Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to use the netpas network accelerator in Linux. The content of the article is of high quality, so the editor shares it for you as a reference. I hope you will have some understanding of the relevant knowledge after reading this article.

2 preparation work

2.1 better machine configuration.

Since the virtual machine is used to run the agent, of course, the memory of the machine should be large, which is the most important. 512m is estimated to be stuck, 1G should be fine, more than 2G is ideal, no matter how small it may be to use some extraordinary measures, which will be slightly mentioned below.

2.2 install VirtualBox

At least 3.0 or above, preferably 3.1 or above. The development of VirtualBox has made rapid progress in recent years, many features have been added, and rational use can effectively reduce the workload. There are under Ubuntu, other Linux distributions are generally available in the source, and now that you use Linux, then at least now you can install software, if you do not know, search it. I use Arch74 (Archlinux 64-bit).

2.3 install the winxp virtual machine.

There is no need to say how to use VirtualBox. The documentation of VirtualBox itself is very detailed, and there are many introductions in this area on the Internet. Mentioned here, windows can use 98, if your machine memory is small, but you can encounter some minor problems. Had better be winxp, it is best not to use some online images and Deepin and so on, these are modified versions, it is difficult to guarantee that there is no problem with the later configuration. It won't take long to reinstall a new one, winxp professional. Finally, remember to install VirtualBox Addition, this secondary package can improve the efficiency of the virtual machine, but also provides a lot of useful additional features.

2.4 in the virtual machine windows, download and install.

NAT32 is one of the most advanced NAT-like software I've seen so far (commonly known as shared network connectivity). I've tried a lot of others, but either I can't meet the requirements, or I'm unstable and less functional. This software is installation-free, but to install a driver, this can be done manually. To save trouble, just click setup directly. The software is shared, the function is unlimited, and the program can only run continuously for 2 hours at a time, but it can be rerun indefinitely, so this is not a problem. There is a simple script behind it that allows the software to run almost always (without human intervention).

2.5 optional: in virtual machine windows, download

3proxy is a very small proxy software, full-featured and powerful, and can be used in both windows and linux. The configuration file is modified directly during configuration, which is typical of unix style. If anyone likes to use ccproxy, go to the Internet to find out how to use it. Various versions (including windows 64-bit) are available for download in 3proxydownloadsection.

3 configure and use 3.1 to set up virtual machines

You should have installed netpas by this time, and when the linux host is connected to the network, the netpas can be connected, and then the external network can be connected normally in the virtual machine.

3.1.1 set up the network card

The main purpose is to set up the network card of the virtual machine after installing windows. By default, there is only one NAT Nic, and the address is 10.0.room.* (* means arbitrary, of course, the details can only be determined). This is self-configured by VirtualBox and will be used later, but no additional configuration is required. Start the second network card in the network card configuration and select Host-only (Chinese should be host network, right? ), there is an option to connect the network cable, selected. You can also turn off all other unused device options in the virtual machine. 2D graphics acceleration in graphics can be selected. When you start the virtual machine, you can see that there are two network connections, find the 192.168.56.101 (similar to this one), write down its current IP information, then modify the IP attribute, change the DHCP to a remote address, and fill in everything you just wrote down. This step is important because this network connection will be used as a gateway for the linux host later, so I don't want any change in its address, which is especially important if you use two virtual machines as often as I do, then the address assigned by DHCP will vary according to the boot order of the virtual machine.

Note: the network of many schools is relatively boring, there is no corresponding network client under linux, it seems that there is a network login system called Ruijie. At this time, it is recommended that you search the Internet. Someone has made a Ruijie authentication software under linux. If it still doesn't work, then you can connect to the network with a virtual machine, but the virtual machine needs a network card connected by a bridge. There is also a lot of information on the Internet, so I won't say much about it here.

3.2 under virtual machine windows

3.2.1 get the routing table of netpas

Netpas must be started first. The start menu-run-enter "cmd"-Command Line window-enter "route PRINT" at this time you can see the output on the screen after the netpas starts the routing table. Copy this output to a text file, edit and delete all lines whose destination address is reserved (0. 0, 192. 2, 10. *, etc.), delete those comment lines, and save and transfer each line in the final file to the linux host (via network, or using a shared folder, which is recommended and convenient).

