PackageNylon

Overview of additional packages: AdditionalPackages

Nylon

Nylon is a light socks v4/v5 proxy server.

Features

• Can use a configuration file
• Allows to specify adress/port binding
• Has access/deny option to allow/disallow its use

Download

not_yet_available

Source

In order to compile Nylon, you will need the following :

• Nylon 1.2 source code located at : http://monkey.org/~~marius/pages/?page=nylon
  
• Libevent 0.9 source code located at : http://monkey.org/~~provos/libevent/

Compiling

You will need to compile libevent before Nylon as the libevent is requires by Nylon compilation process.

libevent:

    # cd /path/of/libevent-0.9/
    # CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc ./configure --host=mipsel-linux
    # make

nylon:
edit /path/of/nylon-1.2/configure and comment all references to LIBS="-lnsl..." or LIBS="-lresolv ..." then

    # cd /path/of/nylon-1.2/
    # CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc CFLAGS=-Os LDFLAGS=--all-static ./configure --host=mipsel-linux --with-libevent=<where_your_previously_compiled_libevent.a_is>
    # make
    # cd src
    # mipsel-uclibc-strip --remove-section=.comment --remove-section=.note ./nylon

You will then get a dynamically linked and stripped Nylon executable in the src subdir.

Installation

Note: You will need the Flashfs-boot configuration method for running Nylon. Info on Flashfs-boot can be found here: FlashfsBoot .

Upload Nylon (located in the 'src/' subdir) to your wl500g.
'nylon -h' will give you some usefull information !

I'm using the following config-file in /usr/local/etc/nylon.conf:

  # general settings
  [General]

  # number of simultaneous connections allowed
  No-Simultaneous-Conn=1

  # log connections and other information to syslog? 1: on, 0: off
  Log=0

  # be verbose on the console? 1: on, 0: off
  Verbose=0

  # store pid file
  PIDfile=/tmp/nylon.pid

  # server settings
  [Server]

  # interface to listen to connections
  Binding-Interface=eth1

  # interface to bind outgoing connections to
  Connecting-Interface=eth1

  # listening port to bind to
  Port=1080

  # allowed is processed first, then deny

  # allowable connect ips/ranges
  Allow-IP=x.x.x.x/32

  # denied connect ips/ranges
  #Deny-IP=0.0.0.0/0

and start nylon with the following command-line:

     # /path_of/nylon -c /usr/local/etc/nylon.conf -4 -n

Important notes:

• Don't forget that your Nylon binary will be lost on the next reboot, so put it on an external drive :).
• You can try adding Nylon to flashfs by moving it in /usr/local/sbin and run flashfs save ; flashfs commit. Be sure your flashfs.tar.gz is under 64k before comitting !
  
• If you created 'nylon.conf' in /usr/local/etc, don't forget to run flash save ; flashfs commit in order to save it into flash.

Adding Nylon to Oleg's firmware

If people are interested in adding nylon to Oleg's Firmware, here is the change I've made to Oleg's Makefile :

LIBEVENT=libevent-0.9
NYLON=nylon-1.2
...
...
libevent:
      @rm -rf $(TOP)/$(LIBEVENT) $(TOP)/libevent
      tar xjf $(LIBEVENT).tar.bz2 -C $(TOP)
      cd $(TOP)/$(LIBEVENT) && \
        CC=$(CC) ./configure --host=mipsel-linux
      mv $(TOP)/$(LIBEVENT) $(TOP)/libevent
      make -C $(TOP)/libevent

$(TOP)/nylon/config.h:
      @rm -rf $(TOP)/$(NYLON) $(TOP)/nylon
      tar xjf $(NYLON).tar.bz2 -C $(TOP)
      patch -d $(TOP)/$(NYLON) -p1 < $(NYLON).patch
      cd $(TOP)/$(NYLON) && \
        CC=$(CC) CFLAGS=-Os ./configure --host=mipsel-linux \
        --with-libevent=$(TOP)/libevent
      mv $(TOP)/$(NYLON) $(TOP)/nylon

nylon: $(TOP)/nylon/config.h
      make -C $(TOP)/nylon

nylon-install: libevent nylon
      install -d $(PREFIX)/usr/sbin
      $(STRIP) $(TOP)/nylon/src/nylon -o $(PREFIX)/usr/sbin/nylon

• add Nylon-install in 'install:' entry :

install: prep busybox-install dropbear-install dnsmasq-install p910nd-install \
        etherwake-install ntpclient-install bpalogin-install iproute2-install \
        nylon-install samba-install $(TOP)/mipsel

• use the following nylon-1.2.patch :

--- nylon-1.2/configure 2003-06-08 07:57:47.000000000 +0200
+++ nylon-1.2-mychange/configure 2004-08-27 15:37:18.000000000 +0200
@@ -2282,5 +2282,5 @@
 else
   ac_check_lib_save_LIBS=$LIBS
-LIBS="-lnsl  $LIBS"
+#LIBS="-lnsl  $LIBS"
 cat >conftest.$ac_ext <<_ACEOF
 #line 2286 "configure"
@@ -2330,5 +2330,5 @@
 EOF

-  LIBS="-lnsl $LIBS"
+#  LIBS="-lnsl $LIBS"

 fi
@@ -2340,5 +2340,5 @@
 else
   ac_check_lib_save_LIBS=$LIBS
-LIBS="-lresolv  $LIBS"
+#LIBS="-lresolv  $LIBS"
 cat >conftest.$ac_ext <<_ACEOF
 #line 2344 "configure"
@@ -2388,5 +2388,5 @@
 EOF

-  LIBS="-lresolv $LIBS"
+#  LIBS="-lresolv $LIBS"

 fi
diff -r -U 2 nylon-1.2/src/nylon.c nylon-1.2-mychange/src/nylon.c
--- nylon-1.2/src/nylon.c 2003-06-08 07:56:47.000000000 +0200
+++ nylon-1.2-mychange/src/nylon.c 2004-08-27 15:37:34.000000000 +0200
@@ -82,5 +82,5 @@
      conf_path = SYSCONFDIR "/nylon.conf";
      use_syslog = noresolve = verbose = verbose_dump = foreground = 0;
-     pidfilenam = "/var/run/nylon.pid";
+     pidfilenam = "/tmp/nylon.pid";
      bind_port = mirror_addr = connect_ifip = bind_ifip = NULL;
      allow_hosts = "127.0.0.1";

Related links

Topics on Chupa.nl Forum: http://forum.chupa.nl/showthread.php?t=798

Known problems

• None as far as I've tested it. I haven't test for a long time so I don't know much about stability / memory needs, etc.