justuser-31/flatpak_proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: justuser-31/flatpak_proxy:f9f2b55bb732635d19bceff491a551d04f7977f7
Branches Tags
justuser-31/flatpak_proxy:main
..
compare: justuser-31/flatpak_proxy:main
Branches Tags
justuser-31/flatpak_proxy:main

8 Commits
f9f2b55bb7 .. main

Author SHA1 Message Date
justuser-31 7de0436517 Абсолютный путь до proxychains и его настроек 2026-06-11 13:18:29 +03:00
justuser-31 fa56fc6674 Update README.md 2026-06-11 13:18:29 +03:00
justuser-31 364f77ac8f Update README.md 2026-06-11 13:18:29 +03:00
justuser-31 75a1dc7b87 Merge branch 'main' of ssh://git.del.pw:2222/justuser-31/flatpak_proxy 2026-06-11 13:18:29 +03:00
justuser-31 fddeb0655a up 2026-06-11 13:18:29 +03:00
justuser-31 7a387bf35b Update README.md 2026-06-11 13:18:29 +03:00
justuser-31 fdc9dc2b01 Initial commit 2026-06-11 13:18:29 +03:00
justuser-31 448947c0eb Update README.md 2026-06-11 13:18:29 +03:00
4 changed files with 502 additions and 3 deletions
Expand all files Collapse all files
.gitignore
+4
View File
@@ -0,0 +1,4 @@
__pycache__
proxychains-ng-*
proxychains.tar.gz
proxychains_version.txt
README.md
+216 -3
View File
@@ -6,7 +6,7 @@
### Описание
Набор инструкций и небольшой скрипт для запуска flatpak приложения через локальный прокси (к примеру 127.0.0.1:2080) используя **proxychains-ng** \
Можно и через глобальный прокси но это не безопасно.
Можно и через публичный прокси но это не безопасно.
### (Полностью) ручной запуск
1. Скачать исходники из https://github.com/rofl0r/proxychains-ng/releases (`proxychains...tar.gz`)
@@ -193,14 +193,227 @@ socks5 127.0.0.1 2080
```
</details>
7. Поменять порт `2080` на любой удобный, если это нужно.
7. Поменять порт `2080` и/или адрес на любой удобный, если это нужно.
8. Получить команду запуска: `flatpak info --show-metadata YOUR.APP.HERE | grep command | cut -d '=' -f 2`
9. Зайти в желаемое приложение: `flatpak run --filesystem="~/proxychains:ro" --command="bash" YOUR.APP.HERE`
10. Проверить работу: `proxychains/proxychains4 -f proxychains/proxychains4.conf curl ipinfo.io`
11. Запустить команду запуска через `proxychains/proxychains4 -f proxychains/proxychains4.conf YOUR_COMMAND_HERE`
### Автоматическая настройка ⭐️
1. Запустить скрипт: `python setup.py`
2. Следовать подсказкам: указать адрес прокси (по умолчанию 127.0.0.1:2080), (кодовое) название приложения.
3. Скопировать команду после: `COMMAND: ` в разделе `Generated command`
Далее вы можете:
* создать ярлык и указать в `Exec=` эту команду вида: `Exec=/usr/bin/flatpak run ...`
* создать алиас для запуска .bashrc
* создать скрипт для запуска
# 🇺🇸 EN
## Content
* Description
* (Fully) manual start
* Automatic setup ⭐️
### Описание
Instructions set and small script for running flatpak app trought local proxy (for example 127.0.0.1:2080) using **proxychains-ng**
You can run and trought public proxy but it's not safe.
### (Fully) manual start
1. Download source code from https://github.com/rofl0r/proxychains-ng/releases (`proxychains...tar.gz`)
2. Unarchive wherever you like and got to directory in the terminal
3. Compile:
```
./configure
make
```
4. Create path for configuration and proxychains: `mkdir ~/proxychains`
5. Copy binaries: `cp proxychains4 libproxychains4.so ~/proxychains/`
6. Create configuration in `~/proxychains/proxychains4.conf` look like:
<details>
<summary>proxychains4.conf</summary>
```
# proxychains.conf VER 4.x
#
# HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#round_robin_chain
#
# Round Robin - Each connection will be done via chained proxies
# of chain_len length
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped).