3.2.2 configuring nat32e

Note: because the function of NAT is used later, it is said that there are corresponding tools to set up in windows 2003 server version, which is more convenient and reliable. But on the one hand, it is running in the virtual machine, the resources are relatively tight; on the other hand, I am too lazy to set up another system. If you know, you are welcome to leave a message. In addition, I know that there is a netsh command that can be used to configure NAT, but for a long time, I can't find the name of the netpas virtual network card (this is needed in netsh), and I don't want to waste time learning this weird command in windows (you'll know, save time to learn linux:), so I gave up. If you know, you are welcome to leave a message.

If you have configured a machine that shares the Internet, there is an option to share the connection in the advanced options of each network connection property, which is actually a rudimentary NAT. However, because of the special connection of netpas, this simple and efficient method can not be used. Nat32e is used here to solve this problem.

Connect to netpas first for later configuration. After installing net32e, there will be several icons on the desktop, which need to be configured with NAT32CFG for the first time. The configuration process itself is simple, basically the next (next/continue). Only one page needs to be involved, that is, when you choose an intranet or an extranet. (lazy, do not take screenshots, I believe that the use of linux at least have a certain English foundation, but you can leave a message if necessary, I will make a screenshot to re-say, here briefly) on the page, there are some network cards to choose from in the box, generally there are three, each selected an IP address, name and other instructions. Select the box to the right and there are several radio buttons, Private (intranet), Internet (extranet). Select the network card named Unknown Name Netpas Adapter, then select the Internet button, then mark it as I in front of the waiting network card, then choose another network card with the address of 192, and then select the Private button. A P appears in front of that network card. All right, next step until it's done.

After the configuration is complete, only point the NET32RUN on the desktop every time you run it later. At present, you can't surf the Internet through NAT. You need to make some configurations under linux.

3.2.3 optional, configure 3proxy

Note: this is optional, that is, for those who prefer to use agents, or those who want to save trouble, it is much easier to set up agents, and NAT still has a lot of configuration to do, but those who persist to the end will be rewarded:)

The function of 3proxy is very powerful, if you are interested or need, you can take the time to read the documentation. Here is a general configuration file. = 3proxy.cfg Starts =

#! / usr/local/bin/3proxy

# Yes, 3proxy.cfg can be executable, in this case you should place

# something like

# config / usr/local/3proxy/3proxy.cfg

# to show which configuration 3proxy should re-read on realod.

System "echo 3proxy is running...!"

# you may use system to execute some external command if proxy starts

# We can configure nservers to avoid unsafe gethostbyname () usage

#! Maybe useful, but dont understand

# nserver 10.1.2.1

# nserver 10.2.2.2

# nscache is good to save speed, traffic and bandwidth

Nscache 65536

# in log file we want to have underscores instead of spaces

Logformat "- + _ L% t.%% N% p% E% U% CRAV% c% RV% r% O% I% h% T"

Rotate 30

# We will keep last 30 log files

Internal 192.168.56.101

# internal is address of interface proxy will listen for incoming requests

# 127.0.0.1 means only localhost will be able to use this proxy. This is

# address you should specify for clients as proxy IP.

# You MAY use 0.0.0.0 but you shouldn't, because it's a chance for you to

# have open proxy in your network in this case.

Auth none

# no authentication is requires

#! Maybe useful in some occassions

# dnspr

# dnsproxy listens on UDP/53 to answer client's DNS requests. It requires

# nserver/nscache configuration.

# external $. / external.ip

# internal $. / internal.ip

# this is just an alternative form fo giving external and internal address

# allows you to read this addresses from files

Auth none

# We want to protect internal interface

Deny * * 127.0.0.1192.168.56.101

# and llow HTTP and HTTPS traffic.

Allow * 80-88. 8080-8088 HTTP

Allow * 443 HTTPS

Proxy-n-p8090

Auth none

Flush

Socks-p9080

= 3proxy.cfg End =

This is modified according to the sample given by 3proxy, copy it to a file, save it as 3proxy.cfg, then put it in the bin directory of 3proxy, and double-click 3proxy.exe to run it. This configuration enables 3proxy to open two proxies, one is the http proxy on port 8090, and the other is the socks5 proxy on port 9080. Next, you just need to set up the proxy in the program as follows: Http: 192.168.56.101 socks5: 192.168.56.101 3proxy 9080 this is the whole process of configuring the 3proxy, now you should be able to firefox on the foreign network recommended to use foxproxy and other firefox plug-ins, which make it very convenient to set up the agent.

