examples: add 9. Transparent Proxy without dnsmasq

README.md

@@ -34,8 +34,8 @@ General:
 - Periodical proxy checking
 - Rule proxy based on destinations: [Config Examples](config/examples)
 - Ipset management
-  - Add ip/cidrs in rule files on startup
+  - Add ip/cidrs from rule files on startup
-  - Add resolved ips for domains in rule files by dns forwarder server 
+  - Add resolved ips for domains from rule files by dns forwarding server 
 
 TODO:
 - [ ] UDP Tunnel

config/examples/8.transparent_proxy_with_dnsmasq/glider.conf

@@ -11,6 +11,3 @@ forward=http://1.1.1.1:8080
 strategy=rr
 checkwebsite=www.apple.com
 checkduration=30
-
-# parse all *.rule files in rules.d folder
-#rules-dir=rules.d

config/examples/9.transparent_proxy_without_dnsmasq/README.md

@@ -0,0 +1,60 @@
+
+## 9. Transparent Proxy without dnsmasq
+
+In this mode, glider will act as the following roles:
+1. A transparent proxy server
+2. A dns forwarding server
+3. A ipset manager
+so you don't need any dns server in your network.
+
+#### Glider Configuration
+##### glider.conf
+```bash
+verbose=True
+# as a redir proxy
+listen=redir://:1081
+# as a dns forwarding server
+dns=:53
+dnsserver=8.8.8.8:53
+# as a ipset manager
+ipset=glider
+# specify rule files
+rules-dir=rules.d
+```
+
+##### office.rule
+```bash
+# add your forwarders
+forward=http://forwarder1:8080,socks5://forwarder2:1080
+forward=http://1.1.1.1:8080
+strategy=rr
+checkwebsite=www.apple.com
+checkduration=30
+# specify a different dns server(if need)
+dnsserver=208.67.222.222:53
+
+# specify destinations
+#include=office.list.example
+domain=example1.com
+domain=example2.com
+# matches ip
+ip=1.1.1.1
+ip=2.2.2.2
+# matches a ip net
+cidr=192.168.100.0/24
+cidr=172.16.100.0/24
+```
+
+#### Config iptables on your linux gateway
+```bash
+iptables -t nat -I PREROUTING -p tcp -m set --match-set glider dst -j REDIRECT --to-ports 1081
+iptables -t nat -I OUTPUT -p tcp -m set --match-set glider dst -j REDIRECT --to-ports 1081
+```
+
+Now you can startup glider and dnsmasq, the whole process:
+1. 
+1. all dns requests for domain example1.com will be forward to glider(:5353) by dnsmasq
+2. glider will forward dns requests to 8.8.8.8:53 in tcp via forwarders
+3. the resolved ip address will be add to ipset "myset" by dnsmasq
+4. all tcp requests to example1.com will be redirect to glider(:1081)
+5. glider then forward requests to example1.com via forwarders

config/examples/9.transparent_proxy_without_dnsmasq/glider.conf

@@ -2,7 +2,15 @@
 # Verbose mode, print logs
 verbose=True
 
-listen=:8443
+# as a redir proxy
+listen=redir://:1081
+
+# as a dns forwarding server
+dns=:53
+dnsserver=8.8.8.8:53
+
+# as a ipset manager
+ipset=glider
 
 # parse all *.rule files in rules.d folder
 rules-dir=rules.d

config/examples/9.transparent_proxy_without_dnsmasq/rules.d/office.list

@@ -0,0 +1,7 @@
+
+domain=mycompany.com
+domain=mycompany1.com
+ip=4.4.4.4
+ip=5.5.5.5
+cidr=cidr=172.16.101.0/24
+cidr=cidr=172.16.102.0/24

config/examples/9.transparent_proxy_without_dnsmasq/rules.d/office.rule

@@ -9,10 +9,19 @@ forward=http://forwarder2:8080,socks5://forwarder3:1080
 # Round Robin mode: rr
 # High Availability mode: ha
 strategy=rr
-
 checkwebsite=www.apple.com
 checkduration=30
 
+# specify a different dns server(if need)
+dnsserver=208.67.222.222:53
 
-# matches 172.16.0.0/24
+# specify destinations
-cidr=172.16.0.0/24
+#include=office.list
+domain=example1.com
+domain=example2.com
+# matches ip
+ip=1.1.1.1
+ip=2.2.2.2
+# matches a ip net
+cidr=192.168.100.0/24
+cidr=172.16.100.0/24