Created
March 23, 2024 13:04
-
-
Save RealYukiSan/98f3887b3347f00a396792e1e456b4e9 to your computer and use it in GitHub Desktop.
iptables rules for redsocks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Transparent SOCKS proxy | |
| # See: http://darkk.net.ru/redsocks/ | |
| *nat | |
| :PREROUTING ACCEPT [0:0] | |
| :INPUT ACCEPT [0:0] | |
| :OUTPUT ACCEPT [0:0] | |
| :POSTROUTING ACCEPT [0:0] | |
| :REDSOCKS - [0:0] | |
| # Redirect all output through redsocks | |
| # -A OUTPUT -p tcp -j REDSOCKS | |
| # Whitelist LANs and some other reserved addresses. | |
| # https://en.wikipedia.org/wiki/Reserved_IP_addresses#Reserved_IPv4_addresses | |
| -A REDSOCKS -d 0.0.0.0/8 -j RETURN | |
| -A REDSOCKS -d 10.0.0.0/8 -j RETURN | |
| -A REDSOCKS -d 127.0.0.0/8 -j RETURN | |
| -A REDSOCKS -d 169.254.0.0/16 -j RETURN | |
| -A REDSOCKS -d 172.16.0.0/12 -j RETURN | |
| -A REDSOCKS -d 192.168.0.0/16 -j RETURN | |
| -A REDSOCKS -d 224.0.0.0/4 -j RETURN | |
| -A REDSOCKS -d 240.0.0.0/4 -j RETURN | |
| # Redirect everything else to redsocks port | |
| -A REDSOCKS -p tcp -j REDIRECT --to-ports 31338 | |
| -A OUTPUT -p tcp --dport 443 -j REDSOCKS | |
| -A OUTPUT -p tcp --dport 80 -j REDSOCKS | |
| -A PREROUTING -p tcp --dport 443 -j REDSOCKS | |
| -A PREROUTING -p tcp --dport 80 -j REDSOCKS | |
| COMMIT |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The rules file only contains minor changes compared to the default rules provided by the redsocks package.