Linux 操作系统 Debian 8,( amd64 ),版本代号 jessie ,生命周期 5 年( 官方安全更新支持 2015 年 5 月 —— 2020 年 5 月 ),
火狐浏览器 Firefox ESR 52.8.0(64位)手动设置本地代理 127.0.0.1:9666,翻墙浏览网页成功,
引用
~$ ./ul1603d
Connecting ...
Connecting ...
CONNECTED
~$ ./ul1603d
Connecting ...
Connecting ...
CONNECTED
[root@rhel7 ~]# ./u1703 -help
非法指令
[root@rhel7 ~]#
用不了
chmod +x u1703
su
sudo su
./u1703 -M vpn
一旦运行了 VPN 安全模式,电脑一直处于网络隔离状态,即使关闭了无界,也无法联网。这样消除了所有泄露IP的隐患,以确保安全。
需要重新启动电脑才能恢复到非网络隔离状态
~$ sudo ./u1703 -M vpn
~$ nslookup www.freebsd.org
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
www.freebsd.org canonical name = wfe0.ysv.freebsd.org.
Name: wfe0.ysv.freebsd.org
Address: 8.8.178.110
Name: wfe0.ysv.freebsd.org
Address: 2001:1900:2254:206a::50:0
~$ cat /etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "systemd-resolve --status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
search localdomain
~$ sudo ./u1703 -M vpn
[sudo] user 的密码:
LISTENING 127.0.0.1:9666
VPN MODE
0.502 Connecting ...
8.654 CONNECTED
8.655 Connecting ...
11.266 CONNECTED
567.724 Connecting ...
571.180 CONNECTED
583.511 Connecting ...
586.255 CONNECTED
查看发行版本信息:
~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
Codename: bionic
火狐新版安装不了
火狐57不支持直接安装执行行文件,所以无界火狐扩展无法在57版以上运行。请大家保留56版。我们会开发新的无界火狐扩展,需要提示请用户安装执行行文件,火狐这样做是出于安全考虑。
~$su
密码:
# ./u1703 -M vpn
LISTENING 127.0.0.1:9666
VPN MODE
0.555 Connecting ...
5.964 CONNECTED
5.964 Connecting ...
8.475 CONNECTED
为什么我使用sudo ./u1703 -M vpn命令后,提示:
VPN failed, need root or sudo
chmod u+x u1703
# iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT ! -i lo -p tcp -m tcp --tcp-flags RST RST -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -i lo -j ACCEPT
-A INPUT -j DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j DROP
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -o lo -j ACCEPT
-A OUTPUT -m state --state NEW -j ACCEPT
-A OUTPUT -j DROP
# ./u1703c -M vpn
LISTENING 127.0.0.1:9666
VPN MODE
0.586 Connecting ...
4.570 CONNECTED
4.572 Connecting ...
5.801 CONNECTED
~$ nslookup www.freebsd.org
Server: 10.11.0.2
Address: 10.11.0.2#53
Non-authoritative answer:
Name: www.freebsd.org
Address: 172.16.0.6
~$ cat /etc/resolv.conf
nameserver 10.11.0.2
# ifconfig
enp2s0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether xx:xx:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 9472 bytes 3582541 (3.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9472 bytes 3582541 (3.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.11.123.123 netmask 255.255.255.255 destination 10.11.123.124
inet6 fe80::c2b0:477:b089:e2a8 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 385 bytes 792069 (773.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 476 bytes 33163 (32.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.xxx netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2002:71e7:8b85:0:d66a:6aff:feed:baab prefixlen 64 scopeid 0x0<global>
inet6 2002:71e7:8b85::89d prefixlen 128 scopeid 0x0<global>
inet6 2002:71e7:8b85:0:a8d7:d9cb:d200:aa26 prefixlen 64 scopeid 0x0<global>
inet6 fe80::d66a:6aff:feed:baab prefixlen 64 scopeid 0x20<link>
ether xx:xx:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 3300 bytes 2080020 (1.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3003 bytes 579692 (566.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# apt-get install net-tools
# apt-get install dnsutils
~$ sudo ./u1703c -M vpn
[sudo] password for ****:
LISTENING 127.0.0.1:9666
VPN MODE
0.546 Connecting ...
4.999 CONNECTED
5.000 Connecting ...
7.257 CONNECTED
~$ nslookup https://www.freebsd.org
Server: 10.11.0.2
Address: 10.11.0.2#53
Non-authoritative answer:
Name: https://www.freebsd.org
Address: 172.16.0.0
~$ cat /etc/resolv.conf
nameserver 10.11.0.2
~$ nslookup https://www.freebsd.org
Server: 10.11.0.2
Address: 10.11.0.2#53
Non-authoritative answer:
Name: https://www.freebsd.org
Address: 172.16.0.0
~$ cat /etc/resolv.conf
nameserver 10.11.0.2
~$ sudo ./u1703c
[sudo] password for ****:
LISTENING 127.0.0.1:9666
0.203 Connecting ...
6.747 CONNECTED
6.747 Connecting ...
7.958 CONNECTED
# lsof -S | grep TCP | grep u1703c
u1703c 5268 root 5u IPv4 35959 0t0 TCP localhost:44943 (LISTEN)
u1703c 5268 root 6u IPv4 36916 0t0 TCP localhost:9666 (LISTEN)
u1703c 5268 root 9u IPv4 35974 0t0 TCP 192.168.53.237:38780->**.**.**.**:https (ESTABLISHED)
( 以下省略 )