macOS终端设置网络代理

 ██████╗ ███████╗██████╗ ██╗   ██╗███████╗
██╔═══██╗██╔════╝██╔══██╗╚██╗ ██╔╝██╔════╝
██║   ██║███████╗██████╔╝ ╚████╔╝ █████╗  
██║▄▄ ██║╚════██║██╔══██╗  ╚██╔╝  ██╔══╝  
╚██████╔╝███████║██████╔╝   ██║   ███████╗
 ╚══▀▀═╝ ╚══════╝╚═════╝    ╚═╝   ╚══════╝
                                          

保命声明：笔者代码能力有限，若行文中有错漏之处欢迎大家指出。

这篇文章最后更新于 xx年xx月xx日，其中的信息可能已经过时，阅读时请注意甄别。

直接设置代理(成功)

#开启
export ALL_PROXY="127.0.0.1:19180"
export http_proxy="http://127.0.0.1:19180"
export https_proxy="http://127.0.0.1:19180"
git config --local http.proxy 127.0.0.1:19180
git config --local https.proxy 127.0.0.1:19180
#关闭
export http_proxy=""
export https_proxy=""
export ALL_PROXY=""
echo $ALL_PROXY

测试:

curl -o /dev/null -s -w "nslookup_time :%{time_namelookup}\n  time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "https://www.google.com/" 

效果:

通过PAC(ProxyAutoconfig)文件自动设置代理(失败)

PAC文件简介

[https://baike.sogou.com/v67804432.htm?fromTitle=PAC（纯文字文件）]
PAC(ProxyAutoConfig)是一个Script；经由这个Script，我们可以让系统判断在怎么样的情形下，要利用哪一台Proxy来进行联机。
这样做主要的好处有：

1. 分散 Proxy 的流量，避免 Proxy Server 负载过高
2. 对个别条件设定、加快浏览速度
3. 设定要求顺序，在某台 Proxy 无法联机时，可自动尝试别种联机方式

基本上 Proxy Auto Config File（以下简称 PAC）是纯文本文件，其语法为JavaScript.

获取PAC文件

V**P**N客户端连接后，打开网络代理设置:

终端中获取文件:

wget http://localhost:60987/N9QHAdwy7F5I6D75D6SMNuQVjFIvKOCS/fei.pac
cat fei.pac

PAC文件内部：

function FindProxyForURL(url, host) {
			if (isPlainHostName(host) // including localhost
			|| shExpMatch(host, "*.local")) {
				return "DIRECT";
			}
			// only checks plain IP addresses to avoid leaking domain name
			if (/^[0-9.]+$/.test(host)) {
				if (isInNet(host, "10.0.0.0", "255.0.0.0") ||
				isInNet(host, "172.16.0.0",  "255.240.0.0") ||
				isInNet(host, "192.168.0.0",  "255.255.0.0") ||
				isInNet(host, "127.0.0.0", "255.255.255.0")) {
					return "DIRECT";
				}
			}
			return "PROXY 127.0.0.1:19180";
		}%                                         

自动配置代理插件(失败)

[https://github.com/SukkaW/zsh-osx-autoproxy]
[https://blog.skk.moe/post/macos-auto-read-proxy-settings-zsh/]
启用插件后即可自动获取 HTTP 代理、HTTPS 代理、FTP 代理的设置，并在当前 shell 环境中添加相应环境变量（HTTP_PROXY、HTTPS_PROXY、ALL_PROXY、FTP_PROXY）。oh-my-zsh 用户可以通过下述命令完成安装：

#安装oh-my-zsh
sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
#git clone https://github.com/sukkaw/zsh-osx-autoproxy ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-osx-autoproxy
#国内高速git clone
git clone https://gitclone.com/github.com/sukkaw/zsh-osx-autoproxy ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-osx-autoproxy
echo "plugins+=(zsh-osx-autoproxy)" | tee -a .zshrc
source ~/.zshrc
echo $HTTP_PROXY

手动在终端中载入PAC文件(失败)

[https://www.zhihu.com/question/19947389]

#环境:macOS 11.5.2
#网线
sudo networksetup -setautoproxyurl Ethernet http://localhost:60987/N9QHAdwy7F5I6D75D6SMNuQVjFIvKOCS/fei.pac
#WIFI
sudo networksetup -setautoproxyurl WIFI http://localhost:60987/N9QHAdwy7F5I6D75D6SMNuQVjFIvKOCS/fei.pac

帮助:

# 列举所有网络设备
networksetup -listallnetworkservices 
# 获取完整网络配置信息
system_profiler SPNetworkDataType 
# 获取特定网络设备的系统代理配置
networksetup -getwebproxy Wi-Fi 
# 获取当前已启用的代理配置，是对 system_profiler 的封装
scutil --proxy 
-------------------------------
networksetup Help Information
-------------------------------
Usage: networksetup -listnetworkserviceorder
	Display services with corresponding port and device in order they are tried for connecting
	to a network. An asterisk (*) denotes that a service is disabled.

Usage: networksetup -listallnetworkservices
	Display list of services. An asterisk (*) denotes that a network service is disabled.

Usage: networksetup -listallhardwareports
	Display list of hardware ports with corresponding device name and ethernet address.

Usage: networksetup -detectnewhardware
	Detect new network hardware and create a default network service on the hardware.

Usage: networksetup -getmacaddress <hardwareport or device name>
	Display ethernet (or Wi-Fi) address for hardwareport or device specified.

Usage: networksetup -getcomputername
	Display the computer name.

Usage: networksetup -setcomputername <name>
	Set the computer's name (if valid) to <name>.

Usage: networksetup -getinfo <networkservice>
	Display IPv4 address, IPv6 address, subnet mask,
	router address, ethernet address for <networkservice>.

Usage: networksetup -setmanual <networkservice> <ip> <subnet> <router>
	Set the <networkservice> TCP/IP configuration to manual with IP address set to ip,
	Subnet Mask set to subnet, and Router address set to router.

Usage: networksetup -setdhcp <networkservice> [clientid]
	Set the <networkservice> TCP/IP configuration to DHCP. You can set the
 	DHCP client id to the optional [clientid]. Specify "Empty" for [clientid]
	to clear the DHCP client id.

Usage: networksetup -setbootp <networkservice>
	Set the <networkservice> TCP/IP configuration to BOOTP.

Usage: networksetup -setmanualwithdhcprouter <networkservice> <ip> 
	Set the <networkservice> TCP/IP configuration to manual with DHCP router with IP address set
	to ip.

Usage: networksetup -getadditionalroutes <networkservice>
	Get additional IPv4 routes associated with <networkservice>
Usage: networksetup -setadditionalroutes <networkservice> [ <dest> <mask> <gateway> ]*
	Set additional IPv4 routes associated with <networkservice>
	by specifying one or more [ <dest> <mask> <gateway> ] tuples.
	Remove additional routes by specifying no arguments.
	If <gateway> is "", the route is direct to the interface
Usage: networksetup -setv4off <networkservice> 
	Turn IPv4 off on <networkservice>. 

Usage: networksetup -setv6off <networkservice> 
	Turn IPv6 off on <networkservice>. 

Usage: networksetup -setv6automatic <networkservice> 
	Set the service to get its IPv6 info automatically. 

Usage: networksetup -setv6LinkLocal <networkservice> 
	Set the service to use its IPv6 only for link local. 

Usage: networksetup -setv6manual <networkservice> <address> <prefixlength> <router>
	Set the service to get its IPv6 info manually.
	Specify <address> <prefixLength> and <router>.

Usage: networksetup -getv6additionalroutes <networkservice>
	Get additional IPv6 routes associated with <networkservice>
Usage: networksetup -setv6additionalroutes <networkservice> [ <dest> <prefixlength> <gateway> ]*
	Set additional IPv6 routes associated with <networkservice>
	by specifying one or more [ <dest> <prefixlength> <gateway> ] tuples.
	Remove additional routes by specifying no arguments.
	If <gateway> is "", the route is direct to the interface
Usage: networksetup -getdnsservers <networkservice>
	Display DNS info for <networkservice>.

Usage: networksetup -setdnsservers <networkservice> <dns1> [dns2] [...] 
	Set the <networkservice> DNS servers to <dns1> [dns2] [...]. Any number of dns servers can be
	specified. Specify "Empty" for <dns1> to clear all DNS entries.

Usage: networksetup -getsearchdomains <networkservice>
	Display Domain Name info for <networkservice>.

Usage: networksetup -setsearchdomains <networkservice> <domain1> [domain2] [...] 
	Set the <networkservice> Domain Name servers to <domain1> [domain2] [...]. Any number of Domain Name
 	servers can be specified. Specify "Empty" for <domain1> to clear all Domain Name entries.

Usage: networksetup -create6to4service <newnetworkservicename> 
	Create a 6 to 4 service with name <newnetworkservicename>.

Usage: networksetup -set6to4automatic <networkservice> 
	Set the service to get its 6 to 4 info automatically. 

Usage: networksetup -set6to4manual <networkservice> <relayaddress>
	Set the service to get its 6 to 4 info manually. 
	Specify <relayaddress> for the relay address.

Usage: networksetup -getftpproxy <networkservice>
	Display FTP proxy (server, port, enabled value) info for <networkservice>.

Usage: networksetup -setftpproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
	Set FTP proxy for <networkservice> with <domain> and <port number>. Turns proxy on. Optionally, specify <on> or <off> for <authenticated> to enable and disable authenticated proxy support. Specify <username> and <password> if you turn authenticated proxy support on.

Usage: networksetup -setftpproxystate <networkservice> <on off>
	Set FTP proxy to  either <on> or <off>.

Usage: networksetup -getwebproxy <networkservice>
	Display Web proxy (server, port, enabled value) info for <networkservice>.

Usage: networksetup -setwebproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
	Set Web proxy for <networkservice> with <domain> and <port number>. Turns proxy on. Optionally, specify <on> or <off> for <authenticated> to enable and disable authenticated proxy support. Specify <username> and <password> if you turn authenticated proxy support on.

Usage: networksetup -setwebproxystate <networkservice> <on off>
	Set Web proxy to  either <on> or <off>.

Usage: networksetup -getsecurewebproxy <networkservice>
	Display Secure Web proxy (server, port, enabled value) info for <networkservice>.

Usage: networksetup -setsecurewebproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
	Set Secure Web proxy for <networkservice> with <domain> and <port number>. Turns proxy on. Optionally, specify <on> or <off> for <authenticated> to enable and disable authenticated proxy support. Specify <username> and <password> if you turn authenticated proxy support on.

Usage: networksetup -setsecurewebproxystate <networkservice> <on off>
	Set SecureWeb proxy to  either <on> or <off>.

Usage: networksetup -getstreamingproxy <networkservice>
	Display Streaming proxy (server, port, enabled value) info for <networkservice>.

Usage: networksetup -setstreamingproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
	Set Streaming proxy for <networkservice> with <domain> and <port number>. Turns proxy on. Optionally, specify <on> or <off> for <authenticated> to enable and disable authenticated proxy support. Specify <username> and <password> if you turn authenticated proxy support on.

Usage: networksetup -setstreamingproxystate <networkservice> <on off>
	Set Streaming proxy to  either <on> or <off>.

Usage: networksetup -getgopherproxy <networkservice>
	Display Gopher proxy (server, port, enabled value) info for <networkservice>.

Usage: networksetup -setgopherproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
	Set Gopher proxy for <networkservice> with <domain> and <port number>. Turns proxy on. Optionally, specify <on> or <off> for <authenticated> to enable and disable authenticated proxy support. Specify <username> and <password> if you turn authenticated proxy support on.

Usage: networksetup -setgopherproxystate <networkservice> <on off>
	Set Gopher proxy to  either <on> or <off>.

Usage: networksetup -getsocksfirewallproxy <networkservice>
	Display SOCKS Firewall proxy (server, port, enabled value) info for <networkservice>.

Usage: networksetup -setsocksfirewallproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
	Set SOCKS Firewall proxy for <networkservice> with <domain> and <port number>. Turns proxy on. Optionally, specify <on> or <off> for <authenticated> to enable and disable authenticated proxy support. Specify <username> and <password> if you turn authenticated proxy support on.

Usage: networksetup -setsocksfirewallproxystate <networkservice> <on off>
	Set SOCKS Firewall proxy to  either <on> or <off>.

Usage: networksetup -getproxybypassdomains <networkservice>
	Display Bypass Domain Names for <networkservice>.

Usage: networksetup -setproxybypassdomains <networkservice> <domain1> [domain2] [...]
	Set the Bypass Domain Name Servers for <networkservice> to <domain1> [domain2] [...]. Any number of
	Domain Name servers can be specified. Specify "Empty" for <domain1> to clear all
	Domain Name entries.

Usage: networksetup -getproxyautodiscovery <networkservice>
	Display whether Proxy Auto Discover is on or off for <network service>.

Usage: networksetup -setproxyautodiscovery <networkservice> <on off>
	Set Proxy Auto Discovery to either <on> or <off>.

Usage: networksetup -getpassiveftp <networkservice>
	Display whether Passive FTP is on or off for <networkservice>.

Usage: networksetup -setpassiveftp <networkservice> <on off>
	Set Passive FTP to either <on> or <off>.

Usage: networksetup -setautoproxyurl <networkservice> <url>
	Set proxy auto-config to url for <networkservice> and enable it.

Usage: networksetup -getautoproxyurl <networkservice>
	Display proxy auto-config (url, enabled) info for <networkservice>.

Usage: networksetup -setautoproxystate <networkservice> <on off>
	Set proxy auto-config to either <on> or <off>.

