Open luckypoem opened 8 years ago
realgtk
commented
8 years ago vim Makefile and add SHELL = /bin/bash at first line. (because default shell is "/bin/sh" in OSX terminal) or install coreutils and add export PATH="/usr/local/opt/coreutils/libexec/gnubin:$PATH" to .bash_profile
luckypoem
commented
8 years ago hi.
redsocks.c:154:53: error: use of undeclared identifier 'INADDR_LOOPBACK' /usr/include/sys/_endian.h:136:39: note: expanded from macro 'htonl'
^/usr/include/libkern/_OSByteOrder.h:75:76: note: expanded from macro '__DARWIN_OSSwapInt32' (builtin_constant_p(x) ? DARWIN_OSSwapConstInt32(x) : _OSSwapInt32(x)) ^ redsocks.c:473:25: warning: implicit declaration of function 'splice' is invalid in C99 [-Wimplicit-function-declaration] const ssize_t sent = splice(c->pisrc->read, NULL... ^ redsocks.c:473:72: error: use of undeclared identifier 'SPLICE_F_MOVE' ...ssize_t sent = splice(c->pisrc->read, NULL, out, NULL, avail, SPLICE_F_M... ^ redsocks.c:473:86: error: use of undeclared identifier 'SPLICE_F_NONBLOCK' ...= splice(c->pisrc->read, NULL, out, NULL, avail, SPLICE_F_MOVE|SPLICEF... ^ redsocks.c:541:70: error: use of undeclared identifier 'SPLICE_F_MOVE' ...ssize_t got = splice(in, NULL, c->dst->write, NULL, pipesize, SPLICE_F_M... ^ redsocks.c:541:84: error: use of undeclared identifier 'SPLICE_F_NONBLOCK' ...= splice(in, NULL, c->dst->write, NULL, pipesize, SPLICE_F_MOVE|SPLICE_F... ^ redsocks.c:654:11: warning: implicit declaration of function 'pipe2' is invalid in C99 [-Wimplicit-function-declaration] error = pipe2(&pump->request.read, O_NONBLOCK); ^ redsocks.c:1019:8: warning: implicit declaration of function 'timerisset' is invalid in C99 [-Wimplicit-function-declaration] if (timerisset(&instance->accept_backoff.inserted)) { ^ redsocks.c:1024:5: warning: implicit declaration of function 'timersub' is invalid in C99 [-Wimplicit-function-declaration] timersub(&now, &instance->accept_backoff... ^ redsocks.c:1025:9: warning: implicit declaration of function 'timercmp' is invalid in C99 [-Wimplicit-function-declaration] if (timercmp(&min_acceptbackoff, &time... ^ redsocks.c:1025:53: error: expected expression ...if (timercmp(&min_accept_backoff, &time_passed, <)) { ^ redsocks.c:1025:54: error: expected expression ...if (timercmp(&min_accept_backoff, &time_passed, <)) { ^ 6 warnings and 18 errors generated. make: *\ [redsocks.o] Error 1 yudeMacBook-Air:redsocks brite$
too many errors.@realgtk ,did u ever compile redsocks successfully on mac?
realgtk
commented
8 years ago 才发现你也是天朝的,我是在OSX下用搭建openwrt交叉编译成功的,可以运行在openwrt上。 回去测试下一下,OSX下直接编译同样的错误,可能是OSX下的一些库和标准的Linux库有区别,以前在编译其他linux程序的时候也发现过这种情况。目前没找到解决的办法……
luckypoem
commented
8 years ago hi.
我用brew install redsocks可以安装redsocks,不过用brew install iptables来安装iptables,提示没iptables这个包。于是试图编译之: 我在mac上编译iptables,遇到错误(在make这一步): wget http://www.netfilter.org/projects/iptables/files/iptables-1.6.0.tar.bz2 tar jxvf iptables-1.6.0.tar.bz2 cd iptables-1.6.0 ./configure make (在make这步遇到错误)
../include/linux/types.h:4:10: fatal error: 'asm/types.h' file not found
^1 error generated. make[2]: * [libip4tc.lo] Error 1 make[1]: * [all-recursive] Error 1 make: *\ [all] Error 2 yudeMacBook-Air:iptables-1.6.0 brite$
在google里搜索了fatal error: 'asm/types.h' file not found,始终未找到解决办法。
你可以在你的mac上,尝试编译iptables吗?看看是否也遇到我这样的错误?
非常感谢你的回复!
或者试试交叉编译?
我之所以要编译iptables,是看到此文http://blog.zhuli.name/archives/6690,想在mac上用socks代理(比如
shadowsocks) 实现全局代理,可惜遇到错误:
yudeMacBook-Air:~ brite$ redsocks -c /etc/redsocks.conf
file parsing error at line 8: invalid redirector set
file parsing error at line 8: section->onexit failed
yudeMacBook-Air:~ brite$ cat /etc/redsocks.conf
base {
log_debug = off;
log_info = on;
log = "file:/tmp/redsocks.log";
daemon = on;
redirector = iptables; }
redsocks { local_ip = 127.0.0.1; local_port = 12345;
ip = 127.0.0.1;
port = 1080;
type = socks5;} yudeMacBook-Air:~ brite$
搞了好久,我在mac上还是未成功编译iptables
darkk
commented
8 years ago I'm sorry, I have no way to run tests on Mac. Is there some easy way to get root-shell at MacOSX box without buying Mac? Does Apple offer free development environment nowadays?
Builds are broken at least since splice() feature was introduced.
P.S.: I hope google translate is good enough for Chinese → English language pair :-)
realgtk
commented
8 years ago OBJS := parser.o main.o redsocks.o log.o http-connect.o socks4.o socks5.o http-relay.o base.o base64.o md5.o http-auth.o utils.o redudp.o dnstc.o gen/version.o SRCS := $(OBJS:.o=.c) CONF := config.h DEPS := .depend OUT := redsocks VERSION := 0.4
LIBS := -levent CFLAGS += -g -O2 override CFLAGS += -std=gnu99 -Wall
all: $(OUT)
.PHONY: all clean distclean
tags: .c .h ctags -R
$(CONF):
@case uname in \
Linux_) \
echo "#define USE_IPTABLES" >$(CONF) \
;; \
OpenBSD) \
echo "#define USEPF" >$(CONF) \
;; \
*) \
echo "Unknown system, only generic firewall code is compiled" 1>&2; \
echo "/ Unknown system, only generic firewall code is compiled /" >$(CONF) \
;; \
esac
gen/version.c: .c .h gen/.build
rm -f $@.tmp
echo '/ this file is auto-generated during build /' > $@.tmp
echo '#include "../version.h"' >> $@.tmp
echo 'const char redsocks_version = ' >> $@.tmp
if [ -d .git ]; then \
echo '"redsocks.git/'git describe --tags'"'; \
if [ git status --porcelain | grep -v -c '^??' != 0 ]; then \
echo '"-unclean"'; \
fi \
else \
echo '"redsocks/$(VERSION)"'; \
fi >> $@.tmp
echo ';' >> $@.tmp
mv -f $@.tmp $@
gen/.build: mkdir -p gen touch $@
base.c: $(CONF)
$(DEPS): $(SRCS)
gcc -MM $(SRCS) 2>/dev/null >$(DEPS) || \
( \
for I in $(wildcard .h); do \
export $${I//[-.]/}_DEPS="sed '/^#[ \t]_include \?"(._)"._/!d;s//\1/' $$I"; \
done; \
echo -n >$(DEPS); \
for SRC in $(SRCS); do \
echo -n "$${SRC%.c}.o: " >>$(DEPS); \
export SRC_DEPS="sed '/#[ \t]_include \?"(._)".*/!d;s//\1/' $$SRC | sort"; \
while true; do \
export SRC_DEPS_OLD="$$SRC_DEPS"; \
export SRC_DEEP_DEPS=""; \
for HDR in $$SRC_DEPS; do \
eval export SRC_DEEP_DEPS="\"$$SRC_DEEPDEPS \$$$${HDR//[-.]/}_DEPS\""; \
done; \
export SRC_DEPS="echo $$SRC_DEPS $$SRC_DEEP_DEPS | sed 's/ */\n/g' | sort -u"; \
test "$$SRC_DEPS" = "$$SRC_DEPS_OLD" && break; \
done; \
echo $$SRC $$SRC_DEPS >>$(DEPS); \
done; \
)
-include $(DEPS)
$(OUT): $(OBJS) $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) $(LIBS)
clean: $(RM) $(OUT) $(CONF) $(OBJS)
distclean: clean $(RM) tags $(DEPS) $(RM) -r gen
zhovner
commented
7 years ago Any updates here? Build is still fails on MacOS 10.12.
