最近配置了tsocks,解决了我的代理设置问题,也遇到了些配置相关的问题,本文主要简单介绍一下tsock的安装、配置、使用的方法。
关于tsocks:
http://tsocks.sourceforge.net/
SOCKS servers are a form of proxy that are commonly used in firewalled LAN environments to allow access between networks, and often to the Internet. The problem is that most applications don't know how to gain access through SOCKS servers. This means that network based applications that don't understand SOCKS are very limited in networks they can reach. An example of this is simple 'telnet'. If you're on a network firewalled from the internet with a SOCKS server for outside access, telnet can't use this server and thus can't telnet out to the Internet.
tsocks' role is to allow these non SOCKS aware applications (e.g telnet, ssh, ftp etc) to use SOCKS without any modification. It does this by intercepting the calls that applications make to establish network connections and negotating them through a SOCKS server as necessary.
toscks可以应用程序不经过任何修改就可以轻松地使用已有socks代理,本人主要遇到的问题是ssh, telnet, git使用代理不是那么方便设置,用socks可以解决我的问题。
另外,tsocks是一个开源免费的项目,使用GPL License。
下载和安装tsocks:
1. rpm包安装:可以到http://pkgs.org/搜索tsocks,找到自己对应发行版的rpm包
2. Ubuntu等可以apt-get install tsocks来下载并安装
3. 源码安装:可以到这里下载http://tsocks.sourceforge.net/download.php 并自己编译安装
(BTW,我用的RHEL6u1系统,采用的是RPM安装方式)
配置tosck.conf
一般来说,tsocks的配置文件在/etc/tsocks.conf,rpm包安装好之后一般都会有这个文件,如果没有,也可以自己创建一个。可能Ubuntu等一些发行版,配置文件有所不同。
将我的配置文件/etc/tsocks.conf分享一下吧:
# This is the configuration for libtsocks (transparent socks)
# Lines beginning with # and blank lines are ignored
#
# This sample configuration shows the simplest (and most common) use of
# tsocks. This is a basic LAN, this machine can access anything on the
# local ethernet (192.168.0.*) but anything else has to use the SOCKS version
# 4 server on the firewall. Further details can be found in the man pages,
# tsocks(8) and tsocks.conf(5) and a more complex example is presented in
# tsocks.conf.complex.example
# We can access 10.*.*.* directly
local = 10.0.0.0/255.0.0.0
# Otherwise we use the server
server = proxy.xxx.com #your proxy domain or IP address
server_type = 5 #to use socks V5
server_port = 1080 #the port of your porxy
使用tsocks:
tsocks [application [applications arguments]]
tsocks [on|off]
举几个实例吧:
tsocks firefox #之后再firefox上浏览网页就会默认使用tsocks配置的代理
tsocks git clone git://github.com/avikivity/kvm.git #使用proxy来git,这就是我用的原因
source tsocks on #设置当前shell的tsocks,该命令可能遇到一个小bug在下面有讲到
tsocks show #查看当前Shell的tsocks设置,tsocks: This shell is socksified.
do_something #这里就能默认使用tsocks的代理去do something了,前面已经设置了
source tsocks off #关闭当前shell的tsocks代理设置
tsocks show #再次查看,tsocks: This shell is NOT socksified.
遇到的问题及解决方案:
13:01:17 libtsocks(2432): SOCKS server proxy-shz.intel.com (10.239.120.36) is not on a local subnet!
设置的代理没有与/etc/tsocks.conf文件中的local设置的网络在同一个子网中。
3:03:26 libtsocks(2451): The SOCKS server (proxy.ABCD.com) listed in the configuration file which needs to be used for this connection is invalid
配置文件的问题,我也忘了是啥时出现的错误了,但我碰到过的。
13:02:50 libtsocks(2441): Error 110 attempting to connect to SOCKS server (Connection timed out)
这个很明显了,就是你设置的proxy连接不上(可能是本来就连不上,或者没在同一个局域网内),请检查和确认配置。
ERROR: ld.so: object '/lib64/libtsocks.so' from LD_PRELOAD cannot be preloaded: ignored.
郁闷坏了,是因为有一次我在rhel5u5上安装了一个rhel6的tsock rpm包,解决办法是到http://pkgs.org/找到一个tsocks for rhel5的rpm包,安装即可。
[root@kvm-build ~]# source /usr/bin/tsocks on
basename: invalid option -- 'b'
Try `basename --help' for more information.
看到这样的错误,有可能是你的tsocks有点小bug,不过不影响使用的,接着你用tsocks show来看,一样可以看到提示说socks设置成功的,tsocks: This shell is socksified.
我的rhel5和rhel6中的tsocks都遇到这样的错误信息,你可以简单地修改一下/usr/bin/tsocks文件,将其中的basename的一行修改一下即可:
修改前:PRG="$(basename $0)"
修改为:PRG="$(basename -- $0)"
这是由于这个tsocks写后,coreutils工具做了些改动,其中basename工具需要用”--“来表示options的结束(为了保持新老版本的兼容)。这个问题在Bug-coreutils mailing list中讨论过了的,见:http://www.mail-archive.com/bug-coreutils@gnu.org/msg09912.html
替代工具机参考文档:
一个与tsocks有类似功能的工具: socat (我暂时没怎么用)
见:http://freshmeat.net/projects/socat/
tsocks.conf配置文件:http://linux.die.net/man/5/tsocks.conf
tsocks的使用:http://www.21andy.com/blog/20100212/1678.html
另外的人遇到的tsocks问题:http://notes.benv.junerules.com/socks-opera-and-brute-force/