Make own TCP Reverse Proxy with Linux (CentOS 6)

Marko97

M97 Project based Plus EMU
Aug 7, 2013
99
45
[What you need?]
- Protected VPS with CentOS 6.x;
- SSH access (PuTTy for example);

[How to proceed?]

1) Log via SSH in your protected VPS;
2) Type these commands in order:
Code:
sudo su
Code:
cd /etc/init.d
Code:
cat /proc/sys/net/ipv4/conf/eth0/forwarding
Code:
sysctl net.ipv4.conf.eth0.forwarding=1
Code:
nano myproxy
3) Delete all content and type this:

Code:
sysctl net.ipv4.conf.eth0.forwarding=1

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -s IP-PROXY/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport PORT-PROXY -j DNAT --to EMULATOR-IP:EMULATOR-PORT
IP-PROXY = Your IP VPS protected by AntiDDoS;
PORT-PROXY = Your port VPS protected by AntiDDoS (you can choose any port if you want);
EMULATOR-IP = Your real unprotected IP VPS;
EMULATOR-PORT = Your real unprotected IP port.
Then, press CTRL + X, press Y and press Enter;

4) Open the choosen port (PORT-PROXY) in the firewall;
5) Type these commands in order:
Code:
chmod a+x myproxy
Code:
service myproxy restart
6) Configure only the client PHP file with protected IP and protected port. In the emulator leave the original IP;
7) Start the emulator;
8) Go in this to test if your proxy work or not. Inside type the protected IP and protected port. If the port is open the proxy work, else I check if you've opened the port in the firewall.
9) Log in your client. ENJOY.

[I want to change my last configuration with a new IP. How to proceed?]
1) Type this command:
Code:
reboot
Then, wait until the protected VPS is rebooted;
2) Refollow all steps written above.
 
Last edited:

MayoMayn

BestDev
Oct 18, 2016
1,423
683
This thread contains so many misconceptions.
In general people from the retro community doesn't know how reverse proxies works.
Where does the term "Anti DDoS" come from in this context and how is a reverse proxy related to that?
If a pentester knows what he's doing you can follow the forwarded response and stil get the IP behind the proxy.
If your reverse proxy goes down, so does the connection to the forwarded IP, since the only connection you have from the client is the IP of your reverse proxy and if that's unavailable due to downtime you wouldn't be able to connect.

Any how nice tutorial ?
 

Marko97

M97 Project based Plus EMU
Aug 7, 2013
99
45
This thread contains so many misconceptions.
In general people from the retro community doesn't know how reverse proxies works.
Where does the term "Anti DDoS" come from in this context and how is a reverse proxy related to that?
If a pentester knows what he's doing you can follow the forwarded response and stil get the IP behind the proxy.
If your reverse proxy goes down, so does the connection to the forwarded IP, since the only connection you have from the client is the IP of your reverse proxy and if that's unavailable due to downtime you wouldn't be able to connect.

Any how nice tutorial ?

1) Anti DDoS because if you use a server with mitigation of attack, it's not easy to flood in the target;
2) In this forum how much people know how to bypass a reverse proxy?
3) If reverse proxy will go down, it is not my problem. I think about my server.
 

Users who are viewing this thread

Top