Make every request from a separate IPv6 address.

Overview

Http Proxy IPv6 Pool

Make every request from a separate IPv6 address.

https://zu1k.com/posts/tutorials/http-proxy-ipv6-pool/

Tutorial

Assuming you already have an entire IPv6 subnet routed to your server, for me I purchased Vultr's server to get one.

Get your IPv6 subnet prefix, for me is 2001:19f0:6001:48e4::/64.

$ ip a
......
2: enp1s0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000
    ......
    inet6 2001:19f0:6001:48e4:5400:3ff:fefa:a71d/64 scope global dynamic mngtmpaddr 
       valid_lft 2591171sec preferred_lft 603971sec
    ......

Add route via default internet interface

ip route add local 2001:19f0:6001:48e4::/64 dev enp1s0

Open ip_nonlocal_bind for binding any IP address:

sysctl net.ipv6.ip_nonlocal_bind=1

For IPv6 NDP, install ndppd:

apt install ndppd

then edit /etc/ndppd.conf:

route-ttl 30000

proxy eth0 {
    router no
    timeout 500
    ttl 30000

    rule 2001:19f0:6001:48e4::/64 {
        static
    }
}

Now you can test by using curl:

$ curl --interface 2001:19f0:6001:48e4::1 ipv6.ip.sb
2001:19f0:6001:48e4::1

$ curl --interface 2001:19f0:6001:48e4::2 ipv6.ip.sb
2001:19f0:6001:48e4::2

Great!

Finally, use the http proxy provided by this project:

$ while true; do curl -x http://127.0.0.1:51080 ipv6.ip.sb; done
2001:19f0:6001:48e4:971e:f12c:e2e7:d92a
2001:19f0:6001:48e4:6d1c:90fe:ee79:1123
2001:19f0:6001:48e4:f7b9:b506:99d7:1be9
2001:19f0:6001:48e4:a06a:393b:e82f:bffc
2001:19f0:6001:48e4:245f:8272:2dfb:72ce
2001:19f0:6001:48e4:df9e:422c:f804:94f7
2001:19f0:6001:48e4:dd48:6ba2:ff76:f1af
2001:19f0:6001:48e4:1306:4a84:570c:f829
2001:19f0:6001:48e4:6f3:4eb:c958:ddfa
2001:19f0:6001:48e4:aa26:3bf9:6598:9e82
2001:19f0:6001:48e4:be6b:6a62:f8f7:a14d
2001:19f0:6001:48e4:b598:409d:b946:17c

Author

Http Proxy IPv6 Pool © zu1k, Released under the MIT License.

Blog zu1k.com · GitHub @zu1k · Twitter @zu1k_lv · Telegram Channel @peekfun

Comments
  • Don't crash when bit for 8 is set in prefix length

    Don't crash when bit for 8 is set in prefix length

    Using & 8 on the prefix_len will produce 8 if it has thwe bit for 8 set and 0 otherwise. So las will sometimes be 8 and sometimes be 0, and later whjen we shift a byte by las, if it is 8, it fails:

    thread 'tokio-runtime-worker' panicked at 'attempt to shift right with overflow', src/proxy.rs:121:30
    stack backtrace:
       0: rust_begin_unwind
                 at /rustc/a55dd71d5fb0ec5a6a3a9e8c27b2127ba491ce52/library/std/src/panicking.rs:584:5
       1: core::panicking::panic_fmt
                 at /rustc/a55dd71d5fb0ec5a6a3a9e8c27b2127ba491ce52/library/core/src/panicking.rs:142:14
       2: core::panicking::panic
                 at /rustc/a55dd71d5fb0ec5a6a3a9e8c27b2127ba491ce52/library/core/src/panicking.rs:48:5
       3: http_proxy_ipv6_pool::proxy::get_rand_ipv6
                 at ./src/proxy.rs:121:30
       4: http_proxy_ipv6_pool::proxy::Proxy::process_request::{{closure}}
                 at ./src/proxy.rs:64:25
    ...
    

    This PR changes the behavior so that las can be 0 through 7, but never 8. I'm not certain it ends up having the right value to make the algorithm correct, but it is at least always in range for the shift.

    opened by interfect 3
  • Unable to do apt update or apt install

    Unable to do apt update or apt install

    After i did the ip route and stuff. i can no longer do apt update or apt install

    Do you want to continue? [Y/n] y Ign:1 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 linux-libc-dev amd64 5.4.0-122.138 Err:1 http://security.ubuntu.com/ubuntu focal-updates/main amd64 linux-libc-dev amd64 5.4.0-122.138 404 Not Found [IP: 2001:67c:1562::15 80] Unable to correct missing packages. E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_5.4.0-122.138_amd64.deb 404 Not Found [IP: 2001:67c:1562::15 80] E: Aborting install.

    anyway to fix this?

    opened by oliking800 3
  • `eth0` in /etc/ndppd.conf is a mistake.

    `eth0` in /etc/ndppd.conf is a mistake.

    eth0 in /etc/ndppd.conf is a mistake.

    route-ttl 30000
    
    proxy eth0 {
        router no
        timeout 500
        ttl 30000
    
        rule 2001:19f0:6001:48e4::/64 {
            static
        }
    }
    

    change eth0 to enp1s0!

    opened by lmingzhi 1
  • Bump tokio from 1.18.1 to 1.18.4

    Bump tokio from 1.18.1 to 1.18.4

    Bumps tokio from 1.18.1 to 1.18.4.

    Release notes

    Sourced from tokio's releases.