# the start of the current proxy chain is the proxy after the last
# proxy in the previously invoked proxy chain.
# if the end of the proxy chain is reached while looking for proxies
# start at the beginning again.
# otherwise EINTR is returned to the app
# These semantics are not guaranteed in a multithreaded environment.
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
# Make sense only if random_chain or round_robin_chain
#chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
## Proxy DNS requests - no leak for DNS data
# (disable all of the 3 items below to not proxy your DNS requests)
# method 1. this uses the proxychains4 style method to do remote dns:
# a thread is spawned that serves DNS requests and hands down an ip
# assigned from an internal list (via remote_dns_subnet).
# this is the easiest (setup-wise) and fastest method, however on
# systems with buggy libcs and very complex software like webbrowsers
# this might not work and/or cause crashes.
proxy_dns
# method 2. use the old proxyresolv script to proxy DNS requests
# in proxychains 3.1 style. requires `proxyresolv` in $PATH
# plus a dynamically linked `dig` binary.
# this is a lot slower than `proxy_dns`, doesn't support .onion URLs,
# but might be more compatible with complex software like webbrowsers.
#proxy_dns_old
# method 3. use proxychains4-daemon process to serve remote DNS requests.
# this is similar to the threaded `proxy_dns` method, however it requires
# that proxychains4-daemon is already running on the specified address.
# on the plus side it doesn't do malloc/threads so it should be quite
# compatible with complex, async-unsafe software.
# note that if you don't start proxychains4-daemon before using this,
# the process will simply hang.
#proxy_dns_daemon 127.0.0.1:1053
# set the class A subnet number to use for the internal remote DNS mapping
# we use the reserved 224.x.x.x range by default,
# if the proxified app does a DNS request, we will return an IP from that range.
# on further accesses to this ip we will send the saved DNS name to the proxy.
# in case some control-freak app checks the returned ip, and denies to
# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
# of course you should make sure that the proxified app does not need
# *real* access to this subnet.
# i.e. dont use the same subnet then in the localnet section
#remote_dns_subnet 127
#remote_dns_subnet 10
remote_dns_subnet 224
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
### Examples for localnet exclusion
## localnet ranges will *not* use a proxy to connect.
## note that localnet works only when plain IP addresses are passed to the app,
## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
## Exclude connections to 192.168.1.0/24 with port 80
# localnet 192.168.1.0:80/255.255.255.0
## Exclude connections to 192.168.100.0/24
# localnet 192.168.100.0/255.255.255.0
## Exclude connections to ANYwhere with port 80
# localnet 0.0.0.0:80/0.0.0.0
# localnet [::]:80/0
## RFC6890 Loopback address range
## if you enable this, you have to make sure remote_dns_subnet is not 127
## you'll need to enable it if you want to use an application that
## connects to localhost.
# localnet 127.0.0.0/255.0.0.0
# localnet ::1/128
## RFC1918 Private Address Ranges
# localnet 10.0.0.0/255.0.0.0
# localnet 172.16.0.0/255.240.0.0
# localnet 192.168.0.0/255.255.0.0
### Examples for dnat
## Trying to proxy connections to destinations which are dnatted,
## will result in proxying connections to the new given destinations.
## Whenever I connect to 1.1.1.1 on port 1234 actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1:1234 1.1.1.2:443
## Whenever I connect to 1.1.1.1 on port 443 actually connect to 1.1.1.2 on port 443
## (no need to write :443 again)
# dnat 1.1.1.2:443 1.1.1.2
## No matter what port I connect to on 1.1.1.1 port actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1 1.1.1.2:443
