On a whim, I also built a Linux server IP dynamic proxy
As a senior programmer, I have always been quite knowledgeable about network security. Recently, in my spare time, my neurons suddenly became active and I came up with an interesting project, which is - building a Linux server IP dynamic proxy.
After checking a lot of information on the internet and repeated experiments, I finally succeeded! Now, I will share my experience and hope to inspire you.
Linux server IP dynamic proxy (linux build proxy ip server)
First, we need a Linux server and make sure it is configured with a network environment.
Next, open a terminal and enter the following command:
"`bash
sudo apt-get update
“`
This command updates the system packages to ensure the integrity and security of the system.
Then, we need to install Squid software, which is a commonly used proxy server.
"`bash
sudo apt-get install squid
“`
Once the installation is complete, we need to modify the configuration file. Enter the following command:
"`bash
sudo vim /etc/squid/squid.conf
“`
Find the "http_port" line and uncomment it (remove the leading #):
"`bash
http_port 3128
“`
Here, we are using port 3128 and you can choose other ports as per your preference.
Next, at the end of the configuration file, add the following:
"`bash
acl lan src 192.168.0.0/24
http_access allow lan
“`
This is to allow Squid to be used only by LAN users, which can improve security.
Finally, save and exit the configuration file and restart the squid service:
"`bash
sudo service squid restart
“`
Now we have successfully built a proxy server! But it can only be used by other devices on the LAN, if we want external devices to be able to use it as well, we need to add some additional configuration.
Open a terminal and enter the following command:
"`bash
sudo vim /etc/sysctl.conf
“`
Find the line "net.ipv4.ip_forward" and uncomment it (remove the leading #):
"`bash
net.ipv4.ip_forward=1
“`
Save and exit the file, then enter the following command to make the configuration take effect:
"`bash
sudo sysctl -p
“`
Next, we need to make some network address forwarding settings. Enter the following command:
"`bash
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables-save | sudo tee /etc/iptables.sav
“`
Here, "eth0" is the network card that connects to the Internet, you need to adjust it according to your actual situation.
Finally, we need to set up some fire rules to ensure security. Enter the following command:
"`bash
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw enable
“`
Here, the "ssh" is to be able to log in to the server remotely, so if you don't need it, you can ignore it.
Now we have successfully built a Linux server IP dynamic proxy! Any device connected to this proxy server can use it to access the Internet and hide its real IP address.
To summarize, building a Linux server IP dynamic proxy is not difficult, we just need to follow some basic steps. However, pay attention to security and be extra careful when setting up fire rules. I hope my sharing can bring you practical help!