@darkk you can run MacOS on virtual machine.
Here is the magnet link with preinstalled MacOS image
magnet:?xt=urn:btih:77a8c16b8a4131069e52da40769c9ce7097b94a7&dn=EC%2010.11.0.iso&tr=http%3a%2f%2fbt3.t-ru.org%2fann%3fmagnet
Installation notice for VirtualBox http://dumpz.org/2489669/text/ If you have no time to mess with virtualbox I can give root shell to my virtual machine.
ilovezfs
commented
7 years ago ping on this
darkk
commented
6 years ago If you have no time to mess with virtualbox I can give root shell to my virtual machine.
@zhovner
redsocks?zhovner
commented
6 years ago Here is the VNC credentials encrypted with your PGP key.
It's a latest macOS High Sierra 10.13.3 with developers tools installed.
Feel free to do anything you need, even completely broke the system, I have a snapshot of it.
I will try to keep it online for few days.
-----BEGIN PGP MESSAGE-----
Version: Keybase OpenPGP v2.0.76
Comment: https://keybase.io/crypto
wcFMA80b4tgdCKCcARAAqf+jcSaud4BczYKkWZMEktEhzgZdVKrt9ZObN+8RpzR8
d0csP8ospfy0WRVH6q0oyj06Kr2jJIAHTiiIVRdDtKbkjcCj3LHHkwmwhjVWsM9q
kfLa0JqDKng8zdNs4AFRIzmozsb2U05qMyLo687Qc4dwqdl/v6+RWn6rTOfu4i0f
tp99E+EvB5DfPZMZnEVdSuMOVq2uXDAYCbanYCt6S9CvmMxl891o4PXw4tHPUSSt
OPlDnWk9p1bXNA3JSEPmj/54kDbluyuhIuXFP8HfRI/W9//jgaXbN+Z+7bAmRKTF
DWhUtrxliPjjVyGuPQLPwiP4ZaJCD9hxsAG88yA+MlQcgHuNniK0T2RMIP90TX82
8PjKYs0nvYqcw+8/7GtEd1T+dz+a5moc7OofklKktXKqVrUKb1lDH2JSEj8JlThO
HrwJCy5poWZYwzP3ZeZoMdReLzXv7CzIZWBbAZhHQS+aBd/Bo/JzgQqdHh5/1/rh
ddXQBxKmYfBhj0AVQxpfdkHbdAW6p3aLJ2pn8vrZqKo65IYEZ0RG9GZn0UYURPHK
ae33dwzzzmY25Cf9x3VYEhTi9N71XG1oXDMEeCgLQu3enFO4RHhVAKDWO5ndUt3Y
4oOx0tUbkEOoljr0mfH/5bAijWfjAhADKJ4wgiMNeygrR93YrepM0nUXWYG2snjS
wB8BT9AYHMm7rwhtLdxuHp/0fetVFuGpoMrkGa3MoF3k8debmtX47MA+FLl4iDkW
gn3OeUlClFJW4A4DtCy7LMHa/xLDllkFuHKLv7/qCU/VWgKHzZHi6Cao+QinNPxP
k6Kk6KMw+TBeYYZHAbSdvj3cTpOJRqGuHf2z6bScuZUL3Gr70YnZ5kHmxIWJKbuS
WUUH/gdt0AeB+4Gm8DFwh3NgucA3mZ6nzvq9AVpDtCajxy545umvfIzjIVrX299Q
L5qWpyjnDVQ5hIlMXAVTWQuPBWgFT2yfkJ8tz17YEEp3
=c5FY
-----END PGP MESSAGE-----
do you know how to configure MacOS firewall to redirect TCP and UDP traffic to redsocks?
