glider笔记

https://github.com/nadoo/glider

快速开始

配置文件启动

glider -config test.conf

常用配置文件(glider->config->examples

image-20230920220459662

上图中每个文件夹中都有一个模板,每个文件夹对应文件详解:

1、启动最简单的代理服务

# 详细模式,打印日志
verbose=True

# 监听端口,格式  [账号]:[密码]@:[端口]
listen=admin:passwd@:8443

2、配置一个代理

verbose=True

listen=:8443

#代理配置
#forward=socks5://192.168.1.10:1080
forward=ss://aes-128-ctr:mozhou@211.99.114.109:2335?protocol=origin

3、配置代理转发链

verbose=True

listen=:8443

# 首先连接forwarder1,然后连接forwarder2,然后连接互联网
forward=http://forwarder1:8080,socks5://forwarder2:1080

4、使用代理转发规则

verbose=True

listen=:8443

# 把代理都按照这个格式写在这里,支持代理链
forward=http://forwarder1:8080,socks5://forwarder2:1080
forward=http://1.1.1.1:8080

#循环模式: rr
#高可用性模式: ha
#基于延迟的高可用性: lha
#目的地哈希: dh
strategy=rr

# 代理健康检查
check=http://www.msftconnecttest.com/connecttest.txt#expect=200

# 转发器将在计算多少故障 (拨号和中继) 时设置为禁用。
maxfailures=3

# 检查间隔 (秒)
checkinterval=30

安装

  • Binary: https://github.com/nadoo/glider/releases
  • Docker: docker pull nadoo/glider
  • ArchLinux: sudo pacman -S glider
  • Homebrew: brew install glider
  • MacPorts: sudo port install glider
  • Source: go install github.com/nadoo/glider@latest

模板

https://github.com/nadoo/glider/blob/master/config/glider.conf.example

##########################################
#    __    _     _   ___   ____  ___  
#   / /`_ | |   | | | | \ | |_  | |_) 
#   \_\_/ |_|__ |_| |_|_/ |_|__ |_| \ 
#
# Glider is a forward proxy with multiple protocols support, and also a dns forwarding server with ipset management features(like dnsmasq).
#
# We can set up local listeners as proxy, and forward requests to internet via forwarders.
#
#                |Forwarder ----------------->|         
#   Listener --> |                            | Internet
#                |Forwarder --> Forwarder->...| 
# 
# -----------------------------------------------------------
#
# This is a sample configuration file for glider.
# 
# Format is one option per line, legal options are the same
# as the options legal on the command line. See "glider -help" for details.
#
# Comment line starts with "#", values set in the format: 
# KEY=VALUE
#
# -----------------------------------------------------------

# Verbose mode, print logs
verbose=True

# LISTENERS
# ---------
# Local listeners, we can set up multiple listeners on different port with
# different protocols.

# listen on 8443, serve as http/socks5 proxy on the same port.
listen=:8443

# listen on 8448 as a ss server.
# listen=ss://AEAD_CHACHA20_POLY1305:pass@:8448

# listen on 8080 as a http proxy server.
listen=http://:8080

# listen on 1080 as a socks5 proxy server.
listen=socks5://:1080

# listen on 1234 as vless proxy server.
# listen=vless://uuid@:1234
# listen on 1234 as vless proxy server, fallback to 127.0.0.1:8080 http server when client auth failed.
# listen=vless://uuid@:1234?fallback=127.0.0.1:8080

# listen on 1081 as a linux transparent proxy server.
# listen=redir://:1081

# listen on 1082 as a linux transparent proxy server(tproxy).
# listen=tproxy://:1082

# http over tls (HTTPS proxy)
# listen=tls://:443?cert=crtFilePath&key=keyFilePath,http://

# ss over tls
# listen=tls://:443?cert=crtFilePath&key=keyFilePath,ss://AEAD_CHACHA20_POLY1305:pass@

# socks5 over unix domain socket
# listen=unix:///dev/shm/socket,socks5://

# socks5 over vm socket
# listen=vsock://:1234,socks5://

# socks5 over kcp
# listen=kcp://aes:key@127.0.0.1:8444?dataShards=10&parityShards=3&mode=fast,socks5://

# vless server
# listen=vless://UUID@:1234

# vless over tls server
# listen=tls://:1234?cert=/path/to/cert&key=/path/to/key,vless://UUID@?fallback=127.0.0.1:80

# vless over ws
# listen=ws://:1234/path?host=domain.com,vless://707f20ea-d4b8-4d1d-8e2e-2c86cb2ed97a@?fallback=127.0.0.1:80

