There are currently two editions of Clash: Either way, Clash can be used by anyone who wants to improve their Internet experience. It has been adopted widely by the Internet users in some countries and regions where the Internet is heavily censored or blocked. Run mitmproxy sudo -u mitmproxyuser -H bash -c '$HOME/.Welcome to the official knowledge base of the Clash core project ("Clash").Ĭlash is a cross-platform rule-based proxy utility that runs on the network and application layer, supporting various proxy and anti-censorship protocols out-of-the-box. To avoid circularity, run mitmproxy as the user mitmproxyuser. This will redirect the packets from all users other than mitmproxyuser on the machine to mitmproxy. Sudo ip6tables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 443 -j REDIRECT -to-port 8080 Sudo ip6tables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 80 -j REDIRECT -to-port 8080 Sudo iptables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 443 -j REDIRECT -to-port 8080 sudo iptables -t nat -A OUTPUT -p tcp -m owner ! -uid-owner mitmproxyuser -dport 80 -j REDIRECT -to-port 8080 If you run into issues, iptables -t nat -F is a heavy handed way to flush (clear) all the rules from the iptables nat table (which includes any other rules you had configured). Then, configure iptables to redirect all traffic from our local machine to mitmproxy.
CLASHX TERMINAL PROXY INSTALL
Sudo -u mitmproxyuser -H bash -c 'cd ~ & pip install -user mitmproxy' sysctl -w .send_redirects=0Ĭreate a user to run the mitmproxy sudo useradd -create-home mitmproxyuser If your test device is on the same physical network, your machine shouldn’t inform the device that there’s a shorter route available by skipping the proxy. Work-around to redirect traffic originating from the machine itself (Linux)įrom mitmproxy docs. If you want to persist this across reboots, you need to adjust your /etc/nf or a newly created /etc/sysctl.d/nf (see here). If you want your iptables reset use: iptables -FĪll changes done with sysctl and iptables are reset on reboot. Now your http and https traffic should be redirected through :7777 Sudo iptables -t nat -A PREROUTING -p tcp -dport 80 -j REDSOCKS Sudo iptables -t nat -A PREROUTING -p tcp -dport 443 -j REDSOCKS Sudo iptables -t nat -A OUTPUT -p tcp -dport 80 -j REDSOCKS Sudo iptables -t nat -A OUTPUT -p tcp -dport 443 -j REDSOCKS Sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT -to-ports 12345 Sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN Sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN this should be customized to your needs, but if you like to redirect all HTTP and HTTPS packets through the proxy. now that redsocks is running and ready, let's change the iptables rules to use redsocks. You can also check if redsocks is bound to local port 12345 with netstat -tulpn (if you get "bind: Address already in use" try killall redsocks) now run redsocks with the config file destination as follows sudo redsocks -c /etc/nfĬhange with the destination of your nf (note that you can use any local_port other than 12345,it's the local port that we will set an iptable rule to redirect the traffic to, so if you use another, make sure to use it in later steps below) known types: socks4, socks5, http-connect, http-relay edit the file you created (nf) as follows., make an empty file anywhere and name it nf (or whatever), I'll assume it's here /etc/nf (change it with your own). first install redsocks sudo apt-get install redsocks.For the impatient just do the following assuming that the proxy is :7777 and it's socks5 (change it with your own later)
0 kommentar(er)
