2011年2月12日星期六

[GFW BLOG(功夫网与翻墙)] Script for Proxy

来源:http://pushchen.com/script-for-proxy/

有史以来本人写的最有技术含量的脚本,一个突破公司各种网络限制的代理脚本,貌似linux上也能跑,不过我主要是放在Mac下跑。
用了SSH的各种通道,终于不用公司的VPN也能连上办公室里的Windows了,这下随便在哪里都可以干活了,就不用一整天都傻不拉叽的坐在办公桌前了~~
话说,要不是公司的跳板机只对外开放了几个ssh的端口,也不用搞的这么复杂…用了两台Linux的Server做的转接…真是蛋疼。
写这个脚本还算是有收获的~至少搞清楚了exec, source和fork之间的区别,然后学会了case语句…然后值得注意的是,在检查进程状态时,如果通过wc -l判断返回结果的话,之前grep的时候别忘了加上”grep -v grep”,这个grep进程害了我无数次了。。
SSH做了Auth之后用起来各种方便,为神马之前不这么做呢!?(我笨……)考虑要不要把翻墙脚本也这么处理下?虽然现在用了两条指令(f.u.c.k.g.f.w, f.u.c.k.a.g.a.i.n) 来建立链接和断开重连,但是觉得不太好看啊~
另外还发现一点,在profile/bashrc里面写function,然后再做alias,貌似linux下启动会有问题?昨天同事的ubuntu就被我这么搞的进不了X-Window了…不知道mac下会怎么样?算了,保险起见还是不这么搞了。
下面是脚本源码,当然我已经把帐号、IP、端口神马的去掉了,否则太不安全了…
 
#! /bin/sh

# Setup the proxy server
# And also setup the connection to the Windows PC in the Office.
function SetUpProxy() {
_LocalProxy="-L 11322:127.0.0.1:11322"
for ((x=11;x<=30;++x));do
if ((x>=21&&x<=26)); then
continue
fi
printf -v _LocalProxy "%s -L 100%d:X.X.X.%d:[port]" \
"$_LocalProxy" "$x" "$x"
done
printf -v _SndaProxy \
"ssh -f -N -n -p [port] %s [user_name1]@[ip_addr]" \
"$_LocalProxy"
# Create a temp script to start the ssh tunnel.
# 'exec' will terminal current session, so we choose 'source'
_Date=$(date +%Y-%m-%d-%H-%M-%S)
echo "#! /bin/sh" > ~/.proxy.temp.$_Date
echo $_SndaProxy >> ~/.proxy.temp.$_Date
chmod +x ~/.proxy.temp.$_Date
source ~/.proxy.temp.$_Date
rm ~/.proxy.temp.$_Date

# Remote Desktop Proxy.
ssh -p 11322 -f -N -n -L 3389:[office-pc-ip]:3389 \
[user_name2]@127.0.0.1
}

# The function is to check if the proxy server is running
# When recover from a System Sleep, the proxy process will still
# be running, but the connection has already broken.
# If the connection has broken, the "ssh command" will be timeout.
function CheckProxyStatue() {
_ProcessStatue=`ps ux | grep ssh | grep
"[user_name1]@[ip_addr]" | grep -v grep | wc -l`
if [ $_ProcessStatue -eq 0 ]; then
return 1
fi # No SSH Process.

ssh -p 10011 feed@127.0.0.1 "echo 1" \
1> ~/.proxystatue 2> ~/.proxystatue &
# Store the last ssh process id
# On timeout, kill this process.
_LastProcessId=$!
sleep 3
_StillRemain=$(ps ux \
| grep "ssh -p 10011 [user_name3]@127.0.0.1" \
| grep -v grep | wc -l)
if [ $_StillRemain -eq 0 ]; then
rm -f ~/.proxystatue
return 0
else
kill $_LastProcessId
rm -f ~/.proxystatue
return 1
fi
return 1
}

# Close the Proxy Server
# Close both Remote Desktop Proxy and Server Proxy.
function CloseProxy() {
_RemoteProcess=`ps ux | grep ssh \
| grep [user_name2] | grep "3389:" \
| grep -v grep | awk '{print $2}'`
for _Pid in $_RemoteProcess; do
kill $_Pid
done

_ProcessStatue=`ps ux | grep ssh \
| grep "[user_name1]@[ip_addr]" \
| grep -v grep | awk '{print $2}'`
for _Pid in $_ProcessStatue; do
kill $_Pid
done
}

# Restart the Proxy Server.
function RestartProxy() {
CloseProxy
SetUpProxy
}

# The Script support 5 commands as below.
function PrintUsage() {
echo "sndaproxy Version 1.1"
echo "Use: start, restart, stop, statue, connect."
echo "Use help to see this print."
exit 1
}

# Parameter Checking.
if [ ! $1 ]; then
PrintUsage
fi

_Cmd=$1
case $_Cmd in
start)
CheckProxyStatue
if [ $? -eq 1 ]; then
SetUpProxy
fi
exit 0
;;
stop)
CloseProxy
exit 0
;;
restart)
RestartProxy
exit 0
;;
statue)
CheckProxyStatue
if [ $? -eq 1 ]; then
echo "Proxy to Snda is Stoped."
else
echo "Proxy to Snda is Established."
fi
exit 0
;;
connect)
if [ ! $2 ]; then
echo "Missing Second Parameter."
exit 1
fi
_IPID=$2
if (((_IPID>10&&_IPID<21)||(_IPID>26&&_IPID<31))); then
CheckProxyStatue
if [ $? -eq 1 ]; then
SetUpProxy
fi
ssh -p 100$_IPID feed@127.0.0.1
else
echo "No Such Server."
fi
exit 0
;;
*)
PrintUsage
esac

—————————————————————————————————————————

需要翻墙利器赛风? 请阅读和关注中国数字时代

推特用户请点击这里免翻墙上推特

请点击这里下载翻墙软件

更多翻墙方法请发电邮(最好用Gmail)到:fanqiang70ma@gmail.com

请阅读和关注中国数字时代翻墙技术博客GFW BLOG(免翻墙)

请使用Google Reader订阅中国数字时代中文版http://chinadigitaltimes.net/chinese/feed),阅读最有价值的中文信息;以及GFW BLOG(功夫网与翻墙)http://feeds2.feedburner.com/chinagfwblog,获取最新翻墙工具和翻墙技巧信息。




--
Posted By GFW BLOG 功夫网与翻墙 to GFW BLOG(功夫网与翻墙) at 2/12/2011 05:26:00 PM

--
1、我们的订阅地址:http://feeds2.feedburner.com/chinagfwblog。2、发一封标题为GFW的邮件到fanqiang70ma@gmail.com,就可获取翻墙利器赛风新地址。附《数字时代》赠阅版。3、本站热烈欢迎各位朋友投稿或推荐文章,请发邮件至chinagfwblog[at]gmail.com。
停止订阅,请发邮件到
gfw-blog+unsubscribe@googlegroups.com

没有评论:

发表评论