29 lines
894 B
Markdown
29 lines
894 B
Markdown
|
## Transparent Proxy
|
||
|
|
||
|
Make the original proxy more user-friendly.
|
||
|
|
||
|
### Setup & Run
|
||
|
|
||
|
Currently, this project is in early stage, with a working prototype.
|
||
|
It works, but just works. After launch, it will listen on port 9091
|
||
|
waiting for transparent proxy connection.
|
||
|
|
||
|
To setup the box properly, please add an iptables rule:
|
||
|
|
||
|
iptables -t nat -A PREROUTING -m tcp -p tcp -j REDIRECT --to-ports 9091
|
||
|
|
||
|
Now the only thing you need to do is redirect all traffic to this box,
|
||
|
and all TCP traffic will automatically handled by transparent proxy.
|
||
|
|
||
|
### Extra config for production environment
|
||
|
|
||
|
* Enlarge file handle limit to a relative large number, like 65536 or
|
||
|
something.
|
||
|
|
||
|
* More?
|
||
|
|
||
|
### MINEFIELD!!
|
||
|
|
||
|
Under `server/` directory there are two files: `hack.go` and
|
||
|
`hack_linux.go`. These files are minefield in the project, and DO NOT
|
||
|
touch or modify these files unless you KNOW EXACTLY WHAT YOU ARE DOING.
|