Usage: networksetup -getairportnetwork <device name>
	Display current Wi-Fi Network for <device name>.

Usage: networksetup -setairportnetwork <device name> <network> [password]
	Set Wi-Fi Network to <network> for <device name>.
	If a password is included, it gets stored in the keychain.

Usage: networksetup -getairportpower <device name>
	Display whether Wi-Fi power is on or off for <device name>.

Usage: networksetup -setairportpower <device name> <on off>
	Set Wi-Fi power for <device name> to either <on> or <off>.

Usage: networksetup -listpreferredwirelessnetworks <device name>
	List the preferred wireless networks for <device name>.

Usage: networksetup -addpreferredwirelessnetworkatindex <device name> <network> <index> <security type> [password]
	Add wireless network named <network> to preferred list for <device name> at <index>.
	For security type, use OPEN for none, WPA for WPA Personal, WPAE for WPA Enterprise, 
	WPA2 for WPA2 Personal, WPA2E for WPA2 Enterprise, WEP for plain WEP, and 8021XWEP for 802.1X WEP.
	If a password is included, it gets stored in the keychain.

Usage: networksetup -removepreferredwirelessnetwork <device name> <network>
	Remove <network> from the preferred wireless network list for <device name>.

Usage: networksetup -removeallpreferredwirelessnetworks <device name>
	Remove all networks from the preferred wireless network list for <device name>.

Usage: networksetup -getnetworkserviceenabled <networkservice>
	Display whether a service is on or off (enabled or disabled).

Usage: networksetup -setnetworkserviceenabled <networkservice> <on off>
	Set <networkservice> to either <on> or <off> (enabled or disabled).

Usage: networksetup -createnetworkservice <newnetworkservicename> <hardwareport>
	Create a service named <networkservice> on port <hardwareport>. The new service will be enabled by default.

Usage: networksetup -renamenetworkservice <networkservice> <newnetworkservicename>
	Rename <networkservice> to <newnetworkservicename>.

Usage: networksetup -duplicatenetworkservice <networkservice> <newnetworkservicename>
	Duplicate <networkservice> and name it with <newnetworkservicename>.

Usage: networksetup -removenetworkservice <networkservice>
	Remove the service named <networkservice>. Will fail if this is the only service on the hardware port that <networkservice> is on.

Usage: networksetup -ordernetworkservices <service1> <service2> <service3> <...>
	Order the services in order specified. Use "-listnetworkserviceorder" to view service order.
	Note: use quotes around service names which contain spaces (ie. "Built-in Ethernet").

Usage: networksetup -setMTUAndMediaAutomatically <hardwareport or device name>
	Set hardwareport or device specified back to automatically setting the MTU and Media.

Usage: networksetup -getMTU <hardwareport or device name>
	Get the MTU value for hardwareport or device specified.

Usage: networksetup -setMTU <hardwareport or device name> <value>
	Set MTU for hardwareport or device specified.

Usage: networksetup -listvalidMTUrange <hardwareport or device name>
	List the valid MTU range for hardwareport or device specified.

Usage: networksetup -getmedia <hardwareport or device name>
	Show both the current setting for media and the active media on hardwareport or device specified.

Usage: networksetup -setmedia <hardwareport or device name> <subtype> [option1] [option2] [...]
	Set media for hardwareport or device specified to subtype. Specify optional [option1] and additional options depending on subtype. Any number of valid options can be specified.

Usage: networksetup -listvalidmedia <hardwareport or device name>
 	List valid media options for hardwareport or device name. Enumerates available subtypes and options per subtype.

Usage: networksetup -createVLAN <VLAN name> <device name> <tag>
	Create a VLAN with name <VLAN name> over device <device name> with unique tag <tag>. A default network service will be created over the VLAN.

Usage: networksetup -deleteVLAN <VLAN name> <device name> <tag>
	Delete the VLAN with name <VLAN name> over the parent device <device name> with unique tag <tag>. If there are network services running over the VLAN they will be deleted.

Usage: networksetup -listVLANs
	List the VLANs that have been created.

Usage: networksetup -listdevicesthatsupportVLAN
	List the devices that support VLANs.

Usage: networksetup -isBondSupported <device name ie., en0>
	Return YES if the specified device can be added to a bond. NO if it cannot.

Usage: networksetup -createBond <user defined name> <device name 1> <device name 2> <...>
	Create a new bond and give it the user defined name. Add the specified devices, if any, to the bond.

Usage: networksetup -deleteBond <bond name ie., bond0>
	Delete the bond with the specified device-name.

Usage: networksetup -addDeviceToBond <device name> <bond name> 
	Add the specified device to the specified bond.