Add: the difference between NAT and proxy

Most of the online introductions are shared by agents, because the agents are simple and have a wide range of applications. But if you can use NAT, you'd better use NAT. The reason is simple: procedures that use proxies must support proxies, and agents generally only support specific protocols such as common http agents. Of course, there are many socks agents that can actually support any protocol, but first the program must be able to support socks agents. This is usually not satisfied, which is why programs like wincaps are so popular that they can make programs that do not support socks agents use socks agents, but the problem remains: for each program that you need to use an agent, you have to set it separately, and there may also be a performance degradation (this is not very clear). In addition, it seems that linux is not particularly easy to use this kind of software (you know, welcome to leave a message), the development of tsocks has been stopped for many years.

Although NAT is not available in all situations, once you use it, you will get a unified and consistent service from the bottom of the network to the top. From ping to http, you can directly use all network resources without any configuration, and the flexibility of using routing table is no less than that of proxy. And the performance is generally better. For linux, you may have IM, desktop applications that need to be networked, such as desktop weather, desktop RSS, news download client Miro, or open source networked Mini Game teeworlds. Many of these do not have built-in proxy support, and they use a variety of protocols. But it can be used directly under NAT.

3.3 configure routing table under linux

This part should be said to be the most difficult, and because the way people surf the Internet is different, the content and configuration of the routing table are also different, and there may be some differences in configuration. )

3.3.1 Import the netpas routing table obtained from windows (modified as before)

The characteristic of this routing table is that the access netpas of all the target addresses in the table is set not to be accelerated through netpas, including the address of the education network, the server address of netpas, and so on, which netpas believes should not or need not be accelerated through it. Import all these into the routing table under linux, where all the gateway entries are changed to the default gateway you use when surfing the Internet directly in linux. The specific steps are as follows:

Open a terminal and execute the command as root (su, then enter the password for root). The command "route-n" will output the routing table of the current system. Remember the IP address after the entry that begins with default, which is the current default gateway.

Import a new routing table entry with the command "route add-net netmask gw" or "route add-host gw". Where is the destination network segment, is the destination address, that is, the first column in the netpas routing table, the destination network segment ends with 0, and the other is the destination address. The URL mask, which is the second column of the netpas routing table. Are the current default gateways obtained in the previous step Instead of typing these commands one by one, write them into a shell script, and then execute them together. The script should look something like this:

=

# / bin/sh echo "NEED root authentication"

Echo "The following is from Netpas in W32..."

Route add-net 58.154.0.0 netmask 255.254.0.0 gw -.-

Route add-net 58.192.0.0 netmask 255.240.0.0 gw -.-

Route add-net 59.64.0.0 netmask 255.240.0.0 gw -.

Route add-net 121.48.0.0 netmask 255.254.0.0 gw -.

Route add-net 121.192.0.0 netmask 255.252.0.0 gw -.-

=

That is, one command after another, gateway gw, "-. -" to fill in your gateway. At least how to execute it, search for it by yourself, and the command is "chmod Ubunx", ". /".

3.3.2 further set up the routing table

After completing the above import, it is time to switch routes. As mentioned earlier, the entries in the netpas routing table are not accelerated by netpas, so they are all set to connect directly through your current network card. For other addresses, we need to set them through netpas. Three steps:

Execute, "route add default gw 192.168.56.101", that is, add a default gateway, which is the virtual machine. This step must be performed after the virtual machine starts, otherwise.

Execute, "add-net 10.0.0.0 netmask 255.0.0.0 dev eth0", that is, all packets accelerated by netpas are sent directly to the public network port. Here eth0 should be changed to the name of the network card you use to surf the Internet under linux. This step is important, otherwise the package that needs to be accelerated will not be able to get out. This step can be performed at any time.

Execute, "route del default gw -. -" Delete your current silent gateway from the routing table. In this way, packets that need to be accelerated must pass through the gateway of the virtual machine.

Well, if both netpas and nat32 are connected and turned on in the virtual machine, you should be able to access the external network now, and you don't need to set it in the corresponding program:)

4 better agents

4.1 break the 2-hour limit

As mentioned earlier, nat32 has a 2-hour limit, and then nat32 must be restarted. No one likes restrictions, or why use Linux? :) then let's find a crack! I have looked for it, most of the cracking on the Internet can not be used, even if it can be used (not found, in fact, a lot of search results), it is also very old. Nat32, the software version 1.8 was launched in 2005, and now it is still version 1.8, but it was launched in February and March this year. Therefore, there is no ready-made crack. So let's write a crack! Well, I admit, I'm too lame to complete this task, so leave it to smart readers and powerful hackers. However, I think there is this time, it is better to write a better linux program, this is the long-term way. I've seen too much "crack-patch-crack-patch-crack." The vicious circle. Of course, the third option is to write a script to restart nat32 automatically, as follows: = repeat_start.bat START =

@ echo off

Echo Simple script to keep a program running all the time

Set program_path=C:\ NAT32\ nat32.exe 2

Set program_name=NAT32

Set count=0

Set wait_seconds=30

: LOOP

Set / A count=%count%+1

Echo "start program_name% for count% time (s)"

Rem-wait it terminates

Start / wait program_path%

Echo "ooooops, it stops..."

Echo "wait for about wait_seconds% seconds, then restart..."

Rem-wait for several seconds

@ ping 127.0.0.1-n% wait_seconds%-w 1000 > nul

@ ping 127.0.0.1-n% 1%-w 1000 > nul

Echo...

Echo =

Rem-to restart an infinite loop

Rem-of course, you can use a for loop to make it run limited times

Goto LOOP

= repeat_start.bat END =

In the line set program_path=C:\ NAT32\ nat32.exe 2, the following parameter = can be found by looking at the desktop shortcut "NAT32RUN", copy and paste, usually if the installed NAT32 is this parameter. The script here can actually be used to maintain the operation of any program that will be interrupted. the principle is very simple, that is, after starting the program, wait for it to terminate, and then start again once it is aborted. In general, in order to avoid some problems when the program is just closed, it is best to wait a while before starting. For nat32, because it uses the driver, it feels better to wait a little longer. I set it to 30 seconds. As for waiting to be realized with ping, it is the "dark magic" of the senior who copied it from the Internet (lazy, didn't take the time to study it). There is a sleep program in 2003 server, but not in xp pro. In the future, instead of running NAT32RUN each time, you will use this script directly.

4.2 better routin

Actually, the netpas routing table is very limited. Now the Education Network visits the public network, and some addresses are actually very fast, such as baidu,youku, and the corresponding website should be optimized for the Education Network. Therefore, the effect of these acceleration through netpas is even worse. So, you can find these addresses and use "route" to set them for direct access. In fact, there is a downside here, that is, the method of setting up routing here always uses the root limit. Of course, the routing table is relatively stable. I don't know if there's a better way.

4.3 is no longer used.

Instead of NAT, to return to normal networking, just execute the following two commands: "route del default gw 192.168.56.101". "route add default gw -." In fact, there is no need to change the reverse process of setting up the last two steps of the routing table above.

4.4 Some geek stuff:

For people like me, I think the command line and text are better, and I think the presence of windows in linux should be minimized. Introduce two commands, VBoxManage and VBoxHeadless. VBoxManage, the command line of VirtualBox, like the command "VBoxManage startvm xpnet &", can be used to start the virtual machine from the command line, and xpnet is the name of the virtual machine. So you don't have to open the VirtualBox graphics window every time:) of course, you will think that this is not enough, why should the window of a windows virtual machine always be on my desk, and why do I just want to use it for networking and it always needs a display window? All right, let it disappear ~ VBoxHeadless, the original purpose is to start the virtual machine on the remote server, because it is on the remote server, so there should be no graphics window on the server (no one is watching), so the virtual machine started by it has no window. In order to control the virtual machine that starts from this, it supports a VRDP protocol, which is equivalent to the remote desktop of VirtualBox. Of course, we don't use this function here, because turning on this function will start the service on the host and may cause someone to connect to your virtual machine from the Internet. Turn on winxp pro's remote desktop, start the virtual machine with "VBoxHeadless-startvm=xpnet-vrdp=off &", connect with "rdesktop-a 16 192.168.56.101 &" and adjust the configuration manually if necessary. If you find it troublesome to enter a password every time, use the following command rdesktop-a 16-p 192.168.56.101 &-p to fill in the password plaintext. Don't worry, your virtual machine can't be connected outside the intranet.

On how to use the netpas network accelerator in Linux to share here, I hope that the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.