    Tokio v1.18.3

    1.18.3 (September 27, 2022)

    This release removes the dependency on the once_cell crate to restore the MSRV of the 1.18.x LTS release. (#5048)

    #5048: tokio-rs/tokio#5048

    Tokio v1.18.2

    1.18.2 (May 5, 2022)

    Add missing features for the winapi dependency. (#4663)

    #4663: tokio-rs/tokio#4663

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • [Feature request] Auth

    [Feature request] Auth

    Hey, first of all I'd like to thank you for making this - it's great. I wanted to ask if it's possible to add authentication to this proxy? Like username & password.

    opened by shdx2 0
Owner
zu1k
A boy dreaming of traveling around the world.
zu1k
Proxy sentry request to a sentry server using a tunnel/proxy endpoint

Sentry Tunnel This is a proxy that forwards tunneled sentry requests to the real sentry server. The implementation is based on the explanation provide

Paul FLORENCE 14 Dec 20, 2022
No-nonsense, elegant request framework

Note: this crate is in an experimental sketch state. Please be careful if using on production environments. nerf nerf stands for: No-nonsense: Correct

Nam Junghyun 3 Dec 15, 2022
A skyline mod that enables manual choosing of desired input latency in Smash Ultimate, compatible with every online mode.

Latency Slider (Definitive Edition) This is a fork of - and an improvement upon - the original "Arena Latency Slider". Unfortunately, upon SSBU updati

null 8 Mar 5, 2024
A tool to aid in self-hosting. Expose local services on your computer, via a public IPv4 address.

innisfree A tool to aid in self-hosting. Expose local services on your computer, via a public IPv4 address. Why? Most of the data I maintain is local,

Conor Schaefer 7 Mar 19, 2022
Automatically updates your Cloudflare DNS records for specific zones. Especially useful if you have dynamic IP address

Cloudflare DNS updater What does it do? Cloudflare DNS updater updates specified dns records for specified zones effortlessly and automatically. It wa

Niko Huuskonen 8 Aug 30, 2022
Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...

tosh Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code... Inspired fro

Mark Vainomaa 409 Oct 23, 2022
⚡ Garry's Mod module that boosts performance by moving -condebug file I/O to a separate thread

This is a Garry's Mod server module that moves -condebug file I/O out of the main thread, which should significantly improve performance for noisy servers.

William 32 Dec 28, 2022
Unpack a CircleCI orb.yml into separate files compatible with orb packing

CircleCI Orb Unpacking Tool This CLI tool is designed to facilitate the process of migrating a CircleCI Orb to the Orb Development Kit format, where c

Xavientois 2 Jul 29, 2022
Unpack a CircleCI orb.yml into separate files compatible with orb packing

CircleCI Orb Unpacking Tool This CLI tool is designed to facilitate the process of migrating a CircleCI Orb to the Orb Development Kit format, where c

Voiceflow 2 Oct 18, 2022
Narrowlink securely connects devices and services together, even when both nodes are behind separate NAT

Narrowlink Narrowlink is a self-hosted platform that allows you to establish secure remote connections between devices within a network that may be hi

Narrowlink 355 Aug 17, 2023
rurl is like curl but with a json configuration file per request

rurl rurl is a curl-like cli tool made in rust, the difference is that it takes its params from a json file so you can have all different requests sav

Bruno Ribeiro da Silva 6 Sep 10, 2022
Http request smuggling vulnerability scanner

Request smuggler Http request smuggling vulnerability scanner Based on the amazing research by James Kettle. The tool can help to find servers that ma

null 204 Dec 18, 2022
QueingSimulator is an application that can be used to build intuitions about behavior of synchronous request/reply systems

Queueing Simulator QueingSimulator is an application that can be used to build intuitions about behavior of synchronous request/reply systems (such as

Joe Magerramov 7 Sep 11, 2022
Proxy sentry request to a sentry server using a tunnel/proxy endpoint

Sentry Tunnel This is a proxy that forwards tunneled sentry requests to the real sentry server. The implementation is based on the explanation provide

Paul FLORENCE 14 Dec 20, 2022
Plugin to request a relaunch when uploading a Skyline plugin through cargo skyline

restart-plugin A skyline plugin for allowing cargo-skyline (or other tools) to restart your game without you having to touch your controller. Install

null 1 Nov 21, 2021
An implementation of request routing via a singular grouped regex (with support for path parameter extraction).

rs-regex-router An implementation of request routing via a singular grouped regex (with support for path parameter extraction). Features Design approa

Harry 1 Nov 25, 2021
HTTP request logger

nosy - HTTP request logger How hard can it be to build your own HTTP request logger in Rust? Well, not that easy if you've never written a webapp in R

Manuel Hutter 1 Nov 26, 2021
A small monitoring process that checks if kstars is active, if not it sends a request to notify a user via telegram that it crashed

Astro monitor A small monitoring process that checks if kstars is active, if not it sends a request to notify a user via telegram that it crashed Inst

Mattia Procopio 2 Jan 10, 2022
HTTP microservice using Axum and Reqwest to request the Google Translate TTS endpoint without rate limits

HTTP microservice using Axum and Reqwest to request the Google Translate TTS endpoint without rate limits

Gnome! 5 Oct 5, 2022
Request-bound SQLx transactions for axum

axum-sqlx-rx Request-bound SQLx transactions for axum. Summary axum-sqlx-rx provides an axum extractor for obtaining a request-bound transaction. The

wasdacraic 25 Dec 15, 2022