网络协议 网络 ubuntu20.04使用privoxy进行http代理转http代理,并定制http代理头(hide-user-agent的使用方法)

#sudo apt-get update;

sudo apt install -y privoxy

#sudo apt remove privoxy

privoxy --version;

root@fv-az1239-825:/tmp# privoxy --version

Privoxy version 3.0.28 (https://www.privoxy.org/)

root@fv-az1239-825:/tmp#

安装完毕后,先停止服务,修改配置文件,再启动服务.  

service --status-all ;

service privoxy status ;

service privoxy stop ;

cd /etc/privoxy/;

rm user.filter;

touch user.filter;

cat << EOF >./user.action

{+hide-user-agent{bai-du}}

/

#{+header{Host2: Firefox22}}

{+crunch-client-header{Host:} }

/

{+add-header{Host: xxyyzz.bai-du.com}}

/

{+block{block ip and domain which point to server itself}}

127.0.0.1

45.32.57.113

.example.com

EOF

cat << EOF >./config

user-manual /usr/share/doc/privoxy/user-manual/

confdir /etc/privoxy

logdir /var/log/privoxy

actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.

actionsfile default.action # Main actions file

actionsfile user.action # User customizations

filterfile default.filter

filterfile user.filter # User customizations

logfile privoxy.log

debug 1 # Log the destination for each request. See also debug 1024.

debug 2 # show each connection status

debug 4 # show tagging-related messages

debug 8 # show header parsing

debug 128 # debug redirects

debug 256 # debug GIF de-animation

debug 512 # Common Log Format

debug 1024 # Log the destination for requests Privoxy didn't let through, and the reason why.

debug 4096 # Startup banner and warnings

debug 8192 # Non-fatal errors

debug 65536 # Log applying actions

listen-address 0.0.0.0:8118

toggle 1

enable-remote-toggle 0

enable-remote-http-toggle 0

enable-edit-actions 0

enforce-blocks 1

buffer-limit 4096

enable-proxy-authentication-forwarding 0

forwarded-connect-retries 0

accept-intercepted-requests 1

allow-cgi-request-crunching 0

split-large-forms 0

keep-alive-timeout 5

tolerate-pipelining 1

socket-timeout 300

forward / 127.0.0.1:30080

EOF

注意最后一行:  forward /  127.0.0.1:30080   是上游的http代理

启动privoxy:

service privoxy start;

service privoxy status ;

实现的目的是:

本机tcp8118端口作为http代理服务器,用户的http代理请求,发送给tcp8118端口 privoxy修改http头部后,再发给127.0.0.1:30080这个代理服务器.

主要用来绕过有些代理服务器对user-agent或host有校验的情况下.

使用curl测试:

root@fv-az1239-825:/tmp# curl --version

curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3

Release-Date: 2020-01-08

Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp

Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets

root@fv-az1239-825:/tmp#

curl -v -p -x http://127.0.0.1:8118 http://cip.cc/

root@fv-az1239-825:/etc/privoxy# curl -v -p -x http://127.0.0.1:8118 http://cip.cc/

* Trying 127.0.0.1:8118...

* TCP_NODELAY set

* Connected to 127.0.0.1 (127.0.0.1) port 8118 (#0)

* allocate connect buffer!

* Establish HTTP proxy tunnel to cip.cc:80

> CONNECT cip.cc:80 HTTP/1.1

> Host: cip.cc:80

> User-Agent: curl/7.68.0

> Proxy-Connection: Keep-Alive

>

< HTTP/1.0 200 Connection Established

< Proxy-agent: Apache/2.4.41 (Ubuntu)

<

* Proxy replied 200 to CONNECT request

* CONNECT phase completed!

* CONNECT phase completed!

* CONNECT phase completed!

> GET / HTTP/1.1

> Host: cip.cc

> User-Agent: curl/7.68.0

> Accept: */*

>

* Mark bundle as not supporting multiuse

< HTTP/1.1 200 OK

< Server: openresty

< Date: Thu, 31 Aug 2023 09:29:20 GMT

< Content-Type: text/html; charset=UTF-8

< Transfer-Encoding: chunked

< Connection: keep-alive

< Vary: Accept-Encoding

< X-cip-c: M

<

IP : 223.155.x.x

地址 : 中国 湖南 xx

运营商 : 电信

数据二 : 湖南省xx市 | 电信

数据三 : 中国湖南省xx市 | 电信

URL : http://www.cip.cc/223.155.x.x

* Connection #0 to host 127.0.0.1 left intact

root@fv-az1239-825:/etc/privoxy#

tcpdump 抓包的命令是:

tcpdump -i any -s0 -w /tmp/bb.pcap tcp port 30080

root@fv-az1239-825:/tmp# strings bb.pcap

CONNECT cip.cc:80 HTTP/1.1

User-Agent: bai-du

Host: xxyyzz.bai-du.com

HTTP/1.0 200 Connection Established

Proxy-agent: Apache/2.4.41 (Ubuntu)

GET / HTTP/1.1

Host: cip.cc

User-Agent: curl/7.68.0

Accept: */*

HTTP/1.1 200 OK

Server: openresty

Date: Thu, 31 Aug 2023 09:29:20 GMT

Content-Type: text/html; charset=UTF-8

Transfer-Encoding: chunked

Connection: keep-alive

Vary: Accept-Encoding

X-cip-c: M

IP : 223.155.x.x

:

|

URL : http://www.cip.cc/223.155.x.x

root@fv-az1239-825:/tmp#

试验成功.

参考链接

 您阅读本篇文章共花了：