macOS has almost original pf firewall, so it should works the same as OpenBSD's.
wych42
commented
6 years ago @darkk Make redsocks works in Mac OSX is a hard job.
#define LIST_HEAD(name) \
^
/usr/include/sys/queue.h:417:9: note: previous definition is here
#define LIST_HEAD(name, type) \
^
base.c:178:11: error: no member named 'v4' in 'struct pf_addr'
nl.saddr.v4.s_addr = client->sin_addr.s_addr;
~~~~~~~~ ^
base.c:179:5: error: no member named 'sport' in 'struct pfioc_natlook'; did you mean 'sxport'?
nl.sport = client->sin_port;
^~~~~
sxport
./net/pfvar.h:1777:23: note: 'sxport' declared here
union pf_state_xport sxport;
^
base.c:179:11: error: assigning to 'union pf_state_xport' from incompatible type 'const in_port_t' (aka 'const unsigned short')
nl.sport = client->sin_port;
^ ~~~~~~~~~~~~~~~~
base.c:180:11: error: no member named 'v4' in 'struct pf_addr'
nl.daddr.v4.s_addr = bindaddr->sin_addr.s_addr;
~~~~~~~~ ^
base.c:181:5: error: no member named 'dport' in 'struct pfioc_natlook'; did you mean 'dxport'?
nl.dport = bindaddr->sin_port;
^~~~~
dxport
./net/pfvar.h:1778:23: note: 'dxport' declared here
union pf_state_xport dxport;
^
base.c:181:11: error: assigning to 'union pf_state_xport' from incompatible type 'const in_port_t' (aka 'const unsigned short')
nl.dport = bindaddr->sin_port;
^ ~~~~~~~~~~~~~~~~~~
base.c:198:26: error: no member named 'rdport' in 'struct pfioc_natlook'; did you mean 'rdxport'?
destaddr->sin_port = nl.rdport;
^~~~~~
rdxport
./net/pfvar.h:1780:23: note: 'rdxport' declared here
union pf_state_xport rdxport;
^
base.c:198:21: error: assigning to 'in_port_t' (aka 'unsigned short') from incompatible type 'union pf_state_xport'
destaddr->sin_port = nl.rdport;
^ ~~~~~~~~~
base.c:199:33: error: no member named 'v4' in 'struct pf_addr'
destaddr->sin_addr = nl.rdaddr.v4;
~~~~~~~~~ ^
base.c:211:31: error: no member named 'sport' in 'struct pfioc_natlook'; did you mean 'sxport'?
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
^~~~~
sxport
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^
/usr/include/sys/_endian.h:132:39: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^
/usr/include/libkern/_OSByteOrder.h:72:40: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^
./net/pfvar.h:1777:23: note: 'sxport' declared here
union pf_state_xport sxport;
^
base.c:211:31: error: no member named 'sport' in 'struct pfioc_natlook'; did you mean 'sxport'?
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
^~~~~
sxport
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^
/usr/include/sys/_endian.h:132:39: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^
/usr/include/libkern/_OSByteOrder.h:72:71: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^
/usr/include/libkern/_OSByteOrder.h:44:34: note: expanded from macro '__DARWIN_OSSwapConstInt16'
((__uint16_t)((((__uint16_t)(x) & 0xff00) >> 8) | \
^
./net/pfvar.h:1777:23: note: 'sxport' declared here
union pf_state_xport sxport;
^
base.c:211:22: error: operand of type 'union pf_state_xport' where arithmetic or pointer type is required
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
^~~~~~~~~~~~~~~
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^~~
/usr/include/sys/_endian.h:132:18: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^~~~~~~~~~~~~~~~~~~~~~~
/usr/include/libkern/_OSByteOrder.h:72:45: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/libkern/_OSByteOrder.h:44:33: note: expanded from macro '__DARWIN_OSSwapConstInt16'
((__uint16_t)((((__uint16_t)(x) & 0xff00) >> 8) | \
^~~
base.c:211:31: error: no member named 'sport' in 'struct pfioc_natlook'; did you mean 'sxport'?
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
^~~~~
sxport
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^
/usr/include/sys/_endian.h:132:39: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^
/usr/include/libkern/_OSByteOrder.h:72:71: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^
/usr/include/libkern/_OSByteOrder.h:45:32: note: expanded from macro '__DARWIN_OSSwapConstInt16'
(((__uint16_t)(x) & 0x00ff) << 8)))
^
./net/pfvar.h:1777:23: note: 'sxport' declared here
union pf_state_xport sxport;
^
base.c:211:22: error: operand of type 'union pf_state_xport' where arithmetic or pointer type is required
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
^~~~~~~~~~~~~~~
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^~~
/usr/include/sys/_endian.h:132:18: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^~~~~~~~~~~~~~~~~~~~~~~
/usr/include/libkern/_OSByteOrder.h:72:45: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/libkern/_OSByteOrder.h:45:31: note: expanded from macro '__DARWIN_OSSwapConstInt16'
(((__uint16_t)(x) & 0x00ff) << 8)))
^~~
base.c:211:31: error: no member named 'sport' in 'struct pfioc_natlook'
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
~~ ^
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^~~
/usr/include/sys/_endian.h:132:39: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^
/usr/include/libkern/_OSByteOrder.h:72:89: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^
base.c:211:62: error: no member named 'dport' in 'struct pfioc_natlook'; did you mean 'dxport'?
clientaddr_str, ntohs(nl.sport), bindaddr_str, ntohs(nl.dport));
^~~~~
dxport
./log.h:8:86: note: expanded from macro 'log_errno'
#define log_errno(prio, msg...) _log_write(__FILE__, __LINE__, __func__, 1, prio, ## msg)
^
/usr/include/sys/_endian.h:132:39: note: expanded from macro 'ntohs'
#define ntohs(x) __DARWIN_OSSwapInt16(x)
^
/usr/include/libkern/_OSByteOrder.h:72:40: note: expanded from macro '__DARWIN_OSSwapInt16'
((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
^
./net/pfvar.h:1778:23: note: 'dxport' declared here
union pf_state_xport dxport;
^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
1 warning and 20 errors generated.
make: *** [base.o] Error 1```
sonywork
commented
6 years ago redsocks works well with pf in mac os.but I use redsocks2
wych42
commented
6 years ago @kuleyang I don't think you're helping this thread.
sonywork
commented
6 years ago @RichardW42
redsocks.c
//need to dov4 in pfvar.h is changed to v4addr(the dnsmasq source 's ipset function has the same problem in Mac OS)
base.c
nl.saddr.v4addr.s_addr = client->sin_addr.s_addr;
nl.sport = client->sin_port;
nl.daddr.v4addr.s_addr = bindaddr->sin_addr.s_addr;
nl.dport = bindaddr->sin_port;
nl.af = AF_INET;
nl.proto = IPPROTO_TCP;
nl.direction = PF_OUT;
if (ioctl(pffd, DIOCNATLOOK, &nl) != 0) {
if (errno == ENOENT) {
nl.direction = PF_IN; // required to redirect local packets
if (ioctl(pffd, DIOCNATLOOK, &nl) != 0) {
goto fail;
}
}
else {
goto fail;
}
}
destaddr->sin_family = AF_INET;
destaddr->sin_port = nl.rdport;
destaddr->sin_addr = nl.rdaddr.v4addr;dnsu2t.c
//need to do
#ifdef MSG_FASTOPEN
// MSG_FASTOPEN is available since Linux 3.6 released on 30 Sep 2012
sent = sendto(event_get_fd(&self->relay_rd), &in, pktlen, MSG_FASTOPEN,
(struct sockaddr*)&self->config.relayaddr, sizeof(self->config.relayaddr));
#endif#ifdef _APPLE_
//need to do
void tdestroy(void *root, void (*free_node)(void *nodep)) { }
#endif
wych42
commented
6 years ago @kuleyang so how do you make
redsocks works well with pf in mac os
as said above?
sonywork
commented
6 years ago @RichardW42 yes,thanks to @darkk
redsocks works well without splice function. the source code need add some code for Mac OS
in redsocks.c
#ifdef _APPLE_
/*
* Even though Mac OS X does not support the splice implementation of
* Linux, define the associated flags to avoid undeclared identifier
* errors.
*/
#ifndef SPLICE_F_MOVE
#define SPLICE_F_MOVE 0x01
#endif
#ifndef SPLICE_F_NONBLOCK
#define SPLICE_F_NONBLOCK 0x02
#endif
#ifndef SPLICE_F_MORE
#define SPLICE_F_MORE 0x04
#endif
#ifndef SPLICE_F_GIFT
#define SPLICE_F_GIFT 0x08
#endif
int pipe2(int pipefd[2], int flags){return 0;}//unused
ssize_t splice(int fd_in, off_t *off_in, int fd_out,
off_t *off_out, size_t len, unsigned int flags){return 0;} //unused
#endif+#ifdef _APPLE_
+ instance->config.use_splice = false;
+#else
instance->config.use_splice = is_splice_good();
+#endifbut dnsu2t not work in Mac OS
taesiri
commented
6 years ago Any update on this?
luckypoem
commented
5 years ago @sonywork 你说“redsocks works well with pf in mac os。”,看了你上面的评论,要修改redsocks的很多代码。你可否fork本项目,然后修改代码,放到https://github.com/sonywork下面呢?(好让其他渴望在mac上使用redsocks的人使用你的代码翻墙) 非常感谢你抽空弄一下。
sonywork
commented
4 years ago 我一直在用了,用了一年多了,redsocks+v2ray/shadowsocks+dnsmasq+chinadns很稳定,支持根据国外IP或GFW列表,当时我没fork了,主要是配置PF规则
luckypoem
commented
4 years ago @sonywork ,那么怎么配置PF规则?可以详细说说吗
sonywork
commented
4 years ago # Init
# Init for proxy.
martians = "{!0/8,!10/8,!100.64/10,!127/8,!169.254/16,!172.16/12,192/24,!192.0.2/24,!192.168/16,!198.18/15,!198.51.100/24,!203.0.113/24,!224/4,240/4,!255.255.255.255/32}"
sshosts = "{!<你的第二个代理IP>/32,!<你的第二个代理IP>/32}"
tcpdns = "{8.8.8.8,8.8.4.4}"
table <gfwlist> persist $tcpdns file "/etc/gfwiplist"
table <notmartianslist> const {0/0 $martians}
# ProxyInChina2
# Outgoing not china Lan traffic by shadowsocks server.
table <notchinaiplist> persist {0/0 $martians $sshosts} file "/etc/chinaiplist"
rdr pass log on lo0 inet proto tcp to <notmartianslist> -> 127.0.0.1 port 2081
rdr pass log on en0 inet proto tcp from en0:network to <notchinaiplist> -> 127.0.0.1 port 2081
pass out on en0 route-to lo0 inet proto tcp from en0 to <notchinaiplist>其中 2081是redsocks的透明代理端口, /etc/chinaiplist里是带!的中国IP段
...
