1. # proxychains.conf VER 4.x
  2. #
  3. # HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
  6. # The option below identifies how the ProxyList is treated.
  7. # only one option should be uncommented at time,
  8. # otherwise the last appearing option will be accepted
  9. #
  10. dynamic_chain
  11. #
  12. # Dynamic - Each connection will be done via chained proxies
  13. # all proxies chained in the order as they appear in the list
  14. # at least one proxy must be online to play in chain
  15. # (dead proxies are skipped)
  16. # otherwise EINTR is returned to the app
  17. #
  18. strict_chain
  19. #
  20. # Strict - Each connection will be done via chained proxies
  21. # all proxies chained in the order as they appear in the list
  22. # all proxies must be online to play in chain
  23. # otherwise EINTR is returned to the app
  24. #
  25. #round_robin_chain
  26. #
  27. # Round Robin - Each connection will be done via chained proxies
  28. # of chain_len length
  29. # all proxies chained in the order as they appear in the list
  30. # at least one proxy must be online to play in chain
  31. # (dead proxies are skipped).
  32. # the start of the current proxy chain is the proxy after the last
  33. # proxy in the previously invoked proxy chain.
  34. # if the end of the proxy chain is reached while looking for proxies
  35. # start at the beginning again.
  36. # otherwise EINTR is returned to the app
  37. # These semantics are not guaranteed in a multithreaded environment.
  38. #
  39. #random_chain
  40. #
  41. # Random - Each connection will be done via random proxy
  42. # (or proxy chain, see chain_len) from the list.
  43. # this option is good to test your IDS :)
  45. # Make sense only if random_chain or round_robin_chain
  46. #chain_len = 2
  48. # Quiet mode (no output from library)
  49. #quiet_mode
  51. ## Proxy DNS requests - no leak for DNS data
  52. # (disable all of the 3 items below to not proxy your DNS requests)
  54. # method 1. this uses the proxychains4 style method to do remote dns:
  55. # a thread is spawned that serves DNS requests and hands down an ip
  56. # assigned from an internal list (via remote_dns_subnet).
  57. # this is the easiest (setup-wise) and fastest method, however on
  58. # systems with buggy libcs and very complex software like webbrowsers
  59. # this might not work and/or cause crashes.
  60. proxy_dns
  62. # method 2. use the old proxyresolv script to proxy DNS requests
  63. # in proxychains 3.1 style. requires `proxyresolv` in $PATH
  64. # plus a dynamically linked `dig` binary.
  65. # this is a lot slower than `proxy_dns`, doesn't support .onion URLs,
  66. # but might be more compatible with complex software like webbrowsers.
  67. #proxy_dns_old
  69. # method 3. use proxychains4-daemon process to serve remote DNS requests.
  70. # this is similar to the threaded `proxy_dns` method, however it requires
  71. # that proxychains4-daemon is already running on the specified address.
  72. # on the plus side it doesn't do malloc/threads so it should be quite
  73. # compatible with complex, async-unsafe software.
  74. # note that if you don't start proxychains4-daemon before using this,
  75. # the process will simply hang.
  76. #proxy_dns_daemon 127.0.0.1:1053
  78. # set the class A subnet number to use for the internal remote DNS mapping
  79. # we use the reserved 224.x.x.x range by default,
  80. # if the proxified app does a DNS request, we will return an IP from that range.
  81. # on further accesses to this ip we will send the saved DNS name to the proxy.
  82. # in case some control-freak app checks the returned ip, and denies to
  83. # connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
  84. # of course you should make sure that the proxified app does not need
  85. # *real* access to this subnet.
  86. # i.e. dont use the same subnet then in the localnet section
  87. #remote_dns_subnet 127
  88. #remote_dns_subnet 10
  89. remote_dns_subnet 224
  91. # Some timeouts in milliseconds
  92. tcp_read_time_out 15000
  93. tcp_connect_time_out 8000
  95. ### Examples for localnet exclusion
  96. ## localnet ranges will *not* use a proxy to connect.
  97. ## note that localnet works only when plain IP addresses are passed to the app,
  98. ## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
  100. ## Exclude connections to 192.168.1.0/24 with port 80
  101. # localnet 192.168.1.0:80/255.255.255.0
  103. ## Exclude connections to 192.168.100.0/24
  104. # localnet 192.168.100.0/255.255.255.0
  106. ## Exclude connections to ANYwhere with port 80
  107. # localnet 0.0.0.0:80/0.0.0.0
  108. # localnet [::]:80/0
  110. ## RFC6890 Loopback address range
  111. ## if you enable this, you have to make sure remote_dns_subnet is not 127
  112. ## you'll need to enable it if you want to use an application that
  113. ## connects to localhost.
  114. # localnet 127.0.0.0/255.0.0.0
  115. # localnet ::1/128
  117. ## RFC1918 Private Address Ranges
  118. # localnet 10.0.0.0/255.0.0.0
  119. # localnet 172.16.0.0/255.240.0.0
  120. # localnet 192.168.0.0/255.255.0.0
  122. ### Examples for dnat
  123. ## Trying to proxy connections to destinations which are dnatted,
  124. ## will result in proxying connections to the new given destinations.
  125. ## Whenever I connect to 1.1.1.1 on port 1234 actually connect to 1.1.1.2 on port 443
  126. # dnat 1.1.1.1:1234 1.1.1.2:443
  128. ## Whenever I connect to 1.1.1.1 on port 443 actually connect to 1.1.1.2 on port 443
  129. ## (no need to write :443 again)
  130. # dnat 1.1.1.2:443 1.1.1.2
  132. ## No matter what port I connect to on 1.1.1.1 port actually connect to 1.1.1.2 on port 443
  133. # dnat 1.1.1.1 1.1.1.2:443
  135. ## Always, instead of connecting to 1.1.1.1, connect to 1.1.1.2
  136. # dnat 1.1.1.1 1.1.1.2
  138. # ProxyList format
  139. # type ip port [user pass]
  140. # (values separated by 'tab' or 'blank')
  141. #
  142. # only numeric ipv4 addresses are valid
  143. #
  144. #
  145. # Examples:
  146. #
  147. # socks5 192.168.67.78 1080 lamer secret
  148. # http 192.168.89.3 8080 justu hidden
  149. # socks4 192.168.1.49 1080
  150. # http 192.168.39.93 8080
  151. #
  152. #
  153. # proxy types: http, socks4, socks5, raw
  154. # * raw: The traffic is simply forwarded to the proxy without modification.
  155. # ( auth types supported: "basic"-http "user/pass"-socks )
  156. #
  157. [ProxyList]
  158. # add proxy here ...
  159. # meanwile
  160. # defaults set to "tor"
  161. socks5 127.0.0.1 12334