1) Install http proxy with socks support
sudo apt-get install privoxy
2) Install DNS cache server
sudo apt-get install dnsmasq
3) Install DNS socks proxy
git clone https://github.com/jtRIPper/dns-tcp-socks-proxy.git
cd dns-tcp-socks-proxy
make
4) Setup ssh connection to the external server, and listen on port 127.0.0.1:4567 (any one free)
ssh -p proto -D4567 user@ssh_server
5) Config privoxy listen on 127.0.0.1:8080, and forward to ssh socks at 127.0.0.1:4567:
cat /etc/privoxy/config
listen-address 127.0.0.1:8080
forward-socks5 / 127.0.0.1:4567 .
forward 192.168.*.*/ .
forward 10.*.*.*/ .
forward 127.*.*.*/ .
6) Config dnsmasq with upstream server point to dns-tcp-socks-proxy first
cat /etc/dnsmasq.conf
resolv-file=/etc/resolv-dnsmasq.conf
strict-order
server=/221.24.172.in-addr.arpa/internal_dns_ip
server=/61.24.172.in-addr.arpa/internal_dns_ip
server=/62.24.172.in-addr.arpa/internal_dns_ip
server=/63.24.172.in-addr.arpa/internal_dns_ip
interface=eth0
bind-interfaces
log-queries
log-dhcp
With such configuration, dnsmasq will listen on eth0 interface and 127.0.0.1, and forward the query to the DNS resolver defined in /etc/resolv-dnsmasq.conf.
the strict-order directory force dnsmasq to select the dns server according to the order of item defined in /etc/resolv-dnsmasq.conf
cat /etc/resolv-dnsmasq.conf
nameserver 127.0.0.2
nameserver 172.24.63.211
nameserver 172.24.63.212
7) Config dns-tcp-socks-proxy listen to dnsmasq, and forward the query to the ssh socks, here 127.0.0.1:4567
cat dns_proxy.conf
socks_port = 4567
socks_addr = 127.0.0.1
listen_addr = 127.0.0.2
listen_port = 53
set_user = nobody
set_group = nobody
resolv_conf = /etc/dns_proxy/resolv.txt
log_file = /dev/null
8) Config the local dns resolver to 127.0.0.1
cat /etc/resolv.conf
nameserver 127.0.0.1
9) Sync android source code over SSH
repo sync
10) Note, with such configuration, we have:
http/https local proxy at 127.0.0.1:8080, forward to the external server via socks
dns local cache proxy at 127.0.0.1:53, forward to the external server vis socks