ubuntu20.04使用privoxy进行http代理转http代理,并定制http代理头(hide-user-agent的使用方法)_ubuntu privoxy

#sudo apt-get update;
 
sudo apt install -y privoxy
#sudo apt remove privoxy
 
privoxy   --version;

root@fv-az1239-825:/tmp# privoxy   --version
Privoxy version 3.0.28 (https://www.privoxy.org/)
root@fv-az1239-825:/tmp# 

安装完毕后,先停止服务,修改配置文件,再启动服务.
 

service  --status-all ;
 
service   privoxy status ;
 
service   privoxy stop ;

cd /etc/privoxy/;
rm user.filter;
touch user.filter;
 
 
cat << EOF >./user.action
{+hide-user-agent{bai-du}}
/
 
#{+header{Host2: Firefox22}}
 
{+crunch-client-header{Host:} }
/
 
{+add-header{Host: xxyyzz.bai-du.com}}
/
 
{+block{block ip and domain which point to server itself}}
127.0.0.1
45.32.57.113
.example.com
EOF
 
cat << EOF >./config
user-manual /usr/share/doc/privoxy/user-manual/
confdir /etc/privoxy
logdir /var/log/privoxy
actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.
actionsfile default.action   # Main actions file
actionsfile user.action      # User customizations
filterfile default.filter
filterfile user.filter      # User customizations
logfile privoxy.log
debug     1 # Log the destination for each request. See also debug 1024.
debug     2 # show each connection status
debug     4 # show tagging-related messages
debug     8 # show header parsing
debug   128 # debug redirects
debug   256 # debug GIF de-animation
debug   512 # Common Log Format
debug  1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
debug  4096 # Startup banner and warnings
debug  8192 # Non-fatal errors
debug 65536 # Log applying actions
listen-address  0.0.0.0:8118
toggle  1
enable-remote-toggle  0
enable-remote-http-toggle  0
enable-edit-actions 0
enforce-blocks 1
buffer-limit 4096
enable-proxy-authentication-forwarding 0
forwarded-connect-retries  0
accept-intercepted-requests 1
allow-cgi-request-crunching 0
split-large-forms 0
keep-alive-timeout 5
tolerate-pipelining 1
socket-timeout 300
forward /  127.0.0.1:30080
EOF

注意最后一行:  forward /  127.0.0.1:30080   是上游的http代理

启动privoxy:

service   privoxy start;
 
service   privoxy status ;

实现的目的是:

本机tcp8118端口作为http代理服务器,用户的http代理请求,发送给tcp8118端口 privoxy修改http头部后,再发给127.0.0.1:30080这个代理服务器.

主要用来绕过有些代理服务器对user-agent或host有校验的情况下.

使用curl测试:

root@fv-az1239-825:/tmp# curl --version
curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3
Release-Date: 2020-01-08
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets
root@fv-az1239-825:/tmp# 

curl -v -p -x http://127.0.0.1:8118  http://cip.cc/

root@fv-az1239-825:/etc/privoxy# curl -v -p -x http://127.0.0.1:8118  http://cip.cc/
*   Trying 127.0.0.1:8118...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8118 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to cip.cc:80
> CONNECT cip.cc:80 HTTP/1.1
> Host: cip.cc:80
> User-Agent: curl/7.68.0
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.0 200 Connection Established
< Proxy-agent: Apache/2.4.41 (Ubuntu)
< 
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* CONNECT phase completed!
* CONNECT phase completed!
> GET / HTTP/1.1
> Host: cip.cc
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: openresty
< Date: Thu, 31 Aug 2023 09:29:20 GMT
< Content-Type: text/html; charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Vary: Accept-Encoding
< X-cip-c: M
< 
IP      : 223.155.x.x
地址    : 中国  湖南  xx  
运营商  : 电信
 
数据二  : 湖南省xx市 | 电信
 
数据三  : 中国湖南省xx市 | 电信
 
URL     : http://www.cip.cc/223.155.x.x
* Connection #0 to host 127.0.0.1 left intact
root@fv-az1239-825:/etc/privoxy# 

tcpdump 抓包的命令是:

tcpdump -i  any -s0 -w /tmp/bb.pcap  tcp port 30080

root@fv-az1239-825:/tmp# strings  bb.pcap 
CONNECT cip.cc:80 HTTP/1.1
User-Agent: bai-du
Host: xxyyzz.bai-du.com
HTTP/1.0 200 Connection Established
Proxy-agent: Apache/2.4.41 (Ubuntu)
GET / HTTP/1.1
Host: cip.cc
User-Agent: curl/7.68.0
Accept: */*
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 31 Aug 2023 09:29:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-cip-c: M
IP	: 223.155.x.x
	:  
 |  
URL	: http://www.cip.cc/223.155.x.x
root@fv-az1239-825:/tmp# 

试验成功.