Usage: networksetup -removeDeviceFromBond <device name> <bond name>
	Remove the specified device from the specified bond

Usage: networksetup -listBonds
	List all of the bonds.

Usage: networksetup -showBondStatus <bond name ie., bond0>
	Display the status of the specified bond.

Usage: networksetup -listpppoeservices
	List all of the PPPoE services in the current set.

Usage: networksetup -showpppoestatus <service name ie., MyPPPoEService>
	Display the status of the specified PPPoE service.

Usage: networksetup -createpppoeservice <device name ie., en0> <service name> <account name> <password> [pppoe service name]
	Create a PPPoE service on the specified device with the service name specified.
	The "pppoe service name" is optional and may not be supported by the service provider.

Usage: networksetup -deletepppoeservice <service name>
	Delete the PPPoE service.

Usage: networksetup -setpppoeaccountname <service name> <account name>
	Sets the account name for the specified service.

Usage: networksetup -setpppoepassword <service name> <password>
	Sets the password stored in the keychain for the specified service.

Usage: networksetup -connectpppoeservice <service name>
	Connect the PPPoE service.

Usage: networksetup -disconnectpppoeservice <service name>
	Disconnect the PPPoE service.

Usage: networksetup -getcurrentlocation
	Display the name of the current location.

Usage: networksetup -listlocations
	List all of the locations.

Usage: networksetup -createlocation <location name> [populate]
	Create a new network location with the spcified name.
	If the optional term "populate" is included, the location will be populated with the default services.

Usage: networksetup -deletelocation <location name>
	Delete the location.

Usage: networksetup -switchtolocation <location name>
	Make the specified location the current location.

Usage: networksetup -version
	Display version of networksetup tool.

Usage: networksetup -help
	Display these help listings.

Usage: networksetup -printcommands
	Displays a quick listing of commands (without explanations).

Any command that takes a password, will accept - to indicate the password should be read from stdin.

The networksetup tool requires at least admin privileges to change network settings. If the "Require an administrator password to access system-wide preferences" option is selected in System Preferences > Security & Privacy, then root privileges are required to change network settings.

使用proxychains-ng对某些命令代理(失败）

需要关闭macOS SIP(系统完整性保护)
[https://www.jianshu.com/p/3f392367b41f]
终端下原生的使用socks5就可以实现代理的工具.ProxyChains遵循GNU协议的一款适用于linux系统的网络代理设置工具。强制由任一程序发起的TCP连接请求必须通过诸如TOR 或 SOCKS4, SOCKS5 或HTTP(S) 代理。支持的认证方式包括：SOCKS4/5的用户/密码认证，HTTP的基本认证。允许TCP和DNS通过代理隧道，并且可配置多个代理。事实上，甚至可以通过ProxyChains设置反向代理来让你能够从外部访问你的内部局域网.

brew install proxychains-ng
#备份配置文件
cp /usr/local/etc/proxychains.conf /usr/local/etc/proxychains.conf.bak
vim /usr/local/etc/proxychains.conf

proxychains.conf

#       type  ip  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#       only numeric ipv4 addresses are valid
#
#
#        Examples:
#
#               socks5  192.168.67.78   1080    lamer   secret
#               http    192.168.89.3    8080    justu   hidden
#               socks4  192.168.1.49    1080
#               http    192.168.39.93   8080
#
#
#       proxy types: http, socks4, socks5
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks5  127.0.0.1 19180

测试:

proxychains4 ping www.google.com

使用proximac对某些命令代理(失败)

[https://github.com/csujedihy/proximac]
需要关闭SIP
Proximac 是替代 Proxifier 的开源命令行程序，能够让指定的 App 都通过 SOCKS5 代理访问，也可以让系统所有的 TCP 流量都经过 SOCKS5 代理转发。

• 可以强制原本不能走代理的 App 走 SOCKS5 代理进行网络访问。
• 可以使系统全局所有 TCP 流量均走 SOCKS5 代理转发。
• 支持用户名 /密码验证的 SOCKS5 代理。

curl -fsSL https://raw.githubusercontent.com/proximac-org/proximac-install/master/install.py |sudo python 
#开启
proximac start -c [path of your config file]
#停止
proximac stop

配置文件示例:
proximac.conf

{
    "process_name":
    ["Unibox", "Google Chrome", "Thunder"],
    "local_port":1080,
    "local_address":"127.0.0.1",
    "proximac_port":8558,
    "username":"foo",
    "password":"bar"
}

测试

ping www.google.com
curl -o /dev/null -s -w "nslookup_time :%{time_namelookup}\n  time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "https://www.google.com/"