首先ROS和CENTOS放网一内网中,安装好ROS系统和CENTOS系统,ROS配两张网卡,ROS配置上网。CENTOS配置基本上网功能后:
centos部署BASH脚本:
#!/bin/bash yum -y install epel-release yum -y update yum -y remove firewalld yum -y install iptables iptables-services yum -y install gcc vim wget make ##配置selinux及主机名 hostnamectl set-hostname ss5_server_X setenforce 0 sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config yum -y install pam-devel openssl-devel openldap-devel ##安装配置ss5代理 ##wget https://nchc.dl.sourceforge.net/project/ss5/ss5/3.8.9-8/ss5-3.8.9-8.tar.gz wget http://down.sstp.top/Socks/ss5-3.8.9-8.tar.gz tar vzxf ss5-3.8.9-8.tar.gz cp -r ss5-3.8.9 ss5-3.8.9-modify cd ss5-3.8.9 ./configure make make install ##sed -i "s/^#auth /auth /" /etc/opt/ss5/ss5.conf ##sed -i "s/^#permit /permit /" /etc/opt/ss5/ss5.conf cat >/etc/opt/ss5/ss5.conf<<EOF auth 0.0.0.0/0 - u permit u 0.0.0.0/0 - 0.0.0.0/0 - - - - - EOF ##添加用户 for((i=6001;i<=6200;i++));do /usr/sbin/useradd socks$i -u $i -M -s /sbin/nologin ;done ##配置网卡IP cat>/etc/sysconfig/network-scripts/ifcfg-en33<<EOF TYPE=Ethernet BOOTPROTO=static PEERROUTES=YES DEFROUTE=yes NAME=ens33 DEVICE=ens33 ONBOOT=yes DEFROUTE=YES DEFDNS=YES DNS1=114.114.114.114 NETMASK=255.255.255.0 GATEWAY0=192.168.100.254 IPADDR0=192.168.100.201 IPADDR1=192.168.100.1 IPADDR2=192.168.100.2 IPADDR3=192.168.100.3 IPADDR4=192.168.100.4 IPADDR5=192.168.100.5 IPADDR6=192.168.100.6 IPADDR7=192.168.100.7 IPADDR8=192.168.100.8 IPADDR9=192.168.100.9 IPADDR10=192.168.100.10 IPADDR11=192.168.100.11 IPADDR12=192.168.100.12 IPADDR13=192.168.100.13 IPADDR14=192.168.100.14 IPADDR15=192.168.100.15 IPADDR16=192.168.100.16 IPADDR17=192.168.100.17 IPADDR18=192.168.100.18 IPADDR19=192.168.100.19 IPADDR20=192.168.100.20 IPADDR21=192.168.100.21 IPADDR22=192.168.100.22 IPADDR23=192.168.100.23 IPADDR24=192.168.100.24 IPADDR25=192.168.100.25 IPADDR26=192.168.100.26 IPADDR27=192.168.100.27 IPADDR28=192.168.100.28 IPADDR29=192.168.100.29 IPADDR30=192.168.100.30 IPADDR31=192.168.100.31 IPADDR32=192.168.100.32 IPADDR33=192.168.100.33 IPADDR34=192.168.100.34 IPADDR35=192.168.100.35 IPADDR36=192.168.100.36 IPADDR37=192.168.100.37 IPADDR38=192.168.100.38 IPADDR39=192.168.100.39 IPADDR40=192.168.100.40 IPADDR41=192.168.100.41 IPADDR42=192.168.100.42 IPADDR43=192.168.100.43 IPADDR44=192.168.100.44 IPADDR45=192.168.100.45 IPADDR46=192.168.100.46 IPADDR47=192.168.100.47 IPADDR48=192.168.100.48 IPADDR49=192.168.100.49 IPADDR50=192.168.100.50 IPADDR51=192.168.100.51 IPADDR52=192.168.100.52 IPADDR53=192.168.100.53 IPADDR54=192.168.100.54 IPADDR55=192.168.100.55 IPADDR56=192.168.100.56 IPADDR57=192.168.100.57 IPADDR58=192.168.100.58 IPADDR59=192.168.100.59 IPADDR60=192.168.100.60 IPADDR61=192.168.100.61 IPADDR62=192.168.100.62 IPADDR63=192.168.100.63 IPADDR64=192.168.100.64 IPADDR65=192.168.100.65 IPADDR66=192.168.100.66 IPADDR67=192.168.100.67 IPADDR68=192.168.100.68 IPADDR69=192.168.100.69 IPADDR70=192.168.100.70 IPADDR71=192.168.100.71 IPADDR72=192.168.100.72 IPADDR73=192.168.100.73 IPADDR74=192.168.100.74 IPADDR75=192.168.100.75 IPADDR76=192.168.100.76 IPADDR77=192.168.100.77 IPADDR78=192.168.100.78 IPADDR79=192.168.100.79 IPADDR80=192.168.100.80 IPADDR81=192.168.100.81 IPADDR82=192.168.100.82 IPADDR83=192.168.100.83 IPADDR84=192.168.100.84 IPADDR85=192.168.100.85 IPADDR86=192.168.100.86 IPADDR87=192.168.100.87 IPADDR88=192.168.100.88 IPADDR89=192.168.100.89 IPADDR90=192.168.100.90 IPADDR91=192.168.100.91 IPADDR92=192.168.100.92 IPADDR93=192.168.100.93 IPADDR94=192.168.100.94 IPADDR95=192.168.100.95 IPADDR96=192.168.100.96 IPADDR97=192.168.100.97 IPADDR98=192.168.100.98 IPADDR99=192.168.100.99 IPADDR100=192.168.100.100 IPADDR101=192.168.100.101 IPADDR102=192.168.100.102 IPADDR103=192.168.100.103 IPADDR104=192.168.100.104 IPADDR105=192.168.100.105 IPADDR106=192.168.100.106 IPADDR107=192.168.100.107 