查看“Debian利用shadowsocks和polipo终端代理翻墙”的源代码
←
Debian利用shadowsocks和polipo终端代理翻墙
跳到导航
跳到搜索
因为以下原因,您没有权限编辑本页:
您所请求的操作仅限于该用户组的用户使用:
用户
您可以查看与复制此页面的源代码。
=改进= ==SSR and privoxy== [https://samzong.me/2017/11/17/howto-use-ssr-on-linux-terminal/ howto-use-ssr-on-linux-terminal] ==v2ray== [https://www.imcaviare.com/2018-12-18-1/ linux下使用v2ray客户端以及PAC配置] =requ= OS debian or ubuntu = shadowsocks和polipo= 终端翻墙的方法,通过shadowsocks和polipo来实现 ==安装shadowsocks== 安装python包管理工具: sudo apt-get install python-pip ===apt=== <pre>#apt sudo apt install software-properties-common -y #sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y sudo apt update #apt安装的 试过不能用 ,得用pip安装的才行 sudo apt install shadowsocks-libev vi /etc/shadowsocks-libev/config.json { "server":"127.0.0.1", "server_port":8388, "local_port":1080, "password":"focobguph", "timeout":60, "method":"chacha20-ietf-poly1305" } sudo systemctl enable shadowsocks-libev.service </pre> ===pip=== <pre> apt install python-pip apt install libsodium-dev pip install https://github.com/shadowsocks/shadowsocks/archive/master.zip -U # pip install shadowsocks 老版本的放弃了 #sudo pip install shadowsocks #格式有时不对,要小心 vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json { "server": "xxx.xxx.xxx.xxx", "server_port": xxxx, "local_port": 1080, "password": "xxxxxxx", "timeout": 600, "method": "aes-256-cfb" } eg echo '{ "server":"linuxsh.org", "server_port":443, "local_port":1080, "password":"laepassword", "timeout":600, "method":"aes-256-cfb" }' >shadowsocks.json 验证Shadowsocks客户端是否正常运行 curl --socks5 127.0.0.1:1080 http://httpbin.org/ip 若Shadowsock客户端已正常运行,则结果如下: { "origin": "x.x.x.x" #你的Shadowsock服务器IP } </pre> [https://www.linuxbabe.com/ubuntu/shadowsocks-libev-proxy-server-ubuntu-16-04-17-10 How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04] ==安装polipo:== <pre> # 警告: Polipo 已经停止维护,建议使用 squid, privoxy 等其它方案 sudo apt-get install polipo -y #修改polipo配置文件 echo 'logSyslog = true logFile = /var/log/polipo/polipo.log proxyAddress = "0.0.0.0" socksParentProxy = "127.0.0.1:1080" socksProxyType = socks5 chunkHighMark = 50331648 objectHighMark = 16384 serverMaxSlots = 64 serverSlots = 16 serverSlots1 = 32' >/etc/polipo/config </pre> [http://fatsoon.com/2015/02/11/2015-02-11-shadowsocks-polipo/#polipo ubuntu上使用shadowsocks + polipo配置socks5和http代理] [https://help.ubuntu.com/community/Polipo help.ubuntu.com Polipo] https://wiki.archlinux.org/index.php/Polipo_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87) ==Privoxy== 如果没用 polipo 例如今天ubuntu20.04 https://wiki.linuxchina.net/index.php/CentOS7.x%E5%AE%89%E8%A3%85%E9%85%8D%E7%BD%AEShadowsocks%E5%AE%A2%E6%88%B7%E7%AB%AF%E7%BB%88%E7%AB%AF%E7%BF%BB%E5%A2%99#.E5.AE.89.E8.A3.85.E9.85.8D.E7.BD.AEPrivoxy ==启动服务== <pre> #启动shadowsocks服务: 如果是pip inst sudo sslocal -c /root/shadowsocks.json -d start #重启polipo服务: /etc/init.d/polipo restart 设置http和https代理: export http_proxy="http://127.0.0.1:8123/" export https_proxy=$http_proxy 如果想长期 加到 /etc/profile cat >> /etc/profile <<EOF export http_proxy=http://127.0.0.1:8123 export https_proxy=http://127.0.0.1:8123 export ftp_proxy=http://127.0.0.1:8123 EOF source /etc/profile #不要代理的 也要加进去 export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16' 这里最好是gnome3 手工设置代理呢 如果你是有桌面的话 127.0.0.1 8123 测试 访问谷歌,若有反应则成功: w3m google.com curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样 这个在ubbuntu16.04 server 中是成功的 centos的要再看一下 也可以直接apt 代理 .apt.conf文件中配置http代理信息(永久有效) sudo gedit /etc/apt/apt.conf在您的apt.conf文件中加入下面这行 Acquire::http::Proxy "http://proxy_addr:proxy_port"; </pre> ===其它机器代理 === <pre> cat >> /etc/profile <<EOF export http_proxy=http://polipo IP:8123 export https_proxy=http://polipo IP:8123 export ftp_proxy=http://polipo IP:8123 EOF source /etc/profile #这样其它机器在同一个局域网就不用安装polipo了 直接代理 </pre> ===自启动=== <pre> #on debian 10不太行呢 有空再试吧 直接放 /etc/rc.local 吧 #但是在centos7上是成功的呢 看一下有什么不同 cat >> /etc/systemd/system/shadowsocks.service <<EOF [Unit] Description=Shadowsocks [Service] TimeoutStartSec=0 