lanproxy
该工具基于java环境, 并且需要在服务端和客户端各安装一套,
服务端部署lanproxy-server,客户端部署 lanproxy-client
服务端和客户端可以是windows 也可以是linux , jdk版本建议是1.7和1.8的
服务器端以 centos7为例
1. 部署Java环境
rpm -e –nodeps `rpm -qa | grep java`
yum install -y java-1.8.0-openjdk-devel.x86_64
java环境变量如下
JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.141-1.b16.el7_3.x86_64
JRE_HOME=$JAVA_HOME/jre
CLASS_PATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
export JAVA_HOME JRE_HOME CLASS_PATH PATH
将其追加到/etc/profile
source /etc/profile
2. 部署lanproxy-server
解压 lanproxy-server-20171116.zip
进入目录 lanproxy-server-20171116
vim conf/config.properties
server.bind=0.0.0.0
server.port=4900
server.ssl.enable=true
server.ssl.bind=0.0.0.0
server.ssl.port=4993
server.ssl.jksPath=test.jks
server.ssl.keyStorePassword=123456
server.ssl.keyManagerPassword=123456
server.ssl.needsClientAuth=false
config.server.bind=0.0.0.0
config.server.port=8090
config.admin.username=xxxxx
config.admin.password=xxxxx
根据自身喜好修改最后两行的用户和密码,
访问配置界面时要用.其他一般不需要动,保存即可.
启动lanproxy-server
proxy-server-20171116/bin/starup.sh
[root@vm_666 conf]# ps -ef | grep lanproxy
root 11195 1 0 Mar21 pts/1 00:00:12 java -Dapp.home=/media/software/lanproxy-server/proxy-server-20171116 -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -classpath /media/software/lanproxy-server/proxy-server-20171116/conf:/media/software/lanproxy-server/proxy-server-20171116/lib/gson-2.7.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/hamcrest-core-1.3.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/junit-4.12.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/log4j-1.2.17.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/netty-all-4.0.36.Final.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/proxy-common-0.1.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/proxy-protocol-0.1.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/proxy-server-0.1.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/slf4j-api-1.7.5.jar:/media/software/lanproxy-server/proxy-server-20171116/lib/slf4j-log4j12-1.7.5.jar org.fengfei.lanproxy.server.ProxyServerContainer
[root@vm_666 conf]# netstat -tnlp | grep java
tcp 0 0 0.0.0.0:8090 0.0.0.0:* LISTEN 11195/java
tcp 0 0 0.0.0.0:4993 0.0.0.0:* LISTEN 11195/java
tcp 0 0 0.0.0.0:4900 0.0.0.0:* LISTEN 11195/java
可见开放的端口有8090 , 4993 , 4990 , 其中8090是管理界面的端口,4990是ssl加密使用的端口,
4900是非加密通信使用的端口
为lanproxy添加客户端.
http://ip:8090 ,输入设置好的用户名和密码后,进入配置界面
下图中,新加客户端生成的随机密钥一定要妥善保存, 对应客户端需要填写这个随机密钥.
为客户端配置端口,在配置管理中,找到对应客户端, 在操作选项中点击编辑
代理名称 随意填写, 建议取有意义的名字; 公网端口即对公网服务器对外公开的端口,
后端IP端口是内网服务器开放的.
下图表示, 把内网一台服务器80端口,映射到公网IP的880端口.
这时返回终端,可以看到,880端口已经监听了
[root@vm_666 script]# netstat -tnlp | grep java
tcp 0 0 0.0.0.0:880 0.0.0.0:* LISTEN 11195/java
tcp 0 0 0.0.0.0:8090 0.0.0.0:* LISTEN 11195/java
tcp 0 0 0.0.0.0:4993 0.0.0.0:* LISTEN 11195/java
tcp 0 0 0.0.0.0:4900 0.0.0.0:* LISTEN 11195/java
3. 部署lanproxy-client
仍然以linux为例, 自行部署java环境,建议为1.7或1.8的.
解压 lanproxy-java-client-20171116.zip
进入目录 lanproxy-java-client-20171116
vim conf/config.properties
lient.key=
ssl.enable=false
ssl.jksPath=test.jks
ssl.keyStorePassword=123456
server.host=x.x.x.x
#default ssl port is 4993
server.port=4900
其中
lient.key的值为刚才lanproxy-server生成的随机密钥.
server.host的值为公网服务器的ip
server.port的值为4900, 非加密端口.
配置完成后保存退出.
启动lanproxy-client
[root@localhost lanproxy-java-client-20171116]# bin/startup.sh
[root@localhost ~]# ps -ef | grep lanproxy-client
root 26785 1 0 Mar21 ? 00:00:26 java -Dapp.home=/usr/local/lanproxy-client/lanproxy-java-client-20171116 -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -classpath /usr/local/lanproxy-client/lanproxy-java-client-20171116/conf:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/gson-2.7.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/hamcrest-core-1.3.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/junit-4.12.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/log4j-1.2.17.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/netty-all-4.0.36.Final.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/proxy-client-0.1.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/proxy-common-0.1.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/proxy-protocol-0.1.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/slf4j-api-1.7.5.jar:/usr/local/lanproxy-client/lanproxy-java-client-20171116/lib/slf4j-log4j12-1.7.5.jar org.fengfei.lanproxy.client.ProxyClientContaine
安装nginx做80端口测试
本地打开页面
公网地址打开页面,公网地址的端口是880
可见lsnproxy配置达到了预期效果.
若不喜欢管理界面带8090端口的情况,可在前端加nginx,用80端口代理8090
若不喜欢多个web页面有特殊端口的情况,可以在前端nginx中配置多个vhost,并绑定域名