IPADDR108=192.168.100.108 IPADDR109=192.168.100.109 IPADDR110=192.168.100.110 IPADDR111=192.168.100.111 IPADDR112=192.168.100.112 IPADDR113=192.168.100.113 IPADDR114=192.168.100.114 IPADDR115=192.168.100.115 IPADDR116=192.168.100.116 IPADDR117=192.168.100.117 IPADDR118=192.168.100.118 IPADDR119=192.168.100.119 IPADDR120=192.168.100.120 IPADDR121=192.168.100.121 IPADDR122=192.168.100.122 IPADDR123=192.168.100.123 IPADDR124=192.168.100.124 IPADDR125=192.168.100.125 IPADDR126=192.168.100.126 IPADDR127=192.168.100.127 IPADDR128=192.168.100.128 IPADDR129=192.168.100.129 IPADDR130=192.168.100.130 IPADDR131=192.168.100.131 IPADDR132=192.168.100.132 IPADDR133=192.168.100.133 IPADDR134=192.168.100.134 IPADDR135=192.168.100.135 IPADDR136=192.168.100.136 IPADDR137=192.168.100.137 IPADDR138=192.168.100.138 IPADDR139=192.168.100.139 IPADDR140=192.168.100.140 IPADDR141=192.168.100.141 IPADDR142=192.168.100.142 IPADDR143=192.168.100.143 IPADDR144=192.168.100.144 IPADDR145=192.168.100.145 IPADDR146=192.168.100.146 IPADDR147=192.168.100.147 IPADDR148=192.168.100.148 IPADDR149=192.168.100.149 IPADDR150=192.168.100.150 IPADDR151=192.168.100.151 IPADDR152=192.168.100.152 IPADDR153=192.168.100.153 IPADDR154=192.168.100.154 IPADDR155=192.168.100.155 IPADDR156=192.168.100.156 IPADDR157=192.168.100.157 IPADDR158=192.168.100.158 IPADDR159=192.168.100.159 IPADDR160=192.168.100.160 IPADDR161=192.168.100.161 IPADDR162=192.168.100.162 IPADDR163=192.168.100.163 IPADDR164=192.168.100.164 IPADDR165=192.168.100.165 IPADDR166=192.168.100.166 IPADDR167=192.168.100.167 IPADDR168=192.168.100.168 IPADDR169=192.168.100.169 IPADDR170=192.168.100.170 IPADDR171=192.168.100.171 IPADDR172=192.168.100.172 IPADDR173=192.168.100.173 IPADDR174=192.168.100.174 IPADDR175=192.168.100.175 IPADDR176=192.168.100.176 IPADDR177=192.168.100.177 IPADDR178=192.168.100.178 IPADDR179=192.168.100.179 IPADDR180=192.168.100.180 IPADDR181=192.168.100.181 IPADDR182=192.168.100.182 IPADDR183=192.168.100.183 IPADDR184=192.168.100.184 IPADDR185=192.168.100.185 IPADDR186=192.168.100.186 IPADDR187=192.168.100.187 IPADDR188=192.168.100.188 IPADDR189=192.168.100.189 IPADDR190=192.168.100.190 IPADDR191=192.168.100.191 IPADDR192=192.168.100.192 IPADDR193=192.168.100.193 IPADDR194=192.168.100.194 IPADDR195=192.168.100.195 IPADDR196=192.168.100.196 IPADDR197=192.168.100.197 IPADDR198=192.168.100.198 IPADDR199=192.168.100.199 IPADDR200=192.168.100.200 EOF ##for((i=1;i<=200;i++));do /sbin/ip address add 192.168.100.$i/24 dev ens33;done ##配置iptables systemctl enable iptables iptables -F iptables -t mangle -F OUTPUT for ((i=6001; i <= 6200 ; i++)) do iptables -t mangle -A OUTPUT -m owner --uid-owner $i -j MARK --set-mark $i done iptables -t nat -F POSTROUTING for ((i=6001; i<=6200 ; i++)) do iptables -t nat -A POSTROUTING -m mark --mark $i -j SNAT --to 192.168.100.$(($i-6000)) done iptables-save >/etc/sysconfig/iptables ##配置SS5自动启动 cat>/etc/rc.d/rc.local<<EOF #!/bin/bash touch /var/local/subsys/local mkdir -p /var/run/ss5 for i in `seq 6001 6200` do usleep 300 ss5 -m -t -u socks$i -b 0.0.0.0:$i ss5radius -m -t -u socks$i -b 0.0.0.0:$(($i+1000)) done EOF chmod +x /etc/rc.d/rc.local /systemctl start iptables
请在/etc/opt/ss5/ss5.pass中写帐号和密码,一行一个,空格隔开
ROS上配置
核心部分配置{
/ip firewall nat
add chain=srcnat src-address=192.168.100.0/24
add chain=dstnat proto=tcp dst-port=6000-6200 action=dst-nat to-address=192.168.100.201 to-ports=6000-6200
:for i from=1 to=200 do={
/ip route rule
add src-address="192.168.100.$i/32" tables="R$i"
/interface pptp-client
add name="pptp-out$i" user=1 password=1 connect-to=1.1.1.1 disabled=yes
/ip route
add gateway="pptp-out$i" routing-mark="R$i"
}
}实现了PPTP转socks5使用,类似原理可以实现L2TP转socks5(http代理),pppoe拨号转socks5(http代理)
bh1imgbh1img
kvnkvnkvnkvnkvnkvn
quachalaquachala
nickelnickel