Skip to content

Home

Jump to bottom
ssrlive edited this page Apr 25, 2024 · 14 revisions

Welcome to the tun2proxy wiki!

Installation

  • Install from binary You can download the binary from here and put it into your PATH.

  • Install from source If you have installed Rust, you can build the executable.

    git clone https://github.com/blechschmidt/tun2proxy.git
cd tun2proxy
cargo build --release

    The executable is located in the target/release directory.

  • Install from cargo If you have installed Rust, you can install tun2proxy from cargo.

    cargo install tun2proxy

    The executable is located in the ~/.cargo/bin directory.

    Note: On Windows, you need to copy the wintun DLL to %USERPROFILE%\.cargo\bin.

Usage

Linux

  • If your proxy server is of type SOCKS5 and supports UDP forwarding, and it runs on your remote VPS at 123.45.67.89:1080 you can run tun2proxy like this.

    sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080

  • If your proxy server is of type SOCKS5 but does not support UDP forwarding, and it runs on your remote VPS at 123.45.67.89:1080 you can run tun2proxy like this.

    sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080 --dns over-tcp

    The --dns over-tcp parameter is to make tun2proxy use TCP to forward DNS requests.

    Note: This only forwards DNS requests, other UDP packets are still discarded.

  • If your proxy server is of type SOCKS5 and runs on your local machine at 127.0.0.1:1080, and it also acts as a client communicating with a remote sever at 123.45.67.89 on VPS, similar to overtls, you can run tun2proxy like this.

    sudo tun2proxy --setup --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89

    The --bypass parameter is to make the system routing bypass tun2proxy for packets with the destination address 123.45.67.89. This parameter can be used multiple times, like --bypass 123.45.67.89 --bypass 12.34.56.78, to bypass multiple addresses.

  • If you don't want to run tun2proxy as root, you can remove the sudo prefix and the --setup parameter. In this way tun2proxy will run with user permissions,

    tun2proxy --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89

    But before you run tun2proxy, you still need to manually configure the routing table with root permissions to make tun2proxy work properly. See this script. This seemingly strange way of working is to facilitate the development of tun2proxy, which is not meaningful for ordinary users. Therefore, it is recommended that you always use the sudo prefix and the --setup parameter.

Other platforms (Windows, macOS)

The usage is similar to Linux, but there are some subtle differences.

tun2proxy on these platforms needs to be run with administrator or root permissions always, so the --setup parameter no longer needed. tun2proxy will always configure the routing table.

On Windows, you need to run cmd or PowerShell with administrator permissions and then run tun2proxy.

tun2proxy --proxy socks5://123.45.67.89:1080

On macOS, run tun2proxy like this.

sudo tun2proxy --proxy socks5://123.45.67.89:1080

For macOS, it should be noted that if you want to enter the name of the virtual network card yourself, you can use parameters like --tun utun2, where the name must start with utun and the number after it can be any number, but it must be unused.

If you run tun2proxy and fail, it is possible that the tun name you specified has been occupied. It is recommended that you modify it to a larger number and try again.

安装

  • 从二进制文件安装 你可以从 这里 下载 tun2proxy 的二进制文件, 然后将它放到你的 PATH 之中.

  • 从源代码安装 如果你已经安装好了 Rust, 你可以编译出 tun2proxy 的可执行文件.

    git clone https://github.com/blechschmidt/tun2proxy.git
cd tun2proxy
cargo build --release

    这时的可执行文件位于目录 target/release 之中.

  • cargo 安装 如果你己经在 你的机器上 安装了 Rust 开发环境. 你可以这样安装 tun2proxy

    cargo install tun2proxy

    这时的可执行文件位于目录 ~/.cargo/bin 之中.

    注意: 在 Windows 平台上, 你需要将 wintun DLL 文件复制到 %USERPROFILE%\.cargo\bin 之中.

基本用法

Linux 平台

  • 如果你的代理软件服务端是 SOCKS5 类型, 还支持 UDP 转发, 并且它跑在 你的远程 VPS 上, 假设地址是 123.45.67.89:1080, 那么你可以这样运行 tun2proxy.

    sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080

  • 如果你的代理软件服务端是 SOCKS5 类型, 但 支持 UDP 转发, 它跑在 远程 VPS 上, 假设地址是 123.45.67.89:1080, 那么你可以这样运行 tun2proxy.

    sudo tun2proxy --setup --proxy socks5://123.45.67.89:1080 --dns over-tcp

    参数 --dns over-tcp 是为了让 tun2proxy 使用 TCP 协议来转发 DNS 请求.

    注意: 这里仅仅是转发 DNS 请求, 其它的 UDP 数据包仍然会被丢弃.

  • 如果你的代理软件服务端是 SOCKS5 类型, 但运行在 你的本地机器上, 监听地址是 127.0.0.1:1080; 同时该服务端也做为客户端与远程 VPS 上运行的 上一级代理服务端相连, IP 地址是 123.45.67.89; 类似 overtls; 那么你可以这样运行 tun2proxy.

    sudo tun2proxy --setup --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89

    参数 --bypass 是为了让系统路由表对目标地址是 123.45.67.89 的数据包不经 tun2proxy 而是直接发往当前活动网卡的网关. 这个参数可以出现多次, 如 --bypass 123.45.67.89 --bypass 12.34.56.78, 表示可以放行多个地址.

  • 如果你不希望 tun2proxy 以 root 权限运行, 你可以去掉 sudo 前缀 和 --setup 参数, 这样 tun2proxy 将以普通用户权限运行,

    tun2proxy --proxy socks5://127.0.0.1:1080 --bypass 123.45.67.89

    但在运行 tun2proxy 之前, 你还是需要以 root 权限手动配置路由表, 以期让 tun2proxy 能够正常工作. 参看 这个脚本, 这种看似奇怪的工作方式是为了方便开发调试 tun2proxy, 对普通用户意义不大. 因此推荐你一直使用 sudo 前缀和 --setup 参数.

其它平台 (Windows, macOS)

绝大多数操作 与 Linux 平台类似, 仅有 几点小差别.

这些平台上的 tun2proxy 都必须以 管理员root 权限运行, 因此无论参数 --setup 是否存在,tun2proxy 都将自动配置好路由表.

在 Windows 平台上, 你需要以管理员权限运行 cmdPowerShell, 然后运行 tun2proxy.

tun2proxy --proxy socks5://123.45.67.89:1080

在 macOS 平台上, 以如下方式运行 tun2proxy.

sudo tun2proxy --proxy socks5://123.45.67.89:1080

对于 macOS 平台, 需要注意的是, 如果你想自己输入虚拟网卡的名字, 你可以使用如 --tun utun2 这样的参数, 其中的名字必须是以 utun 开头, 后面的数字可以是任意的, 但必须是未被使用的.

如果你運行 tun2proxy 失敗, 有可能你指定的 tun 名稱已被佔用,建議你修改成一個大一點的數字再試。

Clone this wiki locally