# trojan server
# listen=trojan://PASSWORD:1234?cert=/path/to/cert&key=/path/to/key&fallback=127.0.0.1

# trojanc server (trojan without tls)
# listen=trojanc://PASSWORD:1234?fallback=127.0.0.1

# FORWARDERS
# ----------
# Forwarders, we can setup multiple forwarders.
# forward=SCHEME#OPTIONS

# FORWARDER OPTIONS
# priority: set the priority of that forwarder, default:0
# interface: set local interface or ip address used to connect remote server

# Socks5 proxy as forwarder
# forward=socks5://192.168.1.10:1080

# Socks5 proxy as forwarder with priority 100
# forward=socks5://192.168.1.10:1080#priority=100

# Socks5 proxy as forwarder with priority 100 and use `eth0` as source interface
# forward=socks5://192.168.1.10:1080#priority=100&interface=eth0

# Socks5 proxy as forwarder with priority 100 and use `192.168.1.100` as source ip
# forward=socks5://192.168.1.10:1080#priority=100&interface=192.168.1.100

# SS proxy as forwarder
# forward=ss://method:pass@1.1.1.1:8443

# SSR proxy as forwarder
# forward=ssr://method:pass@1.1.1.1:8443?protocol=auth_aes128_md5&protocol_param=xxx&obfs=tls1.2_ticket_auth&obfs_param=yyy

# ssh forwarder
# forward=ssh://user[:pass]@host:port[?key=keypath&timeout=SECONDS]
# forward=ssh://root:pass@host:port
# forward=ssh://root@host:port?key=/path/to/keyfile
# forward=ssh://root@host:port?key=/path/to/keyfile&timeout=5

# http proxy as forwarder
# forward=http://1.1.1.1:8080

# trojan as forwarder
# forward=trojan://PASSWORD@1.1.1.1:8080[?serverName=SERVERNAME][&skipVerify=true]

# trojanc as forwarder
# forward=trojanc://PASSWORD@1.1.1.1:8080

# vless forwarder
# forward=vless://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443

# vmess with aead auth
# forward=vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443

# vmess with md5 auth (by setting alterID)
# forward=vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98@1.1.1.1:443?alterID=2

# vmess over tls
# forward=tls://server.com:443,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98

# vmess over websocket
# forward=ws://1.1.1.1:80/path?host=server.com,vmess://chacha20-poly1305:5a146038-0b56-4e95-b1dc-5c6f5a32cd98

# vmess over ws over tls
# forward=tls://server.com:443,ws://,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98
# forward=tls://server.com:443,ws://@/path,vmess://5a146038-0b56-4e95-b1dc-5c6f5a32cd98

# ss over tls
# forward=tls://server.com:443,ss://AEAD_CHACHA20_POLY1305:pass@

# ss over kcp
# forward=kcp://aes:key@127.0.0.1:8444?dataShards=10&parityShards=3&mode=fast,ss://AEAD_CHACHA20_POLY1305:pass@

# ss with simple-obfs
# forward=simple-obfs://1.1.1.1:443?type=tls&host=apple.com,ss://AEAD_CHACHA20_POLY1305:pass@

# socks5 over unix domain socket
# forward=unix:///dev/shm/socket,socks5://

# FORWARDER CHAIN
# ---------------
# We can setup a forward chain using 1 forward option, 
# use comma to separate different upstream forward proxies.
#forward=http://1.1.1.1:8080,socks5://2.2.2.2:1080


# FORWARDE STRATEGY
# -----------------
# If we set up multiple forwarders, we can use them in our own strategy.

# Round Robin mode: rr
# High Availability mode: ha
# Latency based High Availability mode: lha
# Destination Hashing mode: dh
strategy=rr

# FORWARDER SETTINGS
# ------------------
# We can set some parameters for forwarders.

# forwarder will be set to disabled on how many failures counted(both dial and relay).
maxfailures=3

# timeout for create a connection(seconds)
# dialtimeout=3

# timeout for relay data from proxy server and client(seconds)
# DO NOT change it if you don't know what will happen. 
# relaytimeout=0


