Proxysmart README

Proxysmart - software for building 4g proxies.

1. Proxysmart manual.

1. Brief details

I have developed a software that allows you to run your own 4g proxy farm. It runs on a Linux box (PC\laptop) with USB hub and the modems.

Functions:

Basic configuration.

Variables are set /etc/proxysmart/conf.txt.

Each variable has brief description in place.

2. Adding a new modem (USB)

2.1. Adding a LAN modem.

Configure the server with 2 LAN cards

Assume you have 2 LAN cards, enp6s0 main LAN, enp2s0 is dedicated for LAN modems:

nmcli con

NAME                UUID                                  TYPE      DEVICE 
Wired connection 1  bbbee134-51c3-3830-801f-9636470e0708  ethernet  enp6s0
Wired connection 2  000ed912-2d99-3f37-882b-d79ad13102e7  ethernet  enp2s0 
nmcli con modify Wired\ connection\ 2 con-name HUBS
nmcli con modify HUBS ipv4.method manual \
    ipv4.addresses 192.168.10.100/24 ipv6.method disabled ipv4.route-metric 300 

So you will add the LAN modems to 192.168.10.0/24 network as 192.168.10.1, 192.168.10.2 etc.

systemctl restart NetworkManager

Delete old route

ip ro del default via 192.168.10.1

Confirm you have only 1 default route via main LAN:

ip ro

Output

default via 192.168.1.1 dev enp6s0 proto static metric 100 

Add the modem

On the server, edit the /etc/proxysmart/lan_modems.yaml file, add a line

- { gw: 192.168.10.10, dev: lanmodem10 }

The line contains its unique IP and the word lanmodem10 ( constructed from a word lanmodem plus a unique number ).

Then either wait 5 minutes or run the command proxysmart reset_gently, it will find new modems. Then , refresh the proxysmart Web App and assign proxy logins and passwords to the new modems.

3. Proxy credentials for new modems

When adding new modems, please use

If you want different ports ranges, update firewall.conf accordingly.

4. Where is WebApp

One of

By default login/password are proxy / proxy.

5. How to use proxies

6. Get list of all modems & their external IPs

Run: proxysmart.sh show_status for table-alike output.

7. Reconfigure all modems & proxies.

Run: proxysmart.sh reset_complete

It is done after reboot automatically by a Cron job.

8. How to change proxy credentials for a modem. How to rename a modem.

WebApp method

Old map.txt method

9. Reset (change) IP on a modem.

The options are below.

Click Reset Ip button.

Run: proxysmart.sh reset_quick_nick dongle1

Where dongle1 is a Dongle "nickname" that is seen from output of proxysmart.sh show_status

check WEB API section of this manual.

How to rotate a modem periodically?

Update modem's settings in the WebApp and click APPLY.

For global setting, edit /etc/proxysmart/conf.txt and set AUTO_IP_ROTATION=5 in order to rotate each modem every 5th minute. If set to 0, automatic IP rotation is not done. You can also set hourly rotation, set 120 for every 2h rotation.

Install a Cron job. Edit a file /etc/cron.d/proxysmart, add a line ( or uncomment a commented line.. )

*/10 * * * * root run-one /usr/local/bin/proxysmart.sh reset_quick_nick dongle3

so that a modem with the Nickname dongle3 is rotated every 10 min.

Repeat for each modem you want to rotate periodically.

10. How many modems can I run on a single computer?

Hi , technically it depends on how powerful this PC is, and how intensively proxies are used.

Also it depends on what Plan you buy.

Also it depends on USB configuration, for maximum number of modems:

11. How to set TTL and why?

In some cases custom TTL must be set in order to have Cell Operator think we are not using the modem in hotsport \ tethering mode. I.e. we don't share its data. By default Linux OS has ttl = 64. To change Cell Operator perception of the situation, we want to set it +1 i.e. 65.

Edit /etc/proxysmart/conf.txt and set CUSTOM_TTL_SET=1 and CUSTOM_TTL_VALUE=65 and regenerate settings.

12. How to set MTU and why?

In some cases different MTU values connect with different types of ISP's. You may want to change it.

Mtu can be only lowered. E.g. if you have MTU 1390, you can set 1340. Not opposite.

Edit /etc/proxysmart/conf.txt and set CUSTOM_MTU_SET=1 , CUSTOM_MTU=1410.

Set in the WebApp for each modem.

13. How to set extra settings for a modem.

Those are optional and are set in the WebApp

14. How can I access the web interface admin panel of each modem?

Just visit what you are seeing as GW (it is a modem IP) via corresponding proxy, and use the login & password as desribed below.

14.1. How can I prevent access to modems web interface via proxy?

Since 2023-09-10 it is enabled by default.

Edit /etc/proxysmart/conf.txt and set

PROXY_ADMIN_ENABLE=1
PROXY_ADMIN_LOGIN=admin
PROXY_ADMIN_PASS=Hqmz81mmZr

And regenerate configs. So only admin user is allowed to use modems web interfaces, and normal proxy users are not.

15. How to set monthly traffic quota per modem?

In the WebApp, set monthly traffic quota. Click EDIT & APPLY.

16. How to make my proxes Open (i.e. not requiring authentication )

Set OPEN_PROXIES=1 in /etc/proxysmart/conf.txt and regenerate all configs.

Note, when proxy ports are forrwarded via a VPS, the proxies are available to any internet user. Use it with caution.

17. Get monthly/daily proxy usage.

Click bandwitdh stats in the WebApp, or run proxysmart.sh bandwidth_report_json dongleXXX, you will see these columns:

18. How to get current number of connections for a modem?

Run a command

ss -o state established | grep -c :8038

But change 8038 with HTTP port of a desired proxy

19. How to read SMS from a modem.

You have these options.

  1. Browse to the modem IP ( it is shown as GW in proxysmart.sh show_status ) through the proxy. Click SMS button.
  2. run proxysmart.sh list_sms_for_a_modem_by_imei_json 999999999999999 i.e. IMEI of required modem.
  3. Click SMS in the WebApp

20. How to change WebApp password for http://localhost:8080/

By default it is set to proxy / proxy. The password sits on the server's folder /etc/nginx/. It Can be updated from the Terminal , with the command as follows:

 sudo htpasswd -b /etc/nginx/htpasswd proxy NewAweSomePassword999999

Then it will ask for password for current Ubuntu user.

How to change WEB port

edit /etc/nginx/sites-enabled/proxysmart.nginx and set other port and restart Nginx.

21. OS Spoofing

Os Spoofing is used to simulate other OS TCP fingerprints, MacOS \ iOS \ Windows \ Android

How to enable OS Spoofing?

It applies to all modems at once.

android   1 
android   3 
ios   1 
ios   2  
macosx   1 
macosx   2 
macosx   3 
macosx   4  
windows   1
windows   2 
windows   3 

How to test OS Spoofing ?

Visit one of these websites (IP checkers) through a proxy. Find something like "OS TCP fingerprints".

What OS can I spoof?

MacOS \ iOS \ Windows \ Android

Can I dump OS TCP fingerprint from a real device and use it?

Yes, contact me.

I enabled OS TCP spoofing, but it is not working!

The reason may be that the operator passes all traffic through its internal proxy, or in other way modifies TCP signatures. Then local OS TCP modifications are overwritten. Is it bad? No! Because still traffic looks natural as it was coming from this operator network.

Try other operator.

22. Performance tuning

When >10 modems are added, and when modem list is generated slowly, play with MAX_PARALLEL_WORKERS_STATUS variable, e.g. set it to 2 or 4. On faster CPU's it can be set to 8.

Also try to disable OS TCP reporting, i.e. set ENABLE_VALDIK=0 in /etc/proxysmart/conf.txt. It will also make modem list generation faster.

Also you can disable detailed status, set QUICK_STATUS=1 in /etc/proxysmart/conf.txt & refresh the WebApp.

23. How to lock network mode per modem

Set TARGET_MODE in its settings in the Proxysmart WebApp. Allowed values:

24. What if a modem connected via 3G or 2G, and I want 4G?

Rotate its IP.

25. I want to add extra users to a proxy

In the WebApp, click EDIT on a modem, add some extra users, click APPLY.

26. Is IPV6 supported?

Yes but it's off by default.

On modems , edit APN and set APN type for both IPv4 and IPv6 , e.g. Ip4Ip6 or Ip4+ip6, there is a dropdown list for that.

On Proxysmart box: Update /etc/proxysmart/conf.txt with

and reset configuration proxysmart.sh reset_complete ; or even better do a reboot.

27. Nagios\Naemon integration.

There is a plugin embedded, run it as root,

/usr/lib/nagios/plugins/proxysmart-nagios-helper.sh IMEI

or

/usr/lib/nagios/plugins/proxysmart-nagios-helper.sh NICKNAME

so it will return OK/WARN/CRIT/UNKNOWN and corresponding exit code.

These links

A link can be retrieved this way: Open dongle status (click on its IMEI!) in the WebApp, take RESET_SECURE_LINK->URL value.

If you realized you gave a link to a customer, and want to revoke it, just set new password for the proxy.

If you want to invalidate all links of all modems, set a new secret: set RESET_LINK_SECRET in /etc/proxysmart/conf.txt .

29. QUIC (UDP) support on Socks5 proxies, for HTTP/3.0

It is needed for proper work of HTTP/3.0 which uses UDP.

QUIC (UDP over socks5) will work either in your LAN or via a VPS. Steps are below.

Install Gost

ARCH=linux-amd64
VER=2.11.3
curl -L -o /tmp/gost.gz https://github.com/ginuerzh/gost/releases/download/v$VER/gost-$ARCH-$VER.gz
gunzip -dc /tmp/gost.gz  > /usr/local/bin/gost.new
chmod 755 /usr/local/bin/gost.new
mv  /usr/local/bin/gost.new /usr/local/bin/gost
gost -V

if Haproxy is not installed, do nothing.

if Haproxy installed: free up SOCKS ports (5xxx) from Haproxy.

Run on VPS:

echo 'fwd  ALL=NOPASSWD:  ALL' >  /etc/sudoers.d/proxysmart 
chmod 400 /etc/sudoers.d/proxysmart
usermod -s /bin/bash fwd

set in /etc/proxysmart/conf.txt : QUIC_SUPPORT=1 and run proxysmart.sh reset_complete.

29. "Dirty" IP reset.

It may be needed when you need even faster IP reset. In this case, post-checks are not made, so it is not sure if the modem really went online after IP reset. It can be activated by DIRTY_IP_ROTATION=1 in /etc/proxysmart/conf.txt.

30. Exclude some modems

In /etc/proxysmart/conf.txt

31. Use custom Speedtest server.

It is useful when for some reason you want to run speed tests towards a custom server, instead of Ookla servers. So set up a Apache web server with a large file (500MB) and get 2 URL's, one will test download and 2nd will test upload. The latter must accept large POST data.

The commands to setup a server part

apt install apache2
dd if=/dev/urandom  of=/var/www/html/file.bin bs=1M count=500

Update /etc/proxysmart/conf.txt with IP of the WEB server:

SPEEDTEST_CUSTOM=1  
DL_URL=http://$VPS/file.bin
UL_URL=http://$VPS/i.php

32. Minimum time between IP rotations

If you want to avoid too frequent IP rotations triggered by your users -- set MINIMUM_TIME_BETWEEN_ROTATIONS=120 e.g. for 120 seconds minimum delay in /etc/proxysmart/conf.txt .

33. How to block domains

Note for Socks5 proxies

When a domain blacklist is imposed, then by default users still can access blocked sites by their IP's.

In order to prevent it, set DENY_IP_REQUESTS=1 and VERSION_3PROXY=0.9 in /etc/proxysmart/conf.txt and run proxysmart.sh reset_complete for resetting all configuration.

33.a. How to allow only whitelisted domains.

34. How to re-rotate IP when IP doesn't change?

In /etc/proxysmart/conf.txt set RETRY_IP_ROTATIONS=1 .

So when Old_IP == New_IP, then IP rotation is retried. Up to MAX_RETRY_IP_ROTATIONS attempts which is by default 3.

35. How to forward proxy ports using HAproxy?

Why? In order to enable client IP whitelisting, i.e. 3proxy on proxysmart server will see original client IP and will be able to use whitelising.

Steps:

1. On Proxysmart server

2. On the VPS

Run apt install haproxy rsyslog

3. Copy Haproxy and Syslog conf files from the Proxysmart server files to the VPS

scp them from the Proxysmart server to the VPS. $VPS variable is sourced from the conf.txt

source /etc/proxysmart/conf.txt
cd /usr/share/doc/proxysmart/examples/haproxy_integration/
scp etc/haproxy/haproxy.* $VPS:/etc/haproxy/
scp etc/rsyslog.d/49-haproxy.conf $VPS:/etc/rsyslog.d/

4. On the VPS

Run

touch /var/log/haproxy.log
chown syslog:syslog /var/log/haproxy.log 

systemctl restart rsyslog.service 
systemctl restart haproxy.service 
systemctl status haproxy.service

Must be green and show active(running).

5. Post check

Test a proxy via VPS IP and you will original client IP in 3proxy logs.

36. How to use newer 3proxy version 0.9 ?

Edit /etc/proxysmart/conf.txt , set VERSION_3PROXY=0.9 , run proxysmart.sh reset_complete.

37. Where are proxy logs.

On the Proxysmart server in a folder /var/log/3proxy/ , each filename is named for HTTP proxy port.

Logs are rotated daily and 90 copies are saved, details are in /etc/logrotate.d/3proxy.

Logs of IP rotations are in a folder /var/log/proxysmart/dongle_rotations/.

38. My proxies are slow.

Assume a chain UsbModem->PC->VPS->ProxyUser. Final Proxy speed is limited by:

Download speed of the modem.

It can be measured on the side of the PC e.g. in the Proxysmart WebApp by clicking the Speedtest button.

How to improve it?

Upload speed from PC to VPS.

Normally it correlates with quality of home internet (Fiber/xDSL) and can be measured by running speedtest on the PC in browser or in Terminal (speedtest-cli). Upload value has to be high.

How to improve it?

Download speed from VPS to the ProxyUser

It can be measured by downloading a file from VPS to the Proxyuser.

How to improve it?

38.1. My proxies are slower than the same SIM card in a Phone.

Compare LTE category of the modem and the phone. Phone has higher LTE cat e.g. 12..20, while modem has LTE cat 4..6 (depends).

36. How to forward proxy ports via each modem individually?

Why is it needed? When base internet is unstable or its upload speed <15mbps.

A VPS is needed in order to expose the ports this way ( see VPS integration chapter ).

1. On Proxysmart server

37. Auto-rebooting modems.

Sometimes only a reboot can fix a modem. In order to enable, set AUTOREBOOT_DONGLES=1 in /etc/proxysmart/conf.txt. How it works:

SCORE_IP_ROTATION_FAIL=10                   # score increments when IP rotation failed
SCORE_IP_NOT_DETECTED=2                     # score increments when IP not detected
SCORE_IP_RECONNECT_FAIL=10                  # score increments when IP not auto-reconnected
SCORE_WWAN_DATA_FAIL=10                     # score increments when WWAN device can't establish Data connection
SCORE_WEBAPP_FAIL=20                        # score increments when the modem's WebApp is stuck

2. Project description

1. project architecture (clients, servers, websites),

2. what is hosted where and from which repository,

Online services are used:

Software used to build the box:

3. how all these elements communicate with each other,

4. what are common points of failure and how to deal with them,

5. how to update each and every project element, what is the workflow, how to build and deploy it, what tools to use,


3. CLI API

1. show status

Show full status of all modems, table (slower).

# proxysmart.sh  show_status 

+--------+----+---------+-------+----------------+-----+--------------+-----------+-------------+------+------------+----+
| NICK   | N  | DEV     | MODEL | IMEI           | HTTP| LOCAL_IP     |GW         |EXT_IP       |ONLINE| CELL:MODE  | MSG|
+--------+----+---------+-------+----------------+-----+--------------+-----------+-------------+------+------------+----+
| dongle1| 0  | modem0  | E3372h| 862329099999999| 8001| 192.168.8.100|192.168.8.1|46.216.113.63|yes   | MTS BY:LTE |    |
| dongle2| 114| modem114| E3131 | 352221099999999| 8002| 192.168.8.100|192.168.8.1|             |no    | :NO_SERVICE|    |
+--------+----+---------+-------+----------------+-----+--------------+-----------+-------------+------+------------+----+
items TOTAL 2

Show brief status of all modems, table, (faster)

| NICK    | N | DEV    | IMEI           | HTTP| LOCAL_IP     | GW         | EXT_IP        | ONLINE| MSG|
| Cdongle2| 77| modem77| 862329099999999| 8002| 192.168.8.100| 192.168.8.1| 46.216.152.241| yes   |    |
| Client5 | 93| modem93| 352221099999999| 8004| 192.168.0.100| 192.168.0.1| 46.56.186.34  | yes   |    |

Show full status of all modems , json

# proxysmart.sh  show_status_json 

[
   {
      "MSG" : "",
      "N" : "0",
      "modem_details" : {
         "HUB_ID" : "1-1",
         "HUB_PORT" : "1-1",
         "IMEI" : "899999999999999",
         "MODEL" : "E3372h-320",
         "NICK" : "dongle1"
      },
      "net_details" : {
         "CELLOP" : "MTS BY",
         "ConnectionStatus" : "(901) DATA:connected",
         "CurrentNetworkType" : "(101) LTE",
         "DEV" : "modem0",
         "EXT_IP" : "46.216.113.63",
         "GW" : "192.168.8.1",
         "IS_ONLINE" : "yes",
         "LOCAL_IP" : "192.168.8.100",
         "SimStatus" : "(1) valid SIM card",
         "VALDIK" : "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1420;Network link = 
                generic tunnel or VPN;PTR test = Probably home user;
                Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
         "workmode" : "LTE"
      },
      "proxy_creds" : {
         "HTTP_PORT" : "8001",
         "LOGIN" : "alice",
         "PASS" : "cool",
         "SOCKS_PORT" : "5001"
      },
      "redirector_status" : {
         "ActiveState" : "active",
         "NRestarts" : "0",
         "SubState" : "running",
         "UPTIME" : "2min 6s"
      }
   },
   {
      "MSG" : "",
      "N" : "1142",
      "modem_details" : {
         "HUB_ID" : "1-3",
         "HUB_PORT" : "3-1",
         "IMEI" : "352228888888888",
         "MODEL" : "E3131",
         "NICK" : "dongle2"
      },
      "net_details" : {
         "CELLOP" : null,
         "ConnectionStatus" : "(902) DATA:disconnected",
         "CurrentNetworkType" : "(0) NO_SERVICE",
         "DEV" : "modem1142",
         "EXT_IP" : null,
         "GW" : "192.168.8.1",
         "IS_ONLINE" : "no",
         "LOCAL_IP" : "192.168.8.100",
         "SimStatus" : "(255) SIM card is missing",
         "VALDIK" : null,
         "workmode" : "unknown"
      },
      "proxy_creds" : {
         "HTTP_PORT" : "8002",
         "LOGIN" : "alice",
         "PASS" : "cool",
         "SOCKS_PORT" : "5002"
      },
      "redirector_status" : {
         "ActiveState" : "active",
         "NRestarts" : "13",
         "SubState" : "running",
         "UPTIME" : "1s"
      }
   }
]

Show status for a single modem, JSON

# proxysmart.sh  show_single_status_json dongle111 
[
   {
      "IS_LOCKED" : "false",
      "MSG" : "",
      "N" : "115",
      "modem_details" : {
         "HUB_ID" : "1-1",
         "HUB_PORT" : "3",
         "IMEI" : "899999999999999",
         "MODEL" : "E3372h-320",
         "NICK" : "dongle111",
         "UDEV_UPTIME" : "1212172",
         "UPTIME" : "14 days + 43.883333 minutes"
      },
      "net_details" : {
         "CELLOP" : "MTS BY",
         "ConnectionStatus" : "901, DATA:connected OK",
         "CurrentNetworkType" : "(101) LTE",
         "DEV" : "modem115",
         "EXT_IP" : "46.216.224.164",
         "GW" : "192.168.8.1",
         "IS_ONLINE" : "yes",
         "LOCAL_IP" : "192.168.8.100",
         "SIGNAL_STRENGTH" : "4",
         "SimStatus" : "(1) valid SIM card",
         "VALDIK" : "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1420;Network link = generic tunnel or VPN;
                PTR test = Probably home user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
         "workmode" : "LTE"
      },
      "proxy_creds" : {
         "HTTP_PORT" : "8004",
         "LOGIN" : "alice",
         "PASS" : "cool",
         "PROXYSTDLINE_LAN" : "192.168.100.2:8004:alice:cool",
         "PROXYSTDLINE_WWW" : "forwarding_disabled",
         "SOCKS_PORT" : "5004"
      },
      "redirector_status" : {
         "MSG" : "redirectors disabled globally"
      }
   }
]

2. full reconfiguration

# proxysmart.sh reset_complete  

= old fake default route deleted
= adding faked default route
= restoring default linux TTL
net.ipv4.ip_default_ttl = 64
=start_connections

= lock acquired on DEV modem0
== [add_individual_dev] generating config for DEV=modem0 N=0 HUB_ID=1-1 HUB_PORT=1-1 
= found IP 192.168.8.100 on modem0
= got GW=192.168.8.1
= got IMEI=899999999999999
= got model E3372h-320
= got NICK=dongle1
= start 3proxy config generation for N=0
= applying new settings:  DEV modem0, N 0, IMEI 899999999999999, nick dongle1
== starting proxy 0 on modem0
== starting redirector@0 on modem0
= lock released on DEV modem0

= lock acquired on DEV modem1142
== [add_individual_dev] generating config for DEV=modem1142 N=1142 HUB_ID=1-3 HUB_PORT=3-1 
= found IP 192.168.8.100 on modem1142
= got GW=192.168.8.1
= got IMEI=352228888888888
= got model E3131
= got NICK=dongle2
= start 3proxy config generation for N=1142
= applying new settings:  DEV modem1142, N 1142, IMEI 352228888888888, nick dongle2
== starting proxy 1142 on modem1142
== starting redirector@1142 on modem1142
= lock released on DEV modem1142

= finding a live modem for setting as fallback default gateway
= testing modem0
= got EXT_IP 46.216.113.63
== marking that modem as LIVE, as tested
= setting fallback default gateway via modem dongle1 // modem0 // 192.168.8.1

it took 10 seconds to prepare the system

all found modems initialized. after 5 sec delay the status will be shown
+--------+----+---------+-------+---------------+-----+--------------+------------+-------------+-------+------------+----+
| NICK   | N  | DEV     | MODEL |IMEI           | HTTP| LOCAL_IP     | GW         |EXT_IP       | ONLINE| CELL:MODE  | MSG|
+--------+----+---------+-------+---------------+-----+--------------+------------+-------------+-------+------------+----+
| dongle1| 0  | modem0  | E3372h|899999999999999| 8001| 192.168.8.100| 192.168.8.1|46.216.113.63| yes   | MTS BY:LTE |    |
| dongle2| 114| modem114| E3131 |352228888888888| 8002| 192.168.8.100| 192.168.8.1|             | no    | :NO_SERVICE|    |
+--------+----+---------+-------+---------------+-----+--------------+------------+-------------+-------+------------+----+
items TOTAL 2

3. apply setting for a modem by IMEI

JSON output

# proxysmart.sh   apply_settings_for_a_modem_by_imei  868723023562406 
{
   "debug" : "= lock acquired on DEV modem0,...",
   "message" : "",
   "result" : "success"
}

Plain text output.

 proxysmart.sh  apply_settings_for_a_modem_by_imei_raw    359999999999999 
= lock acquired on DEV modem93
= start 3proxy config generation for N=93
= applying new settings:  DEV modem93, N 93, IMEI 359999999999999, 
    nick Client5, http_port 8004, socks_port 5004, auth: alice / cool
= found ALLOWED_CLIENT_IPS=22.22.22.22,22.22.22.11
= got BANDLIMIN 12222
= got BANDLIMOUT 1444444
= got BW_QUOTA 20
= extra users detected: myuser1 : mypassword1,myuser2 : mypassword2
= purging old MTU rules from Iptables for modem N=93
deleted rule 8 from mangle/OUTPUT
= purging old MTU rules from Iptables for modem N=93
= adding MTU rules to Iptables for modem N=93 MTU=1400 MSS=1360
= starting redirector@93 on modem93
= lock released on DEV modem93

4. reset IP on a modem

Args: IMEI or NICKNAME.

JSON output:

# proxysmart.sh   reset_modem_by_imei    899999999999999 
{
   "message" : "external ip changed from 46.216.188.74 to 46.216.113.63",
   "ext_ip" : "46.216.113.63",
   "result" : "success",
   "debug" : "= lock acquired on DEV modem0,= resetting DEV modem0 ..."
}

Plain text output:

# proxysmart.sh  reset_quick_nick  Client5

= lock acquired on DEV modem93
= resetting NICK Client5 DEV modem93 local IP 192.168.0.100 N 93 GW 192.168.0.1 IMEI 359999999999999
= external IP is 46.56.178.172
=stopping redirector N 93
...
=DNS test attempt 2/7 to DNS server 1.1.1.1
Checking/setting forced routing config (skip with /etc/proxysmart/altnetworking.sh -s ...)
Applying net_cls class identifier 0x0010093 to cgroup cgproxy93
Unset reverse path filtering for interface "all"
Unset reverse path filtering for interface "modem93"
DNS OK - 0.092 seconds response time 
= passed
= restarting proxy@93 to definitely drop old connections..
= starting redirector N 93
=now detect EXT_IP
= external IP is 46.56.181.222
= purging old MTU rules from Iptables for modem N=93
deleted rule 9 from mangle/OUTPUT
= purging old MTU rules from Iptables for modem N=93
= adding MTU rules to Iptables for modem N=93 MTU=1400 MSS=1360
==save report:
start_time=2022-05-29@21:14:43 end_time=2022-05-29@21:15:13 
    total_time=27 old_ip=46.56.178.172        new_ip=46.56.181.222 target_mode=auto
= lock released on DEV modem93

5. reboot a modem

Args: Nickname or IMEI.

TEXT Output :

#  proxysmart.sh   reboot_modem dongle61_us

or

#  proxysmart.sh   reboot_modem 899999999999999

JSON Output :

# proxysmart.sh reset_modem_by_imei 899999999999999 full

or

# proxysmart.sh reset_modem_by_imei dongle61_us full

6.1. Reset a modem via USB

Can accept DEV name, IMEI or Nickname. So

For Text output:

proxysmart.sh usb_reset_modem modem179
proxysmart.sh usb_reset_modem 123456789012345
proxysmart.sh usb_reset_modem Mydongle222

For Json output.

proxysmart.sh usb_reset_modem_json modem179
proxysmart.sh usb_reset_modem_json 123456789012345
proxysmart.sh usb_reset_modem_json Mydongle222

6. Run speedtest on all modems at once

# proxysmart.sh  speedtest all
[
   {
      "IMEI" : "352228888888888",
      "N" : "1142",
      "NICK" : "dongle2",
      "test" : {
         "msg" : "some_error"
      }
   },
   {
      "IMEI" : "899999999999999",
      "N" : "0",
      "NICK" : "dongle1",
      "test" : {
         "download" : "5.9mbps",
         "share" : "http://www.speedtest.net/result/11130520118.png",
         "upload" : "12.3mbps"
      }
   }
]

7. report bandwitdh

On a single modem.

Args: NICKNAME or IMEI.

# proxysmart.sh  bandwidth_report_json  869076043182393
[
   {
      "IMEI" : "869076043182393",
      "NICK" : "dongle2",
      "bandwidth_bytes_day_in" : "3482408",
      "bandwidth_bytes_day_out" : "460261",
      "bandwidth_bytes_lifetime_in" : "16MB",
      "bandwidth_bytes_lifetime_out" : "4.9MB",
      "bandwidth_bytes_month_in" : "18163459",
      "bandwidth_bytes_month_out" : "2929636",
      "bandwidth_bytes_yesterday_in" : "3924623",
      "bandwidth_bytes_yesterday_out" : "625495"
   }
]

With arbitrary time interval.

# proxysmart.sh get_counters_imei  899999999999999 '2023-01-28 18:10' '2023-01-28 19:20:01' 
{ "in": "1101534", "out": "2158378" }

On all modems:

# proxysmart.sh  bandwidth_report_json_all

[
   {
      "IMEI" : "352228888888888",
      "NICK" : "dongle2",
      "bandwidth_bytes_day_in" : "1202",
      "bandwidth_bytes_day_out" : "322",
      "bandwidth_bytes_lifetime_in" : "16MB",
      "bandwidth_bytes_lifetime_out" : "4.9MB",
      "bandwidth_bytes_month_in" : "10729051",
      "bandwidth_bytes_month_out" : "689922",
      "bandwidth_bytes_yesterday_in" : null,
      "bandwidth_bytes_yesterday_out" : null
   },
   {
      "IMEI" : "899999999999999",
      "NICK" : "dongle1",
      "bandwidth_bytes_day_in" : "5254",
      "bandwidth_bytes_day_out" : "3866",
      "bandwidth_bytes_lifetime_in" : "16MB",
      "bandwidth_bytes_lifetime_out" : "4.9MB",
      "bandwidth_bytes_month_in" : "19502452",
      "bandwidth_bytes_month_out" : "1376472",
      "bandwidth_bytes_yesterday_in" : null,
      "bandwidth_bytes_yesterday_out" : null
   }
]

8. reset bandwidth counter on a modem

# proxysmart.sh   bandwidth_reset_counter  dongle4

{"result":"success","debug":null}

9. list sms on a modem

# proxysmart.sh  list_sms_json  869086046197801 
[
   {
      "Date" : "2021-07-08 14:05:23",
      "Content" : "Your free month has started. https://smarty.co.uk/dashboard",
      "Index" : "40001",
      "Phone" : "SMARTY"
   },
   {
      "Date" : "2021-07-12 10:23:47",
      "Content" : "621036 is your SMARTY login verification code.
      "Index" : "40002",
      "Phone" : "SMARTY"
   }
]

10. send sms

Plain output:

# proxysmart.sh  send_sms_raw 899999999999999 +11111111111 "ура ура 333"
= Logging in with admin:admin123
= preparing token
= Logged in 
= Sending the following message to {+11111111111}: {ура ура 333}
= preparing token
= SENT OK 
= Logging OUT
= preparing token
= RESPONSE=OK

JSON output:

# proxysmart.sh  send_sms_json  899999999999999 +11111111111 "ура ура 333"
{
   "debug" : "= Logging in with admin:admin123,= prepari..",
   "result" : "success"
}

11. purge SMS

Purges SMS from all folders.

Call by IMEI or nickname, json output:

# proxysmart.sh purge_sms_json 899999999999999
...
# proxysmart.sh purge_sms_json dongle1
...

12. send ussd

Plain output:


# proxysmart.sh  send_ussd_raw 899999999999999 '*100#'
= Logging in with admin:admin123
= preparing token
= Logged in 
= sending USSD \*100#
= preparing token
= SENT OK
= getting response. attempt 1
= preparing token
= not yet response received
= getting response. attempt 2
= preparing token
= not yet response received
= getting response. attempt 3
= preparing token
= OK response received
Your credit is $20.00. Your operator.
= Logging OUT
= preparing token
= RESPONSE=OK

JSON output:

# proxysmart.sh  send_ussd_json  899999999999999 '*100#'
{
   "RESPONSE" : "Your credit is $20.00. Your operator.",
   "debug" : "= Logging in with admin:admin123,= preparing token,= ..."
   "result" : "success"
}

13. get bandwidth counters from a modem

..use bandwidth stats..

14. Get IP rotations log for a modem

By Nickname or IMEI

proxysmart.sh  get_rotation_log dongle2
proxysmart.sh  get_rotation_log 899999999999999
[
  {
    "start_time": "2022-08-10@19:29:38",
    "end_time": "2022-08-10@19:29:49",
    "total_time": "10",
    "old_ip": "4.26.28.14",
    "new_ip": "4.26.28.13",
    "target_mode": "auto"
  },
  {
    "start_time": "2022-08-10@19:29:54",
    "end_time": "2022-08-10@19:30:04",
    "total_time": "9",
    "old_ip": "4.26.248.13",
    "new_ip": "4.26.152.10",
    "target_mode": "auto"
  }
]

15. Get Top hosts from a modem

By Nickname or IMEI

proxysmart.sh top_hosts Nick77
proxysmart.sh top_hosts 899999999999999

Response:

{
  "bbc.com": 10,
  "gmail.com": 20
}

16. Report IP uniqueness

JSON output.

proxysmart.sh  unique_ips_json

{
  "DAYS": 14,
  "MAX_REPEATS": 50,
  "TOTAL_ROTATIONS": 7,
  "UNIQUE_IPS": 7,
  "NON_UNIQUE_IPS": 0,
  "UNIQUE_IPS_PERCENT": 100,
  "NON_UNIQUE_IPS_PERCENT": 0,
  "TXT": "\nIP Uniqueness report:\n\nOf past 14 days.\nA Unique IP is an IP that was encountered less than 50 times during the reported period.\nTotal IP rotations on all devices: 7\nUnique IP rotations: 7 (100%)\nNon Unique IP rotations: 0 (0%)\n"
}

TEXT output.

# proxysmart.sh  unique_ips 

IP Uniqueness report:

Of past 14 days.
A Unique IP is an IP that was encountered less than 50 times during the reported period.
Total IP rotations on all devices: 7
Unique IP rotations: 7 (100%)
Non Unique IP rotations: 0 (0%)

4. WEB API

1. Web API description.

WEB API endpoint is the URL that Proxysmart WebApp available at.

It can be

Also attach proper username:password (the -u parameter).

Whenever below you are seeing localhost:8080, replace it with the actual WEB API endpoint.

2. List all modems ( full status, slow)

Request:

curl 'http://localhost:8080/apix/show_status_json' -u proxy:proxy 

Response:

[
   {
      "IS_LOCKED" : "false",
      "MSG" : "",
      "N" : "11",
      "RESET_SECURE_LINK" : {
         "URL" : "http://2.2.2.2/apix/reset_ip_secure?hash=KNQWY5DF284747292999999JJJJJJJJJJJJLLLLLLLLLLLLLLLL2WEDGIFVL3HVGYTG6BYNDUZEVBYZCT7SGJ7CI6H6ZVCRNGHN4OKA=",
         "VALID_UNTIL" : "2023-02-22@16:07:01 +02"
      },
      "android" : {
         "battery" : null,
         "version" : null
      },
      "modem_details" : {
         "HUB_ID" : "1-1.1",
         "HUB_PORT" : "2",
         "IMEI" : "869999999999997",
         "MODEL" : "E3372-325",
         "MODEL_SHOWN" : "E3372-325",
         "NICK" : "modem3",
         "PHONE_NUMBER" : "",
         "UDEV_UPTIME" : "41662",
         "UPTIME" : "11 hours + 32.766667 minutes"
      },
      "net_details" : {
         "APN" : "internet",
         "BAND" : "7",
         "CELLOP" : "LMT",
         "CONNS" : "0",
         "ConnectionStatus" : "901, DATA:connected OK",
         "CurrentNetworkType" : "(19) LTE",
         "DEV" : "modem11",
         "EXT_IP" : "212.3.197.213",
         "EXT_IPV6" : "",
         "GW" : "192.168.8.1",
         "HTTP_REDIRECT_IMPOSED" : "",
         "ICCID" : "8937199999999999953",
         "IS_ONLINE" : "yes",
         "LOCAL_IP" : "192.168.8.100",
         "LOCAL_IP6" : "",
         "SIGNAL_STRENGTH" : "5",
         "SimStatus" : "(1) valid SIM card",
         "VALDIK" : "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1434;Distance = 13;PTR test = Probably home user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
         "workmode" : "LTE"
      },
      "proxy_creds" : {
         "HTTP_PORT" : "8004",
         "LOGIN" : "alice",
         "PASS" : "cool",
         "PROXYSTDLINE_HTTP" : "2.2.2.2:8004:alice:cool",
         "PROXYSTDLINE_SOCKS" : "2.2.2.2:5004:alice:cool",
         "PROXY_VALID_BEFORE" : "",
         "QUOTA" : {
            "BW_QUOTA" : "",
            "LEFT_TO_QUOTA" : "",
            "QUOTA_TYPE" : "monthly"
         },
         "SOCKS_PORT" : "5004",
         "VPN_USERS" : null,
         "VPN_USERS_ONLINE" : null
      },
      "redirector_status" : {
         "ActiveState" : "active",
         "MSG" : null,
         "NRestarts" : "0",
         "SubState" : "running",
         "UPTIME" : "11h"
      }
   }
]

3. List all modems ( brief status, fast )

Request:

curl localhost:8080/apix/show_status_brief_json -u proxy:proxy

Response:

[
  {
    "MSG": "",
    "N": "172",
    "IS_LOCKED": "false",
    "modem_details": {
      "NICK": "dongle2",
      "IMEI": "352228888888888"
    },
    "net_details": {
         "CONNS" : "0",
         "DEV" : "modem11",
         "EXT_IP" : "212.3.197.213",
         "EXT_IPV6" : "",
         "GW" : "192.168.8.1",
         "IS_ONLINE" : "yes",
         "LOCAL_IP" : "192.168.8.100",
         "LOCAL_IP6" : ""
    },
    "proxy_creds": {
      "HTTP_PORT": "8003",
      "LOGIN": "alice",
      "PASS": "cool",
      "PROXYSTDLINE_HTTP" : "2.2.2.2:8003:alice:cool",
      "PROXYSTDLINE_SOCKS" : "2.2.2.2:5003:alice:cool",
      "SOCKS_PORT": "5003"
    },
    "redirector_status": {
      "MSG": "redirectors disabled globally"
    }
  }
]

4. Single modem status

Request:

( either by IMEI or Nickname )

curl http://localhost:8080/apix/show_single_status_json?arg=dongle111    -u proxy:proxy
curl http://localhost:8080/apix/show_single_status_json?arg=899999999999999    -u proxy:proxy

Response:

[
   {
      "IS_LOCKED" : "false",
      "MSG" : "",
      "N" : "115",
      "modem_details" : {
         "HUB_ID" : "1-1",
         "HUB_PORT" : "3",
         "IMEI" : "899999999999999",
         "MODEL" : "E3372h-320",
         "NICK" : "dongle111",
         "UDEV_UPTIME" : "1212291",
         "UPTIME" : "14 days + 45.866667 minutes"
      },
      "net_details" : {
         "CELLOP" : "MTS BY",
         "ConnectionStatus" : "901, DATA:connected OK",
         "CurrentNetworkType" : "(19) LTE",
         "DEV" : "modem115",
         "EXT_IP" : "46.216.224.164",
         "GW" : "192.168.8.1",
         "IS_ONLINE" : "yes",
         "LOCAL_IP" : "192.168.8.100",
         "SIGNAL_STRENGTH" : "4",
         "SimStatus" : "(1) valid SIM card",
         "VALDIK" : "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1420;
                Network link = generic tunnel or VPN;PTR test = Probably home user;
                Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
         "workmode" : "LTE"
      },
      "proxy_creds" : {
         "HTTP_PORT" : "8004",
         "LOGIN" : "alice",
         "PASS" : "cool",
         "PROXYSTDLINE_LAN" : "192.168.100.2:8004:alice:cool",
         "PROXYSTDLINE_WWW" : "forwarding_disabled",
         "SOCKS_PORT" : "5004"
      },
      "redirector_status" : {
         "MSG" : "redirectors disabled globally"
      }
   }
]

5. Reset (change) IP on a modem.

Request:

( either by IMEI or Nickname )

curl http://localhost:8080/apix/reset_modem_by_imei?IMEI=899999999999999 -u proxy:proxy
curl http://localhost:8080/apix/reset_modem_by_nick?NICK=dongle22 -u proxy:proxy

Response:

{
   "debug" : "...",
   "ext_ip" : "46.216.248.48",
   "message" : "external ip changed from 46.216.225.112 to 46.216.248.48",
   "result" : "success"
}

6. Reboot a modem

Request:

( either by IMEI or Nickname )

curl http://localhost:8080/apix/reboot_modem_by_imei -d IMEI=860493043888886 -u proxy:proxy
curl http://localhost:8080/apix/reboot_modem_by_nick -d NICK=dongle2 -u proxy:proxy

Response:

{
   "debug" : "...",
   "message" : "new external ip cannot be detected",
   "result" : "failure"
}

or

{
   "debug" : "...",
   "ext_ip" : "172.58.172.255",
   "message" : "external ip changed from 172.58.172.251 to 172.58.172.255",
   "result" : "success"
}

ETA: ~ 1.5 minute

7. Send SMS

Request:

curl 'http://localhost:8080/modem/send-sms' -u proxy:proxy \
    --data-urlencode 'imei=899999999999999' \
    --data-urlencode 'phone=+11111111111' \
    --data-urlencode "sms=txt txt fff"

Response:

{"message":"Result: success","success":true}

8. Send USSD and read response

Request:

curl 'http://localhost:8080/modem/send-ussd' -u proxy:proxy \
    --data-urlencode 'imei=899999999999999' --data-urlencode 'ussd=*100#'

Response:

{
"RESPONSE":"Your credit is $20.00. Your operator.",
"debug":"...",
"result":"success",
"success":true
}

9. Read SMS from a modem

Request:

curl 'http://localhost:8080/modem/sms/862329888888888?json=1' -u proxy:proxy

Response:

{
   "data" : [
      {
         "Content" : "Missed call : +333333333370 at 10:45 22/07.",
         "Date" : "2020-07-22 14:59:35",
         "Index" : "40001",
         "Phone" : "+333333333370"
      },
      {
         "Content" : "Welcome, your data limit 0-100МБ. .. Details: cell.org",
         "Date" : "2021-02-27 00:53:11",
         "Index" : "40002",
         "Phone" : "MYCELL"
      },
      {
         "Content" : "Hh",
         "Date" : "2021-07-16 20:32:11",
         "Index" : "40042",
         "Phone" : "+11111111111"
      }
   ],
   "success" : true
}

10. Read bandwidth stats from a modem

Request:

curl localhost:8080/apix/bandwidth_report_json?IMEI=899999999999999   -u proxy:proxy

Response:

[
   {
      "IMEI" : "899999999999999",
      "NICK" : "dongle111",
      "bandwidth_bytes_day_in" : "2945",
      "bandwidth_bytes_day_out" : "2314",
      "bandwidth_bytes_month_in" : "62859",
      "bandwidth_bytes_month_out" : "49559",
      "bandwidth_bytes_yesterday_in" : "5048",
      "bandwidth_bytes_yesterday_out" : "3984"
   }
]

With arbitrary time interval:

Request:

curl -G http://localhost:8080/apix/get_counters_imei -X GET -d IMEI=868888888888888 --data-urlencode 'START=2023-01-28 18:10' --data-urlencode 'END=2023-01-28 19:20:01' -u proxy:proxy 

Response:

{ "in": "1101534", "out": "2158378" }

11. Read bandwidth stats from all modems

Request:

curl localhost:8080/apix/bandwidth_report_json_all -u proxy:proxy

Response:

[
   {
      "IMEI" : "899999999999999",
      "NICK" : "dongle111",
      "bandwidth_bytes_day_in" : "2945",
      "bandwidth_bytes_day_out" : "2314",
      "bandwidth_bytes_month_in" : "62859",
      "bandwidth_bytes_month_out" : "49559",
      "bandwidth_bytes_yesterday_in" : "5048",
      "bandwidth_bytes_yesterday_out" : "3984"
   },
   {
      "IMEI" : "862329041089999",
      "NICK" : "dongle111",
      "bandwidth_bytes_day_in" : "1295",
      "bandwidth_bytes_day_out" : "1234",
      "bandwidth_bytes_month_in" : "16259",
      "bandwidth_bytes_month_out" : "49259",
      "bandwidth_bytes_yesterday_in" : "5018",
      "bandwidth_bytes_yesterday_out" : "3294"
   }
]

