使用V2R做反向代理内网穿透

环境

内网服务器Prob1位于内网LAN1,
内网服务器Prob2位于内网LAN2,
外网服务器Serv1位于IP 123.123.123.123

内网节点配置

内网节点没有inbound,只需要配置一个reverse,一个outbound(以及默认的direct),一对路由规则

Prob1

{
  "log": {
    "loglevel": "debug",
    "access": "/var/log/v2r_tunnel_access.log",
    "error": "/var/log/v2r_tunnel_error.log"
  },
  "reverse":{
    "bridges":[
      {
        "tag":"bridge",
        "domain":"probe1.nowhere.com"
      }
    ]
  },
  "outbounds": [
    {
      "tag":"tunnel",
      "protocol":"vmess",
      "settings":{
        "vnext":[
          {
            "address":"123.123.123.123",
            "port":50103,
            "users":[
              {
                "id":"3301381f-6324-4d53-ad4f-1cda48b3012f",
                "alterId":64
              }
            ]
          }
        ]
      }
    },
    {
      "tag":"direct",
      "protocol":"freedom",
      "settings":{}
    }
  ],
  "routing":{
    "rules":[
      {
        "type":"field",
        "inboundTag":["bridge"],
        "domain":["full:probe1.nowhere.com"],
        "outboundTag":"tunnel"
      },
      {
        "type":"field",
        "inboundTag":["bridge"],
        "outboundTag":"direct"
      }
    ]
  }
}

 

外网服务节点配置

外网服务器没有outbound,对应每个内网节点,要配置一个portal,一对inbound和一对路由规则。在这种规则配置下,对应每一个protal,会有一个专门的inbound连接,方便用户端选择使用不同的内网。

{
  "log": {
    "loglevel": "debug",
    "access": "/var/log/v2r_access.log",
    "error": "/var/log/v2r_error.log"
  },
  "reverse":{
    "portals":[
      {
        "tag":"portal_probe2",
        "domain":"probe2.nowhere.com"
      },
      {
        "tag":"portal_probe1",
        "domain":"probe1.nowhere.com"
      }
    ]
  },
  "inbounds":[
    {
      "tag":"to_probe2",
      "port":50100,
      "protocol":"vmess",
      "settings":{
        "clients":[
          {
            "id":"234ffdb8-ef14-4278-a4e6-2af32cc312cf",
            "alterId":64
          }
        ]
      }
    },
    {
      "tag": "tunnel_probe2",
      "port":50101,
      "protocol":"vmess",
      "settings":{
        "clients":[
          {
            "id":"3301381f-6324-4d53-ad4f-1cda48b3012f",
            "alterId":64
          }
        ]
      }
    },

    {
      "tag":"to_probe1",
      "port":50102,
      "protocol":"vmess",
      "settings":{
        "clients":[
          {
            "id":"a11efdb8-ef34-4278-a4e6-2af32cc010fc",
            "alterId":64
          }
        ]
      }
    },
    {
      "tag": "tunnel_probe1",
      "port":50103,
      "protocol":"vmess",
      "settings":{
        "clients":[
          {
            "id":"3301381f-6324-4d53-ad4f-1cda48b3012f",
            "alterId":64
          }
        ]
      }
    }

  ],
  "routing":{
    "rules":[
      {
        "type":"field",
        "inboundTag":["to_probe2"],
        "outboundTag":"portal_probe2"
      },
      {
        "type":"field",
        "inboundTag":["tunnel_probe2"],
        "domain":["full:probe2.nowhere.com"],
        "outboundTag":"portal_probe2"
      },

      {
        "type":"field",
        "inboundTag":["to_probe1"],
        "outboundTag":"portal_probe1"
      },
      {
        "type":"field",
        "inboundTag":["tunnel_probe1"],
        "domain":["full:probe1.nowhere.com"],
        "outboundTag":"portal_probe1"
      }
    ]
  }
}

  

创建服务

对于已经运行了v2r的机器,可以再创建一个新的服务,例如

$ more /etc/systemd/system/v2r-tunnel.service 
[Unit]
Description=V2R Tunnel Service
Documentation=https://www.v2r.com/ 
After=network.target nss-lookup.target

[Service]
Type=simple
User=root
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true
ExecStart=/usr/bin/v2r/v2r -config /etc/v2r/config_tunnel.json
Restart=on-failure

[Install]
WantedBy=multi-user.target

 通过systemctl enable 命令加入开机自启动

上一篇:SqlServer中Datetime类型用Like查找的问题


下一篇:tunnel口