Skip to content

UDP透明代理配置示例

Jump to bottom Edit New page
Hao Hu edited this page May 4, 2020 · 3 revisions

说明

要实现不指定目标IP及端口的UDP透明代理,要求系统安装TPROXY内核模块。配合socks5或shadowsocks代理支持Full-cone NAT,但效果及效率不明确。

REDSOCKS配置文件

base {
 log_debug = off;
 log_info = on;
 daemon = on;
 redirector= iptables;
}

redudp {
 bind = 192.168.1.1:20000;
 relay = example.com:1500;
 type = shadowsocks;
 login = rc4-md5;
 password = "your_passwd";
 udp_timeout = 20;
}

iptables 及 ip rules

ip rule add fwmark 0x01/0x01 table 100
ip route add local 0.0.0.0/0 dev lo table 100
iptables -t mangle -N REDSOCKS2
iptables -t mangle -A REDSOCKS2 -p udp --dport 123 -j TPROXY --on-port 20000 --tproxy-mark 0x01/0x01
iptables -t mangle -A PREROUTING -j REDSOCKS2
Add a custom footer
Add a custom sidebar
Clone this wiki locally