172.24.0.0/16 -j RETURN -A REDSOCKS -d 192.168.0.0/16 -j RETURN -A REDSOCKS -d 224.0.0.0/4 -j RETURN -A REDSOCKS -d 240.0.0.0/4 -j RETURN # Anything else should be redirected to respective ports #指定源ip转发数据到指定端口 -A REDSOCKS -p tcp -m iprange --src-range 192.168.0.234-192.168.0.234 -j REDIRECT --to 31338 -A REDSOCKS -p tcp -m iprange --src-range 192.168.0.235-192.168.0.235 -j REDIRECT --to 31339 -A OUTPUT -p tcp -j REDSOCKS -A POSTROUTING -s 192.168.0.0/24 -o et
sudo iptables -t nat -L sudo iptables-restore < ipt.conf sudo iptables-save
GOST v2.11
{
"Debug": true,
"Retries": 0,
"ServeNodes": [
"red://:36000"
],
"ChainNodes": [
"socks5://admin:admin@xxxxx:46000"
]
}
总结
这样整个流程就通了。软路由ROS(PPTP拨号)--DEBIAN(拦截PPTP流量定向到GOST监听端口 通过代理(SOCKS5)流量出口上网
类似的L2TP,PPP一样可以