Facebook

Re: 443 split safest cryptocurrency exchange

From Funky Mousedeer, 2 Years ago, written in Visual Basic.
This paste is a reply to 443 split from zuko - view diff
URL https://pastebin.pl/view/ce7f0da7
Embed
Download Paste or View Raw
Hits: 233
  1. > apt install sslh
  2. > apt install nginx nginx-extras
  3.  
  4. > nano /etc/default/sslh
  5.  
  6. --------------------- file contents -------------------------
  7. # Default options for sslh initscript
  8. # sourced by /etc/init.d/sslh
  9.  
  10. # binary to use: forked (sslh) or single-thread (sslh-select) version
  11. # systemd users: don't forget to modify /lib/systemd/system/sslh.service
  12. DAEMON=/usr/sbin/sslh
  13.  
  14. RUN=yes
  15. DAEMON_OPTS="--user sslh --listen <dedicated-ip>:443 --openvpn <dedicated-ip>:1194 --anyprot <dedicated-ip>:4443 --transparent --pidfile /var/run/sslh/sslh.pid"
  16. ----------------------------------------------
  17.  
  18. > nano /usr/local/sbin/sslh-transparent
  19.  
  20. --------------------- file contents -------------------------
  21. #!/bin/bash
  22. iptables -t mangle -N SSLH
  23. iptables -t mangle -A OUTPUT --protocol tcp --out-interface <your-interface> --sport 4443 --jump SSLH
  24. iptables -t mangle -A OUTPUT --protocol tcp --out-interface <your-interface> --sport 1194 --jump SSLH
  25. iptables -t mangle -A SSLH --jump MARK --set-mark 0x1
  26. iptables -t mangle -A SSLH --jump ACCEPT
  27. ip rule add fwmark 0x1 lookup 100
  28. ip route add local 0.0.0.0/0 dev lo table 100
  29. ip6tables -t mangle -N SSLH
  30. ip6tables -t mangle -A OUTPUT --protocol tcp --out-interface ens3 --sport 4443 --jump SSLH
  31. ip6tables -t mangle -A OUTPUT --protocol tcp --out-interface ens3 --sport 1194 --jump SSLH
  32. ip6tables -t mangle -A SSLH --jump MARK --set-mark 0x1
  33. ip6tables -t mangle -A SSLH --jump ACCEPT
  34. ip -6 rule add fwmark 0x1 lookup 100
  35. ip -6 route add local ::/0 dev lo table 100
  36. ----------------------------------------------
  37.  
  38. > chmod +x /usr/local/sbin/sslh-transparent
  39.  
  40. > nano /etc/systemd/system/sslh-transparent.service
  41.  
  42. --------------------- file contents -------------------------
  43. [Unit]
  44. Description=sslh transparent (see /usr/local/sbin/ssl-transparent)
  45. Wants=network-online.target
  46. After=network-online.target
  47. [Service]
  48. Type=simple
  49. ExecStart=/usr/local/sbin/sslh-transparent
  50. [Install]
  51. WantedBy=multi-user.target
  52. ----------------------------------------------
  53.  
  54. > systemctl daemon-reload
  55. > systemctl start sslh-transparent
  56. > systemctl enable sslh-transparent
  57. > systemctl enable sslh
  58.  
  59. # useful commands
  60. ## get network interface for ssl-h-transparent file and change <your-interface> to <dedicated-ip> network interface name.
  61. > ifconfig -a
  62.  
  63. ## test command
  64. > sslh -p <dedicated-ip>:443 --openvpn <dedicated-ip>:1194 --anyprot <dedicated-ip>:4443 --transparent

Reply to "Re: 443 split"