ExecStart=/usr/local/bin/sslocal -c /root/shadowsocks.json #ExecStart=/usr/bin/sslocal -c /etc/shadowsocks/shadowsocks.json [Install] WantedBy=multi-user.target EOF systemctl enable shadowsocks.service systemctl start shadowsocks.service systemctl status shadowsocks.service Created symlink /etc/systemd/system/multi-user.target.wants/shadowsocks.service → /etc/systemd/system/shadowsocks.service. </pre> =浏览器= <pre> #本地apt shadowsock and then ok 20190728 因为我本地的端口是7070 chromium --proxy-server="http=socks5://127.0.0.1:1080" /opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070" chromium --proxy-server="http=socks5://127.0.0.1:1080" chromium --proxy-server="https=socks5://127.0.0.1:1080" /opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080" chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080" </pre> https://www.linuxdashen.com/%E5%9C%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E4%B8%8B%E4%B8%BAchromium%E5%92%8Cgoogle-chrome%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BE%E7%BD%AE%E4%BB%A3%E7%90%86 =优化= [https://blog.csdn.net/wanghelou123/article/details/66477460 终端代理方法proxychains ] [https://libertyleadingnetwork.blogspot.com/2019/08/shadowsocksss-redirprivoxytpproxy.html shadowsocks透明代理的几种实现方式:ss-redir,privoxy,tproxy] [https://www.zfl9.com/ss-local.html ss-local 终端代理(gfwlist) ] 内网不FQ 和 PAC 请见 [http://CentOS7.x%E5%AE%89%E8%A3%85%E9%85%8D%E7%BD%AEShadowsocks%E5%AE%A2%E6%88%B7%E7%AB%AF%E7%BB%88%E7%AB%AF%E7%BF%BB%E5%A2%99#.E9.85.8D.E7.BD.AEPAC.E6.A8.A1.E5.BC.8F 配置PAC模式] ==Enable TCP Fast Open == <pre> You can speed up Shadowsocks by enabling TCP fast open. TCP is connection-oriented protocol, which means data can only be exchanged after a connection is established, which is done via the three way handshake. In other words, traditionally, data can only be exchanged after the three way handshake is complete. TCP fast open (TFO) is a mechanism that allows data to be exchanged before three way handshake is complete, saving up to 1 round-trip time (RTT). TCP fast open support is merged to Linux kernel since version 3.7 and enabled by default since version 3.13. You can check your kernel version by running: uname -r To check TCP fast open configuration on your Ubuntu server, run cat /proc/sys/net/ipv4/tcp_fastopen It can return 4 values. 0 means disabled. 1 means it’s enabled for outgoing connection (as a client). 2 means it’s enabled for incoming connection (as a server). 3 means it’s enabled for both outgoing and incoming connection. All my Ubuntu 16.04/17.10 VPS (Virtual Private Server) returned 1 after running the above command. We want tcp_fastopen set to 3 on our server. To achieve that, we can edit the sysctl configuration file. sudo nano /etc/sysctl.conf Then paste the following line at the end of the file. net.ipv4.tcp_fastopen=3 Reload sysctl settings for the change to take effect. sudo sysctl -p Then you will also need to enable TCP fast open in Shadowsocks configuration file. sudo nano /etc/shadowsocks-libev/config.json Add the following line. "fast_open": true So your Shadowsocks server configuration file will look like this: { "server":"your-server-ip-address", "server_port":8388, "local_port":1080, "password":"focobguph", "timeout":60, "method":"chacha20-ietf-poly1305", "fast_open": true } Note that last config line has not comma. Save and close the file. Then restart Shadowsocks server. sudo systemctl restart shadowsocks-libev Check if it’s running. (An error in configuration file can prevent it from restarting.) systemctl status shadowsocks-libev You also need to edit the Shadowsocks client configuration file and restart it to enable TCP fast open on Ubuntu desktop </pre> ==Enable TCP BBR == 我的vps就打开了 这个也可以参考 https://www.linuxbabe.com/ubuntu/enable-google-tcp-bbr-ubuntu =gnome 全局= network proxy HTTP 127.0.0.1 8123 HTTPS 127.0.0.1 8123 这样就可以全局翻墙 然后 安装上chrome 扩展 =SS+PAC= [https://www.jianshu.com/p/11a3f84b6782 