Sam - October 28, 2016

Setup Basic 3proxy Configuration

Installation

This instruction suitable for all Unix distributions. All commands above running with sudo privileges.

Installation from repository

First of all you need to check your system version and distributive

cat /etc/*-release

For ubuntu 14 and older or debian 6 and older based systems add next repository to your system:

add-apt-repository ppa:silvenga/3proxy

Do

apt-get update

And install 3proxy

Find the perfect Proxy Product.

Proxyrack offers a multiple options to suit most use cases, if you are unsure our 3 Day Trial allows you to test them all.
Security

Residential proxies

Never get blocked, choose your location
View all option available
Vault

Datacenter proxies

Super fast and reliable
View all option available
Try

3 Day Trial

Test all products to find the best fit
View all option available
apt-get install 3proxy

For CentOS systems use next commands:

rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

Check result with

yum repolist

And install

yum install 3proxy

Check out our full range of Residential Proxies

Check out our full range of Datacenter Proxies

Compiling from source code

Compiling from source code more preffer, becouse you will get latest version and instruction is same for all unix versions and distributives, for example installation from repository is not supported for latest Ubuntu versions

For compiling 3proxy form source code you need to install git, make and gcc

Type into your terminal

apt-get install gcc make git -y

Next, browse to home dir

cd ~
git clone https://github.com/z3APA3A/3proxy.git

this will download latest version of 3proxy to your machine

next step to compile it and setup

cd 3proxy
make -f Makefile.Linux

Next step to put files into correct path and setup autostart of service

mkdir /usr/local/etc/3proxy/bin –p
cp src/3proxy /usr/local/etc/3proxy/bin
cp ./scripts/rc.d/proxy.sh /etc/init.d/3proxy

For CentOS

chkconfig 3proxy on

For Debian

update-rc.d 3proxy defaults

Now you need to create config file

touch /usr/local/etc/3proxy/3proxy.cfg

Configuration

Main configuration

Main configuration file

daemon

If you running 3proxy from command line you need to uncomment it for close console, do not use it with service command.

First of all you need to change log path to UNIX format

log /var/log/3proxy.log D

How long your logs will stored in system

rotate 7

For restrict possible network causes in your system or set default network interface for proxy use external/internal parameters with ip address of needed interface

Authentication examples

auth none

None authentication, everybody who knows ip and port can use proxy

Note: there are a lot of proxy scanner in internet, be careful

auth strong

Authentication using login and password, specified in users.conf file

With strong option you need to create list of users and passwords in /usr/local/etc/3proxy/users.conf

Example with clear text password

users username:CL:password

Example with password hash

users username:NT:BF66EC776AD7125795882C742F011681

For generate NTLM hash from password you can use online tool

https://www.tobtu.com/lmntlm.php

Note: If you using not encrypted passwords, its strongly recommended to set permissions to users.conf file

chmod 600 users.conf

Reducing connection speed for clients

bandlimin <bitrate> <userlist> <sourcelist> <targetlist> <targetportlist> <commandlist>

For example, reduce speed to 100Kbps for user UserName

bandlimin 100 UserName

Additional you can disable limit for specify port, user or ip

Example, no limit for all users to https

nobandlimin * * * 443

Allow command

Commands allow, deny and flush are used to manage ACLs:

allow <userlist> <sourcelist> <targetlist> <targetportlist> <commandlist> <weekdaylist> <timeperiodlist> 
 deny <userlist> <sourcelist> <targetlist> <weekdaylist> <timeperiodlist> 
 flush

Http(s) proxy configuration

For using http proxy uncomment string

proxy

Next parameters can be setted, but not necessary

-pNUMBER change default server port to NUMBER

-u Never ask for username/password

-n disable NTLM authentication

-a (for proxy) – anonymous proxy (no information about client reported)

-a1 (for proxy) – anonymous proxy (random client information reported)

-a2 (for proxy) – generate Via: and X-Forwared-For: instead of Forwarded:
Default settings are:

proxy -p1328

In mostly this configuration will be enough for using proxy

Socks 4/5 proxy configuration

Configuration of SOCKS proxy is more simple than default proxy

For start this proxy add next line to config file

socks -p1080

This will enable socks proxy on 1080 port, any additional configuration not needed

Note: If you using http and socks proxy together use

flush

command before starting proxy to flush authorization information about client

Note: Be sure that you don`t have spaces at the line start!

How to start and stop service

For start or stop 3proxy with service use next command

service 3proxy start

or

service 3proxy stop

If your 3proxy was compiled you need to find process id and terminate it

ps aux | grep 3proxy

Sample output

root     10069 0.0 0.5 534188 2832 ?       Ssl 17:57   0:00 3proxy /etc/3proxy.conf

root     10269 0.0 0.4 11992 2204 pts/0   S+   18:14   0:00 grep 3proxy

Type to kill process

kill 10069

For start 3proxy type

3proxy /path/to/config/file

Summary

Example of config file

nserver 8.8.8.8

nserver 8.8.4.4

#Do not forget to comment it if you are using service command to start or stop daemon

daemon

users UserName:CL:Password

#include /usr/local/etc/3proxy/users.conf

log /var/log/3proxy.log D

external 0.0.0.0

internal 0.0.0.0

auth strong

flush

proxy -p3128 -n

flush

socks -p1080

Iptables

In some systems all incoming connections disabled by default

For allow it type next command

iptables -I INPUT -p tcp - -dport 3128 -j ACCEPT

You need change port 3128 to yours if you are using not default settings

Combinations of settings for acl

You can combine different settings for each block in configuration file.

For example it possible to set few authentification settings for each proxy type, limit speed, disable ports, etc.

For this you need to use ‘flush’ command, which used to finish with existing ACL and to start new one. It’s required to have different ACLs for different services.

Additional types of proxies

pop3p [options]

ftppr [options]

admin [options] 


dnspr [options] 


tcppm [options] <SRCPORT> <DSTADDR> <DSTPORT> 


udppm [options] <SRCPORT> <DSTADDR> <DSTPORT>

Descriptions:

proxy − HTTP/HTTPS proxy (default port 3128) 


socks − SOCKS 4/4.5/5 proxy (default port 1080) 


pop3p − POP3 proxy (default port 110) 


ftppr − FTP proxy (default port 21) 


admin − Web interface (default port 80) 


dnspr − caching DNS proxy (default port 53) 


tcppm − TCP portmapper 


udppm − UDP portmapper

Additional parameters for configuration file

3proxy have a lot of flexible settings which could help you with more elastic configuration, controlling users and use access control to web resources. Let`s look to few of them

maxconn <number>

sets maximum number of simulationeous connections to each services started after this command. Default is 100.

dialer <progname>

Execute progname if external name can’t be resolved. Hint: if you use nscache, dialer may not work, because names will be resolved through cache. In this case you can use something like http://dial.right.now/ from browser to set up connection.

system <command>

execute system command

setuid <uid>

calls setuid(uid), uid must be numeric. Unix only. Warning: under some Linux kernels setuid() works onle for current thread. It makes it impossible to suid for all threads.

setgid <gid>

calls setgid(gid), gid must be numeric. Unix only.

nscache <cachesize> nscache6 <cachesize>

Cache <cachesize>

records for name resolution (nscache for IPv4, nscache6 for IPv6). Cachesize usually should be large enougth (for example 65536).

Plugins

Plugins give additional power to 3proxy

plugin <path_to_shared_library> <function_to_call> [<arg1> ...]

Loads specified library and calls given export function with given arguments

Check out our full range of Residential Proxies

Check out our full range of Datacenter Proxies

Find the perfect Proxy Product.

Proxyrack offers a multiple options to suit most use cases, if you are unsure our 3 Day Trial allows you to test them all.
Security

Residential proxies

Never get blocked, choose your location
View all option available
Vault

Datacenter proxies

Super fast and reliable
View all option available
Try

3 Day Trial

Test all products to find the best fit
View all option available

Get Started by signing up for a Proxy Product