Skip to content

Instantly share code, notes, and snippets.

@robetus
Forked from YannRobert/20-3proxy.conf
Created March 20, 2017 01:40
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save robetus/0ed8abc4f3e67da9a9090c368d71e97b to your computer and use it in GitHub Desktop.
working 3proxy configuration for a personal usage proxy
# /etc/fail2ban/jail.d/20-3proxy.conf
[3proxy]
enabled = true
filter = 3proxy
action = iptables[name=3proxy, port=3128, protocol=tcp]
logpath = /var/log/3proxy/3proxy.log*
maxretry = 3
bantime = 3600 ; 1 hour
findtime = 3600 ; 1 hour
# you can set your naming servers here
# but you better set them in the /etc/resolv.conf file, so that your 3proxy.cfg file can be shared
#nserver 8.8.8.8
#nserver 8.8.4.4
nscache 65536
timeouts 1 5 30 60 180 1800 15 60
daemon
# users with password are listed in a separated file (mode should be 600, filename is prefix with a $)
users $/etc/3proxy/.proxyauth
# for privacy, we can log to /dev/null
#log /dev/null
# but in order to use fail2ban, we should use a log file
# so we better use a frequently rotating log file
log /var/log/3proxy/3proxy.log H
# default logformat should be used to work with fail2ban
#logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
# don'k archive logs for privacy
#archiver gz /usr/bin/gzip %F
# don't keep logs for privacy
rotate 1
# put the actual external IP here (don't use 0.0.0.0, it works but it's less secure)
external 0.0.0.0
# proxy with username/password authentication type
auth strong
# We want to protect internal interface
deny * * 127.0.0.1
deny * * 0.0.0.0
allow * * * 80-88,8080-8088 HTTP
allow * * * 443,8443 HTTPS
# Sets the proxy on port 3128 with high anonymous flag -a to remove the X-Forwarded-For header
proxy -a -p3128
# or use flag -a1 to set the X-Forwarded-For header with fake IP addresses
#proxy -a1 -p3128
maxconn 64
#socks
flush
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment