From 432dc9485bb15fa6ab689b60bc6533e91e00364a Mon Sep 17 00:00:00 2001
From: nadoo <287492+nadoo@users.noreply.github.com>
Date: Thu, 31 Aug 2017 01:19:49 +0800
Subject: [PATCH] examples: add example 7. Transparent Proxy with dnsmasq

---
 .../7.rule_multiple_rule_files/glider.conf    |  8 +---
 .../{ => rules.d}/home.rule                   |  0
 .../{ => rules.d}/office.rule                 |  0
 .../README.md                                 | 43 +++++++++++++++++++
 .../glider.conf                               | 16 +++++++
 .../rules.d/home.rule                         | 18 ++++++++
 .../rules.d/office.rule                       | 18 ++++++++
 .../glider.conf                               |  8 ++++
 config/glider.conf.example                    |  2 +-
 9 files changed, 106 insertions(+), 7 deletions(-)
 rename config/examples/7.rule_multiple_rule_files/{ => rules.d}/home.rule (100%)
 rename config/examples/7.rule_multiple_rule_files/{ => rules.d}/office.rule (100%)
 create mode 100644 config/examples/8.transparent_proxy_with_dnsmasq/README.md
 create mode 100644 config/examples/8.transparent_proxy_with_dnsmasq/glider.conf
 create mode 100644 config/examples/8.transparent_proxy_with_dnsmasq/rules.d/home.rule
 create mode 100644 config/examples/8.transparent_proxy_with_dnsmasq/rules.d/office.rule
 create mode 100644 config/examples/9.transparent_proxy_without_dnsmasq/glider.conf

diff --git a/config/examples/7.rule_multiple_rule_files/glider.conf b/config/examples/7.rule_multiple_rule_files/glider.conf
index 43f291e..07a480f 100644
--- a/config/examples/7.rule_multiple_rule_files/glider.conf
+++ b/config/examples/7.rule_multiple_rule_files/glider.conf
@@ -4,9 +4,5 @@ verbose=True
 
 listen=:8443
 
-# NOTE HERE:
-# specify a rule file
-rulefile=office.rule
-
-# specify another rule file
-rulefile=home.rule
\ No newline at end of file
+# parse all *.rule files in rules.d folder
+rules-dir=rules.d
diff --git a/config/examples/7.rule_multiple_rule_files/home.rule b/config/examples/7.rule_multiple_rule_files/rules.d/home.rule
similarity index 100%
rename from config/examples/7.rule_multiple_rule_files/home.rule
rename to config/examples/7.rule_multiple_rule_files/rules.d/home.rule
diff --git a/config/examples/7.rule_multiple_rule_files/office.rule b/config/examples/7.rule_multiple_rule_files/rules.d/office.rule
similarity index 100%
rename from config/examples/7.rule_multiple_rule_files/office.rule
rename to config/examples/7.rule_multiple_rule_files/rules.d/office.rule
diff --git a/config/examples/8.transparent_proxy_with_dnsmasq/README.md b/config/examples/8.transparent_proxy_with_dnsmasq/README.md
new file mode 100644
index 0000000..6017073
--- /dev/null
+++ b/config/examples/8.transparent_proxy_with_dnsmasq/README.md
@@ -0,0 +1,43 @@
+
+## 7. Transparent Proxy with dnsmasq
+
+#### Setup a redirect proxy and a dnstunnel with glider
+glider.conf
+```bash
+verbose=True
+listen=redir://:1081
+listen=dnstun://5353=8.8.8.8:53
+forward=http://forwarder1:8080,socks5://forwarder2:1080
+forward=http://1.1.1.1:8080
+strategy=rr
+checkwebsite=www.apple.com
+checkduration=30
+```
+
+#### Create a ipset manually
+```bash
+ipset create myset hash:ip
+```
+
+#### Config dnsmasq
+```bash
+server=/example1.com/127.0.0.1#5353
+ipset=/example1.com/myset
+server=/example2.com/127.0.0.1#5353
+ipset=/example2.com/myset
+server=/example3.com/127.0.0.1#5353
+ipset=/example4.com/myset
+```
+
+#### Config iptables on your linux gateway
+```bash
+iptables -t nat -I PREROUTING -p tcp -m set --match-set myset dst -j REDIRECT --to-ports 1081
+iptables -t nat -I OUTPUT -p tcp -m set --match-set myset dst -j REDIRECT --to-ports 1081
+```
+
+Now you can startup glider and dnsmasq, the whole process:
+1. all dns requests for domain example1.com will be forward to glider(:5353) by dnsmasq
+2. glider will forward dns requests to 8.8.8.8:53 in tcp via forwarders
+3. the resolved ip address will be add to ipset "myset" by dnsmasq
+4. all tcp requests to example1.com will be redirect to glider(:1081)
+5. glider then forward requests to example1.com via forwarders
diff --git a/config/examples/8.transparent_proxy_with_dnsmasq/glider.conf b/config/examples/8.transparent_proxy_with_dnsmasq/glider.conf
new file mode 100644
index 0000000..c13a953
--- /dev/null
+++ b/config/examples/8.transparent_proxy_with_dnsmasq/glider.conf
@@ -0,0 +1,16 @@
+
+# Verbose mode, print logs
+verbose=True
+
+listen=redir://:1081
+listen=dnstun://5353=8.8.8.8:53
+
+forward=http://forwarder1:8080,socks5://forwarder2:1080
+forward=http://1.1.1.1:8080
+
+strategy=rr
+checkwebsite=www.apple.com
+checkduration=30
+
+# parse all *.rule files in rules.d folder
+#rules-dir=rules.d
diff --git a/config/examples/8.transparent_proxy_with_dnsmasq/rules.d/home.rule b/config/examples/8.transparent_proxy_with_dnsmasq/rules.d/home.rule
new file mode 100644
index 0000000..06759cb
--- /dev/null
+++ b/config/examples/8.transparent_proxy_with_dnsmasq/rules.d/home.rule
@@ -0,0 +1,18 @@
+
+
+forward=http://forwarder4:8080
+
+# first connect forwarder1 then forwarder2 then internet
+forward=http://forwarder5:8080,socks6://forwarder3:1080
+
+
+# Round Robin mode: rr
+# High Availability mode: ha
+strategy=rr
+
+checkwebsite=www.apple.com
+checkduration=30
+
+
+# matches 192.168.0.0/16
+cidr=192.168.0.0/16
diff --git a/config/examples/8.transparent_proxy_with_dnsmasq/rules.d/office.rule b/config/examples/8.transparent_proxy_with_dnsmasq/rules.d/office.rule
new file mode 100644
index 0000000..3ff311f
--- /dev/null
+++ b/config/examples/8.transparent_proxy_with_dnsmasq/rules.d/office.rule
@@ -0,0 +1,18 @@
+
+
+forward=http://forwarder1:8080
+
+# first connect forwarder2 then forwarder3 then internet
+forward=http://forwarder2:8080,socks5://forwarder3:1080
+
+
+# Round Robin mode: rr
+# High Availability mode: ha
+strategy=rr
+
+checkwebsite=www.apple.com
+checkduration=30
+
+
+# matches 172.16.0.0/24
+cidr=172.16.0.0/24
diff --git a/config/examples/9.transparent_proxy_without_dnsmasq/glider.conf b/config/examples/9.transparent_proxy_without_dnsmasq/glider.conf
new file mode 100644
index 0000000..07a480f
--- /dev/null
+++ b/config/examples/9.transparent_proxy_without_dnsmasq/glider.conf
@@ -0,0 +1,8 @@
+
+# Verbose mode, print logs
+verbose=True
+
+listen=:8443
+
+# parse all *.rule files in rules.d folder
+rules-dir=rules.d
diff --git a/config/glider.conf.example b/config/glider.conf.example
index 48f5679..a5f1721 100644
--- a/config/glider.conf.example
+++ b/config/glider.conf.example
@@ -113,7 +113,7 @@ dnsserver=8.8.8.8:53
 # ----------------
 # Create and mange ipset on linux based on destinations in rule files
 #   - add ip/cidrs in rule files on startup
-#   - add resolved ips for domains in rule files by dns forwarder server 
+#   - add resolved ips for domains in rule files by dns forwarding server 
 # Usually used in transparent proxy mode on linux
 ipset=glider