Mac OSX 使用proxychains-ng隱藏自己的IP

直接使用brew安裝：

➜  ~ brew install proxychains-ng
Updating Homebrew...
==> Auto-updated Homebrew!
Updated 1 tap (homebrew/cask).
No changes to formulae.

==> Downloading https://homebrew.bintray.com/bottles/proxychains-ng-4.14.mojave.bottle.tar.gz
######################################################################## 100.0%
==> Pouring proxychains-ng-4.14.mojave.bottle.tar.gz
🍺  /usr/local/Cellar/proxychains-ng/4.14: 9 files, 79KB

這裏不推薦使用源碼安裝的方法，太麻煩。要想brew安裝快一些，只要讓命令行走一下代理就行。

Mac下用Homebrew安裝的，配置文件默認路徑爲/usr/local/etc/proxychains.conf

➜  ~ cat /usr/local/etc/proxychains.conf
# proxychains.conf  VER 4.x
#
#        HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.


# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#round_robin_chain
#
# Round Robin - Each connection will be done via chained proxies
# of chain_len length
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped).
# the start of the current proxy chain is the proxy after the last
# proxy in the previously invoked proxy chain.
# if the end of the proxy chain is reached while looking for proxies
# start at the beginning again.
# otherwise EINTR is returned to the app
# These semantics are not guaranteed in a multithreaded environment.
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see  chain_len) from the list.
# this option is good to test your IDS :)

# Make sense only if random_chain or round_robin_chain
#chain_len = 2

# Quiet mode (no output from library)
#quiet_mode

# Proxy DNS requests - no leak for DNS data
proxy_dns

# set the class A subnet number to use for the internal remote DNS mapping
# we use the reserved 224.x.x.x range by default,
# if the proxified app does a DNS request, we will return an IP from that range.
# on further accesses to this ip we will send the saved DNS name to the proxy.
# in case some control-freak app checks the returned ip, and denies to
# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
# of course you should make sure that the proxified app does not need
# *real* access to this subnet.
# i.e. dont use the same subnet then in the localnet section
#remote_dns_subnet 127
#remote_dns_subnet 10
remote_dns_subnet 224

# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000

### Examples for localnet exclusion
## localnet ranges will *not* use a proxy to connect.
## Exclude connections to 192.168.1.0/24 with port 80
# localnet 192.168.1.0:80/255.255.255.0

## Exclude connections to 192.168.100.0/24
# localnet 192.168.100.0/255.255.255.0

## Exclude connections to ANYwhere with port 80
# localnet 0.0.0.0:80/0.0.0.0

## RFC5735 Loopback address range
## if you enable this, you have to make sure remote_dns_subnet is not 127
## you'll need to enable it if you want to use an application that
## connects to localhost.
# localnet 127.0.0.0/255.0.0.0

## RFC1918 Private Address Ranges
# localnet 10.0.0.0/255.0.0.0
# localnet 172.16.0.0/255.240.0.0
# localnet 192.168.0.0/255.255.0.0

# ProxyList format
#       type  ip  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#       only numeric ipv4 addresses are valid
#
#
#        Examples:
#
#               socks5  192.168.67.78   1080    lamer   secret
#       http    192.168.89.3    8080    justu   hidden
#       socks4  192.168.1.49    1080
#           http    192.168.39.93   8080
#
#
#       proxy types: http, socks4, socks5
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
# socks4    127.0.0.1 9050
socks5  127.0.0.1 1086
➜  ~

默認的socks4 127.0.0.1 9050是tor代理，可以直接註釋掉。
在最後一行添加本機的代理地址127.0.0.1 1086

然後使用proxychains4命令看看管沒管用：

➜  ~ proxychains4 curl cip.cc
[proxychains] config file found: /usr/local/etc/proxychains.conf
[proxychains] preloading /usr/local/Cellar/proxychains-ng/4.14/lib/libproxychains4.dylib
IP  : 114.***.***.148
地址  : 中國  XX
運營商 : 電信

數據二 : XX市XX區 | 電信

數據三 : 中國XX省XX市 | 電信

URL : http://www.cip.cc/114.***.***.148

發現沒有任何用，爲啥呢？因爲我用的是萬惡的Mac。
macOS 10.11 後下由於開啓了 SIP（System Integrity Protection） 會導致命令行下 proxychains-ng 代理的模式失效，如果使用 proxychains-ng 這種簡單的方法，就需要先關閉 SIP。

關閉 SIP

重啓Mac，按住⌘ + R進入Recovery模式。 實用工具（Utilities）-> 終端（Terminal）。 輸入命令csrutil disable運行。 重啓進入系統後，終端裏輸入 csrutil status，結果中如果有 System Integrity Protection status:disabled. 則說明關閉成功。

➜  ~ csrutil status
System Integrity Protection status: disabled.
➜  ~

我們再試一次：

➜  ~ proxychains4 curl cip.cc
[proxychains] config file found: /usr/local/etc/proxychains.conf
[proxychains] preloading /usr/local/Cellar/proxychains-ng/4.14/lib/libproxychains4.dylib
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Random chain  ...  127.0.0.1:1086  ...  106.***.206.***:80  ...  OK
IP  : ***.112.***.116
地址  : 美國  美國

數據二 : 美國 | Amazon EC2服務器

數據三 : 美國華盛頓 | 亞馬遜

URL : http://www.cip.cc/***.112.***.116