PiAPWorkingTips

Jun 29, 2022
Technology

Hide ssid

Configuration for hostapd:

# vim /etc/hostapd/hostapd.conf
...
ignore_broadcast_ssid=1
...
# systemctl restart hostapd

dhcp server

Changed from dnsmasq to isc-dhcp-server.

pdnsd changes

Install via:

# apt install pdnsd
Select manual for manually configure the pdnsd server

Configuration files:

Changes for:  
# Generated by resolvconf
server {
	label=resolvconf;
	#ip=192.168.1.117;
}

others refers to previous article(written in 2017-12-24)

redsocks changes

Change the redsocks configuration to listen to 0.0.0.0:12345:

redsocks {
        /* `local_ip' defaults to 127.0.0.1 for security reasons,
         * use 0.0.0.0 if you want to listen on every interface.
         * `local_*' are used as port to redirect to.
         */
        local_ip = 0.0.0.0;
        local_port = 12345;

        // `ip' and `port' are IP and tcp-port of proxy-server
        ip = 127.0.0.1;
        port = 1080;

        // known types: socks4, socks5, http-connect, http-relay
        type = socks5;
}

Configuration for the iptables:

sudo iptables -t nat -N SHADOWSOCKS

# 注意这里要把 $server_IP 改成你自己的 socks5 远程IP，即你的VPS IP，不然无法正常工作
sudo iptables -t nat -A SHADOWSOCKS -d xx.xx.xx.xxx  -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d xx.xx.xx.xxx -j RETURN

# 忽略局域网地址
sudo iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
sudo iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
#sudo iptables -t nat -A SHADOWSOCKS -m set --match-set chnroute dst -j RETURN

# 把流量转发到 12345 端口，即redsocks
sudo iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
sudo iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
sudo iptables -t nat -A PREROUTING -p tcp -j SHADOWSOCKS

iptables result:

# Generated by xtables-save v1.8.2 on Thu Jun 30 14:34:24 2022
*filter
:INPUT ACCEPT [1455927:2412196175]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [927092:2335234307]
-A FORWARD -i wlan0 -j ACCEPT
-A FORWARD -o wlan0 -j ACCEPT
-A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wlan0 -o eth0 -j ACCEPT
COMMIT
# Completed on Thu Jun 30 14:34:24 2022
# Generated by xtables-save v1.8.2 on Thu Jun 30 14:34:24 2022
*nat
:PREROUTING ACCEPT [4873:855180]
:INPUT ACCEPT [10699:685912]
:POSTROUTING ACCEPT [9810:590833]
:OUTPUT ACCEPT [14989:908253]
:SHADOWSOCKS - [0:0]
-A PREROUTING -p tcp -j SHADOWSOCKS
-A POSTROUTING -o eth0 -j MASQUERADE
-A SHADOWSOCKS -d xxx.xxx.xxx.xxx/32 -j RETURN
-A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
-A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
-A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
-A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
-A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
-A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
-A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
-A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
-A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
-A SHADOWSOCKS -d 1xx.xx.xxx.xxx/32 -j RETURN
-A SHADOWSOCKS -d 1xx.xx.xxx.xxx/32 -j RETURN
COMMIT
# Completed on Thu Jun 30 14:34:24 2022

很惭愧，就做了一点微小的工作

PiAPWorkingTips

Hide ssid

dhcp server

pdnsd changes

redsocks changes