Jump to content

Question

Posted

i need to setup proxy

 

 iptables -t nat -A PREROUTING -p tcp --dport 2106 -j DNAT --to-destination xxx.xxx.xxx.xxx:2106
 iptables -t nat -A PREROUTING -p tcp --dport 7777 -j DNAT --to-destination xxx.xxx.xxx.xxx:7777

in the .ini there is only

 

Proxy = 

 

any clue? is my 1st time using this config, im used to set up common way for login

2 answers to this question

Recommended Posts

  • 0
Posted (edited)

It's additional proxy or you just have server behind NAT and need port forwarding?

 

If it's just port forwarding, you don't need anything else than DNAT and enabling IPv4 forwarding

sysctl net.ipv4.ip_forward=1

Also packets from server must go back through the proxy (it must be default gateway for the server)

 

 

If it's real proxy (another server endpoint):

 

http://www.maxcheaters.com/topic/206180-patched-hauth-to-support-multiple-ip-addressesproxies/?hl=hauthd

 

Also you'll have to learn something about policy-based routing because when you have two endpoints, server will still send packets via default gateway - which will be your primary IP address. So if packet comes to l2server via proxy, it must go back to client via the very same proxy - not via default gateway.

 

You should read something about it (google linux policy based routing), this can help you a bit:

 

On router:

 

Mark incoming packets and restore mark for outgoing packets:

 

iptables -t mangle -A PREROUTING -i tun0 -p tcp -m tcp --dport 7777 -j CONNMARK --set-mark 100 # mark packets from 1st proxy
iptables -t mangle -A PREROUTING -i tun1 -p tcp -m tcp --dport 7777 -j CONNMARK --set-mark 101 # mark packets from 2nd proxy
iptables -t mangle -A PREROUTING -i tun2 -p tcp -m tcp --dport 7777 -j CONNMARK --set-mark 102 # mark packets from 3rd proxy
iptables -t mangle -A PREROUTING -i br1 -p tcp -m tcp --sport 7777 -j CONNMARK --restore-mark # restore mark on packets going back
Use policy-based routing based on packet mark:
 
ip rule add fwmark 100 table 100 # if packet is marked as from 1st proxy, use routing table 100
ip route add default via 10.8.0.1 table 100 # routing table 100 - default gateway is 1st proxy internal address
ip rule add fwmark 101 table 101 # if packet is marked as from 2nd proxy, use routing table 101
ip route add default via 10.8.1.1 table 101 # routing table 101 - default gateway is 2nd proxy internal address
ip rule add fwmark 102 table 102 # if packet is marked as from 3rd proxy, use routing table 102
ip route add default via 10.8.2.1 table 102 # routing table 102 - default gateway is 3rd proxy internal address
On proxy:
 
up iptables -t nat -A PREROUTING -m tcp -p tcp --dport 7777 -j DNAT --to-destination 10.8.0.2:7777
Edited by eressea
  • 0
Posted (edited)

 

It's additional proxy or you just have server behind NAT and need port forwarding?

 

If it's just port forwarding, you don't need anything else than DNAT and enabling IPv4 forwarding

sysctl net.ipv4.ip_forward=1

Also packets from server must go back through the proxy (it must be default gateway for the server)

 

 

If it's real proxy (another server endpoint):

 

http://www.maxcheaters.com/topic/206180-patched-hauth-to-support-multiple-ip-addressesproxies/?hl=hauthd

 

Also you'll have to learn something about policy-based routing because when you have two endpoints, server will still send packets via default gateway - which will be your primary IP address. So if packet comes to l2server via proxy, it must go back to client via the very same proxy - not via default gateway.

