Using HTTP proxy and SOCKS on Linux
On Linux, there are many useful console commands that, if necessary, I would like to run through a proxy. Some applications have built-in proxy support, and some do not. The following describes how to use popular utilities through proxies, even those that do not have this support.
curl has full support for both HTTP proxy and SOCKS.
For testing, it is possible to use proxy servers from free lists (socks - sockslist.net , and HTTP proxy - proxyhttp.net ). Checking the IP address will be done using the check-host.net resource
Some of the curl parameters can be written to the ~ / .curlrc file :
Using time and curl, you can also measure server response time:
The result will look like this:
wget has built-in proxy support. The only drawback is that it only supports HTTP proxy. For use with the recommended use SOCKS soksifikator dante .
In order not to specify --proxy-user and --proxy-password all the time, you can register them in the ~ / .wgetrc file :
To access servers via ssh and proxy, it is also better to use the dante sockifier .
Installation:
Using:
With socksify, you can route through proxy almost any application, not just a console one.
In order not to enter proxy data all the time, you can create the file /etc/socks.conf
Example for SOCKS:
Example for HTTP proxy with authorization:
And also export the variables SOCKS_USERNAME and SOCKS_PASSWORD if authorization is required for SOCKS or HTTP proxy:
Often it is required that name translation also occurs through a proxy. If you use dante, then the name resolution request is sent both through the proxy and through the name server specified in /etc/resolv.conf . It was not possible to understand why there are two identical requests instead of one. Therefore, two options can be proposed:
1) Comment out the name servers in the /etc/resolv.conf file so that name conversion can only go through a proxy. This will affect the entire system.
2) Modify /etc/resolv.conf and set the name servers of the required country, or simply different from the provider's servers. For example, install a Google server:
To prevent data from being overwritten by the provider’s name servers (when reconnecting), you can prevent the list of name servers from being updated by the network manager (NetworkManager / wicd) or the DHCP client (thanks to ergil for the adjustment).
Or use the “rough” method - prohibiting changes to the /etc/resolv.conf file :
If there are any additions, please write, it will be useful to find out and apply.
Additional information:
man socks.conf
man socksify
man curl
curl: data transfer through proxy
curl has full support for both HTTP proxy and SOCKS.
For testing, it is possible to use proxy servers from free lists (socks - sockslist.net , and HTTP proxy - proxyhttp.net ). Checking the IP address will be done using the check-host.net resource
# Проверить HTTP proxy
curl --proxy 11.22.33.44:5555 check-host.net/ip
# Тоже самое, но если для HTTP proxy требуется авторизация
curl --proxy 11.22.33.44:5555 -U username:password check-host.net/ip
# Проверить socks4
curl --socks4 11.22.33.44:5555 check-host.net/ip
# Проверить socks5
curl --socks5 11.22.33.44:5555 check-host.net/ip
# Тоже самое, только преобразование имен идет также через SOCKS
# (подробнее о преобразовании имен можно прочитать ниже в подразделе "DNS запросы через proxy")
curl --socks5-hostname 11.22.33.44:5555 check-host.net/ip
Some of the curl parameters can be written to the ~ / .curlrc file :
socks5 = 11.22.33.44:5555
proxy-user = username:password
user-agent = "Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
Using time and curl, you can also measure server response time:
# Без proxy:
time curl check-host.net/ip
# С proxy:
time curl --socks5 11.22.33.44:5555 check-host.net/ip
# Или любого сайта:
time curl habrahabr.ru
The result will look like this:
real 0m0.307s
user 0m0.000s
sys 0m0.004s
wget: upload files through proxy
wget has built-in proxy support. The only drawback is that it only supports HTTP proxy. For use with the recommended use SOCKS soksifikator dante .
# Скачать файл через proxy:
http_proxy="http://33.22.44.44:8080" wget http://www.google.com/favicon.ico
Тоже самое, но для HTTPS
https_proxy="http://33.22.44.44:8080" wget https://www.google.com/favicon.ico
# Использовать proxy с авторизацией
http_proxy="http://33.22.44.44:8080" wget --proxy-user=user --proxy-password=password http://www.google.com/favicon.ico
In order not to specify --proxy-user and --proxy-password all the time, you can register them in the ~ / .wgetrc file :
proxy-user = username
proxy-password = password
user-agent = Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
ssh: server access
To access servers via ssh and proxy, it is also better to use the dante sockifier .
Soxifier dante
Installation:
apt-get install dante-client # пример для Debian-based систем
Using:
# Если требуется зайти по ssh на сервер
SOCKS_PASSWORD="" SOCKS_SERVER="11.22.33.44:1080" socksify ssh myserver
# Тоже самое, только если для подключения к соксу требуется авторизация
SOCKS_USERNAME="user" SOCKS_PASSWORD="password" SOCKS_SERVER="11.22.33.44:1080" socksify ssh myserver
# Пример с использованием IRC клиента - irssi
SOCKS_PASSWORD="" SOCKS_SERVER="11.22.33.44:1080" socksify irssi
# Тоже самое, только с использованием HTTP proxy с поддержкой метода CONNECT
HTTP_CONNECT_PROXY="http://11.22.33.44:8080" socksify irssi
With socksify, you can route through proxy almost any application, not just a console one.
In order not to enter proxy data all the time, you can create the file /etc/socks.conf
Example for SOCKS:
route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: 11.22.33.44 port = 55555
protocol: tcp udp
proxyprotocol: socks_v4 socks_v5
method: none
}
Example for HTTP proxy with authorization:
route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: 11.22.33.44 port = 8080
command: connect
proxyprotocol: http
method: username
}
And also export the variables SOCKS_USERNAME and SOCKS_PASSWORD if authorization is required for SOCKS or HTTP proxy:
export SOCKS_USERNAME="username"
export SOCKS_PASSWORD="password"
DNS queries through proxy
Often it is required that name translation also occurs through a proxy. If you use dante, then the name resolution request is sent both through the proxy and through the name server specified in /etc/resolv.conf . It was not possible to understand why there are two identical requests instead of one. Therefore, two options can be proposed:
1) Comment out the name servers in the /etc/resolv.conf file so that name conversion can only go through a proxy. This will affect the entire system.
2) Modify /etc/resolv.conf and set the name servers of the required country, or simply different from the provider's servers. For example, install a Google server:
nameserver 8.8.8.8
nameserver 8.8.4.4
To prevent data from being overwritten by the provider’s name servers (when reconnecting), you can prevent the list of name servers from being updated by the network manager (NetworkManager / wicd) or the DHCP client (thanks to ergil for the adjustment).
Or use the “rough” method - prohibiting changes to the /etc/resolv.conf file :
sudo chattr +i /etc/resolv.conf
If there are any additions, please write, it will be useful to find out and apply.
Additional information:
man socks.conf
man socksify
man curl