librelist archives

« back to archive

Redsocks entered in debian

Redsocks entered in debian

From:
Christian Bayle
Date:
2011-12-13 @ 10:03
Hi,

Redsocks is now available in debian
thanks to Apollon Oikonomopoulos

You can build it to your prefered derivated debian distro or backport it 
doing like this :


apt-get install build-essential devscripts libevent-dev
dget http://ftp.de.debian.org/debian/pool/main/r/redsocks/redsocks_0.2-1.dsc
dpkg-source -x redsocks_0.2-1.dsc
cd redsocks-0.2
debuild -us -uc

Install with
dpkg -i redsocks_0.2-1_amd64.deb

Edit /etc/default/redsocks
START=yes

Edit the config in /etc/redsocks.conf to feet your need

I would suggest to add your nat rules  in /etc/network/interfaces
like this
=====
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp
         post-up /etc/redsocks.natrules start
         post-down /etc/redsocks.natrules stop
=====

you have to create a /etc/redsocks.natrules script that contains 
something like this

=====
case "$1" in
         start)
             # Create new chain
             iptables -t nat -N REDSOCKS
             #  Ignore LANs and some other reserved addresses.
             iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
             iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
             iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
             iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
             iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
             iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
             iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
             iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN

             # Your specific config
             ...
             ;;

         stop)
             # Cleanup
              iptables -t nat -F
              iptables -t nat -X REDSOCKS
            ;;
esac
=====

Then
/etc/init.d/redsocks restart
ifdown eth0
ifup eth0

Cheers

Christian

Re: [redsocks] Redsocks entered in debian

From:
Leonid Evdokimov
Date:
2011-12-15 @ 18:52
That's wonderful!

I'll merge debian/* to the master and release 0.3 after implementing dns
lookup during configuration parsing.

Regards, Leonid Evdokimov // sent from mobile device