我参考MuleSoft Help Center成功搭建了socks5代理服务器
文字内容如下(怕以后访问不了)
How to set up a testing SOCKS5 proxy (dante) for Anypoint monitoring in RTF (Runtime Fabric)
A demonstration to set up a SockS5 proxy with Dante and set up the proxy in RTF. This KB involves none standard MuleSoft offering product. Technical assistance for such products is limited to this article. Please use at your own risk.
Jul 23, 2019•Knowledge
Content
GOAL
Usually, RTF is running in a secured environment with proxies for communications between the Anypoint control plane. Most of the communications are HTTP/HTTPS and require an HTTP/HTTPS proxy. However, Anypoint Monitoring uses SOCKS5 proxies for sending metrics and logs out to the control plane.
This KB demonstrates how to set up a Dante SOCKS5 server for Anypoint Monitoring in RTF. Please note Dante is not part of the MuleSoft product set. Technical assistance for such products is limited to this article.
PROCEDURE
Set up a Dante proxy
We recommend using a docker-compose file to set up the Dante server, which is suggested here at https://hub.docker.com/r/vimagick/dante.
Create a folder and change the working directory to the folder. create docker-compose.yml
dante:
image: vimagick/dante
ports:
- "1080:1080"
volumes:
- ./sockd.conf:/etc/sockd.conf
restart: always Create sockd.conf. Update 172.19.0.0/16 to the CIDR of RTF cluster
debug: 0
logoutput: stderr
internal: 0.0.0.0 port = 1080
external: eth0
socksmethod: username none
clientmethod: none
user.privileged: root
user.unprivileged: nobody
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
log: error
}
socks pass {
from: 172.19.0.0/16 to: 0.0.0.0/0
socksmethod: username
log: error
} Bring up the Dante server and set the credentials. Replace "user1" and "password" with your own username and password.
$ docker-compose up -d $ docker exec -it dante_dante_1 bash >>> useradd user1 >>> echo user1:password | chpasswd >>> exit
Set up a firewall rule to allow traffic from the RTF nodes to port 1080 on the proxy firewall
Test the proxy on your RTF cluster. Replace the 172.19.0.23 with the IP of the proxy server. "client certificate not found" shows no client certificate is sent but it means the connectivity via the proxy is good.
curl -kx socks5h://user1:password@172.19.0.23:1080 https://dias-ingestor-nginx.prod.cloudhub.io:5044 curl: (52) NSS: client certificate not found (nickname not specified)
Update monitoring proxy on RTF
Follow the instructions here to set up the proxy on RTF.
> rtfctl apply monitoring-proxy "socks5://user1:password@172.19.0.23:1080"
Restart applications to pick up the proxy. In the anypoint-monitoring container log, it should show the connection established.
2019-07-22T03:55:56.037Z INFO transport/proxy.go:70 proxy host: '172.19.0.23:1080' ... 2019-07-22T03:56:17.241Z INFO pipeline/output.go:95 Connecting to backoff(async(tcp://dias-ingestor-nginx.prod.cloudhub.io:5044)) 2019-07-22T03:56:18.344Z INFO pipeline/output.go:105 Connection to backoff(async(tcp://dias-ingestor-nginx.prod.cloudhub.io:5044)) established ...
Disclaimer: This article involves products and technologies which do not form part of the MuleSoft product set. Technical assistance for such products is limited to this article.
Attachments
而我不想有用户密码验证和ip地址限制,所以修改配置如下:
debug: 0
logoutput: stderr
internal: 0.0.0.0 port = 1080
external: eth0
socksmethod: username none
clientmethod: none
user.privileged: root
user.unprivileged: nobody
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
log: error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
socksmethod: username none
log: error
}祝你好运,畅游网络