Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transparent proxy #117

Closed
limon opened this issue Nov 20, 2017 · 10 comments
Closed

Transparent proxy #117

limon opened this issue Nov 20, 2017 · 10 comments
Labels
enhancement No more discussion

Comments

@limon
Copy link

limon commented Nov 20, 2017

I run brook on my router. Is there any way to setup a transparent proxy easily, like ss-redir?
@txthinking
Copy link
Owner

same as #102 ?

@limon
Copy link
Author

limon commented Nov 20, 2017

no, not a tunnel.
I need something like this: https://gist.github.com/wen-long/8644243
which use iptables to rediect packets, and clients through the router won't aware any change.

@txthinking
Copy link
Owner

txthinking commented Nov 22, 2017 via email

@txthinking txthinking mentioned this issue Jan 14, 2018
Closed
@nuclearn
Copy link

nuclearn commented Feb 4, 2018

you must install redsocks in route in order to a transparent proxy. I wish add the feature in Brook.

@txthinking txthinking mentioned this issue Feb 20, 2018
Closed
@txthinking
Copy link
Owner

txthinking commented Feb 25, 2018
edited
Loading

This feature is implemented in v20180227.
Please have a try with https://github.com/txthinking/brook/tree/master/scripts

My situation:

  • I have a Linux box (IP: 192.168.1.100)
  • I have a MacOS (IP: 192.168.1.9)

Steps:

  1. Deploy a brook server
  2. Download brook cli on Linux box
  3. Run $ brook tproxy -l :1080 -s BROOK_SERVER_IP:PORT -p PASSWORD on Linux box
  4. Run $ iproute.sh on Linux box
  5. Run $ iptables.sh with BROOK_SERVER_IP and BROOK_TPROXY_PORT(1080) on Linux box
  6. Setup gateway with 192.168.1.100, dns server with 8.8.8.8 on MacOS

@txthinking txthinking mentioned this issue Feb 25, 2018
Closed
@nuclearn
Copy link

the feature is not available when using iptable redirect, ex
iptables -t nat -A BROOK -p tcp -j REDIRECT --to-ports 1080 (BROOK_TPROXY_PORT)

@txthinking
Copy link
Owner

@nuclearn https://github.com/txthinking/brook/tree/master/scripts

@nuclearn
Copy link

How to deploy the firewall when brook is installed on Openwrt Route?
Unlike ss-redir, the transparent feature is not available using iptable redirect function.

@txthinking
Copy link
Owner

Please read the wiki: https://github.com/txthinking/brook/wiki/How-to-run-transparent-proxy-on-Linux%3F

@txthinking
Copy link
Owner

@nuclearn Brook tproxy works on mangle table

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement No more discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@txthinking @limon @nuclearn