首頁 / 精華文章 / [CentOS]實戰Shadowsocks,上網就該如此簡單!

[CentOS]實戰Shadowsocks,上網就該如此簡單!

Surfing, it’s so simple! 上網就該如此簡單!,如同大陸同胞常喊的,Shadowsocks跟Squid一樣是很成熟的Proxy程式了,雖然我自己是比較喜歡Squid,但是應用在手機上連線就比較麻煩了,免費VPN一大堆,可是限制很多、不然就是廣告一大堆 🙁 所以選擇了占用資源最少的shadowsocks-libev,而且全部透過yum安裝,在CentOS 6.10 (Final)7.6.1810安裝上也順利成功執行,方便性非常高 😋
至於說為什麼要選買VPS裝Shadowsocks不直接買VPN呢,比如說在HostUS租個最便宜的KVM-0.5方案(512MB記憶體、750GB流量),一年只需要45美金(約1,400台幣),若是在RamNode租512MB SKVMS方案(512MB記憶體、1TB流量),一年只需要32.40美金(約1,010台幣),所以如果擔心網速慢又不想跟太多人共用頻寬,而且沒有特殊需要切換國家的需求,如果又想學習操作Linux(或是過個乾癮?!),買個便宜的VPS來裝Shadowsocks做VPN應用是最實惠的。;)

1. 安裝epel的軟體源

cd /usr/src
rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

2. 下載librehat的repo

rpm --import https://copr-be.cloud.fedoraproject.org/results/librehat/shadowsocks/pubkey.gpg
wget -P /etc/yum.repos.d/ https://copr.fedorainfracloud.org/coprs/librehat/shadowsocks/repo/epel-7/librehat-shadowsocks-epel-7.repo

3. 安裝依賴套件並更新系統,此時應該會出現有shadowsocks-libev可以安裝了 😝

yum install -y gcc gettext autoconf automake make libtool pcre-devel asciidoc xmlto c-ares-devel libev-devel libsodium-devel mbedtls-devel zlib-devel openssl-devel
yum update -y && yum info shadowsocks-libev


4. 安裝shadowsocks-libev

yum install -y shadowsocks-libev

5. 修改設定檔,請注意server_port、password兩個部分可以自訂,其他無須修改

rm -f /etc/shadowsocks-libev/config.json
cat >> /etc/shadowsocks-libev/config.json <<- EOF
{
"server":["::0","0.0.0.0"],
"mode":"tcp_and_udp",
"server_port":8088,
"password":"520be",
"timeout":60,
"method":"chacha20-ietf-poly1305"
}
EOF

6. 設定防火牆,將自訂的8088連接埠加入白名單(預設是8388)

service iptables stop
iptables -A INPUT -p tcp --dport 8088 -j ACCEPT
iptables -A INPUT -p udp --dport 8088 -j ACCEPT
service iptables save
systemctl restart iptables

###firewalld切換成下列指令

firewall-cmd --permanent --add-port=8088/tcp
firewall-cmd --permanent --add-port=8088/udp
firewall-cmd --reload

7. 啟用shadowsocks-libev服務並啟動shadowsocks-libev

systemctl enable shadowsocks-libev
systemctl start shadowsocks-libev

額外的指令

檢查shadowsocks-libev啟動狀態

systemctl status shadowsocks-libev -l
ps ax | grep ss-server
netstat -atunp | grep ss-server
查詢最消耗記憶體的程式

top -b -o +%MEM
(可選)最佳化系統的吞吐量、支撐能力

ulimit -n 51200
sysctl -w net.core.default_qdisc=fq
sysctl -w net.core.rmem_default=65536
sysctl -w net.core.wmem_default=65536
sysctl -w net.core.rmem_max=67108864
sysctl -w net.core.wmem_max=67108864
sysctl -w net.core.netdev_max_backlog=4096
sysctl -w net.ipv4.tcp_congestion_control=htcp
sysctl -w net.ipv4.tcp_mtu_probing=1
sysctl -w net.ipv4.tcp_rmem='4096 87380 33554432'
sysctl -w net.ipv4.tcp_wmem='4096 65536 33554432'
###個人常用的最佳化指令開始
sysctl -w net.core.optmem_max=25165824
sysctl -w net.core.somaxconn=4096
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv4.route.flush=1
sysctl -w net.ipv4.tcp_fastopen=3
sysctl -w net.ipv4.tcp_fin_timeout=30
sysctl -w net.ipv4.tcp_keepalive_time=1200
sysctl -w net.ipv4.tcp_max_syn_backlog=4096
sysctl -w net.ipv4.tcp_max_tw_buckets=1440000
sysctl -w net.ipv4.tcp_mtu_probing=1
sysctl -w net.ipv4.tcp_syncookies=1
sysctl -w net.ipv4.tcp_tw_recycle=0
sysctl -w net.ipv4.tcp_tw_reuse=1
sysctl -w fs.file-max=2097152
###個人常用的最佳化指令結束
sysctl --system

客戶端

  • Android
  • iOS
  • 瀏覽器
  • Windows
  • Mac OS
  • Linux
  • OpenWRT
  • opkg install shadowsocks-libev
  • opkg install shadowsocks-libev-polarssl

Comments

comments

關於 窮苦人家的小孩

In every democracy, the people get the government they deserve. ~Alexis de Tocqueville
上一篇:
下一篇:

您可能會喜歡

使用7-Zip做一個自動備份的批次檔

首先安裝7-Zip 19.00 …

發佈留言