-
Notifications
You must be signed in to change notification settings - Fork 53
Home
Welcome to the tun2proxy wiki!
-
Install from binary You can download the binary from here and put it into your
PATH
. -
Install from source If you have installed Rust, you can build the executable.
git clone https://github.com/blechschmidt/tun2proxy.git cd tun2proxy cargo build --release
The executable is located in the
target/release
directory. -
Install from
cargo
If you have installed Rust, you can install tun2proxy fromcargo
.cargo install tun2proxy
The executable is located in the
~/.cargo/bin
directory.Note: On Windows, you need to copy the wintun DLL to
%USERPROFILE%\.cargo\bin
.
-
If your proxy server is of type
SOCKS5
and supportsUDP
forwarding, and it runs on your remoteVPS
at123.45.67.89:1080
you can run tun2proxy like this.sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080
-
If your proxy server is of type
SOCKS5
but does not supportUDP
forwarding, and it runs on your remoteVPS
at123.45.67.89:1080
you can run tun2proxy like this.sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080 --dns over-tcp
The
--dns over-tcp
parameter is to make tun2proxy use TCP to forward DNS requests.Note: This only forwards DNS requests, other UDP packets are still discarded.
-
If your proxy server is of type
SOCKS5
and runs on your local machine at127.0.0.1:1080
, and it also acts as a client communicating with a remote sever at123.45.67.89
on VPS, similar to overtls, you can run tun2proxy like this.sudo tun2proxy --setup --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89
The
--bypass
parameter is to make the system routing bypass tun2proxy for packets with the destination address123.45.67.89
. This parameter can be used multiple times, like--bypass 123.45.67.89 --bypass 12.34.56.78
, to bypass multiple addresses. -
If you don't want to run tun2proxy as
root
, you can remove thesudo
prefix and the--setup
parameter. In this way tun2proxy will run with user permissions,tun2proxy --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89
But before you run
tun2proxy
, you still need to manually configure the routing table withroot
permissions to make tun2proxy work properly. See this script. This seemingly strange way of working is to facilitate the development of tun2proxy, which is not meaningful for ordinary users. Therefore, it is recommended that you always use thesudo
prefix and the--setup
parameter.
The usage is similar to Linux, but there are some subtle differences.
tun2proxy
on these platforms needs to be run with administrator
or root
permissions always, so the --setup
parameter no longer needed. tun2proxy
will always configure the routing table.
On Windows, you need to run cmd
or PowerShell
with administrator
permissions and then run tun2proxy
.
tun2proxy --proxy socks5://123.45.67.89:1080
On macOS, run tun2proxy
like this.
sudo tun2proxy --proxy socks5://123.45.67.89:1080
For macOS, it should be noted that if you want to enter the name of the virtual network card yourself,
you can use parameters like --tun utun2
, where the name must start with utun
and the number after it can be any number,
but it must be unused.
If you run tun2proxy
and fail, it is possible that the tun
name you specified has been occupied.
It is recommended that you modify it to a larger number and try again.
-
从二进制文件安装 你可以从 这里 下载 tun2proxy 的二进制文件, 然后将它放到你的
PATH
之中. -
从源代码安装 如果你已经安装好了 Rust, 你可以编译出 tun2proxy 的可执行文件.
git clone https://github.com/blechschmidt/tun2proxy.git cd tun2proxy cargo build --release
这时的可执行文件位于目录
target/release
之中. -
从
cargo
安装 如果你己经在 你的机器上 安装了 Rust 开发环境. 你可以这样安装 tun2proxycargo install tun2proxy
这时的可执行文件位于目录
~/.cargo/bin
之中.注意: 在 Windows 平台上, 你需要将 wintun DLL 文件复制到
%USERPROFILE%\.cargo\bin
之中.
-
如果你的代理软件服务端是
SOCKS5
类型, 还支持UDP
转发, 并且它跑在 你的远程VPS
上, 假设地址是123.45.67.89:1080
, 那么你可以这样运行 tun2proxy.sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080
-
如果你的代理软件服务端是
SOCKS5
类型, 但 不 支持UDP
转发, 它跑在 远程VPS
上, 假设地址是123.45.67.89:1080
, 那么你可以这样运行 tun2proxy.sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080 --dns over-tcp
参数
--dns over-tcp
是为了让 tun2proxy 使用 TCP 协议来转发 DNS 请求.注意: 这里仅仅是转发 DNS 请求, 其它的 UDP 数据包仍然会被丢弃.
-
如果你的代理软件服务端是
SOCKS5
类型, 但运行在 你的本地机器上, 监听地址是127.0.0.1:1080
; 同时该服务端也做为客户端与远程VPS
上运行的 上一级代理服务端相连, IP 地址是123.45.67.89
; 类似 overtls; 那么你可以这样运行 tun2proxy.sudo tun2proxy --setup --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89
参数
--bypass
是为了让系统路由表对目标地址是123.45.67.89
的数据包不经 tun2proxy 而是直接发往当前活动网卡的网关. 这个参数可以出现多次, 如--bypass 123.45.67.89 --bypass 12.34.56.78
, 表示可以放行多个地址. -
如果你不希望 tun2proxy 以
root
权限运行, 你可以去掉sudo
前缀 和--setup
参数, 这样 tun2proxy 将以普通用户权限运行,tun2proxy --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89
但在运行
tun2proxy
之前, 你还是需要以root
权限手动配置路由表, 以期让 tun2proxy 能够正常工作. 参看 这个脚本, 这种看似奇怪的工作方式是为了方便开发调试tun2proxy
, 对普通用户意义不大. 因此推荐你一直使用sudo
前缀和--setup
参数.
绝大多数操作 与 Linux 平台类似, 仅有 几点小差别.
这些平台上的 tun2proxy
都必须以 管理员
或 root
权限运行, 因此无论参数 --setup
是否存在,tun2proxy
都将自动配置好路由表.
在 Windows 平台上, 你需要以管理员权限运行 cmd
或 PowerShell
, 然后运行 tun2proxy
.
tun2proxy --proxy socks5://123.45.67.89:1080
在 macOS 平台上, 以如下方式运行 tun2proxy
.
sudo tun2proxy --proxy socks5://123.45.67.89:1080
对于 macOS 平台, 需要注意的是, 如果你想自己输入虚拟网卡的名字, 你可以使用如 --tun utun2
这样的参数,
其中的名字必须是以 utun
开头, 后面的数字可以是任意的, 但必须是未被使用的.
如果你運行 tun2proxy
失敗, 有可能你指定的 tun 名稱已被佔用,建議你修改成一個大一點的數字再試。