## Always, instead of connecting to 1.1.1.1, connect to 1.1.1.2
# dnat 1.1.1.1 1.1.1.2
# ProxyList format
# type ip port [user pass]
# (values separated by 'tab' or 'blank')
#
# only numeric ipv4 addresses are valid
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5, raw
# * raw: The traffic is simply forwarded to the proxy without modification.
# ( auth types supported: "basic"-http "user/pass"-socks )
#
# !!!!!
# Else proxy will redirect all to localhost
localnet 127.0.0.0/255.0.0.0
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks5 127.0.0.1 2080
#socks5 127.0.0.1 9150
```
</details>
7. Change port `2080` and/or address to other if needed.
8. Get run command: `flatpak info --show-metadata YOUR.APP.HERE | grep command | cut -d '=' -f 2`
9. Go to the desired application: `flatpak run --filesystem="~/proxychains:ro" --command="bash" YOUR.APP.HERE`
10. Check work: `proxychains/proxychains4 -f proxychains/proxychains4.conf curl ipinfo.io`
11. Run running command trought `proxychains/proxychains4 -f proxychains/proxychains4.conf YOUR_COMMAND_HERE`
### Automatic setup ⭐️
1. Run script: `python setup.py`
2. Follow the prompts: set proxy's address (by default 127.0.0.1:2080), (code) application name.
3. Copy the command after: `COMMAND: ` in the section `Generated command`
Next you can:
* create shortcut and set in `Exec=` this command look like: `Exec=/usr/bin/flatpak run ...`
* create alias for start in .bashrc
* create script for start
proxychains4_conf.py
+168
View File
@@ -0,0 +1,168 @@
CONF = '''# proxychains.conf VER 4.x
#
# HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#round_robin_chain
#
# Round Robin - Each connection will be done via chained proxies
# of chain_len length
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped).
# the start of the current proxy chain is the proxy after the last
# proxy in the previously invoked proxy chain.
# if the end of the proxy chain is reached while looking for proxies
# start at the beginning again.
# otherwise EINTR is returned to the app
# These semantics are not guaranteed in a multithreaded environment.
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
# Make sense only if random_chain or round_robin_chain
#chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
## Proxy DNS requests - no leak for DNS data
# (disable all of the 3 items below to not proxy your DNS requests)
# method 1. this uses the proxychains4 style method to do remote dns:
# a thread is spawned that serves DNS requests and hands down an ip
# assigned from an internal list (via remote_dns_subnet).
# this is the easiest (setup-wise) and fastest method, however on
# systems with buggy libcs and very complex software like webbrowsers
# this might not work and/or cause crashes.
proxy_dns
# method 2. use the old proxyresolv script to proxy DNS requests
# in proxychains 3.1 style. requires `proxyresolv` in $PATH
# plus a dynamically linked `dig` binary.
# this is a lot slower than `proxy_dns`, doesn't support .onion URLs,
# but might be more compatible with complex software like webbrowsers.
#proxy_dns_old
# method 3. use proxychains4-daemon process to serve remote DNS requests.
# this is similar to the threaded `proxy_dns` method, however it requires
# that proxychains4-daemon is already running on the specified address.
# on the plus side it doesn't do malloc/threads so it should be quite
# compatible with complex, async-unsafe software.
# note that if you don't start proxychains4-daemon before using this,
# the process will simply hang.
#proxy_dns_daemon 127.0.0.1:1053
# set the class A subnet number to use for the internal remote DNS mapping
# we use the reserved 224.x.x.x range by default,
# if the proxified app does a DNS request, we will return an IP from that range.
# on further accesses to this ip we will send the saved DNS name to the proxy.
# in case some control-freak app checks the returned ip, and denies to
# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
# of course you should make sure that the proxified app does not need
# *real* access to this subnet.
# i.e. dont use the same subnet then in the localnet section
#remote_dns_subnet 127
#remote_dns_subnet 10
remote_dns_subnet 224
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
### Examples for localnet exclusion
## localnet ranges will *not* use a proxy to connect.
## note that localnet works only when plain IP addresses are passed to the app,
## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
## Exclude connections to 192.168.1.0/24 with port 80
# localnet 192.168.1.0:80/255.255.255.0
## Exclude connections to 192.168.100.0/24
# localnet 192.168.100.0/255.255.255.0
## Exclude connections to ANYwhere with port 80
# localnet 0.0.0.0:80/0.0.0.0
# localnet [::]:80/0
## RFC6890 Loopback address range
## if you enable this, you have to make sure remote_dns_subnet is not 127
## you'll need to enable it if you want to use an application that
## connects to localhost.
# localnet 127.0.0.0/255.0.0.0
# localnet ::1/128
## RFC1918 Private Address Ranges
# localnet 10.0.0.0/255.0.0.0
# localnet 172.16.0.0/255.240.0.0
# localnet 192.168.0.0/255.255.0.0
### Examples for dnat
## Trying to proxy connections to destinations which are dnatted,
## will result in proxying connections to the new given destinations.
## Whenever I connect to 1.1.1.1 on port 1234 actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1:1234 1.1.1.2:443
## Whenever I connect to 1.1.1.1 on port 443 actually connect to 1.1.1.2 on port 443
## (no need to write :443 again)
# dnat 1.1.1.2:443 1.1.1.2
## No matter what port I connect to on 1.1.1.1 port actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1 1.1.1.2:443
