科学上网

一枝红杏出墙来!!!
alternate text

VPS厂商

快速搭建

方案1(未加速)

$ curl -sSL https://get.docker.com/ | sh

# server
$ sudo firewall-cmd --zone=public --add-port=8500/udp --permanent  # 开启服务端 端口

$ docker run -d --restart=always --name ssserver -p 6443:6443 mritd/shadowsocks -s "-s 0.0.0.0 -p 6443 -m aes-256-cfb -k rootroot --fast-open"

# client
$ docker run -d --restart=always --name ssclient -p 1080:1080 mritd/shadowsocks \
  -m "ss-local" -s "-s $SSSERVER_IP -p 6443 -b 0.0.0.0 -l 1080 -m aes-256-cfb -k rootroot --fast-open"

方案2 (kcptun 加速,24小时内 被封)

# server
$ sudo firewall-cmd --zone=public --add-port=8500/udp --permanent  # 开启服务端 端口
$ sudo docker run -d --restart=always --name ssserver -p 6443:6443 -p 8500:8500/udp mritd/shadowsocks \
  -m "ss-server" -s "-s 0.0.0.0 -p 6443 -m aes-256-cfb -k meiyoumima --fast-open -n 5 " \
  -x -e "kcpserver" -k "-t 127.0.0.1:6443 -l :8500 -mode fast2"

# client
$ sudo docker run -d --restart=always --name ssclient -p 1080:1080 mritd/shadowsocks \
  -m "ss-local" -s "-s 127.0.0.1 -p 8500 -b 0.0.0.0 -l 1080 -m aes-256-cfb -k meiyoumima --fast-open" \
  -x -e "kcpclient" -k "-r $SSSERVER_IP:8500 -l :8500 -mode fast2"

方案3 Udp2raw-tunnel

# ssserver
docker run -d --restart=always --name ssserver -p 6443:6443 mritd/shadowsocks -s "-s 0.0.0.0 -p 6443 -m aes-256-cfb -k rootroot --fast-open"

# kcptun server
./server_linux_amd64 -t "0.0.0.0:6443" -l ":4000" -mode fast2  -mtu 1200

# hudp2raw server
./udp2raw_amd64 -s -l 0.0.0.0:2096 -r 0.0.0.0:4000 -k "passwd:meiyoumima" --raw-mode faketcp -a


####-------- G -- F -- W  -------####

# hudp2raw client
./udp2raw_amd64 -c -r $SERVER_IP:2096 -l 0.0.0.0:4000 --raw-mode faketcp -a -k "passwd:meiyoumima"


# kcptun client
./client_linux_amd64  -r "0.0.0.0:4000" -l ":8388" -mode fast2 -mtu 1200

# ssclient
sudo docker run -d  --name ssclient -p 1081:1080 mritd/shadowsocks -m "ss-local" -s "-s 192.168.2.3 -p 8388 -b 0.0.0.0 -l 1080 -m aes-256-cfb -k rootroot --fast-open"

1. 牛逼的shadowsocks

安装 shadowsocks

# ubuntu
$ export LC_ALL=C
$ sudo apt-get install python-pip

$ sudo pip install --upgrade pip -i https://pypi.mirrors.ustc.edu.cn/simple
$ sudo pip install shadowsocks  -i https://pypi.mirrors.ustc.edu.cn/simple

配置 shadowsocks

Server

#  1. 手动启动

$ sudo ssserver -p 8388 -k password -m aes-256-cfb --user nobody -d start

# 2. 配置自动启动(ubuntu)
$ sudo tee /etc/shadowsocks.json <<-'EOF'
{
    "server":"my_server_ip",
    "server_port":8388,
    "local_address": "127.0.0.1",
    "local_port":1080,
    "password":"mypassword",
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": false,
    "workers": 100
}
EOF

$ sudo tee /etc/init.d/shadowsocks-start.sh <<-'EOF'
#! /bin/sh
### BEGIN INIT INFO
# Provides:          shadowsocks
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Should-Start:      $network $time
# Should-stop:       $network $time
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: shadowsocks.
### END INIT INFO
/usr/local/bin/ssserver -c /etc/shadowsocks.json -d start
EOF

# 设置启动等级:
$ sudo chmod a+x /etc/init.d/shadowsocks-start.sh
$ sudo update-rc.d shadowsocks-start.sh defaults 90

$ service shadowsocks-start.sh start/stop/restart

Client

  • Ubuntu
$ sudo tee /etc/shadowsocks.json <<-'EOF'
{
    "server":"my_server_ip",
    "server_port":8388,
    "local_address": "127.0.0.1",
    "local_port":1080,
    "password":"mypassword",
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": true,
    "workers": 100
}
EOF

# workers - 并发数

# 手动启动,停止
$ sudo sslocal -c /etc/shadowsocks.json
$ sudo sslocal -c /etc/shadowsocks.json -d start
$ sudo sslocal -c /etc/shadowsocks.json -d stop
$ sudo sslocal -c /etc/shadowsocks.json -d restart

# 配置开机自启动
$ sudo tee /etc/init.d/shadowsocks-start.sh <<-'EOF'
#!/bin/sh
### BEGIN INIT INFO
# Provides:          shadowsocks
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Should-Start:      $network $time
# Should-stop:       $network $time
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: shadowsocks.
### END INIT INFO
/usr/local/bin/sslocal -c /etc/shadowsocks.json -d start
EOF

# 设置启动等级:
$ sudo chmod a+x /etc/init.d/shadowsocks-start.sh
$ sudo update-rc.d shadowsocks-start.sh defaults 90

# 测试
$ google-chrome --proxy-server=socks5://127.0.0.1:1080

kcptun 加速

属性 客户端 服务器
listener_port 与shadowsocks交互的端口 对外的端口
target_ip 服务器的IP 本机
target_port 服务器的端口(listen_port) 与shadowsocks交互的端口

2. 神奇的SwitchyOmega

配置代理

alternate text

配置自动切换

导入在线,规则列表,立即更新情景模式

在线规则列表:
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
alternate text

3. polipo http/https的代理转发

Shadowsocks是我们常用的代理工具,它使用socks5协议,而终端很多工具目前只支持http和https等协议,对socks5协议支持不够好, 所以需要将socks协议转换成http协议.

# ubuntu
$ sudo apt-get install polipo
$ sudo polipo -v
$ man polipo
# the default values.  See /usr/share/doc/polipo/examples/config.sample

# mac
$ brew  search polipo
$ sudo mkdir /etc/polipo
$ sudo tee /etc/polipo/config <<-'EOF'

# This file only needs to list configuration variables that deviate
# from the default values.  See /usr/share/doc/polipo/examples/config.sample
# and "polipo -v" for variables you can tweak and further information.

logSyslog = true
logFile = /var/log/polipo/polipo.log

socksParentProxy = "127.0.0.1:1080"
socksProxyType = socks5

proxyAddress = "0.0.0.0"
proxyPort = 8123
allowedClients = 127.0.0.1, ::1, 192.168.8.0/24

EOF

# ubuntu
$ sudo service polipo restart

# mac
$ sudo mkdir /var/log/polipo
$ sudo polipo socksParentProxy=localhost:1080
socksParentProxy : 上级代理ip,端口
socksProxyType   : 是上级代理类型

proxyAddress     : 监听的ip
proxyPort        : 是本地监听端口
allowedClients   : 是允许连接ip范围
# 以ubuntu 测试通过
echo -e "\n------------------------------------------\n"
curl ip.gs
#curl ifconfig.me
echo -e "\n------------------------------------------\n"

export https_proxy=https://127.0.0.1:8123
export  http_proxy=http://127.0.0.1:8123
export HTTPS_PROXY=https://127.0.0.1:8123
export  HTTP_PROXY=http://127.0.0.1:8123

curl ip.gs
#curl ifconfig.me
echo -e "\n------------------------------------------\n"

$ git config --global http.proxy=localhost:8123