缺点:
不能故障转移
需要根据个人需求添加经常访问被墙的域名( 如果不纠结用naiveproxy,换成clash可基本完美解决dns问题)
优点:
没有旁路的概念
只有流量转发
dns gateway是主路由
即使服务炸了 也不影响国内上网需求
再也不怕老婆骂你 怎么天天搞路由器了
首先运行本地naiveproxy客户端,可以是linux下,也可以是docker。
下面以linux下为例:
下载naiveproxy 的linux版本
确定版本
export VERSION=$(curl -s "https://api.github.com/repos/klzgrad/naiveproxy/releases/latest" | jq -r .tag_name)
下载
wget https://github.com/klzgrad/naiveproxy/releases/download/${VERSION}/naiveproxy-${VERSION}-linux-x64.tar.xz
解压并存到 /usr/local/bin 下
tar -xJvf $(find -name "*naiveproxy*linux-x64*") -C . && mv *naiveproxy*linux-x64*/naive /usr/local/bin
创建服务
nano /etc/systemd/system/naive.service
[Unit]
Description=NaiveProxy Server Service
After=network-online.target
[Service]
Type=simple
User=nobody
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
ExecStart=/usr/local/bin/naive /etc/naive/config.json
[Install]
WantedBy=multi-user.target
创建配置文件
nano /etc/naive/config.json
{
"listen": "redir://0.0.0.0:1080",
"proxy": "https://user:password@example.com",
"log": ""
}
启动 naive
systemctl daemon-reload
systemctl start naive
systemctl status naive
开启透明代理
iptables -t nat -A PREROUTING -p tcp -j REDIRECT --to-ports 1080
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 1080
sysctl -w net/ipv4/ip_forward=1
enable autostart with networking
iptables-save > /etc/iptables
vi /etc/network/if-pre-up.d/iptables
#!/bin/sh
/sbin/iptables-restore < /etc/iptables
