transparent-proxy/README.md

29 lines
894 B
Markdown
Raw Normal View History

2017-08-07 16:32:55 +08:00
## Transparent Proxy
Make the original proxy more user-friendly.
### Setup & Run
Currently, this project is in early stage, with a working prototype.
It works, but just works. After launch, it will listen on port 9091
waiting for transparent proxy connection.
To setup the box properly, please add an iptables rule:
iptables -t nat -A PREROUTING -m tcp -p tcp -j REDIRECT --to-ports 9091
Now the only thing you need to do is redirect all traffic to this box,
and all TCP traffic will automatically handled by transparent proxy.
### Extra config for production environment
* Enlarge file handle limit to a relative large number, like 65536 or
something.
* More?
### MINEFIELD!!
Under `server/` directory there are two files: `hack.go` and
`hack_linux.go`. These files are minefield in the project, and DO NOT
touch or modify these files unless you KNOW EXACTLY WHAT YOU ARE DOING.