# FORWARDERS CHECK
# ----------------
# We can check whether a forwarder is available.

# Forwarder health check:
# check=tcp[://HOST:PORT]: tcp port connect check
# check=http://HOST[:PORT][/URI][#expect=REGEX_MATCH_IN_RESP_LINE]
# check=https://HOST[:PORT][/URI][#expect=REGEX_MATCH_IN_RESP_LINE]
# e.g. check=https://www.netflix.com/title/81215567#expect=301|404
# check=file://SCRIPT_PATH: run a check script, healthy when exitcode=0, environment variables: FORWARDER_ADDR,FORWARDER_URL
# check=disable: disable health check
check=http://www.msftconnecttest.com/connecttest.txt#expect=200

# check interval(seconds)
checkinterval=30

# timeout to set a forwarder to be disabled(seconds)
checktimeout=10

# switch forwarder only when new_latency < old_latency - tolerance, used in lha mode
checktolerance=100

# use the average latency of the latest N checks
checklatencysamples=10

# check disabled fowarders only
checkdisabledonly=false

# DNS FORWARDING SERVER
# ----------------
# we can specify different upstream dns server in rule file for different destinations.

# Setup a dns forwarding server
dns=:53

# global remote dns server (you can specify different dns server in rule file)
dnsserver=8.8.8.8:53
dnsserver=1.1.1.1:53

# By default, when glider received udp dns request and there's no forwarder specified, 
# it will use udp to query upstream dns servers, otherwise, use tcp;
# you can set dnsalwaystcp=true to always use tcp no matter there is a forwarder or not.
# dnsalwaystcp=false

# timeout value used in multiple dnsservers switch(seconds)
dnstimeout=3

# maximum TTL value for entries in the CACHE(seconds)
dnsmaxttl=1800

# minimum TTL value for entries in the CACHE(seconds)
dnsminttl=0

# size of CACHE
dnscachesize=4096

# show query log of dns cache
dnscachelog=True

# disable AAAA queries
# dnsnoaaaa=True

# custom records
dnsrecord=www.example.com/1.2.3.4
dnsrecord=www.example.com/2606:2800:220:1:248:1893:25c8:1946

# SERVICES
# service=dhcpd,INTERFACE,START_IP,END_IP,LEASE_MINUTES[,MAC=IP,MAC=IP...]
# service=dhcpd-failover,INTERFACE,START_IP,END_IP,LEASE_MINUTES[,MAC=IP,MAC=IP...]
# e.g.:
# service=dhcpd,eth1,192.168.1.100,192.168.1.199,720
# service=dhcpd,eth2,192.168.2.100,192.168.2.199,720,fc:23:34:9e:25:01=192.168.2.101,fc:23:34:9e:25:02=192.168.2.102

# INTERFACE SPECIFIC
# ------------------
# Specify global outbound ip/interface.
# 
# interface=""
# interface="192.168.1.100"
# interface="eth0"
# 
# Specify interface for a forwarder:
# forward=socks5://192.168.1.10:1080#priority=100&interface=eth0
# forward=socks5://192.168.1.10:1080#priority=100&interface=192.168.1.100

# RULE FILES
# ----------
# Specify additional forward rules.
#
# specify rules folder, so all *.rule files under this folder will be parsed as rule file
rules-dir=rules.d
# 
# specify a rule file
#rulefile=office.rule
#rulefile=home.rule

# INCLUDE CONFIG FILES
# ----------
#include=dnsrecord.inc.conf
#include=more.conf

# ENVIRONMENT VARIABLES
# ----------
# use {$ENV_VAR_NAME} in VALUE to get the Environment Variable value.
# forward=socks5://{$USER_NAME}:{$USER_PASS}@:1080
posted @   DumpInfou  阅读(675)  评论(0编辑  收藏  举报
相关博文:
· gogo笔记
· ffuf笔记
· SpringCloud之Nacos配置管理、Feign、Gateway服务网关
· Privoxy 工具
· 精通-NodeJS-全-
阅读排行:
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?
点击右上角即可分享
微信分享提示
AI FOR CODE 大赛