1. Summary of the article
- Realization effect : ssh connects to the remote server for network forwarding, and the local service connects to the network proxy
- Environment : windows11/10
- Tools needed : MobaXterm (ssh tunnel port forwarding), Privoxy (socks to http proxy), a cloud server
Two, steps
1. Use SSH to connect to the remote host from the local computer
Choose one of several methods:
- 命令行:ssh -C -N -D LOCAL_ADDRESS:LOCAL_PORT USER@REMOTE_ADDRESS
- Putty client
- MobaSSHTunnel in MobaXteam
2. Privoxy installation and configuration
1. Download the compressed package version from the official website http://www.privoxy.org/
2. Modify the configuration file:
- Specify the listening address and port of the HTTP proxy through listen-address. The default privoxy configuration file will have this item.
Its format is: listen-address [ADDRESS]:[PORT]
The default value is: listen-address 127.0.0.1:8118
- Specify forwarding to socks proxy through forward-socks5
The default privoxy configuration file does not configure this item.
The format supported by forward-socks5 is more complicated, but here it only needs to be simply written as follows:
forward-socks5 / [SOCKS_ADDRESS]:[SOCKS_PORT] .
The position of "/" is a URL pattern, and the matching URL will be forwarded to the socks proxy specified by this project. The value of "/" indicates that all requests are forwarded to the socks5 proxy
For example: forward-socks5/127.0.0.1:9150.
! Note :
listen-address specifies the http proxy listening address to only allow local access to the port, and to allow local area network (LAN) access needs to be set to: listen-address 0.0.0.0:8118
3. Test and use
1. Browser
Chrome + Switchyomega: support socks5 proxy
2. Command line (Powershell)
curl -Uri www.google.com -proxy http://127.0.0.1:8118
The curl command in windows is actually a wrapped Invoke-WebRequest
3. python
Test with urllib3 library
http proxy test code:
import urllib3
import json
proxy_addr = 'http://127.0.0.1:8118'
print(f'代理地址:{proxy_addr}')
proxy = urllib3.ProxyManager(proxy_addr)
resp = proxy.request('GET', 'https://httpbin.org/ip')
print(resp.data.decode('utf-8'))
socks proxy test code :
from urllib3.contrib.socks import SOCKSProxyManager
import json
proxy_addr = 'socks5://127.0.0.1:80'
print(f'SOCKS5代理地址:{proxy_addr}')
proxy = SOCKSProxyManager(proxy_addr)
resp = proxy.request('GET', 'https://httpbin.org/ip')
print(resp.data.decode('utf-8'))
url = 'https://www.google.com'
resp = proxy.request('GET', url)
print(f'返回状态码:{resp.status}')
Four, the pit encountered
1. The ping fails but the browser can connect?
In short, it ping
is ICMP
the protocol, which is at the network layer (third layer) , but ssr
uses socks代理
the transport layer (fourth layer) . The upper layer protocol cannot work on the lower layer protocol, so ping fails, but through http (super The text transfer protocol, the application layer protocol, is socks代理
higher than the layer number) but can be accessed.
Most of them do not support socks proxy, but support http proxy
2. The socks proxy is enabled for the ssh tunnel, what proxy is enabled for other proxy tunnels?
HTTPS proxy tunnel opens https, WebSocket tunnel opens ws, ICMP tunnel
References
Setting up and using a proxy server-doc document
Detailed explanation of Privoxy tutorial_What is privoxy?_ZhaoYingChao88's Blog-CSDN Blog