From 7f9e13d473807c231e8ad305ea888d809fba8445 Mon Sep 17 00:00:00 2001 From: Max Lv Date: Thu, 26 May 2016 10:14:59 +0800 Subject: [PATCH] Fix #647 --- Makefile.am | 2 +- Makefile.in | 2 +- man/ss-nat.1 | 123 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+), 2 deletions(-) create mode 100644 man/ss-nat.1 diff --git a/Makefile.am b/Makefile.am index 5d84f1e8..706069fb 100644 --- a/Makefile.am +++ b/Makefile.am @@ -6,7 +6,7 @@ endif ACLOCAL_AMFLAGS = -I m4 man_MANS = man/shadowsocks-libev.8 man/ss-server.1 man/ss-local.1 man/ss-redir.1\ - man/ss-manager.1 man/ss-tunnel.1 + man/ss-manager.1 man/ss-tunnel.1 man/ss-nat.1 pkgconfiglibdir = $(libdir)/pkgconfig pkgconfiglib_DATA = shadowsocks-libev.pc diff --git a/Makefile.in b/Makefile.in index c6481071..c75622e0 100644 --- a/Makefile.in +++ b/Makefile.in @@ -363,7 +363,7 @@ top_srcdir = @top_srcdir@ @USE_SYSTEM_SHARED_LIB_TRUE@SUBDIRS = libcork libipset src ACLOCAL_AMFLAGS = -I m4 man_MANS = man/shadowsocks-libev.8 man/ss-server.1 man/ss-local.1 man/ss-redir.1\ - man/ss-manager.1 man/ss-tunnel.1 + man/ss-manager.1 man/ss-tunnel.1 man/ss-nat.1 pkgconfiglibdir = $(libdir)/pkgconfig pkgconfiglib_DATA = shadowsocks-libev.pc diff --git a/man/ss-nat.1 b/man/ss-nat.1 new file mode 100644 index 00000000..3b6b2bbe --- /dev/null +++ b/man/ss-nat.1 @@ -0,0 +1,123 @@ +.ig +. manual page for shadowsocks-libev +. +. Copyright (c) 2012-2016, by: Max Lv +. All rights reserved. +. +. Permission is granted to copy, distribute and/or modify this document +. under the terms of the GNU Free Documentation License, Version 1.1 or +. any later version published by the Free Software Foundation; +. with no Front-Cover Texts, no Back-Cover Texts, and with the following +. Invariant Sections (and any sub-sections therein): +. all .ig sections, including this one +. STUPID TRICKS Sampler +. AUTHOR +. +. A copy of the Free Documentation License is included in the section +. entitled "GNU Free Documentation License". +. +.. +\# - these two are for chuckles, makes great grammar +.ds Lo \fBss-local\fR +.ds Re \fBss-redir\fR +.ds Se \fBss-server\fR +.ds Tu \fBss-tunnel\fR +.ds Ma \fBss-manager\fR +.ds Na \fBss-nat\fR +.ds Me \fBShadowsocks-libev\fR +. +.TH "SS-NAT" "1" "May 26, 2016" "SHADOWSOCKS-LIBEV" +.SH NAME +ss-nat \- helper script to setup NAT rules for transparent proxy + +.SH SYNOPSIS +\*(Na + [\fB\-ouUfh\fR] + [\fB\-s\fR \fIserver_ip\fR] [\fB\-S\fR \fIserver_ip\fR] [\fB\-l\fR \fIlocal_port\fR] + [\fB\-L\fR \fIlocal_port\fR] [\fB\-i\fR \fIip_list_file\fR] [\fB\-a\fR \fIlan_ips\fR] + [\fB\-b\fR \fIwan_ips\fR] [\fB\-w\fR \fIwan_ips\fR] [\fB\-e\fR \fIextra_options\fR] + +.SH DESCRIPTION +\*(Me is a lightweight and secure socks5 proxy. It is a port of the original +shadowsocks created by clowwindy. \*(Me is written in pure C and takes advantage +of \fBlibev\fP to achieve both high performance and low resource consumption. +.PP +\*(Na(1) sets up NAT rules for \*(Re(1) to provide traffic redirection. It +requires netfilter's NAT module and \fBiptables\fR(8). For more information, +check out \fBshadowsocks-libev\fR(8) and the following \fBEXAMPLE\fR section. + +.SH OPTIONS +.TP +.B \-s \fIserver_ip\fP +IP address of shadowsocks remote server +.TP +.B \-l \fIlocal_port\fP +Port number of shadowsocks local server +.TP +.B \-S \fIserver_ip\fP +IP address of shadowsocks remote UDP server +.TP +.B \-L \fIlocal_port\fP +Port number of shadowsocks local UDP server +.TP +.B \-i \fIip_list_file\fP +a file content is bypassed ip list +.TP +.B \-a \fIlan_ips\fP +LAN IP of access control, need a prefix to define access control mode +.TP +.B \-b \fIwan_ips\fP +WAN IP of will be bypassed +.TP +.B \-w \fIwan_ips\fP +WAN IP of will be forwarded +.TP +.B \-e \fIextra_options\fP +Extra options for iptables +.TP +.B \-o +Apply the rules to the OUTPUT chain +.TP +.B \-u +Enable udprelay mode, TPROXY is required +.TP +.B \-U +Enable udprelay mode, using different IP and ports for TCP and UDP +.TP +.B \-f +Flush the rules +.TP +.B \-h +Show this help message and exit +.TP + +.SH EXAMPLE +\*(Na requires \fBiptables\fR(8). Here is an example: + +.nf + # Enable NAT rules for shadowsocks, + # with both TCP and UDP redirection enabled, + # and applied for both PREROUTING and OUTPUT chains + root@Wrt:~# ss-nat -s 192.168.1.100 -l 1080 -u -o + + # Disable and flush all NAT rules for shadowsocks + root@Wrt:~# ss-nat -f +.fi + +.SH SEE ALSO +.BR \*(Lo (1), +.BR \*(Se (1), +.BR \*(Tu (1), +.BR \*(Ma (1), +.BR shadowsocks-libev (8), +.BR iptables (8), +/etc/shadowsocks-libev/config.json +.br +.SH AUTHOR +shadowsocks was created by clowwindy and +shadowsocks-libev was maintained by Max Lv and Linus Yang +. +.PP +This manual page was written by Max Lv . +.PP +The manual pages were rearranged by hosiet <073plan@gmail.com>.