Сборка:
git clone https://github.com/z3APA3A/3proxy cd 3proxy echo "#define ANONYMOUS" >> src/proxy.h make -f Makefile.Linux all install cp ./scripts/init.d/3proxy.sh /etc/init.d/3proxy chmod 750 /etc/init.d/3proxy update-rc.d 3proxy defaults mkdir /etc/3proxy cp ./scripts/3proxy.cfg /etc/3proxy/3proxy.cfg useradd --system --shell /sbin/nologin --comment "3proxy daemon" --user-group proxy
Пример конфига /etc/3proxy/3proxy.cfg :
#!/usr/local/bin/3proxy # Yes, 3proxy.cfg can be executable, in this case you should place # something like #config /usr/local/3proxy/3proxy.cfg # to show which configuration 3proxy should re-read on realod. system "echo Hello world!" # you may use system to execute some external command if proxy starts # We can configure nservers to avoid unsafe gethostbyname() usage nserver 1.1.1.1 nserver 8.8.8.8 # nscache is good to save speed, traffic and bandwidth nscache 65536 #nsrecord porno.security.nnov.ru 0.0.0.0 # nobody will be able to access porno.security.nnov.ru by the name. #nsrecord wpad.security.nnov.ru www.security.nnov.ru # wpad.security.nnov.ru will resolve to www.security.nnov.ru for # clients timeouts 1 5 30 60 180 1800 15 60 # Here we can change timeout values #CL - clear password #CR - hash from password #openssl passwd -1 users "3APA3A:CL:3apa3a" users "3APA3A:CR:$1$k8yR8LAH$eYLuJch.BFjhoAWxurWye/" daemon log /var/log/3proxy.log D archiver gz /bin/gzip %F rotate 30 # We will keep last 30 log files # public ipv4 external A.B.C.D # external is address 3proxy uses for outgoing connections. 0.0.0.0 means any # interface. Using 0.0.0.0 is not good because it allows to connect to 127.0.0.1 #internal ipv4 can be the same as external internal A.B.C.D # internal is address of interface proxy will listen for incoming requests # 127.0.0.1 means only localhost will be able to use this proxy. This is # address you should specify for clients as proxy IP. # You MAY use 0.0.0.0 but you shouldn't, because it's a chance for you to # have open proxy in your network in this case. ############################################## ################### Web ###################### ############################################## auth strong # We want to protect internal interface # deny * * 127.0.0.1,192.168.1.1 # and llow HTTP and HTTPS traffic. #allow * * * 80-88,8080-8088 HTTP #allow * * * 443,8443 HTTPS allow 3APA3A proxy -p12345 -n -a ###################################### ############## Socks ################## ###################################### auth strong # auth none flush allow 3APA3A maxconn 128 socks -p23456 #UID of user "proxy" is 13 setgid 13 setuid 13
В приведенном конфиге 3proxy запускает HTTP(s) и SOCK5 proxy на портах 12345 и 23456 соответственно.