#在外网机器上加入这些iptables
iptables -t nat --flush
iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to-destination 10.29.x.x:22
iptables -t nat -A POSTROUTING -d 10.29.x.x -p tcp --dport 22 -j SNAT --to 10.171.x.x
iptables-save > /etc/iptables.up.rules
echo "pre-up iptables-restore < /etc/iptables.up.rules" > /etc/network/interface
--------上面这段是支持直接用2222端口连接入内网
在外网机器 的nginx加入以下配置,设置HTTP代理
server {
listen 9999 ;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
resolver 114.114.114.114;
proxy_pass http://$http_host$request_uri;
}
}
----------
在内网机器里加入:
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export http_proxy=http://10.171.212.249:9999
修改:/etc/apt/source.list 为 ustc.edut.cn的源
deb http://mirrors.ustc.edu.cn/debian stable main contrib non-free
# deb-src http://mirrors.ustc.edu.cn/debian stable main contrib non-free
deb http://mirrors.ustc.edu.cn/debian stable-updates main contrib non-free
# deb-src http://mirrors.ustc.edu.cn/debian stable-updates main contrib non-free
# deb http://mirrors.ustc.edu.cn/debian stable-proposed-updates main contrib non-free
# deb-src http://mirrors.ustc.edu.cn/debian stable-proposed-updates main contrib non-free
deb http://mirrors.ustc.edu.cn/dotdeb jessie all
deb-src http://mirrors.ustc.edu.cn/dotdeb jessie all
------------
添加了dotdeb的源后,需要处理一下(官网是https,其实也支持http)
wget http://www.dotdeb.org/dotdeb.gpg
cat dotdeb.gpg | apt-key add -
--------
至此,全部完成。由于有http_proxy,现在curl/wget,默认都可以用代理 了。只是https的不行。先这样了