I built a proxy network allowing me to access various resources across the Internet. As shown in the figure below, servers on different locations are deployed and connected by either direct proxy (solid line) or reverse proxy (dash line). connection mapping are labelled in the format of '(x to y) * z', indicating z groups of x clients each connecting to y servers.
by tools
- v2fly/v2ray-core: secure proxy, balancer, router
- Qv2ray/Qv2ray: v2ray gui for pc
- SagerNet/SagerNet: v2ray gui for android
- ntop/n2n: virtual LAN adaptor
- alexkirsz/dispatch-proxy: adaptor combiner
- nginx/nginx: server side http proxy, http reverse proxy, http port reuse
- haad/proxychains: proxy chains, socks,http->app, for pc
- proxifier: proxy chains, socks,http->app, for windows
- ambrop72/badvpn/tun2socks: socks->adaptor
- torproject/tor,tpo/applications/tor-browser: anonymous http
- FelisCatus/SwitchyOmega: socks,http->browser
by application senario
bypass GFW with server port access
- v2fly/v2ray-core+nginx/nginx: vmess+ws+tls->socks5, balancer, multiple domain cdn servers for acceleration and camouflage
bypass campus Internet outbound speed limit (campus has no LAN speed limit)
has LAN servers with server port access
- v2fly/v2ray-core+nginx/nginx: vmess+ws->socks5, balancer, multiple in-campus servers for acceleration, speed *= number of servers
without servers
- alexkirsz/dispatch-proxy: LAN + WLAN + USB LAN + USB hotspot: speed *= 4
reverse proxy without server port access
- v2fly/v2ray-core: reverse proxy
- microsoft/vscode: temporary port forwarding
LAN traversal with server root access
- ntop/n2n
notes
- campus LAN should be seen as public with even more strict censorship but less decryption ability, never use unencrypted proxy in campus LAN
- watch out for DNS leak, use firewall rules to block port 53 if necessary
- if necessary use firewall rules to block all connections except localhost proxy