suuhm / unblock-proxy.sh Goto Github PK

All-in-one script /w admin-webinterface to offer your own SmartDNS or SmartGateway -proxy. For your entire network! The swiss army knife in geoblocking/censorship.

Home Page: https://proxycheck.coldwareveryday.com

License: GNU General Public License v2.0

Shell 73.05% PHP 17.88% CSS 3.79% JavaScript 5.27%

redsocks proxychains dns proxy smartdns tor geoblocking router socks5-proxy squid

unblock-proxy.sh's Introduction

A "Swiss Army proxy-knife" to avoid geoblocking in Video on Demand and censorship in your whole network!

Background - Why this script?

There are many devices in my network, which do not allow to set a proxy manually, I have always had to prepare my router or a computer, which was a lot of time and configuration effort.

With this script, I have the possibility to offer a proxy in my whole network for desired domains. Even if DNS or transparent router. Furthermore I can choose which proxy engine should be used.

It couldn't be easier!

This Script uses a List of (Free)-Proxies and Domains that allows you to set up unrestricted access to streaming content on your smart-TV, Kodi, Emby Mediaserver and other devices to watch your media region-free like:

Zattoo
HULU (US region)
Netflix Originals
Amazon Prime
BBC iPlayer
Youtube
Discovery
Disney Channel Plus
Fox Now / Sports Go / News / Showtime
HBO Now

And many, many many more!

It's not a VPN! And this will save your bandwidth massively

Features

Main Modes:

Router (transparent) Mode (This can be use on a OpenWRT Route or something similar)
Smart (DNS) Mode (Set this to any device where you can set a DNS Server Setting)

Proxy Engines:

Tor
Squid (incl. Certcreator for SSL-Bump Functionality)
Redsocks
Proxychains
Windscribe (Requires an account: https://windscribe.com/signup)

Proxyserver Scanner

Socks4, Socks5
HTTP/S

SSH-Socks (for your own Socks-Proxy connection via SSH)

Web-Backend (beta Version! Requires >=PHP 5.4.0 - For smart web-adminstration)

How to use the script

!!!THIS VERSION IS BETA AND ONLY TESTED ON DEBIAN/UBUNTU SYSTEMS! SO PLEASE WRITE AN ISSUE IF YOU HAVE SOME TROUBLE HERE!!!

1. Clone and install the script (Minimal Requirements)

sudo apt install iproute2 iptables git sniproxy dnsmasq 
# If you wish to use the integrated Web-Server
# apt install php

git clone https://github.com/suuhm/unblock-proxy.sh /opt/unblock-proxy.sh
chmod +x /opt/unblock-proxy.sh/unblock-proxy.sh && ln -s /opt/unblock-proxy.sh/unblock-proxy.sh /usr/bin/

2. Depends on engine you want to use:

- Tor

sudo apt install tor

- Squid

VER=4.13
sudo apt install build-essential openssl libssl-dev pkg-config privoxy

mkdir -p ~/squid4 && cd ~/squid4
wget http://www.squid-cache.org/Versions/v4/squid-$VER.tar.gz
tar -xzvf squid-$VER.tar.gz && cd squid-$VER

echo "Start Compiling:" ; sleep 1
./configure --with-default-user=proxy --with-openssl --enable-ssl-crtd
make && sudo make install

chown proxy:proxy -R /usr/local/squid/
# Initial crt database (For problems use 10M or more)
/usr/local/squid/libexec/security_file_certgen -c -s /usr/local/squid/var/cache/squid/ssl_db -M 4MB

- redsocks

sudo apt install redsocks

Or Compiling...

sudo apt install libevent-dev build-essential
git clone https://github.com/darkk/redsocks ~/redsocks
cd ~/redsocks && make 
sudo ln -s ~/redsocks/redsocks /usr/bin/

- proxychains

sudo apt install proxychains

- windscribe

To install this amazing VPN you need to create an account and follow these instructions here: https://windscribe.com/guides/linux#how-to

sudo wget https://windscribe.com/install/desktop/linux_deb_x64 -O /tmp/ws.deb
sudo apt install --no-install-recommends /tmp/ws.deb

3. Put your wished Proxy in the proxies.lst file.

(Please google for free proxy Server)

4. Put your wished Domain in the domains.lst file.

(There're already a few useful ones inside)

5. Run the unblock-proxy.sh (See examples below) and Have fun!

Options

Usage: unblock-proxy.sh main-mode proxy-engine [options]>   
  
  main-mode:  
	       
	transparent             Activates the transparent routing-gw. 
	dns                     Activates the DNS Smart-Proxy.    
	                    
  proxy engines:  
	
	-t, --tor               Activates the TOR Engine.
	-s, --squid             Activates the Squid Engine.
	-r, --redsocks          Activates the RedSocks Engine.
	-p, --proxychains       Activates the proxychains Engine.
	-w, --windscribe=       Activates the windscribe Engine.
                                (Optional set Country: --windscribe=US or -w US or without arguments!)
	
  options:
	
	-i, --in-if=            Sets the in-interface Device.
	-o, --out-if=           Sets the out-interface Device.
	-S, --ssh-socks         Set own Server as Parent Socks-Proxy over SSH-tunnel. 
                                (Can't be use with tor-Engine!)
	-w, --web-admin         Starts a small Webserver-Backend at Port 8383
                                (Requires php framework >=5.4!)
	-R, --reset             Resets all the IPTABLES and MASQ Entries.
	-C, --proxycheck        Just scans/checks the Proxies in (/opt/unblock-proxy/proxies.lst).
	
	-d, --debug             Show debug-verbose messages into the system log.
	-v, --version           Prints script-version.
	-h, --help              Print this help message.

Examples

Using Transparent Router-Mode with Tor Engine

unblock-proxy.sh transparent --tor

Using Transparent Router-Mode with Redsocks Engine and pull off Debug-infos

unblock-proxy.sh transparent --redsocks --debug

Using Transparent Router-Mode with Redsocks Engine and pull off Debug-infos (Same but: Short Parameters)

unblock-proxy.sh transparent -r -d

Using Smart DNS Mode with squid Engine and pull off Debug-infos. Also start the Web-Backend Server

unblock-proxy.sh dns --squid --debug --web-admin

Using Smart DNS Mode with squid Engine, Using SSH-Socks Proxy and pull off Debug-infos

unblock-proxy.sh dns -s --ssh-socks --debug

Using Smart DNS Mode with windscribe Engine /w Thailand-IP and pull off Debug-infos

unblock-proxy.sh dns --windscribe=TH --debug

Using Smart DNS Mode with proxychains Engine, using specific Network-Card and pull off Debug-infos

unblock-proxy.sh dns --proxychains --in-if=eth2 -o wlan0 -d

Resetting and Check your Proxylist

unblock-proxy.sh -R

unblock-proxy.sh -C

Report Bugs!

This Version is a pure beta version! When you find bugs, please let me know.

Thanks.

-

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation

This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
details.

unblock-proxy.sh's People

Contributors

Stargazers

Watchers

Forkers

fastlyos benjaminreinebrg sud33p dandapan123 tithand burkely-00orso69 kontorol aiemassfiria deltared1a vpnandhosting saeedfazlollahzadeh newchocowolf

unblock-proxy.sh's Issues

Use SOCKS5 proxy with credentials

I'm currently testing this out and it seems to work well. Thanks @suuhm for creating!

I'm looking to use a SOCKS5 proxy (proxychains) with credentials (user/pass), but it doesn't seem to work and then reading proxychains.conf it does say

# TODO: ONLY OPEN PROXY. 
# NO CREDS YET SUPPPORTED IN AUTOMATIC MODE!!

Do you have any pointers - I'm trying to make it work with IP Vanish

Thanks

Error on Squid Install Script

Hello!

I am trying to use your cool Script
But on installation of Squid from the Script it ends with errors

Here are the Last Lines with errors

Can you help me out?

Thanks
Christoph

/bin/bash ./repl_modules.sh lru > repl_modules.cc
make all-recursive
make[2]: Entering directory '/root/squid4/squid-4.13/src'
Making all in mem
make[3]: Entering directory '/root/squid4/squid-4.13/src/mem'
depbase=echo old_api.lo | sed 's|[^/]*$|.deps/&|;s|\.lo$||';
/bin/bash ../../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE="/usr/local/squid/etc/squid.conf" -DDEFAULT_SQUID_DATA_DIR="/usr/local/squid/share" -DDEFAULT_SQUID_CONFIG_DIR="/usr/local/squid/etc" -I../.. -I../../include -I../../lib -I../../src -I../../include -I../../libltdl -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror -pipe -D_REENTRANT -g -O2 -march=native -MT old_api.lo -MD -MP -MF $depbase.Tpo -c -o old_api.lo old_api.cc &&
mv -f $depbase.Tpo $depbase.Plo
libtool: compile: g++ -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE="/usr/local/squid/etc/squid.conf" -DDEFAULT_SQUID_DATA_DIR="/usr/local/squid/share" -DDEFAULT_SQUID_CONFIG_DIR="/usr/local/squid/etc" -I../.. -I../../include -I../../lib -I../../src -I../../include -I../../libltdl -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror -pipe -D_REENTRANT -g -O2 -march=native -MT old_api.lo -MD -MP -MF .deps/old_api.Tpo -c old_api.cc -fPIC -DPIC -o .libs/old_api.o
In file included from ../../src/security/Session.h:14,
from ../../src/security/forward.h:14,
from ../../src/SquidConfig.h:21,
from old_api.cc:24:
../../src/security/forward.h: In function ‘void Security::DH_free_cpp(DH*)’:
../../src/security/LockingPointer.h:34:21: error: ‘void DH_free(DH*)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
34 | function(a);
../../src/security/forward.h:85:1: note: in expansion of macro ‘CtoCpp1’
85 | CtoCpp1(DH_free, DH *);
| ^~~~~~~
In file included from ../../compat/openssl.h:33,
from ../../src/security/Context.h:15,
from ../../src/security/forward.h:13,
from ../../src/SquidConfig.h:21,
from old_api.cc:24:
/usr/include/openssl/dh.h:200:28: note: declared here
200 | OSSL_DEPRECATEDIN_3_0 void DH_free(DH dh);
| ^~~~~~~
In file included from ../../src/SquidConfig.h:21,
from old_api.cc:24:
../../src/security/forward.h: At global scope:
../../src/security/forward.h:86:70: error: ‘int DH_up_ref(DH)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
86 | typedef Security::LockingPointer<DH, DH_free_cpp, HardFun<int, DH , DH_up_ref> > DhePointer;
| ^~~~~~~~~
In file included from ../../compat/openssl.h:33,
from ../../src/security/Context.h:15,
from ../../src/security/forward.h:13,
from ../../src/SquidConfig.h:21,
from old_api.cc:24:
/usr/include/openssl/dh.h:201:27: note: declared here
201 | OSSL_DEPRECATEDIN_3_0 int DH_up_ref(DH dh);
| ^~~~~~~~~
In file included from ../../src/SquidConfig.h:21,
from old_api.cc:24:
../../src/security/forward.h:86:79: error: ‘int DH_up_ref(DH)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
86 | typedef Security::LockingPointer<DH, DH_free_cpp, HardFun<int, DH , DH_up_ref> > DhePointer;
| ^
In file included from ../../compat/openssl.h:33,
from ../../src/security/Context.h:15,
from ../../src/security/forward.h:13,
from ../../src/SquidConfig.h:21,
from old_api.cc:24:
/usr/include/openssl/dh.h:201:27: note: declared here
201 | OSSL_DEPRECATEDIN_3_0 int DH_up_ref(DH dh);
| ^~~~~~~~~
In file included from ../../src/ssl/support.h:21,
from ../../src/SquidConfig.h:24,
from old_api.cc:24:
../../src/ssl/gadgets.h:60:51: error: ‘void RSA_free(RSA)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
60 | typedef std::unique_ptr<RSA, HardFun<void, RSA, &RSA_free>> RSA_Pointer;
| ^~~~~~~~
In file included from /usr/include/openssl/x509.h:36,
from /usr/include/openssl/ssl.h:31,
from ../../compat/openssl.h:42,
from ../../src/security/Context.h:15,
from ../../src/security/forward.h:13,
from ../../src/SquidConfig.h:21,
from old_api.cc:24:
/usr/include/openssl/rsa.h:293:28: note: declared here
293 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA r);
| ^~~~~~~~
In file included from ../../src/ssl/support.h:21,
from ../../src/SquidConfig.h:24,
from old_api.cc:24:
../../src/ssl/gadgets.h:60:51: error: ‘void RSA_free(RSA)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
60 | typedef std::unique_ptr<RSA, HardFun<void, RSA, &RSA_free>> RSA_Pointer;
| ^~~~~~~~
In file included from /usr/include/openssl/x509.h:36,
from /usr/include/openssl/ssl.h:31,
from ../../compat/openssl.h:42,
from ../../src/security/Context.h:15,
from ../../src/security/forward.h:13,
from ../../src/SquidConfig.h:21,
from old_api.cc:24:
/usr/include/openssl/rsa.h:293:28: note: declared here
293 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r);
| ^~~~~~~~
cc1plus: all warnings being treated as errors
make[3]: *** [Makefile:833: old_api.lo] Error 1
make[3]: Leaving directory '/root/squid4/squid-4.13/src/mem'
make[2]: *** [Makefile:7128: all-recursive] Error 1
make[2]: Leaving directory '/root/squid4/squid-4.13/src'
make[1]: *** [Makefile:6138: all] Error 2
make[1]: Leaving directory '/root/squid4/squid-4.13/src'
make: *** [Makefile:586: all-recursive] Error 1

Hanging when setting up Smart DNS

Hi,

Great script and thanks for sharing. I'm setting up on Ubuntu 18.04.6 LTS and testing in Smart DNS mode. The script keeps hanging when performing the "ping domain" to check is up or not. It seems random as if it hangs on a domain and I remove the domain from the domain list, it sometimes hangs on one earlier that previously was okay.

Example output:

[*] Setting up iface IN -> (eth0) and OUT -> (eth0) <==> (202.61.230.XX)

[X] Killing process: tor:
[X] Killing process: squid:
[X] Killing process: privoxy:
[X] Killing process: redsocks:
[X] Killing process: proxychains:
[X] Killing process: sniproxy:
[X] Killing process: dnsmasq:

[*] Re-Setting all IPTable-Entries...

[] Blacklist found at /opt/unblock-proxy.sh/domains.lst
[~ 1] Testing Proxy: XXXXXXXX http [seems to work :)]
[] FOUND! (XXXXXXX)

[*] Setup SMART DNS PROXY
-> Setting up Hostname: myip.is
-> Setting up Hostname: ifconfig.co
-> Setting up Hostname: edgecastcdn.net
ping: cloudfront.net: No address associated with hostname
!! cloudfront.net seems to be down. Not set
-> Setting up Hostname: cloudfront.net
ping: zattoohds-a.akamaihd.net: Name or service not known
!! zattoohds-a.akamaihd.net seems to be down. Not set
-> Setting up Hostname: zattoohds-a.akamaihd.net
ping: zathdslive-a.akamaihd.net: Name or service not known
!! zathdslive-a.akamaihd.net seems to be down. Not set
-> Setting up Hostname: zathdslive-a.akamaihd.net
-> Setting up Hostname: zahs.tv
ping: zatsslive-a.akamaihd.net: Name or service not known
!! zatsslive-a.akamaihd.net seems to be down. Not set
-> Setting up Hostname: zatsslive-a.akamaihd.net
-> Setting up Hostname: chromecast-receiver.zattoo.com

Its hanging at this point.

Any ideas what I am doing wrong or anything to trry?

thanks in advance :)

unblock-proxy.sh with wireguard

Hi,

I wonder if I can get this work with wireguard. I want to setup this on an Ubuntu VPS. When clients connect to this VPS via wireguard, they can use smartdns

Thank you

Restricting Access

Hello, is there any mechanism available to permit IP addressess that are allowed to use the Smart DNS, for example if I wanted to share with friends, but restrict it to their global IP addresses? Thanks

Network_error: No Proxycheckgateway found

Tried to set it up in ubuntu and in debian but always get the error Network_error: No Proxycheckgateway found

started with: sudo unblock-proxy.sh dns --redsocks -d

Separate domains/proxies per country

Would it be possible to have domains sent out different proxies depending on country.

For example, UK and US - I would like to have all domains under #UK Domains go out of any of the proxies set under #UK Proxies and likewise with US.

Usecase being: Netflix via US, BBC via UK

I'm willing to get my hands a little dirty, but I'm not the most skilled in deciphering code.