查看“Debian利用shadowsocks和polipo终端代理翻墙”的源代码

= shadowsocks和polipo= 

终端翻墙的方法，通过shadowsocks和polipo来实现

==安装shadowsocks==
安装python包管理工具：
 sudo apt-get install python-pip

===apt===
<pre>#apt 
sudo apt install software-properties-common -y
sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y
sudo apt update
sudo apt install shadowsocks-libev

vi /etc/shadowsocks-libev/config.json
{
 "server":"127.0.0.1",
 "server_port":8388,
 "local_port":1080,
 "password":"focobguph",
 "timeout":60,
 "method":"chacha20-ietf-poly1305"
}

sudo systemctl enable shadowsocks-libev.service

</pre>

===pip===
<pre>
pip install shadowsocks
#sudo pip install shadowsocks #格式有时不对，要小心
vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json
{
"server": "xxx.xxx.xxx.xxx",
"server_port": xxxx,
"local_port": 1080,
"password": "xxxxxxx",
"timeout": 600,
"method": "aes-256-cfb"
}

eg

echo '{
    "server":"linuxsh.org",
    "server_port":443,
    "local_port":1080,
    "password":"laepassword",
    "timeout":600,
    "method":"aes-256-cfb"
}' >shadowsocks.json </pre>

[https://www.linuxbabe.com/ubuntu/shadowsocks-libev-proxy-server-ubuntu-16-04-17-10 How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04]

==安装polipo：==
<pre>sudo apt-get install polipo -y

#修改polipo配置文件
echo 'logSyslog = true
logFile = /var/log/polipo/polipo.log
proxyAddress = "0.0.0.0"
socksParentProxy = "127.0.0.1:1080"
socksProxyType = socks5
chunkHighMark = 50331648
objectHighMark = 16384
serverMaxSlots = 64
serverSlots = 16
serverSlots1 = 32' >/etc/polipo/config </pre>

==启动服务==
<pre>
#启动shadowsocks服务： 如果是pip inst
sudo  sslocal -c /root/shadowsocks.json -d start
#重启polipo服务：
 /etc/init.d/polipo restart
设置http和https代理：
export http_proxy="http://127.0.0.1:8123/"
export https_proxy=$http_proxy 

如果想长期 加到 /etc/profile


cat >> /etc/profile <<EOF
export http_proxy=http://127.0.0.1:8123
export https_proxy=http://127.0.0.1:8123
export ftp_proxy=http://127.0.0.1:8123
EOF

 source /etc/profile

#不要代理的 也要加进去
export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16'




这里最好是gnome3 手工设置代理呢 如果你是有桌面的话

127.0.0.1 8123
测试
访问谷歌，若有反应则成功：
w3m google.com
curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样

这个在ubbuntu16.04 server 中是成功的 centos的要再看一下

</pre>

=浏览器=
<pre>

#本地apt shadowsock and then  ok 20190728 因为我本地的端口是7070
chromium --proxy-server="http=socks5://127.0.0.1:1080"
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070"


chromium --proxy-server="http=socks5://127.0.0.1:1080"
chromium --proxy-server="https=socks5://127.0.0.1:1080"
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080"

chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080"
</pre>
https://www.linuxdashen.com/%E5%9C%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E4%B8%8B%E4%B8%BAchromium%E5%92%8Cgoogle-chrome%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BE%E7%BD%AE%E4%BB%A3%E7%90%86

=gnome 全局=

network proxy 
HTTP 127.0.0.1  8123
HTTPS 127.0.0.1 8123 
这样就可以全局翻墙 然后 安装上chrome 扩展

=SS+PAC=
[https://www.jianshu.com/p/11a3f84b6782 Manjaro17.0.1(xfce)+SS+PAC模式配置笔记]

= xfce=

要看一下这个 上次就是终端可以 ss 但是浏览器不行 
[https://scalpel.vip/2017/03/06/xfceautoproxy/ Xfce桌面环境下通过pac实现自动代理]

[https://github.com/yueyoum/myblogposts/blob/master/2013-01/%E4%B8%BAXfce4%E6%A1%8C%E9%9D%A2%E7%8E%AF%E5%A2%83%E8%AE%BE%E7%BD%AE%E5%85%A8%E5%B1%80%E4%BB%A3%E7%90%86.md 为Xfce4桌面环境设置全局代理]

[https://my.oschina.net/u/1444992/blog/600517 Xfce设置代理Proxy]

=trouble shooting=

 "timeout": 600,  这个记得不能设置太短 我一开始也是不可以的，后来改了几处，加上重启什么的 竟然就好了  可能是一开始就是好的呢

==Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本，导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误==
<pre>
最近将kali升级到了最新版本，编译之后shadowsocks无法启动，报错如下：

INFO: loading config from ss.json 
2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1 
Traceback (most recent call last): 
File “/usr/local/bin/sslocal”, line 11, in 
sys.exit(main()) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main 
config = shell.get_config(True) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config 
check_config(config, is_local) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config 
encrypt.try_cipher(config[‘password’], config[‘method’]) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher 
Encryptor(key, method) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init 
random_string(self._method_info[1])) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher 
return m[2](method, key, iv, op) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init 
load_openssl() 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl 
libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 
File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr 
func = self.getitem(name) 
File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem 
func = self._FuncPtr((name_or_ordinal, self)) 
AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup

这个问题是由于在openssl1.1.0版本中，废弃了EVP_CIPHER_CTX_cleanup函数，如官网中所说：

EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. 
EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().

修改方法：

# pip install
用vim打开文件：vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改，如果不知道该文件在哪里的话，可以使用find命令查找文件位置)
跳转到52行（shadowsocks2.8.2版本，其他版本搜索一下cleanup）
进入编辑模式
将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 
改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,)
再次搜索cleanup（全文件共2处，此处位于111行），将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx) 
改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx)
保存并退出
启动shadowsocks服务：service shadowsocks start 或 sslocal -c ss配置文件目录

</pre>

=see also=

[https://www.jianshu.com/p/c30c1e7b90cf Ubuntu16.04 终端翻墙]

[https://blog.itnmg.net/2016/04/30/shadowsocks/ CentOS 7 安装 Shadowsocks 科学上网]

[http://forum.ubuntu.org.cn/viewtopic.php?t=291484 在xfce下的chrome浏览器如何设置代理服务器？(已解决，换浏览器）]


[https://blog.fazero.me/2015/09/15/%E8%AE%A9%E7%BB%88%E7%AB%AF%E8%B5%B0%E4%BB%A3%E7%90%86%E7%9A%84%E5%87%A0%E7%A7%8D%E6%96%B9%E6%B3%95/ 让终端走代理的几种方法]

[http://adagio-cantabile.github.io/2016/12/06/install-shadowsocks-in-ubuntu.html 如何在ubuntu16通过终端设置shadowsocks实现科学上网]


[https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel]

[[category:linux]] [[category:ops]]