!39.96.0.0/13
!39.104.0.0/14
!39.108.0.0/16
!39.128.0.0/10
!40.72.0.0/15
!40.125.128.0/17
!40.126.64.0/18
!42.0.0.0/22
!42.0.8.0/21
!42.0.16.0/21
!42.0.24.0/22
!42.0.32.0/19
!42.0.128.0/17
!42.1.0.0/19
...en0是你正在使用的网卡接口
sonywork
commented
4 years ago luckypoem
commented
4 years ago @sonywork 你的mac机器上的redsocks是怎么安装的?我是用brew install redsocks来安装的,我的配置文件为: cat /usr/local/etc/redsocks/redsocks.conf
base { log_debug = off; log_info = off; daemon = on; redirector = pf; }
redsocks { local_ip = 127.0.0.1; local_port = 31338;
ip = 127.0.0.1; port = 1080; type = socks5; }
然后,我运行
redsocks -c /usr/local/etc/redsocks/redsocks.conf
显示:
file parsing error at line 6: invalid redirector set
file parsing error at line 6: section->onexit failed
怎么解决?
sonywork
commented
4 years ago https://github.com/semigodking/redsocks
And check redsocks.conf.example
luckypoem
commented
4 years ago to sony yang: 你说的那样,我曾经做过,不过make DISABLE_SHADOWSOCKS=true这步遇错: base.c:41:11: fatal error: 'net/pfvar.h' file not found
^1 error generated. make: *** [base.o] Error 1
怎么解决这错误?
sonywork
commented
4 years ago Makefile 里面有几个文件没下载下来 ifeq ($(OS), Darwin) $(OSX_HEADERS_PATH)/net/pfvar.h: mkdir -p $(OSX_HEADERS_PATH)/net && curl -o $(OSX_HEADERS_PATH)/net/pfvar.h https://raw.githubusercontent.com/apple/darwin-xnu/master/bsd/net/pfvar.h $(OSX_HEADERS_PATH)/net/radix.h: mkdir -p $(OSX_HEADERS_PATH)/net && curl -o $(OSX_HEADERS_PATH)/net/radix.h https://raw.githubusercontent.com/apple/darwin-xnu/master/bsd/net/radix.h $(OSX_HEADERS_PATH)/libkern/tree.h: mkdir -p $(OSX_HEADERS_PATH)/libkern && curl -o $(OSX_HEADERS_PATH)/libkern/tree.h https://raw.githubusercontent.com/apple/darwin-xnu/master/libkern/libkern/tree.h endif
luckypoem
commented
4 years ago to sony yang: 我在Makefile 里面插入了你写的那几行代码,然后运行 make DISABLE_SHADOWSOCKS=true 显示: Compile with OpenSSL by default. To compile with PolarSSL, run 'make USE_CRYPTO_POLARSSL=true' instead.
yudeMacBook-Air:redsocks-by-semigodking brite$ make DISABLE_SHADOWSOCKS=true Compile with OpenSSL by default. To compile with PolarSSL, run 'make USE_CRYPTO_POLARSSL=true' instead. yudeMacBook-Air:redsocks-by-semigodking brite$
我在redsocks-by-semigodking目录里面看了一下,没看见有生成可执行文件redsocks或redsocks2.怎么回事呢?make失败了吗
luckypoem
commented
4 years ago to sony yang: 兄弟,可以回复吗? 非常感谢你
sonywork
commented
4 years ago 你哪份代码啊 https://github.com/semigodking/redsocks 把这份代码克隆下来 直接跑这个命令 make DISABLE_SHADOWSOCKS=true
你按照他的README.md来,应该不会有问题
hi.
yudeMacBook-Air:redsocks brite$ ls Makefile http-auth.h reddns.c README http-connect.c redsocks.c README.html http-relay.c redsocks.conf.example base.c libc-compat.h redsocks.h base.h libevent-compat.h redsocks.service base64.c list.h redudp.c base64.h log.c redudp.h config.h log.h socks4.c debian main.c socks5.c dnstc.c main.h socks5.h dnstc.h md5.c tools doc md5.h utils.c gen parser.c utils.h http-auth.c parser.h version.h yudeMacBook-Air:redsocks brite$ make .depend:1: *\ missing separator. Stop. yudeMacBook-Air:redsocks brite$
how to fix it?tks