SeekingFor/susocks
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
Repository files navigation
susocks:
the stupid unix socks suite for super users
much like yourself.
contact:
complain to /relayhell/d3v11 on irc.d3v11.ano
or irc.icann.bz in #anonet.
thanks:
SeekingFor for adding suhttpGET and suhttpPOST
depends:
daemontools, ucspi-tcp, python(<=2.6), sh, make, gcc
recommends:
cython(>=0.16), nacl(curvecp support)
todo:
find something to do.
install:
python2.6:
./Make.sh
python2.7:
sed 's/\.6/.7/g' Make.sh | sh
useradd susocks
./bin/add-tcplisten susocks 127.0.0.1 7375
./bin/add-curvecplisten susocks 127.0.0.1 7375
$editor /services/susocks-127.0.0.1-7375/conf/ALLOW
$editor /services/susocks-127.0.0.1-7375/conf/REJECT
curvecp:
./bin/add-curvecplisten susocks 127.0.0.1 7375
# optionally you may combine this service with an
# existing one:
rm /services/sucurvecp-127.0.0.1-7375/sudb
rm /services/sucurvecp-127.0.0.1-7375/conf/ -r
ln -s /services/susocks-127.0.0.1-7375/sudb /services/sucurvecp-127.0.0.1-7375/sudb
ln -s /services/susocks-127.0.0.1-7375/conf/ /services/sucurvecp-127.0.0.1-7375/conf/
conf [ALLOW, REJECT, FORWARD[TYPE]]:
susocks interfaces directly with python's re module.
incase you don't understand python regexp and you're
too stupid to find the manpage on your own, you can
use the cmd below. happy hacking! :-)
python -c 'import re ; help(re)' #manpage
susocks will allow out any traffic not explicitly
rejected. i recommend blocking all out traffic and
carefully setting ALLOW. the default configuration
in susocks is to REJECT all and ALLOW AnoNet TLD's
and addresses. alternatively, you may change the
value of conf/POLICY and toggle this behaviour.
ALLOW:
^1\.\d+\.\d+\.\d+:80$ # allow 1.0.0.0/8 port 80
^1\.\d+\.\d+\.\d+:\d+$ # allow 1.0.0.0/8 all ports
^.+\.ano:6667$ # allow .ano domains irc
^.+:((80)|(443))$ # allow all http/https
REJECT:
^127\..*$ # reject localhost all ports
.*localhost.* # reject localhost all ports
.* # reject all
^.+:22$ # reject all port 22
FORWARD:
susocks can forward destinations with a regexp
match to another proxy server.
TYPE:
susocks currently supports SOCKS5, SOCKS4a,
SOCKS4, CONNECT, and CURVECP.
cd /services/susocks-127.0.0.1-7375
mkdir -p conf/FORWARD/SOCKS4A/127.0.0.1/
echo '^.+\.com:80$' > conf/FORWARD/SOCKS4A/127.0.0.1/9050
make
this will tell susocks to forward all requests
with tld .com on port 80 to tor's local socks4a
proxy :-).
CURVECP:
cd /services/susocks-127.0.0.1-7375
mkdir -p conf/FORWARD/CURVECP/irc.urcd.ano/
mkdir -p conf/FORWARD/CURVECP/irc.urcd.ano/6667/
echo $SERVER > conf/FORWARD/CURVECP/irc.urcd.ano/6667/SERVER
echo $PUBKEY > conf/FORWARD/CURVECP/irc.urcd.ano/6667/PUBKEY
echo $EXTENSION > conf/FORWARD/CURVECP/irc.urcd.ano/6667/EXTENSION
echo '^irc\.urcd\.ano:6667$' > conf/FORWARD/CURVECP/irc.urcd.ano/6667/RULES
make
this will tell susocks to forward all requests
to irc.urcd.ano:6667 using curvecp encryption
and protection :-).