## Always, instead of connecting to 1.1.1.1, connect to 1.1.1.2
# dnat 1.1.1.1 1.1.1.2
# ProxyList format
# type ip port [user pass]
# (values separated by 'tab' or 'blank')
#
# only numeric ipv4 addresses are valid
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5, raw
# * raw: The traffic is simply forwarded to the proxy without modification.
# ( auth types supported: "basic"-http "user/pass"-socks )
#
# !!!!!
# Else proxy will redirect all to localhost
localnet 127.0.0.0/255.0.0.0
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
#socks5 127.0.0.1 9150'''
# socks5 127.0.0.1 2080
setup.py
+114
View File
@@ -0,0 +1,114 @@
from os import system, getenv
from os.path import exists, expanduser
from requests import get
from re import search
from subprocess import check_output
from proxychains4_conf import *
# --------------------------------------
# Variables
# --------------------------------------
REPO_URL="https://api.github.com/repos/rofl0r/proxychains-ng/releases/latest"
VERSION_FILE="proxychains_version.txt"
# --------------- END ------------------
# --------------------------------------
# Functions
# --------------------------------------
def download_latest(latest_info):
print('Downloading .tar.gz...')
download_url = latest_info['assets'][0]['browser_download_url']
downloaded = get(download_url).content
with open('proxychains.tar.gz', 'wb') as f:
f.write(downloaded)
print('Downloaded.')
def write_version(version):
with open(VERSION_FILE, 'w') as f:
f.write(version)
f.close()
def get_version():
with open(VERSION_FILE, 'r') as f:
version = f.read()
f.close()
return version
# --------------- END ------------------
# --------------------------------------
# MAIN CODE
# --------------------------------------
update_binaries = False # If version updated or version not exist
if exists(VERSION_FILE):
latest_info = get(REPO_URL)
if latest_info.status_code == 200:
latest_info = latest_info.json() # To json
local_version = get_version()
remote_version = latest_info['tag_name']
if local_version != remote_version:
download_latest(latest_info)
write_version(remote_version)
update_binaries = True
else:
latest_info = get(REPO_URL)
if latest_info.status_code == 200:
latest_info = latest_info.json() # To json
latest_version = latest_info['tag_name']
download_latest(latest_info)
write_version(latest_version)
update_binaries = True
else:
print('Error while get info about last release.')
exit(0)
if update_binaries:
print('Unarchive')
system('tar -xf proxychains.tar.gz')
print('cd && make')
system('cd proxychains-ng-* && ./configure && make')
print('Create ~/proxychains && copy binaries')
system('mkdir ~/proxychains && cp proxychains-ng-*/proxychains4 proxychains-ng-*/libproxychains4.so ~/proxychains/')
print('\n-------- Setup conf --------')
print('(VALUE) - value by default')
print('Enter "s" to skip setup')
host = input('Enter host (127.0.0.1): ')
if not host:
host = '127.0.0.1'
# If not skiped
if host != 's':
port = input('Enter port (2080): ')
if not port:
port = '2080'
print('----------- END ------------\n')
print('Create proxychains4.conf')
CONF += f'\nsocks5 {host} {port}'
with open(expanduser('~/proxychains/proxychains4.conf'), 'w') as f:
f.write(CONF)
f.close()
print('\n-------- Setup run ---------')
print('Example of app name: org.mozilla.firefox (look at `flatpak list`)')
app_name = input('Enter app name: ')
flatpak_info = check_output(['flatpak', 'info', '--show-metadata', app_name])
run_command = search(r'command=(\S+)', flatpak_info.decode('utf-8')).group(1)
print('----------- END ------------\n')
print('Generating proxy script')
with open(expanduser(f'~/proxychains/{app_name}_proxy.sh'), 'w') as f:
# OLD version work with most applications, but there are 1-2 with which it won't work
# f.write(f'proxychains/proxychains4 -f proxychains/proxychains4.conf {run_command}')
user = getenv("USER")
f.write(f'/home/{user}/proxychains/proxychains4 -f /home/{user}/proxychains/proxychains4.conf {run_command}')
f.close()
system(f'chmod +x ~/proxychains/{app_name}_proxy.sh')
print('\n---- Generated command -----')
print('Here your command for running proxyfied app (save it to some place, idk)')
print('You can make alias in .bashrc or script and place in shortcut, whatever you want.\n')
print(f'COMMAND: flatpak run --filesystem="~/proxychains:ro" --command="proxychains/{app_name}_proxy.sh" {app_name}')
print('----------- END ------------\n')
# --------------- END ------------------