用容器启动一个便捷快速可管控的 TCP 代理。

可供容器使用的配置文件:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

events {
    worker_connections  1024;
}


stream {
    log_format proxy '$remote_addr [$time_local] '
             '$protocol $status $bytes_sent $bytes_received '
             '$session_time "$upstream_addr" '
             '"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
    access_log /dev/stdout proxy ;

    server {
        listen 1080;
	      proxy_pass 172.17.0.1:7890;
      	allow 172.17.0.1;
      	allow 127.0.0.1;
      # 单独添加管理白名单 IP 的文件
      # include allow_ip.conf;
        deny all;
    }

}

启动:

1
2
3
4

docker run -d --name px1080 \
--network host \
-v /root/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf \
openresty/openresty:alpine

待补充:

  • lua 自主添加白名单 IP

    参考:https://www.jianshu.com/p/3f2fa52dc66a

  • 定期删除白名单 IP