Winse Blog

走走停停都是风景, 熙熙攘攘都向最好, 忙忙碌碌都为明朝, 何畏之.

使用Privoxy把shadowsocks转换为Http代理

https://program-think.blogspot.com/2014/12/gfw-privoxy.html

Privoxy是一个代理辅助工具,这里用Privoxy把Shadowsocks socks5代理转换为http代理。

kubernetes的docker容器需要访问google的服务,docker暂时只支持http代理,而我手上有的代理是 shadowsocks 的。这里通过Privoxy把socks5转成http代理。

阿里云的主机优化:https://promotion.aliyun.com/ntms/act/qwbk.html

安装Shadowsocks

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

[root@k8s ~]# yum install epel-release python-pip -y

[root@k8s ~]# pip install shadowsocks
Collecting shadowsocks
  Downloading shadowsocks-2.8.2.tar.gz
Installing collected packages: shadowsocks
  Running setup.py install for shadowsocks ... done
Successfully installed shadowsocks-2.8.2
You are using pip version 8.1.2, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

上面软件已经安装好了, 推荐更新下pip.
[root@k8s ~]# pip install --upgrade pip
Collecting pip
  Downloading pip-9.0.1-py2.py3-none-any.whl (1.3MB)
    100% |████████████████████████████████| 1.3MB 46kB/s 
Installing collected packages: pip
  Found existing installation: pip 8.1.2
    Uninstalling pip-8.1.2:
      Successfully uninstalled pip-8.1.2
Successfully installed pip-9.0.1

填写shadowsocks服务端信息以及本地映射端口,启动Shandowsocks的客户端:

1
2
3
4
5
6
7
8
9
10
11
12

[root@k8s ~]# cat /etc/shadowsocks.json 
{
"server": "xxxxxx",
"server_port": xxx,
"local_port": 1080,
"password": "xxxxxxxx",
"timeout": 600,
"method": "rc4-md5",
"fast_open": false,
"workers": 1
}
[root@k8s ~]# sslocal -c /etc/shadowsocks.json

配置防火墙(如果其他主机也需要用这个代理的话)

https://havee.me/linux/2015-01/using-firewalls-on-centos-7.html

1
2

[root@bigdata-dev ~]# firewall-cmd --zone=public --add-port=1080/tcp --permanent
[root@bigdata-dev ~]# firewall-cmd --reload

安装privoxy

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

[root@k8s ~]# yum install privoxy -y

查找listen-address行注释掉,在最后添加如下两行
[root@k8s docker.service.d]# vi /etc/privoxy/config 
...
forward-socks5 / 127.0.0.1:1080 .
listen-address k8s:8118

# 启动
[root@k8s ~]# systemctl start privoxy
# 查看状态
[root@k8s ~]# systemctl status privoxy

[root@k8s ~]# systemctl enable privoxy
Created symlink from /etc/systemd/system/multi-user.target.wants/privoxy.service to /usr/lib/systemd/system/privoxy.service.

如果其他机器需要用到代理的话,需要配置防火墙开放端口
[root@k8s ~]# firewall-cmd --zone=public --add-port=8118/tcp --permanent
[root@k8s ~]# firewall-cmd --reload

通过curl加代理参数:

1
2
3
4
5
6
7
8
9
10

[root@k8s ~]# curl google.com
curl: (7) Failed to connect to 2404:6800:4008:802::200e: Network is unreachable
[root@k8s ~]# 
[root@k8s ~]# curl -x localhost:8118 google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

或者安装桌面环境,在本机调试会方便点,

http://unix.stackexchange.com/questions/181503/how-to-install-desktop-environments-on-centos-7

1

yum -y groups install "GNOME Desktop"

然后firefox安装autoproxy,配置http代理。(firefox自带的代理有点抽风,不太好用)

–END

Comments