 

You should read something about it (google linux policy based routing), this can help you a bit:

 

On router:

 

Mark incoming packets and restore mark for outgoing packets:

 

iptables -t mangle -A PREROUTING -i tun0 -p tcp -m tcp --dport 7777 -j CONNMARK --set-mark 100 # mark packets from 1st proxy
iptables -t mangle -A PREROUTING -i tun1 -p tcp -m tcp --dport 7777 -j CONNMARK --set-mark 101 # mark packets from 2nd proxy
iptables -t mangle -A PREROUTING -i tun2 -p tcp -m tcp --dport 7777 -j CONNMARK --set-mark 102 # mark packets from 3rd proxy
iptables -t mangle -A PREROUTING -i br1 -p tcp -m tcp --sport 7777 -j CONNMARK --restore-mark # restore mark on packets going back
Use policy-based routing based on packet mark:
 
ip rule add fwmark 100 table 100 # if packet is marked as from 1st proxy, use routing table 100
ip route add default via 10.8.0.1 table 100 # routing table 100 - default gateway is 1st proxy internal address
ip rule add fwmark 101 table 101 # if packet is marked as from 2nd proxy, use routing table 101
ip route add default via 10.8.1.1 table 101 # routing table 101 - default gateway is 2nd proxy internal address
ip rule add fwmark 102 table 102 # if packet is marked as from 3rd proxy, use routing table 102
ip route add default via 10.8.2.1 table 102 # routing table 102 - default gateway is 3rd proxy internal address
On proxy:
 
up iptables -t nat -A PREROUTING -m tcp -p tcp --dport 7777 -j DNAT --to-destination 10.8.0.2:7777

 

yes atm im behind 2 routers and i want to set also few login gateways for better ping from different locations

by now i must fwd ports on router 1 and router 2

in comming weeks i will add the other thing when i get direct conection to wan ip

Edited by etherian

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Posts

    • Vilmis is the biggest scammer in history. He bans his members when they complain about something. I know more than one who's banned him. He updates shit, but he charges you like he's doing something serious.
    • I did not want to, but I will tell a few things (just because of other members that might understand something wrong): 1. Nothing held as hostage some kinda customer of yours. I think even now could find your donate panel code at my source code. So, stop spreading a lie because of your head progressive diseases. 2. Don't use my old customer's post as counterargument. We all had the worst customers which think they are the righest ones no matter what. He was one of them. He caused a lot of problems to me. Also, he was rude and disrespectful. 3. You're just simply hater. No matter what good I'm gonna say you gonna say in reverse. Smarter people sees the truth. 4. Look, you don't like me, I don't like you, but it's unnecessary to comment all post about my project and write everything worst just because you hate me. 😉
    • I've seen this many times, to be honest, let's hope that this time it will actually happen. I would suggest building something that helps develop trust within the community's sales. It could be something similar to FunPay, for example, which ensures secure trades for both the seller and the buyer, along with a rating system for both parties. I would also recommend doing something about the voting site, which has been paused for I don't know how many years since the Fiverr failure. Last but not least, I’d suggest creating an open blog or at least publishing weekly articles that can attract more people to the forum or encourage members to return and read them. The topics of these articles could include overviews and opinions on L2 or GTA V servers, PUBG, Fortnite, tech news, coding updates, or even general news that the author finds interesting.   How could you know such an information? 🤔 And yeah I agree on the part about the poor management
    • ➡ Discount for your purchase: JUNE2025 (10% discount) ➡ Our Online Shop: https://socnet.store  ➡ Our SMM-Boosting Panel: https://socnet.pro  ➡ Telegram Shop Bot: https://socnet.shop  ➡ Telegram Support: https://t.me/solomon_bog  ➡ Telegram Channel: https://t.me/accsforyou_shop  ➡ Discord Support: @AllSocialNetworksShop  ➡ Discord Server: https://discord.gg/y9AStFFsrh  ➡ WhatsApp Support: https://wa.me/79051904467 ➡ WhatsApp Channel: https://whatsapp.com/channel/0029Vau0CMX002TGkD4uHa2n  ➡ Email Support: solomonbog@socnet.store 
    • there are extenders that already have all that included ingame 🙂 for example GX-EXT
  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock