阅读 1130

Linux下SSR的使用

下载ssr

(base) [root@node46 zhangjx]# git clone http://git.mrwang.pw/Reed/Linux_ssr_script.git
Cloning into 'Linux_ssr_script'...
remote: Counting objects: 16, done.
remote: Compressing objects: 100% (15/15), done.
remote: Total 16 (delta 4), reused 0 (delta 0)
Unpacking objects: 100% (16/16), done.
(base) [root@node46 zhangjx]# cd Linux_ssr_script/
(base) [root@node46 Linux_ssr_script]# ls
LICENSE  README.md  ssr
(base) [root@node46 Linux_ssr_script]# chmod u+x ssr 
(base) [root@node46 Linux_ssr_script]# mv ssr /usr/bin/
复制代码

安装ssr

(base) [root@node46 Linux_ssr_script]# ssr install
Cloning into '/root/.local/share/shadowsocksr'...
remote: Counting objects: 5490, done.
remote: Compressing objects: 100% (1669/1669), done.
remote: Total 5490 (delta 3799), reused 5490 (delta 3799)
Receiving objects: 100% (5490/5490), 1.71 MiB | 0 bytes/s, done.
Resolving deltas: 100% (3799/3799), done.
Install finished!\nYou can visit my website http://ss.pythonic.life to acquire free ssr configs
复制代码

配置ssr

(base) [root@node46 Linux_ssr_script]# ssr config 

{
    "server": "0.0.0.0",
    "server_ipv6": "::",
    "server_port": 8388,
    "local_address": "127.0.0.1",
    "local_port": 1080,

    "password": "m",
    "method": "chacha20-ietf",
    "protocol": "auth_aes128_sha1",
    "protocol_param": "84346:rEPKTU",
    "obfs": "plain",
    "obfs_param": "c340884346.microsoft.com",
    "speed_limit_per_con": 0,
    "speed_limit_per_user": 0,

    "additional_ports" : {}, // only works under multi-user mode
    "additional_ports_only" : false, // only works under multi-user mode
    "timeout": 120,
    "udp_timeout": 60,
    "dns_ipv6": false,
    "connect_verbose_info": 0,
    "redirect": "",
    "fast_open": false
}
复制代码
  • server: 对应服务器的ip地址或者域名
  • server_port: 服务对应的port
  • local_address: 本地ip地址,默认值为127.0.0.1
  • local_port: 本地端口,默认为1080
  • 其他与window ssr相关参数对应:

Note: 如果加密试用chacha20,salsa20、chacha20-ietf等高级加密方式,需要安装libsodium扩展库,否则启动会报错:Exception: libsodium not found

## centos 
yum install libsodium.x86_64 -y
复制代码

启动并测试

(base) [root@node46 Linux_ssr_script]# ssr start
(base) [root@node46 Linux_ssr_script]# ss -ltnp | grep 1080
LISTEN     0      128    127.0.0.1:1080                     *:*                   users:(("python",pid=6746,fd=4))

(base) [root@node46 Linux_ssr_script]# ping www.google.com
PING www.google.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=1 ttl=54 time=36.8 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=2 ttl=54 time=36.5 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=3 ttl=54 time=36.7 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=4 ttl=54 time=36.8 ms
^C
--- www.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 36.586/36.770/36.872/0.224 ms
(base) [root@node46 Linux_ssr_script]# curl www.google.com
(base) [root@node46 Linux_ssr_script]# curl www.google.com -i
HTTP/1.1 403 Forbidden
Server: bfe
Date: Tue, 17 Nov 2020 01:59:00 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8
复制代码
  • 能够ping同,却不能获取网页内容

关闭

(base) [root@node46 Linux_ssr_script]# ssr stop 
复制代码

安装Privoxy

yum install -y epel-release
yum install -y privoxy
复制代码

配置Privoxy(全局代理)

echo 'forward-socks5 / 127.0.0.1:1080 .' >> /etc/privoxy/config
# Privoxy 默认监听端口是是8118
export http_proxy=http://127.0.0.1:8118
export https_proxy=http://127.0.0.1:8118
复制代码

启动Privoxy并测试

(base) [root@node46 Linux_ssr_script]# systemctl start privoxy
(base) [root@node46 Linux_ssr_script]# curl www.google.com -i
HTTP/1.1 200 OK
Date: Tue, 17 Nov 2020 02:02:28 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2020-11-17-02; expires=Thu, 17-Dec-2020 02:02:28 GMT; path=/; domain=.google.com; Secure
Set-Cookie: NID=204=WAlHB1rfcz-9LRPUpDos-ewKfNXlmGhBkbn5CnmAt9_MvN4QsvT8WJhFmRbZQrFHHN0z4r0faxn5lZkcBl06y8eTLSvB0OuO27nV3e7lIlAv1LU-wY1p1E3yZ4s7HVtFT5rLPRoMdhN0VKSMwZE_NYwSLnCO5T5PCVKsJxro6RA; expires=Wed, 19-May-2021 02:02:28 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
Proxy-Connection: keep-alive
复制代码

配置其他节点可以使用代理

(base) [root@node46 Linux_ssr_script]# cat  /etc/privoxy/config  | grep -v "#"
confdir /etc/privoxy
logdir /var/log/privoxy
filterfile default.filter
logfile logfile
listen-address  127.0.0.1:8118  # 改为0.0.0.0:8118
toggle  1
enable-remote-toggle  0
enable-remote-http-toggle  0
enable-edit-actions 0
enforce-blocks 0
buffer-limit 4096
enable-proxy-authentication-forwarding 0
forwarded-connect-retries  0
accept-intercepted-requests 0
allow-cgi-request-crunching 0
split-large-forms 0
keep-alive-timeout 5
tolerate-pipelining 1
socket-timeout 300
forward-socks5 / 127.0.0.1:1080 .
(base) [root@node46 Linux_ssr_script]# systemctl restart privoxy
复制代码

配置PAC代理

git clone https://github.com/SAMZONG/gfwlist2privoxy.git
cd gfwlist2privoxy/
(base) [root@node46 gfwlist2privoxy]# sh gfwlist2privoxy 
proxy(socks5): 127.0.0.1:1080
{+forward-override{forward-socks5 127.0.0.1:1080 .}}

=================================================================

"cp -af /home/zhangjx/gfwlist2privoxy/gfw.action /etc/privoxy/"

(base) [root@node46 gfwlist2privoxy]# cp -af /home/zhangjx/gfwlist2privoxy/gfw.action /etc/privoxy/
cp: overwrite ‘/etc/privoxy/gfw.action’? y
(base) [root@node46 gfwlist2privoxy]# echo 'actionsfile gfw.action' >> /etc/privoxy/config
(base) [root@node46 gfwlist2privoxy]# 
(base) [root@node46 gfwlist2privoxy]# systemctl restart privoxy
复制代码
文章分类
后端
文章标签