页面“Install and Configure Kubernetes (k8s) on debian10”与“Debian利用shadowsocks和polipo终端代理翻墙”之间的差异
(页面间的差异)
跳到导航
跳到搜索
(→启动服务) |
|||
第1行: | 第1行: | ||
− | = | + | = shadowsocks和polipo= |
+ | |||
+ | 终端翻墙的方法,通过shadowsocks和polipo来实现 | ||
+ | |||
+ | ==安装shadowsocks== | ||
+ | 安装python包管理工具: | ||
+ | sudo apt-get install python-pip | ||
+ | |||
+ | ===apt=== | ||
+ | <pre>#apt | ||
+ | sudo apt install software-properties-common -y | ||
+ | sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y | ||
+ | sudo apt update | ||
+ | sudo apt install shadowsocks-libev | ||
+ | |||
+ | vi /etc/shadowsocks-libev/config.json | ||
+ | { | ||
+ | "server":"127.0.0.1", | ||
+ | "server_port":8388, | ||
+ | "local_port":1080, | ||
+ | "password":"focobguph", | ||
+ | "timeout":60, | ||
+ | "method":"chacha20-ietf-poly1305" | ||
+ | } | ||
+ | |||
+ | sudo systemctl enable shadowsocks-libev.service | ||
+ | |||
+ | </pre> | ||
+ | |||
+ | ===pip=== | ||
+ | <pre> | ||
+ | pip install shadowsocks | ||
+ | #sudo pip install shadowsocks #格式有时不对,要小心 | ||
+ | vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json | ||
+ | { | ||
+ | "server": "xxx.xxx.xxx.xxx", | ||
+ | "server_port": xxxx, | ||
+ | "local_port": 1080, | ||
+ | "password": "xxxxxxx", | ||
+ | "timeout": 600, | ||
+ | "method": "aes-256-cfb" | ||
+ | } | ||
+ | |||
+ | eg | ||
+ | |||
+ | echo '{ | ||
+ | "server":"linuxsh.org", | ||
+ | "server_port":443, | ||
+ | "local_port":1080, | ||
+ | "password":"laepassword", | ||
+ | "timeout":600, | ||
+ | "method":"aes-256-cfb" | ||
+ | }' >shadowsocks.json </pre> | ||
+ | |||
+ | [https://www.linuxbabe.com/ubuntu/shadowsocks-libev-proxy-server-ubuntu-16-04-17-10 How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04] | ||
+ | |||
+ | ==安装polipo:== | ||
+ | <pre>sudo apt-get install polipo -y | ||
+ | |||
+ | #修改polipo配置文件 | ||
+ | echo 'logSyslog = true | ||
+ | logFile = /var/log/polipo/polipo.log | ||
+ | proxyAddress = "0.0.0.0" | ||
+ | socksParentProxy = "127.0.0.1:1080" | ||
+ | socksProxyType = socks5 | ||
+ | chunkHighMark = 50331648 | ||
+ | objectHighMark = 16384 | ||
+ | serverMaxSlots = 64 | ||
+ | serverSlots = 16 | ||
+ | serverSlots1 = 32' >/etc/polipo/config </pre> | ||
+ | |||
+ | ==启动服务== | ||
<pre> | <pre> | ||
− | cat >>/etc/ | + | #启动shadowsocks服务: 如果是pip inst |
− | + | sudo sslocal -c /root/shadowsocks.json -d start | |
− | + | #重启polipo服务: | |
− | + | /etc/init.d/polipo restart | |
+ | 设置http和https代理: | ||
+ | export http_proxy="http://127.0.0.1:8123/" | ||
+ | export https_proxy=$http_proxy | ||
+ | |||
+ | 如果想长期 加到 /etc/profile | ||
+ | |||
+ | |||
+ | cat >> /etc/profile <<EOF | ||
+ | export http_proxy=http://127.0.0.1:8123 | ||
+ | export https_proxy=http://127.0.0.1:8123 | ||
+ | export ftp_proxy=http://127.0.0.1:8123 | ||
EOF | EOF | ||
+ | |||
+ | source /etc/profile | ||
+ | |||
+ | #不要代理的 也要加进去 | ||
+ | export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16' | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | 这里最好是gnome3 手工设置代理呢 如果你是有桌面的话 | ||
+ | |||
+ | 127.0.0.1 8123 | ||
+ | 测试 | ||
+ | 访问谷歌,若有反应则成功: | ||
+ | w3m google.com | ||
+ | curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样 | ||
+ | |||
+ | 这个在ubbuntu16.04 server 中是成功的 centos的要再看一下 | ||
+ | |||
+ | </pre> | ||
+ | |||
+ | =浏览器= | ||
+ | <pre> | ||
+ | |||
+ | #本地apt shadowsock and then ok 20190728 因为我本地的端口是7070 | ||
+ | chromium --proxy-server="http=socks5://127.0.0.1:1080" | ||
+ | /opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070" | ||
+ | |||
+ | |||
+ | chromium --proxy-server="http=socks5://127.0.0.1:1080" | ||
+ | chromium --proxy-server="https=socks5://127.0.0.1:1080" | ||
+ | /opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080" | ||
+ | |||
+ | chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080" | ||
</pre> | </pre> | ||
+ | https://www.linuxdashen.com/%E5%9C%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E4%B8%8B%E4%B8%BAchromium%E5%92%8Cgoogle-chrome%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BE%E7%BD%AE%E4%BB%A3%E7%90%86 | ||
+ | |||
+ | =gnome 全局= | ||
+ | |||
+ | network proxy | ||
+ | HTTP 127.0.0.1 8123 | ||
+ | HTTPS 127.0.0.1 8123 | ||
+ | 这样就可以全局翻墙 然后 安装上chrome 扩展 | ||
+ | |||
+ | =SS+PAC= | ||
+ | [https://www.jianshu.com/p/11a3f84b6782 Manjaro17.0.1(xfce)+SS+PAC模式配置笔记] | ||
− | = | + | = xfce= |
− | |||
+ | 要看一下这个 上次就是终端可以 ss 但是浏览器不行 | ||
+ | [https://scalpel.vip/2017/03/06/xfceautoproxy/ Xfce桌面环境下通过pac实现自动代理] | ||
− | + | [https://github.com/yueyoum/myblogposts/blob/master/2013-01/%E4%B8%BAXfce4%E6%A1%8C%E9%9D%A2%E7%8E%AF%E5%A2%83%E8%AE%BE%E7%BD%AE%E5%85%A8%E5%B1%80%E4%BB%A3%E7%90%86.md 为Xfce4桌面环境设置全局代理] | |
+ | |||
+ | [https://my.oschina.net/u/1444992/blog/600517 Xfce设置代理Proxy] | ||
− | + | =trouble shooting= | |
+ | "timeout": 600, 这个记得不能设置太短 我一开始也是不可以的,后来改了几处,加上重启什么的 竟然就好了 可能是一开始就是好的呢 | ||
+ | ==Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本,导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误== | ||
+ | <pre> | ||
+ | 最近将kali升级到了最新版本,编译之后shadowsocks无法启动,报错如下: | ||
− | [[ | + | INFO: loading config from ss.json |
+ | 2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1 | ||
+ | Traceback (most recent call last): | ||
+ | File “/usr/local/bin/sslocal”, line 11, in | ||
+ | sys.exit(main()) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main | ||
+ | config = shell.get_config(True) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config | ||
+ | check_config(config, is_local) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config | ||
+ | encrypt.try_cipher(config[‘password’], config[‘method’]) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher | ||
+ | Encryptor(key, method) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init | ||
+ | random_string(self._method_info[1])) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher | ||
+ | return m[2](method, key, iv, op) | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init | ||
+ | load_openssl() | ||
+ | File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl | ||
+ | libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) | ||
+ | File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr | ||
+ | func = self.getitem(name) | ||
+ | File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem | ||
+ | func = self._FuncPtr((name_or_ordinal, self)) | ||
+ | AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup | ||
− | + | 这个问题是由于在openssl1.1.0版本中,废弃了EVP_CIPHER_CTX_cleanup函数,如官网中所说: | |
+ | EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. | ||
+ | EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset(). | ||
+ | 修改方法: | ||
− | + | # pip install | |
+ | 用vim打开文件:vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改,如果不知道该文件在哪里的话,可以使用find命令查找文件位置) | ||
+ | 跳转到52行(shadowsocks2.8.2版本,其他版本搜索一下cleanup) | ||
+ | 进入编辑模式 | ||
+ | 将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) | ||
+ | 改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,) | ||
+ | 再次搜索cleanup(全文件共2处,此处位于111行),将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx) | ||
+ | 改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx) | ||
+ | 保存并退出 | ||
+ | 启动shadowsocks服务:service shadowsocks start 或 sslocal -c ss配置文件目录 | ||
− | + | </pre> | |
=see also= | =see also= | ||
+ | [https://www.jianshu.com/p/c30c1e7b90cf Ubuntu16.04 终端翻墙] | ||
+ | |||
+ | [https://blog.itnmg.net/2016/04/30/shadowsocks/ CentOS 7 安装 Shadowsocks 科学上网] | ||
+ | |||
+ | [http://forum.ubuntu.org.cn/viewtopic.php?t=291484 在xfce下的chrome浏览器如何设置代理服务器?(已解决,换浏览器)] | ||
+ | |||
+ | |||
+ | [https://blog.fazero.me/2015/09/15/%E8%AE%A9%E7%BB%88%E7%AB%AF%E8%B5%B0%E4%BB%A3%E7%90%86%E7%9A%84%E5%87%A0%E7%A7%8D%E6%96%B9%E6%B3%95/ 让终端走代理的几种方法] | ||
+ | |||
+ | [http://adagio-cantabile.github.io/2016/12/06/install-shadowsocks-in-ubuntu.html 如何在ubuntu16通过终端设置shadowsocks实现科学上网] | ||
+ | |||
+ | |||
+ | [https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel] | ||
− | [[category: | + | [[category:linux]] [[category:ops]] |
2020年2月29日 (六) 03:48的版本
目录
shadowsocks和polipo
终端翻墙的方法,通过shadowsocks和polipo来实现
安装shadowsocks
安装python包管理工具:
sudo apt-get install python-pip
apt
#apt sudo apt install software-properties-common -y sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y sudo apt update sudo apt install shadowsocks-libev vi /etc/shadowsocks-libev/config.json { "server":"127.0.0.1", "server_port":8388, "local_port":1080, "password":"focobguph", "timeout":60, "method":"chacha20-ietf-poly1305" } sudo systemctl enable shadowsocks-libev.service
pip
pip install shadowsocks #sudo pip install shadowsocks #格式有时不对,要小心 vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json { "server": "xxx.xxx.xxx.xxx", "server_port": xxxx, "local_port": 1080, "password": "xxxxxxx", "timeout": 600, "method": "aes-256-cfb" } eg echo '{ "server":"linuxsh.org", "server_port":443, "local_port":1080, "password":"laepassword", "timeout":600, "method":"aes-256-cfb" }' >shadowsocks.json
How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04
安装polipo:
sudo apt-get install polipo -y #修改polipo配置文件 echo 'logSyslog = true logFile = /var/log/polipo/polipo.log proxyAddress = "0.0.0.0" socksParentProxy = "127.0.0.1:1080" socksProxyType = socks5 chunkHighMark = 50331648 objectHighMark = 16384 serverMaxSlots = 64 serverSlots = 16 serverSlots1 = 32' >/etc/polipo/config
启动服务
#启动shadowsocks服务: 如果是pip inst sudo sslocal -c /root/shadowsocks.json -d start #重启polipo服务: /etc/init.d/polipo restart 设置http和https代理: export http_proxy="http://127.0.0.1:8123/" export https_proxy=$http_proxy 如果想长期 加到 /etc/profile cat >> /etc/profile <<EOF export http_proxy=http://127.0.0.1:8123 export https_proxy=http://127.0.0.1:8123 export ftp_proxy=http://127.0.0.1:8123 EOF source /etc/profile #不要代理的 也要加进去 export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16' 这里最好是gnome3 手工设置代理呢 如果你是有桌面的话 127.0.0.1 8123 测试 访问谷歌,若有反应则成功: w3m google.com curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样 这个在ubbuntu16.04 server 中是成功的 centos的要再看一下
浏览器
#本地apt shadowsock and then ok 20190728 因为我本地的端口是7070 chromium --proxy-server="http=socks5://127.0.0.1:1080" /opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070" chromium --proxy-server="http=socks5://127.0.0.1:1080" chromium --proxy-server="https=socks5://127.0.0.1:1080" /opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080" chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080"
gnome 全局
network proxy HTTP 127.0.0.1 8123 HTTPS 127.0.0.1 8123 这样就可以全局翻墙 然后 安装上chrome 扩展
SS+PAC
Manjaro17.0.1(xfce)+SS+PAC模式配置笔记
xfce
要看一下这个 上次就是终端可以 ss 但是浏览器不行 Xfce桌面环境下通过pac实现自动代理
trouble shooting
"timeout": 600, 这个记得不能设置太短 我一开始也是不可以的,后来改了几处,加上重启什么的 竟然就好了 可能是一开始就是好的呢
Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本,导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误
最近将kali升级到了最新版本,编译之后shadowsocks无法启动,报错如下: INFO: loading config from ss.json 2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1 Traceback (most recent call last): File “/usr/local/bin/sslocal”, line 11, in sys.exit(main()) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main config = shell.get_config(True) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config check_config(config, is_local) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config encrypt.try_cipher(config[‘password’], config[‘method’]) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher Encryptor(key, method) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init random_string(self._method_info[1])) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher return m[2](method, key, iv, op) File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init load_openssl() File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr func = self.getitem(name) File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem func = self._FuncPtr((name_or_ordinal, self)) AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup 这个问题是由于在openssl1.1.0版本中,废弃了EVP_CIPHER_CTX_cleanup函数,如官网中所说: EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset(). 修改方法: # pip install 用vim打开文件:vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改,如果不知道该文件在哪里的话,可以使用find命令查找文件位置) 跳转到52行(shadowsocks2.8.2版本,其他版本搜索一下cleanup) 进入编辑模式 将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,) 再次搜索cleanup(全文件共2处,此处位于111行),将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx) 改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx) 保存并退出 启动shadowsocks服务:service shadowsocks start 或 sslocal -c ss配置文件目录
see also
在xfce下的chrome浏览器如何设置代理服务器?(已解决,换浏览器)
如何在ubuntu16通过终端设置shadowsocks实现科学上网
How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel