Giter Site home page Giter Site logo

phantomsocks's Introduction

phantomsocks

A cross-platform proxy client/server for Linux/Windows/macOS with Pcap/RawSocket/WinDivert

Usage

./phantomsocks -h
Usage of ./phantomsocks:
  -log int
    	LogLevel
  -maxprocs int
    	MaxProcesses
  -install
    	Install service (Windows)
  -remove
    	Remove service (Windows)
  -start
    	Start service (Windows)
  -stop
    	Stop service (Windows)

Configure

config.json:

{
    "vaddrprefix": 6,
    "proxy": "socks://address:port",
    "profiles": ["1.conf", "2.conf", "3.conf"],
    "services": [
        {
            "name": "dns",
            "protocol": "dns",
            "address": "127.0.0.1:5353"
        },
        {
            "name": "socks",
            "protocol": "socks",
            "address": "127.0.0.1:1081"
        },
        {
            "name": "redirect",
            "protocol": "redirect",
            "address": "0.0.0.0:6"
        },
        {
            "name": "tproxy",
            "protocol": "tproxy",
            "address": "0.0.0.0:6"
        }
    ],
    "interfaces": [
        {
            "name": "default",
            "dns": "udp://8.8.8.8:53"
        },
        {
            "name": "https",
            "dns": "udp://8.8.8.8:53",
            "device": "eth0",
            "hint": "https"
        },
        {
            "name": "doh",
            "dns": "https://cloudflare-dns.com/dns-query"
        },
        {
            "name": "dot",
            "dns": "tls://8.8.8.8:853"
        },
        {
            "name": "ecs",
            "dns": "udp://8.8.8.8:53/?ecs=35.190.247.1"
        },
        {
            "name": "socks5",
            "protocol": "socks5",
            "address": "127.0.0.1:1080"
        },
        {
            "name": "socks4",
            "dns": "udp://8.8.8.8:53",
            "protocol": "socks4",
            "address": "127.0.0.1:1080"
        }
    ]
}

Socks:

Windows:
config.json:
    "proxy" :"socks://127.0.0.1:1080/?dns=127.0.0.1",
    "services": [
        {
            "name": "DNS",
            "protocol": "dns",
            "address": "127.0.0.1:53"
        },
        {
            "name": "Socks",
            "protocol": "socks",
            "address": "127.0.0.1:1080"
        }
    ]

macOS:
config.json:
    "proxy": "socks://127.0.0.1:1080",
    "services": [
        {
            "name": "Socks",
            "protocol": "socks",
            "address": "127.0.0.1:1080"
        }
    ]

Redirect:

Linux:
iptables -t nat -A OUTPUT -d 6.0.0.0/8 -p tcp -j REDIRECT --to-port 6
config.json:
    "vaddrprefix": 6,
    "services": [
        {
            "name": "DNS",
            "protocol": "dns",
            "address": "127.0.0.1:53"
        },
        {
            "name": "Redirect",
            "protocol": "redirect",
            "address": "0.0.0.0:6"
        }
    ]

Windows(windivert):
config.json:
    "vaddrprefix": 6,
    "proxy": "redirect://0.0.0.0:6",
    "services": [
        {
            "name": "Redirect",
            "protocol": "redirect",
            "address": "0.0.0.0:6"
        }
    ]

Rules

  [default]         #domains below will use the config of this interface
  domain=ip,ip,...  #this domain will use these IPs
  domain            #this domain will be resolved by DNS
  domain=[domain]   #this domain will use the config of this domain
  domain=domain     #this domain will use the addresses of this domain
  
  [dot]             #domains below will use the config of dot
  domain
  [socks5]          #domains below will use the config of socks5
  domain

Installation

go get github.com/macronut/phantomsocks

Compile

cd $GOPATH/src/github.com/macronut/phantomsocks/

go build

pcap version

static linking for pcap

sudo apt-get install -y libpcap-dev
go build -tags pcap -ldflags '-extldflags "-static"'

raw socket version

raw socket is Linux only

go build -tags rawsocket

windivert version

windivert is Windows only

env GOOS=windows GOARCH=amd64 go build -tags windivert

cross & static compile pcap version on Ubuntu 18.04

Install dependencies

apt-get install git autoconf automake bison build-essential flex gawk gettext gperf libtool pkg-config libpcap-dev

Download & uncompress tool-chain

cd ~/Downloads
wget https://downloads.openwrt.org/releases/19.07.2/targets/ramips/mt7621/openwrt-sdk-19.07.2-ramips-mt7621_gcc-7.5.0_musl.Linux-x86_64.tar.xz
tar -xJvf openwrt-sdk-19.07.2-ramips-mt7621_gcc-7.5.0_musl.Linux-x86_64.tar.xz

Set environment variable

export PATH=$PATH:~/Downloads/openwrt-sdk-19.07.2-ramips-mt7621_gcc-7.5.0_musl.Linux-x86_64/staging_dir/toolchain-mipsel_24kc_gcc-7.5.0_musl/bin: && export STAGING_DIR=~/Downloads/openwrt-sdk-19.07.2-ramips-mt7621_gcc-7.5.0_musl.Linux-x86_64/staging_dir/toolchain-mipsel_24kc_gcc-7.5.0_musl

Download & uncompress libpcap

wget https://www.tcpdump.org/release/libpcap-1.9.1.tar.gz
tar -xzvf libpcap-1.9.1.tar.gz

Build libpcap

cd libpcap-1.9.1
./configure --host=mipsel-openwrt-linux-musl --prefix='~/Downloads/openwrt-sdk-19.07.2-ramips-mt7621_gcc-7.5.0_musl.Linux-x86_64/staging_dir/toolchain-mipsel_24kc_gcc-7.5.0_musl'
make && make install

Build phantomsocks

cd ~/go/src/github.com/Macronut/phantomsocks
env GOOS=linux GOARCH=mipsle CGO_ENABLED=1 CC='~/Downloads/openwrt-sdk-19.07.2-ramips-mt7621_gcc-7.5.0_musl.Linux-x86_64/staging_dir/toolchain-mipsel_24kc_gcc-7.5.0_musl/bin/mipsel-openwrt-linux-gcc'  go build  -ldflags '-extldflags "-static"'

phantomsocks's People

Contributors

bluemap1e avatar dependabot[bot] avatar detiam avatar lifegpc avatar macronut avatar wuyu8512 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

debugzxcv mengguyi ecalose jonm58 indekkusu545 lifegpc milkfather lycoris2022 wujack wukibaka anyafoja wuyu8512 2096779623 ethanoul yfdyh000 suykjay

phantomsocks's Issues

Cannot compile:

build command-line-arguments: cannot load net/netip: malformed module path "net/netip": missing dot in first path element

cached dns expired and don't be updated,which cause connection problem

phantomsocks can work before dns being updated.

SNI: yun.66dm.net 443 &{4 12 0 512 https://146.112.41.2/dns-query  }
154.12.52.85 443 dial tcp <nil>->154.12.52.85:443: i/o timeout
154.12.52.85 443 <nil>

But website's dns was updated after somedays.The cached dns is expired and the phantomsocks don't update cached dns.
As a result ,the connection does not exist.

Socks: yun.66dm.net 443 &{4 12 0 512 https://146.112.41.2/dns-query  }
154.12.52.85 443 dial tcp <nil>->154.12.52.85:443: i/o timeout
154.12.52.85 443 dial tcp <nil>->154.12.52.85:443: connect: connection refused
154.12.52.85 443 dial tcp <nil>->154.12.52.85:443: connect: connection refused
154.12.52.85 443 dial tcp <nil>->154.12.52.85:443: i/o timeout    154.12.52.85 443 dial tcp <nil>->154.12.52.85:443: connect: connection refused
yun.66dm.net connection does not exist

resolution: I restarted phantomsocks .The log show dns is latest and the connection is normal.

想问一下dns服务器的问题

如果为域名指定了ip,则dns请求会直接类似失败,请求方无法得到ip
image

ps:程序运行在arm的openwrt上,客户端是window11

关于透明代理

请问是否有可能完全抛弃vaddrprefix,更直白来说我希望返回真实的ip地址,以及所有的连接都有办法通过这个软件

我发现redirect函数里使用了GetSNI第二次获取了域名,假设对于所有连接都通过这个方法来得到域名,那我们就可以得到对应的PhantomInterface
似乎最大的问题是如何解决流量回环?

Connection does not exist when connect to website in REDIRECT mode

Platform: Archlinux

When I use REDIRECT mode, all connection is EOF and the log shows connection does not exist.

Config File

config.json 
{
    "vaddrprefix": 6,
    "profiles": ["default.conf"],
    "services": [
        {
            "name": "redirect",
            "protocol": "redirect",
            "address": "0.0.0.0:6"
        }
    ],
    "interfaces": [
        {
            "name": "default",
            "device": "wlp2s0",
            "dns": "udp://192.168.0.1:53",
            "hint": "w-md5"
        }
    ]
}

Iptables Setting

iptables -t nat -L 
# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
PTCP       tcp  --  anywhere             anywhere            
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
Chain PTCP (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             0.0.0.0/8           
RETURN     all  --  anywhere             10.0.0.0/8          
RETURN     all  --  anywhere             127.0.0.0/8         
RETURN     all  --  anywhere             172.16.0.0/12       
RETURN     all  --  anywhere             192.168.0.0/16      
REDIRECT   tcp  --  anywhere             anywhere             redir ports 6

Pcap version log

./phantomsocks-pcap -log 3 
# ./phantomsocks-pcap -log 3
map[default:{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }]
[default] &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
default.conf
Redirect: 0.0.0.0:6
Device: wlp2s0
Redirect: 192.168.0.101:53258 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
Redirect: 192.168.0.101:53260 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup github.com 1 [20.205.243.166]
nslookup github.com 1 [20.205.243.166 20.205.243.166]
Redirect: 192.168.0.101:55148 -> www.bingapis.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup www.bingapis.com 1 [13.107.5.80]
Redirect: 192.168.0.101:56774 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup nav-edge.smartscreen.microsoft.com 1 [20.44.202.200]
github.com connection does not exist
EOF
Redirect: 192.168.0.101:53262 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 20.205.243.166]
EOF
github.com connection does not exist
Redirect: 192.168.0.101:41160 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 20.205.243.166]
EOF
www.bingapis.com connection does not exist
Redirect: 192.168.0.101:38146 -> www.bingapis.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: www.bingapis.com 1 [13.107.5.80]
EOF
nav-edge.smartscreen.microsoft.com connection does not exist
Redirect: 192.168.0.101:54246 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: nav-edge.smartscreen.microsoft.com 1 [20.44.202.200]
EOF
github.com connection does not exist
EOF
github.com connection does not exist
EOF
www.bingapis.com connection does not exist
nav-edge.smartscreen.microsoft.com connection does not exist
EOF
Redirect: 192.168.0.101:41172 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 20.205.243.166]
Redirect: 192.168.0.101:54254 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: nav-edge.smartscreen.microsoft.com 1 [20.44.202.200]
Redirect: 192.168.0.101:41180 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 20.205.243.166]
github.com connection does not exist
EOF
github.com connection does not exist
Redirect: 192.168.0.101:41188 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 20.205.243.166]
nav-edge.smartscreen.microsoft.com connection does not exist
EOF
EOF
Redirect: 192.168.0.101:41194 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 20.205.243.166]
Redirect: 192.168.0.101:54262 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: nav-edge.smartscreen.microsoft.com 1 [20.44.202.200]
EOF
github.com connection does not exist
github.com connection does not exist
EOF
nav-edge.smartscreen.microsoft.com connection does not exist
EOF

I also try to use rawsocket version, but get the same results.

RawSocket version log

./phantomsocks-rs -log 3 
# ./phantomsocks-rs -log 3
map[default:{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }]
[default] &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
default.conf
Redirect: 0.0.0.0:6
Device: wlp2s0 (240e:398:1d7:8520::1001)
Device: wlp2s0 (192.168.0.101)
Redirect: 192.168.0.101:48656 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
Redirect: 192.168.0.101:48640 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup github.com 1 [20.205.243.166]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:34525 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup github.com 1 [20.205.243.166 192.30.255.113]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:48475 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup  1 []
 no such host
nslookup  1 []
 no such host
Redirect: 192.168.0.101:48398 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
nslookup nav-edge.smartscreen.microsoft.com 1 [20.198.213.74]
nav-edge.smartscreen.microsoft.com 20.198.213.74:443 connected
Redirect: 192.168.0.101:57111 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached:  1 []
 no such host
relay error: readfrom tcp 127.0.0.1:6->192.168.0.101:48640: splice: connection reset by peer
relay error: readfrom tcp 127.0.0.1:6->192.168.0.101:48656: splice: connection reset by peer
relay error: readfrom tcp 127.0.0.1:6->192.168.0.101:48398: splice: connection reset by peer
Redirect: 192.168.0.101:56298 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:38919 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:36330 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: nav-edge.smartscreen.microsoft.com 1 [20.198.213.74]
Redirect: 192.168.0.101:44545 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
Redirect: 192.168.0.101:56310 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:56139 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:56211 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
nav-edge.smartscreen.microsoft.com 20.198.213.74:443 connected
Redirect: 192.168.0.101:52041 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached:  1 []
 no such host
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:49573 -> github.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: github.com 1 [20.205.243.166 192.30.255.113]
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:43579 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached:  1 []
 no such host
github.com 20.205.243.166:443 connected
Redirect: 192.168.0.101:36336 -> nav-edge.smartscreen.microsoft.com 443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached: nav-edge.smartscreen.microsoft.com 1 [20.198.213.74]
Redirect: 192.168.0.101:47087 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached:  1 []
 no such host
nav-edge.smartscreen.microsoft.com 20.198.213.74:443 connected
Redirect: 192.168.0.101:36999 ->  443 &{wlp2s0 udp://192.168.0.1:53 4096 0 0 0 65535 0 }
cached:  1 []
 no such host
relay error: readfrom tcp 127.0.0.1:6->192.168.0.101:36336: splice: connection reset by peer

How can I get rid of those ERRORs?

我发现很多网站不在意 SNI,因此似乎没必要暗渡陈仓的再去发送真实 SNI 信息,只需伪造 SNI 即可

大部分网站(除了个别 CDN),只需要伪造一个 SNI 中的域名(甚至都可以只用 IP),就可以正常连接访问了。
实际上现在很多工具都用到了这个原理,不过它们都是通过中间人本地反代,相比而言麻烦一点(签证书+速度损耗)。

因此我想,目前该工具这么多模式里,是否已经有这样做的模式了?(即只伪造 SNI 域名,不再紧跟发送真实 SNI 域名)

而且也可以避免部分网站服务器对当前伪造方式的兼容性问题。

好多模式我都不知道是干嘛的。。。

tsinghua doh can't work

Socks: line.me 443 &{168xxxxx 15 0 512 https://101.6.6.6:8443/dns-query }
POST /dns-query HTTP/1.1
Host:
Accept: application/dns-message
Content-Type: application/dns-message
Connection: close
Content-Length: 25

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0
Date: xxxxxx
Content-Type: text/html
Content-Length: 157
Connection: close

直接通过ip访问

这个工具似乎不支持直接通过ip访问的内容?
ip:port 似乎没法这样写

Dns Server Over TCP

目前软件内Dns Server只能是UDP协议,请求TCP协议

主要我发现好多软件只用TCP请求Dns。。。(比如Rclone和AList,似乎Go写的就是这样的)

Can't connect...

I followed your steps, but it seems can't access, do I need to do anything else? the following is my configure and detailed process.the platform is ArchLinux.

# default.conf
method=w-ack,w-time,w-md5

server=tfo://8.8.8.8:53 
server=tcp://8.8.8.8:53
server=tls://8.8.4.4:853

#wikimedia
ttl=12
method=ttl,w-ack,w-time,w-md5,w-seq,s-seg,https
wikipedia.com=91.198.174.192,208.80.153.224
.m.wikipedia.org=[wikipedia.com]
wikipedia.org=[wikipedia.com]
.wikipedia.org=[wikipedia.com]
wikinews.org=[wikipedia.com]
.wikinews.org=[wikipedia.com]
wikidata.org=[wikipedia.com]
.wikidata.org=[wikipedia.com]
wiktionary.org=[wikipedia.com]
.wiktionary.org=[wikipedia.com]
wikiquote.org=[wikipedia.com]
.wikiquote.org=[wikipedia.com]
wikibooks.org=[wikipedia.com]
.wikibooks.org=[wikipedia.com]
wikisource.org=[wikipedia.com]
.wikisource.org=[wikipedia.com]
wikiversity.org=[wikipedia.com]
.wikiversity.org=[wikipedia.com]
wikivoyage.org=[wikipedia.com]
.wikivoyage.org=[wikipedia.com]
mediawiki.org=[wikipedia.com]
.mediawiki.org=[wikipedia.com]
wikimedia.org=[wikipedia.com]
.wikimedia.org=[wikipedia.com]
lists.wikimedia.org=208.80.154.21
techblog.wikimedia.org=192.0.66.216
payments.wikimedia.org=208.80.155.5
upload.wikimedia.org=208.80.154.240,91.198.174.208
.upload.wikimedia.org=[upload.wikimedia.org]
maps.wikimedia.org=[upload.wikimedia.org]
.maps.wikimedia.org=[upload.wikimedia.org]
wikimediafoundation.org=192.0.66.1,192.0.66.2,192.0.66.3,192.0.66.4
.wikimediafoundation.org=[wikimediafoundation.org]
wmfusercontent.org=[wikipedia.com]
.wmfusercontent.org=[wikipedia.com]
w.wiki=[wikipedia.com]

#Pixiv
pixiv.net
.pixiv.net

#Steam
store.steampowered.com
.steamstatic.com

#GitHub
method=ttl,mode2,https
.github.com
github.com
.githubusercontent.com
raw.githubusercontent.com
.raw.githubusercontent.com

~/Documents/phantomsocks master !2 ?1 ❯ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp2s0f1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:00:00:00:00:01 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DORMANT group default qlen 1000
    link/ether 00:00:00:00:00:02 brd ff:ff:ff:ff:ff:ff

~/Documents/phantomsocks master !2 ?1 ❯ sudo iptables -t nat -A OUTPUT -d 6.0.0.0/8 -p tcp -j REDIRECT --to-port 6   17:32:45
[sudo] password for dan: 

~/Documents/phantomsocks master !2 ?1 ❯ sudo iptables -t nat -L 
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
REDIRECT   tcp  --  anywhere             6.0.0.0/8            redir ports 6

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

~/Documents/phantomsocks master !2 ?1 ❯ sudo ./phantomsocks -device wlan0 -dns :53 -vaddrprefix 6 -redir :6
Redirect: :6
DNS: :53
|

panic: runtime error: slice bounds out of range [:7954192989596] with capacity 1500

编译出来了,WinDivert 所有文件也和 phantomsocks.exe 放在一起了,但运行的时候却报错了,这个错误我就不知道该怎么解决了。。。

C:\phantomsocks>phantomsocks -socks 127.0.0.1:1080
Socks: 127.0.0.1:1080
panic: runtime error: slice bounds out of range [:7954192989596] with capacity 1500

goroutine 22 [running]:
github.com/macronut/godivert.(*WinDivertHandle).Recv(0xc000c68020, 0x7, 0x10000, 0xc000c68020)
        C:/Golang/pkg/mod/github.com/macronut/[email protected]/windivert.go:141 +0x266
github.com/macronut/phantomsocks/phantomtcp.connectionMonitor(0xc00119a100)
        C:/Golang/pkg/mod/github.com/macronut/[email protected]/phantomtcp/windivert.go:40 +0x125
created by github.com/macronut/phantomsocks/phantomtcp.ConnectionMonitor
        C:/Golang/pkg/mod/github.com/macronut/[email protected]/phantomtcp/windivert.go:254 +0x105

试了另一个 redir 方式启动也报错这个,需要我提供哪些信息?

  • Go 版本:v1.16
  • WinDivert 版本:2.2.0-A x86_64
  • Windows 版本:Win10 21H1 64位(编译的也是 64 位)
  • default.conf 文件:默认内容

Does this support 32-bit Windows?

I compiled this software for my 32-bit host,runs Windows 8.1, but the error winDivert open failed: The parameter is incorrect. I also downloaded x86 windivert but it still doesn't work.

是否可以设置两张网卡同时使用?

网卡1(eth0):192.168.1.2
网卡2(eth1):192.168.2.2
其中config.json的interfaces设置为
{
"name": "default",
"hint": "w-md5",
"device": "eth1",
"device": "eth0",
"dns": "udp://223.5.5.5:53"
}
方式为Socks
设置后eth0上的设备可以正常连接Socks,但是使用eth1上的设备则connection not exist且无法正常上网
将device设置为"eth1,eth0"会提示eth0,eth1 route ip+net: no such network interface故设置为两行

Panic when DNS for interface is set and the requested domain name can't be resolved. 

2023-10-04 01:04:46 Redirect: 127.0.0.1:48488 ->  443 &{ udp://127.0.0.1:53 0 0 0 0 65535 6 127.0.0.1:9909}
2023-10-04 01:04:46  []
2023-10-04 01:04:46 Redirect: 127.0.0.1:48486 ->  443 &{ udp://127.0.0.1:53 0 0 0 0 65535 6 127.0.0.1:9909}
2023-10-04 01:04:46 panic: invalid argument to Intn
2023-10-04 01:04:46
2023-10-04 01:04:46 goroutine 19 [running]:
2023-10-04 01:04:46 math/rand.(*Rand).Intn(0x7e90e0, 0xc000010018)
2023-10-04 01:04:46 	/gnu/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-go-1.17.13/lib/go/src/math/rand/rand.go:168 +0x65
2023-10-04 01:04:46 math/rand.Intn(...)
2023-10-04 01:04:46 	/gnu/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-go-1.17.13/lib/go/src/math/rand/rand.go:337
2023-10-04 01:04:46 github.com/macronut/phantomsocks/phantomtcp.(*PhantomInterface).ProxyHandshake(0xc000026600, {0x7f5c80, 0xc000094028}, 0x0, {0x0, 0x0}, 0x1bb)
2023-10-04 01:04:46 	/tmp/guix-build-phantomsocks-0.0.0-20230829023258-013a0002abe2.drv-0/src/github.com/macronut/phantomsocks/phantomtcp/tcp.go:604 +0x7cf
2023-10-04 01:04:46 github.com/macronut/phantomsocks/phantomtcp.(*PhantomInterface).Dial(0xc000026600, {0x0, 0x0}, 0x6, {0xc0000a6600, 0x205, 0x5b4})
2023-10-04 01:04:46 	/tmp/guix-build-phantomsocks-0.0.0-20230829023258-013a0002abe2.drv-0/src/github.com/macronut/phantomsocks/phantomtcp/tcp.go:191 +0x11d7
2023-10-04 01:04:46 github.com/macronut/phantomsocks/phantomtcp.tcp_redirect({0x7f5c80, 0xc000094010}, 0xc0000920c0, {0x0, 0x0}, {0x0, 0x0, 0x0})
2023-10-04 01:04:46 	/tmp/guix-build-phantomsocks-0.0.0-20230829023258-013a0002abe2.drv-0/src/github.com/macronut/phantomsocks/phantomtcp/proxy.go:323 +0x5d7
2023-10-04 01:04:46 github.com/macronut/phantomsocks/phantomtcp.SocksProxy({0x7f5c80, 0xc000094010})
2023-10-04 01:04:46 	/tmp/guix-build-phantomsocks-0.0.0-20230829023258-013a0002abe2.drv-0/src/github.com/macronut/phantomsocks/phantomtcp/proxy.go:120 +0xada
2023-10-04 01:04:46 created by main.ListenAndServe
2023-10-04 01:04:46 	/tmp/guix-build-phantomsocks-0.0.0-20230829023258-013a0002abe2.drv-0/src/github.com/macronut/phantomsocks/main.go:81 +0x3d9

The panic can be avoided with the following change:

diff --git a/phantomtcp/tcp.go b/phantomtcp/tcp.go
index 300aeb3..aa97cb5 100755
--- a/phantomtcp/tcp.go
+++ b/phantomtcp/tcp.go
@@ -600,7 +600,7 @@ func (server *PhantomInterface) ProxyHandshake(conn net.Conn, synpacket *Connect
 			if server.DNS != "" {
 				_, ips := NSLookup(host, server.Hint, server.DNS)
 				logPrintln(1, host, ips)
-				if ips != nil {
+				if len(ips) != 0 {
 					ip := ips[rand.Intn(len(ips))]
 					ip4 := ip.To4()
 					if ip4 != nil {
Redirect: 127.0.0.1:57166 -> this.name.does.not.exist 443 &{ udp://127.0.0.1:53 0 0 0 0 65535 6 127.0.0.1:9909}
this.name.does.not.exist []

However, another issue reveals when I'm accessing https://1.1.1.1/, and I'm not sure where I should change:

Redirect: 127.0.0.1:46328 ->  443 &{ udp://127.0.0.1:53 0 0 0 0 65535 6 127.0.0.1:9909}
 []

一点疑问,伪造的 SNI 域名后缀也是随机字符,这会不会显得比较奇怪?~

我在用 Wireshark 观察数据包的时候,发现:

伪造的域名是完全按照真实域名长度及格式(点的位置)生成的随机字符。
域名前缀及子域名随机倒是没什么,但是我发现域名后缀也是随机的,随机到的域名后缀都是不存在的:

.com 变成了:.nc1 .6xi .dy-

我感觉这会显得比较奇怪,这可能会成为特征?(机器虽然不知道,但是如果以后使用该原理工具的人多了,总会被注意到的),因此用同样长度的真实域名后缀会不会更好些?(内置一些 2 个 3 个 4 个字符的后缀随机选个)
还是说这样做是有什么深层的意义我没想到么。。。

这只是我粗浅的理解,有什么错误的地方希望指正~

rules 文件中配置的域名 ip 不起作用

在配置的过程中又遇到了一个问题,google.com 已经配置了 ip 地址,但实际上却没有通过这些 ip 进行访问。

[default]
# ...
[google]
google.com=142.250.12.90,142.250.128.90,142.250.1.90,142.250.103.90,142.251.15.90,142.250.125.90,142.250.11.90,142.250.111.90,142.250.98.90,142.251.0.90
.googleapis.com=[google.com]
.google.com=[google.com]
google.com.hk=[google.com]
.google.com.tw=[google.com]
.googleusercontent.com=[google.com]
.ytimg.com=[google.com]
.youtube.com=[google.com]
youtube.com=[google.com]
.youtube-nocookie.com=[google.com]
youtu.be=[google.com]
.ggpht.com=[google.com]
.gstatic.com=[google.com]
.translate.goog=[google.com]
blogspot.com=[google.com]
.blogspot.com=[google.com]
sniproxy=178.209.51.200,78.129.226.113,31.200.241.28
dns.google=[sniproxy]
.googlevideo.com=[sniproxy]
translate.googleapis.com=[google.com]
.chrome.com=[google.com]
{
  "profiles": ["default.conf"],
  "services": [
    {
      "name": "DNS",
      "protocol": "dns",
      "address": "127.0.0.1:53"
    },
    {
      "name": "socks",
      "protocol": "socks",
      "address": "127.0.0.1:9999"
    }
  ],
  "interfaces": [
    {
      "name": "default",
      "dns": "tls://120.53.53.53:853"
    },
    {
      "name": "google",
      "dns": "https://45.11.45.11/dns-query",
      "hint": "w-md5,w-seq,https"
    }
  ]
}

日志:

image

NVEI7A 983}9A_$8V{UCOPS

no Client Hello after #3 ACK

This is the capture for

curl -v \
https://pixiv.net -x socks5h://127.0.0.1:1080 \
--connect-to pixiv.net:443:210.140.131.199

cURL stuck at * TLSv1.3 (OUT), TLS handshake, Client hello (1):

Screen Shot 2021-02-01 at 23 03 10

This a the capture for

curl -v \
https://210.140.131.199

with no problem:
Screen Shot 2021-02-01 at 23 03 52

Is it a matter of how I use it?
Or is there interference from the Great Firewall?

Take over all domains

Is there a way to make all domain names handled by phantomsocks? It is too troublesome to add one by one to the conf.

it seems that ipv6 is not supported, can you support?

test.json 
{
    "profiles": ["test.conf"],
    "services": [
        {
            "name": "Socks",
            "protocol": "socks",
            "address": "0.0.0.0:1080"
        }
    ],
    "interfaces": [
        {
            "name": "test",
            "dns": "tls://9.9.9.9:853",
            "hint": "w-md5"
        }
    ]
}
test.conf 
[test]
test.test=::1
  1. run:
phantomsocks.exe -c test.json -log 3
  1. then run:
curl -x socks5h://127.0.0.1:1080 https://test.test -v -k
phantomsocks log 
map[test:{ tls://9.9.9.9:853 4096 0 0 0 0 }]
[test] &{ tls://9.9.9.9:853 4096 0 0 0 0 }
test.conf
Socks: 0.0.0.0:1080
Socks: test.test 443 &{ tls://9.9.9.9:853 4096 0 0 0 0 }
nslookup test.test 1 []
test.test no such host
interrupt
  1. change test.test=::1 to test.test=127.0.0.1 in test.conf, and it run successfully
success log 
map[test:{ tls://9.9.9.9:853 4096 0 0 0 0 }]
[test] &{ tls://9.9.9.9:853 4096 0 0 0 0 }
test.conf
Socks: 0.0.0.0:1080
Socks: test.test 443 &{ tls://9.9.9.9:853 4096 0 0 0 0 }
cached: test.test 1 [127.0.0.1]
interrupt

[feature]CIDR support

我的需求可能比较怪,大概就是像下面那样,Redirect模式,除了lan ip 和 china ip其他全都转发到phantomsocks

ttl=11
subdomain=6
server=tls://8.8.4.4:853

method=w-md5
0.0.0.0/0

ttl=0
server=tls://223.5.5.5:853
method=none
# china domain
.cn

server=socks://127.0.0.1:1081
method=proxy
# telegram
91.108.56.0/23

error in windows

When I launch this software
.\phantomsocks.exe -log 1
It outputs

panic: runtime error: slice bounds out of range [:5031251891146] with capacity 1500

goroutine 7 [running]:
github.com/macronut/godivert.(*WinDivertHandle).Recv(0xc00009c030)
        C:/Users/henry/go/pkg/mod/github.com/macronut/[email protected]/windivert.go:141 +0x19f
github.com/macronut/phantomsocks/phantomtcp.connectionMonitor(0x0?)
        D:/1/test/phantomsocks-main/phantomtcp/windivert.go:81 +0x187
created by github.com/macronut/phantomsocks/phantomtcp.ConnectionMonitor in goroutine 19
        D:/1/test/phantomsocks-main/phantomtcp/windivert.go:295 +0xd8

Lose all connection after phantomsocks was engaged on Mac OS

When I was trying to use the latest version of phantomsocks, I will lose all connection.

Platform: Mac OS 13.1
GO version: 1.18.10
Tags: -tags pcap

Browser Output:

Can not reach this page
ERR_SOCKS_CONNECTION_FAILED

Logs created by phantomsocks (latest version) :

map[Github:{en0 tcp://208.67.220.220:5353 67175424 0 16 0 0 } pixiv:{en0 208.67.222.222:5353 67179520 0 12 0 0 }]
Socks: 127.0.0.1:22413
Device: en0

Strangely, no more logs are created, which is different from the version I'm using currently.

Logs created by phantomsocks (my version) :

map[Github:{en0 tcp://208.67.220.220:5353 65601 0 16 0 0 } default:{en0 tcp://208.67.220.220:5353 4 0 0 0 0 } pixiv:{en0 208.67.222.222:5353 65605 0 12 0 0 }]
[Github] &{en0 tcp://208.67.220.220:5353 65601 0 16 0 0 }
[pixiv] &{en0 208.67.222.222:5353 65605 0 12 0 0 }
[default] &{en0 tcp://208.67.220.220:5353 4 0 0 0 0 }
/Users/XXX/phantomsocks-main/default.conf
Socks: 127.0.0.1:22413
Device: en0
Socks: cn.bing.com 443 &{en0 tcp://208.67.220.220:5353 4 0 0 0 0 }
Socks: edge.microsoft.com 443 &{en0 tcp://208.67.220.220:5353 4 0 0 0 0 }
Socks: google.com.hk 443 &{en0 tcp://208.67.220.220:5353 4 0 0 0 0 }
...

关于配置文件的IP解析

phantomsocks/phantomtcp/phantom.go

Line 488 in 6354abd

addr, err := net.ResolveTCPAddr("tcp", keys[0])

这段解析ip的代码让我有点疑惑,ResolveTCPAddr 这个函数只要不带端口,就一定会返回错误
如果是 CIDR 的ip表示法,在这里就一定会走到下面的 DomainMap[keys[0]] = CurrentServer
根本走不到 ParseCIDR ,然后软件的修改数据包判断似乎根本不管CIDR表示法的?

build with windivert error

x:\phantomsocks>go build -tags windivert

github.com/macronut/phantomsocks/phantomtcp

phantomtcp\windivert.go:530:17: undefined: BuildResponse
phantomtcp\windivert.go:532:17: undefined: BuildLie

i/o timeout

What's the problem?

~/Documents/phantomsocks master !3 ?3 ❯ sudo ./phantomsocks -device wlan0 -socks 127.0.0.1:1080 -log 5 -c ./default.conf
method=w-ack,w-time,w-md5
Device: wlan0
Device: wlan0
server=udp://8.8.8.8:53
ttl=15
method=ttl,w-ack,w-time,w-md5,w-seq,s-seg,https
ttl=12
method=ttl,w-ack,w-time,w-md5,w-seq,s-seg,https
method=ttl,mode2,https
./default.conf
Socks: 127.0.0.1:1080
Socks: 2600:1901:0:38d7:: 80
Socks: 2600:1901:0:38d7:: 80
Socks: 34.107.221.82 80 &{148 0 0 0 udp://8.8.8.8:53 }
Socks: 69.63.176.15 443 &{148 0 0 0 udp://8.8.8.8:53 }
Socks: 74.86.142.55 443 &{148 0 0 0 udp://8.8.8.8:53 }
Socks: 210.140.92.147 443 &{148 0 0 0 udp://8.8.8.8:53 }
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
connection does not exist
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
connection does not exist
22.3.1.2 443 dial tcp <nil>->22.3.1.2:443: i/o timeout
connection does not exist

Windows 上配置的 dns service 无法使用

config.json

{
  "config": "default.conf",
  "services": [
    {
      "name": "DNS",
      "protocol": "dns",
      "address": "127.0.0.1:53"
    },
    {
      "name": "socks",
      "protocol": "socks",
      "address": "127.0.0.1:9999"
    }
  ],
  "interfaces": [
    {
      "name": "default",
      "dns": "udp://8.8.8.8:53"
    },
    {
      "name": "doh",
      "dns": "https://doh.dns.sb/dns-query",
      "hint": "w-md5,df"
    },
    {
      "name": "google",
      "hint": "w-md5,https,w-seq"
    }
  ]
}

default.conf

[default]

[doh]
github.com
github.blog
.github.com
.github.io
.githubusercontent.com
gravatar.com
.gravatar.com
.githubassets.com
privoxy.org

[google]
google.com=142.250.12.90,142.250.128.90,142.250.1.90,142.250.103.90,142.251.15.90,142.250.125.90,142.250.11.90,142.250.111.90,142.250.98.90,142.251.0.90
.googleapis.com=[google.com]
.google.com=[google.com]
google.com.hk=[google.com]
.google.com.tw=[google.com]
.googleusercontent.com=[google.com]
.ytimg.com=[google.com]
.youtube.com=[google.com]
youtube.com=[google.com]
.youtube-nocookie.com=[google.com]
youtu.be=[google.com]
.ggpht.com=[google.com]
.gstatic.com=[google.com]
.translate.goog=[google.com]
blogspot.com=[google.com]
.blogspot.com=[google.com]
sniproxy=178.209.51.200,78.129.226.113,31.200.241.28
dns.google=[sniproxy]
.googlevideo.com=[sniproxy]
translate.googleapis.com=[google.com]
.chrome.com=[google.com]

image

怎么把网卡流量全部重定向到软件里面?

readme写的这个配置我试了一下没有用

Windows(windivert):
config.json:
    "vaddrprefix": 6,
    "proxy": "redirect://0.0.0.0:6",
    "services": [
        {
            "name": "Redirect",
            "protocol": "redirect",
            "address": "0.0.0.0:6"
        }
    ]

Interface SO_MARK Support in Linux

在Interface中加入mark选项
使软件的出站流量可以打上指定的标记,用于更加细致的控制,避免流量回环

error on macos 12.2.1

Using the default config as is in this repo and latest phantomsocks

./phantomsocks -device en0 -socks 127.0.0.1:1681 -log 3 -c default.conf

server=udp://8.8.8.8:53
ttl=11
server=tls://8.8.4.4:853
method=none
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1222fa7]

goroutine 1 [running]:
github.com/macronut/phantomsocks/phantomtcp.LoadConfig({0x7ff7bfeffb43, 0x3a})
	/Users/v/git/phantomsocks/phantomtcp/phantom.go:496 +0x1587
main.StartService()
	/Users/v/git/phantomsocks/main.go:179 +0x2ee
main.main()
	/Users/v/git/phantomsocks/main.go:309 +0x6da

Quic Support

在最新版的Chrome(105.0.5195.127)中似乎无法获取Quic Sni了

然后顺便再问一下,IETF QUIC有办法获取SNI吗
docker run --rm -it sancraftdev/curl-quic --http3 -sL https://cloudflare.com 用这个试了一下也获取不到SNI

How to start the service

Platform: Windows 10
I tried phantomsocks -socks 127.0.0.1:1080 and set prxoy in Firefox, but it doesn't work, returning The proxy server is refusing connections And task manager showed the program was not started
Then I ran phantomsocks -install and phantomsocks -socks 127.0.0.1:1080 -start, the program started but the proxy still didn't work
The config file is copied from TCPioneer

After the update, the build prompts an error. 

go build -tags windivert

# github.com/macronut/phantomsocks
.\main.go:172:26: cannot use "" (type string) as type []string in argument to phantomtcp.ConnectionMonitor
.\main.go:240:23: undefined: devices
.\main.go:258:23: undefined: devices

代理策略是否过于严格

SNIProxy:
无法得到域名就断连了

QUICProxy:
不是QUIC协议就断连了

TProxy:
不是虚拟地址就断连了

这里可以后退成不走Proxy的正常流量吧

用s-seg和w-md5很容易被重置连接

是这样的,用s-seg和w-md5很容易被重置连接,多发生1-3次,之后就能连接了。用ttl没有这个问题。这可以看作是防火长城推出更新了吗?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.