dongge88
/
stn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add introduction & doc

This commit is contained in:
fh0 2021-06-14 15:57:03 +08:00
parent a2bd1f3ade
commit 4ceb92e252
3 changed files with 178 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@ -0,0 +1,17 @@
# stn
## Build
```bash
git clone https://github.com/FH0/stn.git
cd stn
cargo update
cargo build --bin stn --release
```
The compiled file is `target/release/stn`.
## Configuration
- [replace Redsocks](doc/redsocks)
- [full description](doc/configuratin.md)

102
doc/configuration.md Normal file
View File

@ -0,0 +1,102 @@
### setting
- just setting
### in
- Listening on the actual port
- Support `tcp_nodelay` and `tcp_keepalive_interval`
- Can only be processed once by `route`.
### out
- Can be processed multiple times by `route`.
### route
- For `in`, `saddr` match actual `saddr`; for `out`, `saddr` match previous `tag`. Set `log_level` to debug and check the log.
### full.json
```jsonc
{
"setting": {
"daemon": false, // default false, only support linux
"pid_file": "", // invalid by default
"log_level": "debug", // [debug, info, warn, error] default error
"log_file": "", // default stdout
"log_file_max": 1024, // default 1024(KB)
"uid": 0, // invalid by default, only support linux
"gid": 1110 // invalid by default, only support linux
},
"in": [
{
"tag": "socks5_client",
"protocol": "socks5",
"address": "[::]:10801",
"tcp_nodelay": true,
"tcp_keepalive_interval": 30,
"tcp_timeout": 300,
"udp_timeout": 60
},
{
"tag": "http_client",
"protocol": "http",
"address": "[::]:10802",
"tcp_nodelay": true,
"tcp_keepalive_interval": 30,
"tcp_timeout": 300
},
{
"tag": "tproxy",
"protocol": "tproxy",
"address": "[::]:1110",
"tcp_nodelay": true,
"tcp_keepalive_interval": 30,
"tcp_timeout": 300,
"udp_timeout": 60
}
],
"out": [
{
"tag": "origin",
"protocol": "origin",
"tcp_nodelay": true,
"tcp_keepalive_interval": 30,
"tcp_timeout": 300,
"udp_timeout": 60
},
{
"tag": "socks5_server",
"protocol": "socks5",
"address": "1.2.3.4:10801",
"tcp_timeout": 300,
"udp_timeout": 60
},
{
"tag": "http_server",
"protocol": "http",
"address": "1.2.3.4:10802",
"tcp_timeout": 300
}
],
"route": [
{
"tag": [],
"network": ["tcp", "udp"],
"saddr": [
"full a.com",
"substring a.com",
"domain a.com", // match a.com a.a.com, doesn't match aa.com
"cidr 8.8.8.8/32",
"cidr ::1/128",
"regex (^|\\.)a.com" // For poor performance, use should be reduced.
],
"sport": [],
"daddr": [],
"dport": [],
"jump": ""
}
]
}
```

59
doc/redsocks.md Normal file
View File

@ -0,0 +1,59 @@
### Configuration
```jsonc
{
"setting": {
"daemon": false,
"log_level": "info"
},
"in": [
{
"tag": "tproxy",
"protocol": "tproxy",
"address": "[::]:1110",
"tcp_nodelay": true,
"tcp_keepalive_interval": 30,
"tcp_timeout": 300,
"udp_timeout": 60
}
],
"out": [
{
"tag": "origin",
"protocol": "origin",
"tcp_nodelay": true,
"tcp_keepalive_interval": 30,
"tcp_timeout": 300,
"udp_timeout": 60
},
{
"tag": "socks5",
"protocol": "socks5",
"address": "1.2.3.4:1080",
"tcp_timeout": 300,
"udp_timeout": 60
}
],
"route": [
{
"tag": ["tproxy"],
"jump": "socks5"
}
]
}
```
### Shell script
```bash
iptables -t mangle -A OUTPUT -d 0.0.0.0/8,100.64.0.0/10,127.0.0.0/8,169.254.0.0/16,192.0.0.0/24,192.0.2.0/24,192.88.99.0/24,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,172.16.0.0/12,192.168.0.0/16,10.0.0.0/8,224.0.0.0/3 -j ACCEPT
iptables -t mangle -A OUTPUT -m owner --uid-owner nobody -j MARK --set-mark 0x1100
iptables -t mangle -A PREROUTING -p tcp -m mark --mark 0x1100 -j TPROXY --on-port 1110 --tproxy-mark 0x1100
iptables -t mangle -A PREROUTING -p udp -m mark --mark 0x1100 -j TPROXY --on-port 1110 --tproxy-mark 0x1100
ip route add local default dev lo table 1100
ip rule add fwmark 0x1100 lookup 1100
```
### Tip
- only user `nobody` proxied