逆向行駛 最愛的最殘酷、最美的最虛無
Surfing, it’s so simple! 上網就該如此簡單!,如同大陸同胞常喊的,Shadowsocks跟Squid一樣是很成熟的Proxy程式了,雖然我自己是比較喜歡Squid,但是應用在手機上連線就比較麻煩了,免費VPN一大堆,可是限制很多、不然就是廣告一大堆 🙁 所以選擇了佔用資源最少的shadowsocks-libev,而且全部透過yum安裝,在CentOS 6.10 (Final)、7.6.1810安裝上也順利成功執行,方便性非常高🤖🤓🤖
至於說為什麼要選買VPS裝Shadowsocks不直接買VPN呢,比如說在HostUS租個最便宜的KVM-0.5方案(512MB記憶體、750GB流量),一年只需要45美金(約1,400台幣),若是在RamNode租512MB SKVMS方案(512MB記憶體、1TB流量),一年只需要32.40美金(約1,010台幣),所以如果擔心網速慢又不想跟太多人共用頻寬,而且沒有特殊需要切換國家的需求,如果又想學習操作Linux(或是過個乾癮?!),買個便宜的VPS來裝Shadowsocks做VPN應用是最實惠的 🤖🤓🤖
安裝方法
1. 安裝epel的軟件源
|
1 2 3 |
cd /usr/src rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm |
2. 下載librehat的repo
|
1 2 |
rpm --import https://copr-be.cloud.fedoraproject.org/results/librehat/shadowsocks/pubkey.gpg wget -P /etc/yum.repos.d/ https://copr.fedorainfracloud.org/coprs/librehat/shadowsocks/repo/epel-7/librehat-shadowsocks-epel-7.repo |
3. 安裝依賴套件並更新系統,此時應該會出現有shadowsocks-libev可以安裝了 🤓
|
1 2 |
yum install -y gcc gettext autoconf automake make libtool pcre-devel asciidoc xmlto c-ares-devel libev-devel libsodium-devel mbedtls-devel zlib-devel openssl-devel yum update -y && yum info shadowsocks-libev |
4. 安裝shadowsocks-libev
|
1 |
yum install -y shadowsocks-libev |
|
1 2 3 4 5 6 7 8 9 10 11 |
rm -f /etc/shadowsocks-libev/config.json cat >> /etc/shadowsocks-libev/config.json <<- EOF { "server":["::0","0.0.0.0"], "mode":"tcp_and_udp", "server_port":8088, "password":"520be", "timeout":60, "method":"chacha20-ietf-poly1305" } EOF |
6. 設定防火牆,將自訂的8088連接埠加入白名單(預設是8388)
|
1 2 3 4 5 |
service iptables stop iptables -A INPUT -p tcp --dport 8088 -j ACCEPT iptables -A INPUT -p udp --dport 8088 -j ACCEPT service iptables save systemctl restart iptables |
# firewalld切換成下列指令
|
1 2 3 |
firewall-cmd --permanent --add-port=8088/tcp firewall-cmd --permanent --add-port=8088/udp firewall-cmd --reload |
7. 啟用shadowsocks-libev服務並啟動shadowsocks-libev
|
1 2 |
systemctl enable shadowsocks-libev systemctl start shadowsocks-libev |
額外的指令
# 檢查shadowsocks-libev啟動狀態
systemctl status shadowsocks-libev -l
ps ax | grep ss-server
netstat -atunp | grep ss-server
# 查詢最消耗記憶體的程式
top -b -o +%MEM
# (可選)最佳化系統的吞吐量、支撐能力
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
ulimit -n 51200 sysctl -w net.core.default_qdisc=fq sysctl -w net.core.rmem_default=65536 sysctl -w net.core.wmem_default=65536 sysctl -w net.core.rmem_max=67108864 sysctl -w net.core.wmem_max=67108864 sysctl -w net.core.netdev_max_backlog=4096 sysctl -w net.ipv4.tcp_congestion_control=htcp sysctl -w net.ipv4.tcp_mtu_probing=1 sysctl -w net.ipv4.tcp_rmem='4096 87380 33554432' sysctl -w net.ipv4.tcp_wmem='4096 65536 33554432' # 個人常用的最佳化指令開始 sysctl -w net.core.optmem_max=25165824 sysctl -w net.core.somaxconn=4096 sysctl -w net.ipv4.ip_forward=1 sysctl -w net.ipv4.route.flush=1 sysctl -w net.ipv4.tcp_fastopen=3 sysctl -w net.ipv4.tcp_fin_timeout=30 sysctl -w net.ipv4.tcp_keepalive_time=1200 sysctl -w net.ipv4.tcp_max_syn_backlog=4096 sysctl -w net.ipv4.tcp_max_tw_buckets=1440000 sysctl -w net.ipv4.tcp_mtu_probing=1 sysctl -w net.ipv4.tcp_syncookies=1 sysctl -w net.ipv4.tcp_tw_recycle=0 sysctl -w net.ipv4.tcp_tw_reuse=1 sysctl -w fs.file-max=2097152 ###個人常用的最佳化指令結束 sysctl --system |
- ref.
- librehat/shadowsocks
- Shadowsocks 使用說明 · shadowsocks Wiki
- Shadowsocks Windows 使用說明 · shadowsocks Wiki
- Configuration via Config File · shadowsocks Wiki
- Troubleshooting · shadowsocks Wiki
- Optimizing Shadowsocks · shadowsocks Wiki
客戶端
- Android
- iOS
- 瀏覽器
- Windows
- Mac OS
- Linux
- OpenWRT
pip install shadowsocks- Shadowsocks-Qt5 @ GitHub
- Outline @ GitHub
opkg install shadowsocks-libevopkg install shadowsocks-libev-polarssl
