fivesheep / chnroutes Goto Github PK
View Code? Open in Web Editor NEWscripts help chinese netizen, who uses vpn to combat censorship, by modifying the route table so as routing only the censored ip to the vpn
scripts help chinese netizen, who uses vpn to combat censorship, by modifying the route table so as routing only the censored ip to the vpn
route get www.baidu.com
route to: 180.76.3.151
destination: 180.76.0.0
mask: 255.255.0.0
gateway: 192.168.1.1
interface: en0
flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire
0 0 0 0 0 0 1500 0
现在routes有8千多条,不知道是不是routes太多导致的问题,用了三种方式尝试,都没成功。
一、图形界面gnome-openvpn启动(其实调用的就是networkmanager),在原有正常的vpn增加了routes之后,vpn就连不上了。图形界面只是提示“Connection failed”
二、networkmanager命令行,通过nmcli命令激活后也报错了。
nmcli connection up 1bd79752-2397-4713-b176-c95161491e44
Error: Connection activation failed: The VPN service returned invalid configuration
直接使用openvpn命令启动配置,启动确实没失败,只是就cpu彪的飞起,然后机器就开始卡。。。呵呵了。最后在命令行界面kill掉openvpn,机器恢复了正常。。。
大家都怎么用的?
还是现在这个方式已经不合适了,现在还有没有其他的vpn局部代理的方式?
无奈中~~~
如题,地图应用打开后显示的是从国外拿的地图数据,而不是本地 autonavi 的。
shadowsocks-libev里,有个ss-redir工具,可以用iptables实现透明代理.
怎么用呢?
我弄一弄没弄成.没人研究研究吗?
目前生成的路由表有6000多行,将此文件添加到ovpn配置文件后面,ios版提示其过大,无法加载。请问如何解决?是否可以如前面说的合并IP?
http://chnroutes-dl.appspot.com/
只有一行提示"This download page is for chnroutes user who doesn't have python installed."
比如被重定向到淘宝 东南亚
win7 python chnroutes.py -p win 报错
RouterOS is awesome. GFW sucks.
因为权限access-list还可以有优先级设置,放入NAT更加灵活
rsc是RouterOS的脚本文件,可以导入后在路由器上运行
以下是我做的修改
def generate_ros(metric):
results = fetch_ip_data()
rfile=open('routes.rsc','w')
for ip,datenum,mask2 in results:
route_item="add list=domesticList address=%s/%s \t %s \n"%(ip,mask2,datenum)
rfile.write(route_item)
rfile.close()
print "Usage: Append the content of the newly created routes.txt to your openvpn config file,"
" and also add 'max-routes %d', which takes a line, to the head of the file." % (len(results)+20)
datenum=unit_items[5]
出下这个错误 While trying to retrieve the URL: http://65.49.2.171:81/http/www.baidu.com/
你好,为什么我访问 http://chnroutes-dl.appspot.com/ 会得到这个提示:
This download page is for chnroutes user who doesn't have python installed.
I used pptp vpn client on centos6; and used chnroutes.py to create ip-pre-up/ip-down. but when i try to connect the vpn server , it did not creat route table .
anybody can help me ? thanks
##########################################
// on vpn server host
#cat /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
localip ... # (type passwd to view)
remoteip 192.168.100.2-100
#cat /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
debug
lock
nobsdcomp
novj
novjccomp
nologfd
#/etc/init.d/pptpd start
#tailf /var/log/messages
Jul 12 11:31:08 10-19-46-62 pptpd[5787]: MGR: Maximum of 100 connections reduced to 99, not enough IP addresses given
Jul 12 11:31:08 10-19-46-62 pptpd[5788]: MGR: Manager process started
Jul 12 11:31:08 10-19-46-62 pptpd[5788]: MGR: Maximum of 99 connections available
// vpn server start Normally
######################################
// on vpn client host
#ll /etc/ppp/ip-pre-up /etc/ppp/ip-down.d/ip-down
-rwxr-xr-x 1 root root 201698 Jul 11 17:34 /etc/ppp/ip-down.d/ip-down
-rwxr-xr-x 1 root root 359983 Jul 11 17:40 /etc/ppp/ip-pre-up
#cat /etc/ppp/options.pptp
lock
noauth
refuse-pap
refuse-eap
refuse-chap
refuse-mschap
nobsdcomp
nodeflate
#pptpsetup --create myvpn2 --server 12.34.56.78 --username testuser --password sscnwxy --encrypt --start
Using interface ppp0
Connect: ppp0 <--> /dev/pts/0
CHAP authentication succeeded
MPPE 128-bit stateless compression enabled
local IP address 192.168.100.2
remote IP address 12.34.56.78
#ifconfig
......
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 0 (Local Loopback)
RX packets 5935 bytes 854648 (834.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5935 bytes 854648 (834.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1496
inet 192.168.100.2 netmask 255.255.255.255 destination 12.34.56.78
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 6 bytes 60 (60.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 66 (66.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
......
#tailf /var/log/message
Jul 12 11:44:10 worker0 pppd[25793]: pppd 2.4.5 started by root, uid 0
Jul 12 11:44:10 worker0 pppd[25793]: Using interface ppp0
Jul 12 11:44:10 worker0 pppd[25793]: Connect: ppp0 <--> /dev/pts/0
Jul 12 11:44:10 worker0 pptp[25794]: anon log[main:pptp.c:333]: The synchronous pptp option is NOT activated
Jul 12 11:44:10 worker0 NetworkManager[969]: [1499831050.1592] manager: (ppp0): new Generic device (/org/freedesktop/NetworkManager/Devices/360)
Jul 12 11:44:10 worker0 pptp[25804]: anon log[ctrlp_rep:pptp_ctrl.c:254]: Sent control packet type is 1 'Start-Control-Connection-Request'
Jul 12 11:44:10 worker0 pptp[25804]: anon log[ctrlp_disp:pptp_ctrl.c:754]: Received Start Control Connection Reply
Jul 12 11:44:10 worker0 pptp[25804]: anon log[ctrlp_disp:pptp_ctrl.c:788]: Client connection established.
Jul 12 11:44:11 worker0 pptp[25804]: anon log[ctrlp_rep:pptp_ctrl.c:254]: Sent control packet type is 7 'Outgoing-Call-Request'
Jul 12 11:44:11 worker0 pptp[25804]: anon log[ctrlp_disp:pptp_ctrl.c:873]: Received Outgoing Call Reply.
Jul 12 11:44:11 worker0 pptp[25804]: anon log[ctrlp_disp:pptp_ctrl.c:912]: Outgoing call established (call ID 0, peer's call ID 0).
Jul 12 11:44:14 worker0 pppd[25793]: CHAP authentication succeeded
Jul 12 11:44:14 worker0 pppd[25793]: MPPE 128-bit stateless compression enabled
Jul 12 11:44:14 worker0 pppd[25793]: local IP address 192.168.100.2
Jul 12 11:44:14 worker0 pppd[25793]: remote IP address 12.34.56.78
挺好的
把ip-pre-up 拷贝到 /etc/ppp目录, ip-down 拷贝到 /etc/ppp/ip-down.d 目录.
ip-pre-up 是否也应放置在 /etc/ppp/ip-up.d 目录中呢。
看了几个教程,这点都不统一...
最后,我只是PPTP连,还是直接放到 /etc/ppp 目录下好了。
给各位添麻烦了 ;)
希望可以添加对 ip -batch 的支持,这种方式比多次调用被弃用的 net-tools 中的 route 命令要快不少。
实现可以参见
jimmyxu/chnroutes@74b6d55
发现Mac 锁屏状态断网后,出现无法连接网络的情况,这个怎么解决呢?
本人项目:https://github.com/liudongmiao/chinaip
作为对比,可以极大提高效率,以Fri, 01 Aug 2014 15:15:44 GMT发布的项目为例
以Fri, 01 Aug 2014 15:15:44 GMT的delegated-apnic-latest为例
(以下自动添加3个私有网段)
/14, 376, 86%
/15, 543, 93%
/16, 757, 97%
/17, 856, 98%
/18, 947, 98%
/19, 1114, 99%
.............
/24, 3037, 100%
不合并的话,共4133 + 3个路由,需要更多的1099条路由..
就以实际情况来看,我一个使用/16的方案,覆盖**97%的ip段
linuxfire还在不?
我们有一部分测试地址,都是内网的,但是链接上vpn后,无法访问了,希望有办法解决,谢谢
参考这里:58267c3
DELETED
采用Openwrt使用lan 口接入的方式,不是直连拨号。
疑似上级路由没有下发lan口网关,从而无法解析出本机默认网关地址,导致无法添加路由。
需手工指定 OLDGW 的值。回来想办法自动读一下
有你翻墙的版本吗?比如访问**的一些视频网站的时候使用vpn而是用国外网站和本地的时候不使用vpn的版本可以介绍一下吗?还是把up和down换一下就行?
在mac osx下设置成功了,但怎样恢复成以前全部ip都通过vpn连接呢?
怎样完全删除chnroutes。
目前在手机端使用Google的时候出来的结果经常无法访问,返回404。原因是Google针对手机端的优化技术AMP把搜索结果Cache到了国内服务器。这些服务器IP虽然是国内,也是被block的。
希望可以把这些IP地址也加上去,对应的域名是cdn.ampproject.org
10.12之前都用的很完美,但是
MacOS10.12不支持PPTP了,请问以后用mac的话要怎么使用这个chnroutes啊
本地电脑一旦拨通VPN后, 所有的网络链接都会强制走VPN 虚拟网卡. chnroute 的出现,目的是为了提高网速, 让所有不需要走VPN 的网址直接走本地,
在实际使用过程中, 需要走VPN 的网站, 一般是走本地链接无法走通的情况下才会选择.
chnroute 是否可以参考 SwtichySharp 的方式, 实现反向的路由表选择, 提供需要走VPN的填入列表中呢?
应该做两个版本Python2版和Python3版 或注明开发版本方便转换
使用网易云音乐PC客户端时 连着VPN下载慢 断开VPN后下载飞快 可能路由表没有将网易云音乐的IP识别为国内 希望能添加 谢谢
我把生成的vpnup.bat文件里的route add改成了route -p -add命令,既永久保存。在註冊表中,如下的位置中也看到了add的信息。但是不知道為何路由表還是沒有生效?不知是否需要修改*.ovpn配置文件呢?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes
mac版本是12.6
expressVPN version 6.7.3
用的是付费版的expressVpn,搜索出来express的openvpn配置文件后,按说明添加头尾(express配置文件为什么是二进制的,没问题吗?),然后启动就会报错,还原配置文件才正常…………
正常配置后,没有效果
有谁可以帮忙解决下吗?可以请你喝杯咖啡!
/tmp/tun_log
Is there a way to read the binary log?
each command returns "The route addition failed: The parameter is incorrect"
both occurs in Windows 7 and Windows 8.1
请问以下 如何可以在链接 VPN 的时候可以进行 git push 到 github 的操作?
谢谢!
~ » traceroute taobao.com
traceroute to taobao.com (42.120.194.11), 30 hops max, 60 byte packets
1 192.168.2.1 (192.168.2.1) 4.234 ms 7.210 ms 7.205 ms
2 * * *
3 183.128.112.1 (183.128.112.1) 8.056 ms 8.052 ms 8.049 ms
4 61.164.22.98 (61.164.22.98) 9.668 ms 9.665 ms 9.661 ms
5 61.164.31.218 (61.164.31.218) 45.641 ms 61.130.126.22 (61.130.126.22) 9.642 ms 61.164.31.198 (61.164.31.198) 14.007 ms
6 183.136.160.150 (183.136.160.150) 14.004 ms 183.136.160.190 (183.136.160.190)
**vpn访问taobao.com提示我在**,换美国vpn提示我在美国,这是什么原理
以前用linux和windows,一直没问题。最近扩展到mac后需要分步骤加载路由表,用到了ip-up和ip-down这两个脚本。脚本运行完后发现dns解析有问题,原来是将3个私有地址段的路由也解析到本地老网关上。因为vpn拨号成功后要占用一个不同的私有网段,如果dns配置解析是通过vpn私有网络进行的就会出现没法解析的问题。折腾了半天才定位到这问题。
如题。
不会用python,请问在哪下载.bat文件?或者怎么生成,求详细方法,谢谢!!!
route get www.baidu.com
route to: 180.76.3.151
destination: 180.76.0.0
mask: 255.255.0.0
gateway: 192.168.1.1
interface: en0
flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire
0 0 0 0 0 0 1500 0
Any different with the PPTP ones while I using chnroute ?
ip-up script contains following line:
OLDGW=`netstat -nr | grep '^default' | grep -v 'ppp' | sed 's/default *\([0-9\.]*\) .*/\1/'`
Notice that there has grep -v 'ppp'
, and this will delete all routing rules on ppp links. Unfortunately, if i'm using PPPoE to access the internet, then OLDGW must be an empty string.
Actually, ip-up has $1 argument which means the interface name(ppp0, ppp1 or someone else). So, using this argument can easily and safely remove current default gateway.
OLDGW=`netstat -nr | grep '^default' | grep -v "$1" | sed 's/default *\([0-9\.]*\) .*/\1/'` | head -1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.