Redirect all (TCP) traffic through transparent socks5 proxy in Linux

Freecap for Linux/Ubuntu

If you would just like to redirect all outbound TCP traffic transparently through a socks5 proxy then below is what you need 🙂

(this will also be handy for those linux wow players who are trying to redirect wow traffic through a socks5 proxy) 

You need to install a few things onto your Linux box. Most are available through apt, however there is one package you will need to get down and dirty with (not hard though). 

Open a terminal and type these commands:

cd
sudo apt-get install iptables git-core libevent-1.4-2 libevent-dev 
git clone http://github.com/darkk/redsocks.git
cd redsocks/
make 
echo 'base{log_debug = on; log_info = on; log = "file:/tmp/reddi.log";
daemon = on; redirector = iptables;}
redsocks { local_ip = 127.0.0.1; local_port = 31338; ip = 127.0.0.1;
port = 31337; type = socks5; }' > redsocks.conf
./redsocks -c redsocks.conf

now make sure your Socks5 server is up and running. If you’re using wowtunnels.com then connect to it via SSH with your account. Or if you have another linux server, ssh to that. Or use an existing socks5 server if you have one. example of setting up an ssh socks5 tunnel to listen on local port 31337. adjust as needed:

ssh -fqND 31337 yourusername@tunnel4.wowtunnels.com

now setup iptables to redirect all outbound traffic through our redsocks converter. copy/paste the below into a terminal:

sudo iptables -t nat -N REDSOCKS
sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
sudo iptables -t nat -A REDSOCKS -p tcp -o eth0 -j DNAT --to 127.0.0.1:31338
sudo iptables -t nat -A OUTPUT -p tcp -j REDSOCKS

EXCEPT! we dont want to redirect traffic that is designated for our tunnel host. so find out the tunnels ip address and add an exception:

ping tunnel4.wowtunnels.com    
(this gives us 67.220.203.130 the ip address of our socks5 server)
sudo iptables -t nat -I REDSOCKS -d 67.220.203.130 -j RETURN 

Now – all outbound traffic will be transparently mapped through redsocks to our socks5 proxy. No need to adjust any application configurations!

Tested on ubuntu10.04 July19th 2010.

 


To turn the tunnel off and return to normal networking, type these commands:

sudo iptables -F
sudo iptables -X 
sudo iptables -Z
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t nat -Z
killall redsocks 

Troubles? Setup firefox to connect via socks5 proxy of localhost port 31337 to see if your socks connection even works.

The above doesn’t work for UDP/ICMP afaik

4 comments:

Hey, I’m at university behind a https proxy, could you edit the tutorial to work for me?
proxy server: cache3.p.nwu.ac.za
port 80
requires usernamer and password as well…
thank you!

Reply

thanks for this. However, for me it doesn’t work. After I run the start tunnel script my network doesn’t work and if I run the stop tunnel script it still won’t work. Any ideas why or where I shoul look for a clue?

Reply

I don’t see how this can work, there is nothing in the iptables rules about redirecting connections to a different port.
See the documentation on the github page:
https://github.com/darkk/redsocks/tree/master
There is a mention about redirecting all connection to a single port. Presumably that’s what redsock would listen to. That makes more sense:
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT –to-ports 12345

Reply

This article is 6 years old so I cannot really remember how it works or what I was trying to achieve. There is a -j DNAT --to 127.0.0.1:31338 that should bounce some traffic through to port 31338. But if the redsocks docs are more up to date then go from that 🙂

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *