Using HTTP proxy and SOCKS in Linux
In Linux, there are many useful console commands that, if necessary, I would like to run through a proxy. Some applications have built-in proxy support, and some do not. The following describes how to use the required utilities through proxy, even those that do not have this support.
curl has full support for both HTTP proxy and SOCKS.
For testing it is possible to use proxy servers from free lists (socks - sockslist.net , and HTTP proxy - proxyhttp.net ). Checking the IP address will be done using the resource check-host.net
')
Some curl parameters can be written to the ~ / .curlrc file :
With the help of time and curl you can also measure the server response time:
The result will look like this:
wget has built-in proxy support. The only drawback is that only support HTTP proxy. For use with SOCKS, it is recommended to use dante soxyifier.
To not specify all the time, --proxy-user and --proxy-password can be entered into the ~ / .wgetrc file :
For accessing servers via ssh and proxy, it is also better to use the dante soxyifier.
Installation:
Using:
Using socksify, you can direct almost any application through the proxy, not just the console.
In order not to enter proxy data all the time, you can create the file /etc/socks.conf
Example for SOCKS:
Example for HTTP proxy with authorization:
And also to export the variables SOCKS_USERNAME and SOCKS_PASSWORD, if SOCKS or HTTP proxy requires authorization:
Often it is required that name resolution take place via proxy. If you use dante, then the name resolution request goes through both the proxy and the name server specified in /etc/resolv.conf . To understand why there are two identical requests instead of one failed. Therefore, we can offer two options:
1) Comment out the naming servers in the /etc/resolv.conf file so that name resolution can only be done through proxy. This will affect the entire system.
2) Change /etc/resolv.conf and set up the name servers of the required country, or just different from the provider's servers. For example install Google servers:
To prevent the data from being overwritten by the provider's name servers (when reconnecting), you can prevent the network manager (NetworkManager / wicd) or the DHCP client from updating the list of named servers (thanks to ergil for the correction).
Or use the "rough" method - prohibiting changes to the /etc/resolv.conf file:
If there are any additions, please write, it will be useful to learn and apply.
Additional Information:
man socks.conf
man socksify
man curl
curl: data transfer through proxy
curl has full support for both HTTP proxy and SOCKS.
For testing it is possible to use proxy servers from free lists (socks - sockslist.net , and HTTP proxy - proxyhttp.net ). Checking the IP address will be done using the resource check-host.net
')
# HTTP proxy curl --proxy 11.22.33.44:5555 check-host.net/ip # , HTTP proxy curl --proxy 11.22.33.44:5555 -U username:password check-host.net/ip # socks4 curl --socks4 11.22.33.44:5555 check-host.net/ip # socks5 curl --socks5 11.22.33.44:5555 check-host.net/ip # , SOCKS # ( "DNS proxy") curl --socks5-hostname 11.22.33.44:5555 check-host.net/ip Some curl parameters can be written to the ~ / .curlrc file :
socks5 = 11.22.33.44:5555 proxy-user = username:password user-agent = "Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20100101 Firefox/7.0.1" With the help of time and curl you can also measure the server response time:
# proxy: time curl check-host.net/ip # proxy: time curl --socks5 11.22.33.44:5555 check-host.net/ip # : time curl habrahabr.ru The result will look like this:
real 0m0.307s user 0m0.000s sys 0m0.004s wget: upload files through proxy
wget has built-in proxy support. The only drawback is that only support HTTP proxy. For use with SOCKS, it is recommended to use dante soxyifier.
# proxy: http_proxy="http://33.22.44.44:8080" wget http://www.google.com/favicon.ico , HTTPS https_proxy="http://33.22.44.44:8080" wget https://www.google.com/favicon.ico # proxy http_proxy="http://33.22.44.44:8080" wget --proxy-user=user --proxy-password=password http://www.google.com/favicon.ico To not specify all the time, --proxy-user and --proxy-password can be entered into the ~ / .wgetrc file :
proxy-user = username proxy-password = password user-agent = Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 ssh: access to servers
For accessing servers via ssh and proxy, it is also better to use the dante soxyifier.
Dante soksifikator
Installation:
apt-get install dante-client # Debian-based Using:
# ssh SOCKS_PASSWORD="" SOCKS_SERVER="11.22.33.44:1080" socksify ssh myserver # , SOCKS_USERNAME="user" SOCKS_PASSWORD="password" SOCKS_SERVER="11.22.33.44:1080" socksify ssh myserver # IRC - irssi SOCKS_PASSWORD="" SOCKS_SERVER="11.22.33.44:1080" socksify irssi # , HTTP proxy CONNECT HTTP_CONNECT_PROXY="http://11.22.33.44:8080" socksify irssi Using socksify, you can direct almost any application through the proxy, not just the console.
In order not to enter proxy data all the time, you can create the file /etc/socks.conf
Example for SOCKS:
route { from: 0.0.0.0/0 to: 0.0.0.0/0 via: 11.22.33.44 port = 55555 protocol: tcp udp proxyprotocol: socks_v4 socks_v5 method: none } Example for HTTP proxy with authorization:
route { from: 0.0.0.0/0 to: 0.0.0.0/0 via: 11.22.33.44 port = 8080 command: connect proxyprotocol: http method: username } And also to export the variables SOCKS_USERNAME and SOCKS_PASSWORD, if SOCKS or HTTP proxy requires authorization:
export SOCKS_USERNAME="username" export SOCKS_PASSWORD="password" DNS queries through proxy
Often it is required that name resolution take place via proxy. If you use dante, then the name resolution request goes through both the proxy and the name server specified in /etc/resolv.conf . To understand why there are two identical requests instead of one failed. Therefore, we can offer two options:
1) Comment out the naming servers in the /etc/resolv.conf file so that name resolution can only be done through proxy. This will affect the entire system.
2) Change /etc/resolv.conf and set up the name servers of the required country, or just different from the provider's servers. For example install Google servers:
nameserver 8.8.8.8 nameserver 8.8.4.4 To prevent the data from being overwritten by the provider's name servers (when reconnecting), you can prevent the network manager (NetworkManager / wicd) or the DHCP client from updating the list of named servers (thanks to ergil for the correction).
Or use the "rough" method - prohibiting changes to the /etc/resolv.conf file:
sudo chattr +i /etc/resolv.conf If there are any additions, please write, it will be useful to learn and apply.
Additional Information:
man socks.conf
man socksify
man curl
Source: https://habr.com/ru/post/133703/
All Articles