12. Reset bandwidth stats for a modem

Request (by IMEI or nickname):

curl localhost:8080/apix/bandwidth_reset_counter?arg=dongle111    -u proxy:proxy
curl localhost:8080/apix/bandwidth_reset_counter?arg=2727233671671676    -u proxy:proxy

Response:

{"result":"success","debug":null}

13. Reset a modem via USB

Request either

curl localhost:8080/apix/usb_reset_modem_json?arg=modem77      -u proxy:proxy
curl localhost:8080/apix/usb_reset_modem_json?arg=dongle22      -u proxy:proxy
curl localhost:8080/apix/usb_reset_modem_json?arg=868888888888889      -u proxy:proxy

Response:

{
  "USB_RESET_METHOD": "uhubctl",
  "debug": "......",
  "result": "ok"
}

14. Get IP rotations log for a modem

Request

curl localhost:8080/apix/get_rotation_log?arg=899999999999999  -u proxy:proxy 
curl localhost:8080/apix/get_rotation_log?arg=dongle2          -u proxy:proxy 

Response:

[
  {
    "start_time": "2022-08-10@19:29:38",
    "end_time": "2022-08-10@19:29:49",
    "total_time": "10",
    "old_ip": "4.26.28.14",
    "new_ip": "4.26.28.13",
    "target_mode": "auto"
  },
  {
    "start_time": "2022-08-10@19:29:54",
    "end_time": "2022-08-10@19:30:04",
    "total_time": "9",
    "old_ip": "4.26.248.13",
    "new_ip": "4.26.152.10",
    "target_mode": "auto"
  }
]

15. Apply settings for a modem

Request:

curl http://localhost:8080/modem/settings -d imei=862329099999999 -u proxy:proxy

Response:

{
  "message": "Result: success, message: applied", 
  "success": true
}

16. Purge SMS from a modem

Request either

curl localhost:8080/apix/purge_sms_json?arg=Nick77      -u proxy:proxy
curl localhost:8080/apix/purge_sms_json?arg=868888888888889      -u proxy:proxy

Response:

{ "result": "success", "msg": "" }

17. Get Top hosts from a modem

Request:

curl localhost:8080/apix/top_hosts?arg=Nick77 -u proxy:proxy
curl localhost:8080/apix/top_hosts?arg=868888888888889 -u proxy:proxy

Response:

{
  "bbc.com": 10,
  "gmail.com": 20
}

18. Report IP uniquness

Request:

curl localhost:8080/apix/unique_ips_json -u proxy:proxy

Response:

{
  "DAYS": 14,
  "MAX_REPEATS": 50,
  "TOTAL_ROTATIONS": 7,
  "UNIQUE_IPS": 7,
  "NON_UNIQUE_IPS": 0,
  "UNIQUE_IPS_PERCENT": 100,
  "NON_UNIQUE_IPS_PERCENT": 0,
  "TXT": "\nIP Uniqueness report:\n\nOf past 14 days.\nA Unique IP is an IP that was encountered less than 50 times during the reported period.\nTotal IP rotations on all devices: 7\nUnique IP rotations: 7 (100%)\nNon Unique IP rotations: 0 (0%)\n"
}

5. Mongodb integration

Instead of defining modems details in map.txt , you can use MongoDB.

It is installed by default.

Mongodb contains a collection modems with elements, 1 element = 1 modem.

Mandatory fields are

Other fields are optional.

After editing a record in Mongodb, apply settings for the edited modem ( /modem/settings WEB API call).

Sample file modems.json with 2 modems. 1st modem: only mandatory fields. 2nd modem: also arbitrary fields.

{ 
  "IMEI": "868888888888888",
  "name": "dongle5",
  "http_port": "8005",
  "socks_port": "5005",
  "proxy_login": "kileq",
  "proxy_password": "Jdh27dh"
}
{ 
    "IMEI": "869777777777777",
    "name": "dongle4",
    "http_port": "8004",
    "socks_port": "5004",
    "proxy_login": "mokos",
    "proxy_password": "rQ1h6J",
    "white_list": [
        "78.140.162.201",
        "78.140.162.202"
        ],
    "bandlimin":1000000,
    "bandlimout":1000000,
    "WHITELIST_SITES_ENABLE": 1,
    "WHITELIST_SITES_LIST": [
        "facebook.com",
        "facebook.net",
        "fbcdn.net"
    ],
    "DENIED_SITES_ENABLE": 1,
    "DENIED_SITES_LIST": [
        "bad.com",
        "porn.com"
        ],
    "bw_quota": 2000,
    "mtu":  1400,
    "extra_users": [
            {
              "BANDLIMIN": "100000",
              "BANDLIMOUT": "100000",
              "login": "aaaaa",
              "password": "aaaaa"
            }
            {
              "BANDLIMIN": "100000",
              "BANDLIMOUT": "100000",
              "login": "bbbbbbbbb",
              "password": "bbbbbbb"
            }
    ],
    "PROXY_VALID_BEFORE":"2028-02-22T12:54",
    "AUTO_IP_ROTATION": 0
}

5.1. Moving Mongodb to other server

Sometimes you want to move Mongodb to a cloud server.

In order to do so

apt purge mongo\* -y
. /etc/os-release 
rm -f /etc/apt/sources.list.d/mongodb*
curl -L https://www.mongodb.org/static/pgp/server-5.0.asc | gpg --dearmor | sudo dd of=/etc/apt/trusted.gpg.d/mongodb-5.0.gpg
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu $VERSION_CODENAME/mongodb-org/5.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list 
apt-get update
apt install mongodb-mongosh mongodb-database-tools -y
ln -sf /usr/bin/mongosh /usr/local/bin/mongo
    . /etc/proxysmart/conf.txt;
    mongoexport --quiet --uri="$MONGODB_URI" -c modems --forceTableScan

it should return array of all elements in the modems collection

6. Installation

1. Initial installation

Install a fresh OS.

Supported OS and architectures:

Armhf (arm 32 bit) doesn't have Mongodb support!

Those steps will take 5..10 minutes.

Unplug any 4g modems.

Add an APT repo.

wget -O-  https://pathos.tanatos.org/proxysmart.apt.repo/GPG.txt | \
    gpg --dearmor | sudo dd of=/etc/apt/trusted.gpg.d/proxysmart.gpg

source /etc/os-release
ARCH=$(dpkg --print-architecture)

echo "deb [arch=$ARCH] http://pathos.tanatos.org/proxysmart.apt.repo $VERSION_CODENAME main" \
    | sudo tee /etc/apt/sources.list.d/proxysmart.list

sudo apt update
sudo apt install proxysmart

Then follow instructions: It will tell what to do next ( run 2 files ).

sudo /usr/lib/proxysmart/install_pkgs.sh
sudo /usr/lib/proxysmart/install_webapp.sh

Reboot or run sudo proxysmart.sh reset_complete.

After that either enjoy the Demo version at http://localhost:8080 or check License section.

Rockpi Notes

If LOGRAM is enabled ( a folder /var/log.hdd exists). Disable logging:

Development version installation

Why? To unlock new features that are not yet in the Main version.

sudo apt update 
sudo apt install proxysmart
sudo /usr/lib/proxysmart/install_pkgs.sh
sudo /usr/lib/proxysmart/install_webapp.sh

Reboot or run sudo proxysmart.sh reset_complete.

2. Upgrade

Run

sudo apt update 
sudo apt install proxysmart
sudo /usr/lib/proxysmart/install_pkgs.sh
sudo /usr/lib/proxysmart/install_webapp.sh

Reboot or run sudo proxysmart.sh reset_complete.

3. Post Installation

Plug in all 4g modems you have, wait ~20 sec to let them initialize.

Now test if ip li shows you any modem* interfaces, otherwise reboot to apply UDEV rules.

If it does, continue next below. (Otherwise reboot to apply UDEV rules.)

Now you can start all the modems:

You have to run proxysmart.sh reset_complete or reboot the multi-modem server.

Command proxysmart.sh show_status will return a table with proxy port, external IP's.

Navigate to the WebApp http://localhost:8080 proxy/proxy and assign login/password/nicknames/ports to the modems.

Test reboot, reboot the box, wait 1 minute, make sure the WebApp shows the modems.

WebApp

Visit http://your_box_lan_IP_address:8080/ or http://localhost:8080/

Default user:password pair is proxy:proxy

4. Cloud VPS integration.

Why? The VPS is needed to forward proxy ports from a cloud VPS IP back to the multi modem server, so proxy ports are available for all users around the world.

Do I need a VPS?

A VPS is NOT needed when all the conditions are met:

Without a VPS, you can forward proxy ports on your Home/Office router to multi-modem server in the LAN. In that case users from around the world will connect to your static IP, so these connections are forwarded to the 4g farm server situated in the LAN.

The VPS server can be a cheap 1GB DigitalOcean / Linode / Vultr VPS or similar.

It has to be located as close as possible to the 4g farm server ( for lowest ping ).

VPS setup steps.

On multi modem server

Copy content from the file /root/.ssh/fwd.pub [1]

On VPS

Check if your VPS has no firewall. Disable it if it has -- Both inside Linux OS and in hoster panel.

Create a user fwd :

useradd -s /bin/true -m fwd
usermod -p '*' fwd
mkdir -p /home/fwd/.ssh/
touch /home/fwd/.ssh/authorized_keys
chown -R fwd: /home/fwd/
chmod 700 /home/fwd/.ssh/
chmod 600 /home/fwd/.ssh/authorized_keys

Adjust SSH server configuration, run :

mkdir -p /etc/ssh/sshd_config.d
echo '
GatewayPorts clientspecified
ClientAliveInterval 3
ClientAliveCountMax 3
MaxStartups 100:30:1000
LoginGraceTime 10
' > /etc/ssh/sshd_config.d/proxysmart.conf

service ssh restart

edit the file and paste the content [1] you copied in the step above. It is public part of fwd.ssh key that is used for communication from Proxysmart to VPS.

nano /home/fwd/.ssh/authorized_keys

Save the file and exit the editor.

On multi modem server

in /etc/proxysmart/conf.txt :

Run:

systemctl daemon-reload
systemctl start fwdssh-vps
systemctl enable fwdssh-vps
systemctl status fwdssh-vps

Make sure it is green.

On VPS

issue the command ss -tnlp and you will see proxy ports are bound with sshd daemon. That means the ports are forwarded.

On your private desktop

Cloud VPS IP change

If CLoud VPS IP is changed, update it on multi-modem-server side by defining new VPS variable in the /etc/proxysmart/conf.txt file, and rerun proxysmart.sh reset_complete there.

Also change VPS IP in /etc/systemd/system/fwdssh-vps.service on multi-modem-server and run these:

systemctl daemon-reload
systemctl restart fwdssh-vps
systemctl status fwdssh-vps

Make sure it is green.

7. License

1. Demo license

Installation is shipped with default demo license.

It allows you to run proxy on 1 modem.

In order to run more modems, ask the developer for an extra license, send him the MachineData field from proxysmart.sh license_status output and he will issue new license and you will install it.

2. Requesting new License

Get the machine data

Method1. From the WebApp:

Method2. From the CLI:

Contact Sales Team

Send the MachineData value to proxysmart.org

2. License installation

You will be given the license and license signature. Both are sequences of numbers and characters. Then submit both either via WebApp or CLI:

submitting via CLI

run commands

proxysmart.sh submit_license LICENSE
proxysmart.sh submit_license_signature LICENSE_SIGNATURE

submitting via WebApp

Open the WebApp , http://localhost:8080 , expand License section and type in the keys & submit.

3. Restoring Demo license.

If your paid license expired or broken, restore DEMO license, run:

sudo cp -v /usr/share/doc/proxysmart/examples/license.txt* /etc/proxysmart/

8. Mobile (4G/5G) VPN

Together with building proxies, it is possible to build Residential VPN.

Assumption is, your proxies are already available via Cloud VPS.

8.1. Installation of mobile VPN

Steps on VPS

Check if Gost is installed ( run gost -V ). Otherwise install Gost:

ARCH=linux-amd64
VER=2.11.3
curl -L -o /tmp/gost.gz https://github.com/ginuerzh/gost/releases/download/v$VER/gost-$ARCH-$VER.gz;
gunzip -dc /tmp/gost.gz > /usr/local/bin/gost.new;
chmod 755 /usr/local/bin/gost.new;
mv /usr/local/bin/gost.new /usr/local/bin/gost;

add systemd service. It is used for forwarding UDP ports from Openvpn running on Proxysmart box.

Edit /etc/systemd/system/gost_proxy.service

[Unit]
After=network.target

[Service]
ExecStart=gost -L socks5://px:g739Az8JYK@:2323
Type=simple
RestartSec=5
StartLimitInterval=7200s
StartLimitBurst=10000
[Install]
WantedBy=default.target

Note scheme with authentication on (socks5://px:g739Az8JYK@:2323) it will be used later.

systemctl daemon-reload
systemctl enable gost_proxy --now
systemctl status gost_proxy

.. must show green output.

Steps on Proxysmart server

Pick a free UDP port on the VPS, run ss -unlp on the VPS and it will show USED ports, so pick up a free one e.g. 1594.

So VPN client certificates will be generated with this value, so VPN clients will connect there ( 3.3.3.3:1594 / UDP)

Run

systemctl enable gost_forward_vpn
systemctl restart gost_forward_vpn

This just enabled port forwarding VPS:OPENVPN_REMOTE_PORT to localhost:OPENVPN_LOCAL_PORT.

Then run /usr/lib/proxysmart/install_openvpn.sh , it will do the installation of Openvpn server.

Then finally reconfigure the system by running proxysmart.sh reset_complete . For each modem it will generate a VPN profile.

Restart proxysmart WebApp so it shows a web link for downloading the profiles systemctl restart proxysmart .

You can download them later as from the WebApp at http://localhost:8080/vpn_profiles/ or grab from /home/vpn/ folder.

8.2. Extra profiles for a modem

If you need 2 extra VPN profiles for a dongle dongle1 , run openvpn_create_user dongle1@a or openvpn_create_user dongle1@b .

8.3. Mobile VPN, how to connect

So download the VPN profiles and connect using any VPN client software.

Windows: https://openvpn.net/community-downloads/ or https://openvpn.net/client-connect-vpn-for-windows/

MacOS: https://tunnelblick.net/

Android: https://play.google.com/store/apps/details?id=de.blinkt.openvpn or https://f-droid.org/en/packages/de.blinkt.openvpn/

IOS: https://apps.apple.com/us/app/openvpn-connect/id590379981

8.4. Many users with the same profile

By default only 1 device (PC, mobile, tablet) can use 1 OpenVPN profile. If you want multiple devices use 1 profile, edit /etc/openvpn/server.conf , comment out ;duplicate-cn line by removing the ; character, and run proxysmart.sh reset_complete.