Manjaro17.0.1(xfce)+SS+PAC模式配置笔记] = xfce= 要看一下这个 上次就是终端可以 ss 但是浏览器不行 [https://scalpel.vip/2017/03/06/xfceautoproxy/ Xfce桌面环境下通过pac实现自动代理] [https://github.com/yueyoum/myblogposts/blob/master/2013-01/%E4%B8%BAXfce4%E6%A1%8C%E9%9D%A2%E7%8E%AF%E5%A2%83%E8%AE%BE%E7%BD%AE%E5%85%A8%E5%B1%80%E4%BB%A3%E7%90%86.md 为Xfce4桌面环境设置全局代理] [https://my.oschina.net/u/1444992/blog/600517 Xfce设置代理Proxy] =trouble shooting= "timeout": 600, 这个记得不能设置太短 我一开始也是不可以的,后来改了几处,加上重启什么的 竟然就好了 可能是一开始就是好的呢 ==method chacha20-ietf-poly1305 not supported == <pre> sslocal -c /root/shadowsocks.json -d start INFO: loading config from /root/shadowsocks.json 2020-02-29 13:53:49 ERROR method chacha20-ietf-poly1305 not supported sudo pip uninstall shadowsocks 安装最新的ss apt install python-pip apt install libsodium-dev pip install https://github.com/shadowsocks/shadowsocks/archive/master.zip -U #安装为shadowsocks 3.0.0 </pre> ==Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本,导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误== <pre> 最近将kali升级到了最新版本,编译之后shadowsocks无法启动,报错如下: INFO: loading config from ss.json 2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1 Traceback (most recent call last): File “/usr/local/bin/sslocal”, line 11, in sys.exit(main()) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main config = shell.get_config(True) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config check_config(config, is_local) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config encrypt.try_cipher(config[‘password’], config[‘method’]) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher Encryptor(key, method) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init random_string(self._method_info[1])) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher return m[2](method, key, iv, op) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init load_openssl() File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr func = self.getitem(name) File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem func = self._FuncPtr((name_or_ordinal, self)) AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup 这个问题是由于在openssl1.1.0版本中,废弃了EVP_CIPHER_CTX_cleanup函数,如官网中所说: EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset(). 修改方法: # pip install 用vim打开文件:vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改,如果不知道该文件在哪里的话,可以使用find命令查找文件位置) 跳转到52行(shadowsocks2.8.2版本,其他版本搜索一下cleanup) 进入编辑模式 将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,) 再次搜索cleanup(全文件共2处,此处位于111行),将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx) 改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx) 保存并退出 启动shadowsocks服务:service shadowsocks start 或 sslocal -c ss配置文件目录 </pre> =see also= [https://www.jianshu.com/p/c30c1e7b90cf Ubuntu16.04 终端翻墙] [https://blog.itnmg.net/2016/04/30/shadowsocks/ CentOS 7 安装 Shadowsocks 科学上网] [http://forum.ubuntu.org.cn/viewtopic.php?t=291484 在xfce下的chrome浏览器如何设置代理服务器?(已解决,换浏览器)] [https://blog.fazero.me/2015/09/15/%E8%AE%A9%E7%BB%88%E7%AB%AF%E8%B5%B0%E4%BB%A3%E7%90%86%E7%9A%84%E5%87%A0%E7%A7%8D%E6%96%B9%E6%B3%95/ 让终端走代理的几种方法] [http://adagio-cantabile.github.io/2016/12/06/install-shadowsocks-in-ubuntu.html 如何在ubuntu16通过终端设置shadowsocks实现科学上网] [https://github.com/annata/sssh 用于debian9的shadowsocks翻墙脚本 ] [https://www.linuxbabe.com/ubuntu/shadowsocks-libev-proxy-server-ubuntu-16-04-17-10 How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04/17.10] [https://blog.magichc7.com/post/how-to-set-up-vpn-client-on-linux.html 如何在ubuntu上配置透明代理(全局翻墙)] [https://blog.csdn.net/shorile/article/details/79020927 简易linux代理服务器tinyproxy的搭建与使用] [https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel] [https://blog.magichc7.com/post/how-to-set-up-vpn-client-on-linux.html 如何在ubuntu上配置透明代理(全局翻墙)] [[category:linux]] [[category:ops]]
返回至
Debian利用shadowsocks和polipo终端代理翻墙
。
导航菜单
个人工具
登录
名字空间
页面
讨论
变种
视图
阅读
查看源代码
查看历史
更多
搜索
导航
首页
我的导航
关于我
shell
python
ops
linuxchina.net
blog.linuxchina
最近更改
随机页面
帮助
工具
链入页面
相关更改
特殊页面
页面信息