页面“Install and Configure Kubernetes (k8s) on debian10”与“Debian利用shadowsocks和polipo终端代理翻墙”之间的差异

来自linux中国网wiki
(页面间的差异)
跳到导航 跳到搜索
 
 
第1行: 第1行:
=info=
+
= shadowsocks和polipo=
 +
 
 +
终端翻墙的方法,通过shadowsocks和polipo来实现
 +
 
 +
==安装shadowsocks==
 +
安装python包管理工具:
 +
sudo apt-get install python-pip
 +
 
 +
===apt===
 +
<pre>#apt
 +
sudo apt install software-properties-common -y
 +
sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y
 +
sudo apt update
 +
sudo apt install shadowsocks-libev
 +
 
 +
vi /etc/shadowsocks-libev/config.json
 +
{
 +
"server":"127.0.0.1",
 +
"server_port":8388,
 +
"local_port":1080,
 +
"password":"focobguph",
 +
"timeout":60,
 +
"method":"chacha20-ietf-poly1305"
 +
}
 +
 
 +
sudo systemctl enable shadowsocks-libev.service
 +
 
 +
</pre>
 +
 
 +
===pip===
 +
<pre>
 +
pip install shadowsocks
 +
#sudo pip install shadowsocks #格式有时不对,要小心
 +
vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json
 +
{
 +
"server": "xxx.xxx.xxx.xxx",
 +
"server_port": xxxx,
 +
"local_port": 1080,
 +
"password": "xxxxxxx",
 +
"timeout": 600,
 +
"method": "aes-256-cfb"
 +
}
 +
 
 +
eg
 +
 
 +
echo '{
 +
    "server":"linuxsh.org",
 +
    "server_port":443,
 +
    "local_port":1080,
 +
    "password":"laepassword",
 +
    "timeout":600,
 +
    "method":"aes-256-cfb"
 +
}' >shadowsocks.json </pre>
 +
 
 +
[https://www.linuxbabe.com/ubuntu/shadowsocks-libev-proxy-server-ubuntu-16-04-17-10 How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04]
 +
 
 +
==安装polipo:==
 +
<pre>sudo apt-get install polipo -y
 +
 
 +
#修改polipo配置文件
 +
echo 'logSyslog = true
 +
logFile = /var/log/polipo/polipo.log
 +
proxyAddress = "0.0.0.0"
 +
socksParentProxy = "127.0.0.1:1080"
 +
socksProxyType = socks5
 +
chunkHighMark = 50331648
 +
objectHighMark = 16384
 +
serverMaxSlots = 64
 +
serverSlots = 16
 +
serverSlots1 = 32' >/etc/polipo/config </pre>
 +
 
 +
==启动服务==
 
<pre>
 
<pre>
cat >>/etc/hosts <<EOF
+
#启动shadowsocks服务: 如果是pip inst
192.168.11.184  k8s-master
+
sudo  sslocal -c /root/shadowsocks.json -d start
192.168.88.31  node1
+
#重启polipo服务:
192.168.88.32  node2
+
/etc/init.d/polipo restart
 +
设置http和https代理:
 +
export http_proxy="http://127.0.0.1:8123/"
 +
export https_proxy=$http_proxy
 +
 
 +
如果想长期 加到 /etc/profile
 +
 
 +
 
 +
cat >> /etc/profile <<EOF
 +
export http_proxy=http://127.0.0.1:8123
 +
export https_proxy=http://127.0.0.1:8123
 +
export ftp_proxy=http://127.0.0.1:8123
 
EOF
 
EOF
 +
 +
source /etc/profile
 +
 +
#不要代理的 也要加进去
 +
export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16'
 +
 +
 +
 +
 +
这里最好是gnome3 手工设置代理呢 如果你是有桌面的话
 +
 +
127.0.0.1 8123
 +
测试
 +
访问谷歌,若有反应则成功:
 +
w3m google.com
 +
curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样
 +
 +
这个在ubbuntu16.04 server 中是成功的 centos的要再看一下
 +
 +
</pre>
 +
 +
=浏览器=
 +
<pre>
 +
 +
#本地apt shadowsock and then  ok 20190728 因为我本地的端口是7070
 +
chromium --proxy-server="http=socks5://127.0.0.1:1080"
 +
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070"
 +
 +
 +
chromium --proxy-server="http=socks5://127.0.0.1:1080"
 +
chromium --proxy-server="https=socks5://127.0.0.1:1080"
 +
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080"
 +
 +
chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080"
 
</pre>
 
</pre>
 +
https://www.linuxdashen.com/%E5%9C%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E4%B8%8B%E4%B8%BAchromium%E5%92%8Cgoogle-chrome%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BE%E7%BD%AE%E4%BB%A3%E7%90%86
 +
 +
=gnome 全局=
 +
 +
network proxy
 +
HTTP 127.0.0.1  8123
 +
HTTPS 127.0.0.1 8123
 +
这样就可以全局翻墙 然后 安装上chrome 扩展
 +
 +
=SS+PAC=
 +
[https://www.jianshu.com/p/11a3f84b6782 Manjaro17.0.1(xfce)+SS+PAC模式配置笔记]
  
=FQ=
+
= xfce=
[[Ubuntu利用shadowsocks和polipo终端翻墙]]
 
  
 +
要看一下这个 上次就是终端可以 ss 但是浏览器不行
 +
[https://scalpel.vip/2017/03/06/xfceautoproxy/ Xfce桌面环境下通过pac实现自动代理]
  
=see also=
+
[https://github.com/yueyoum/myblogposts/blob/master/2013-01/%E4%B8%BAXfce4%E6%A1%8C%E9%9D%A2%E7%8E%AF%E5%A2%83%E8%AE%BE%E7%BD%AE%E5%85%A8%E5%B1%80%E4%BB%A3%E7%90%86.md 为Xfce4桌面环境设置全局代理]
 +
 
 +
[https://my.oschina.net/u/1444992/blog/600517 Xfce设置代理Proxy]
  
https://www.kubernetes.org.cn/course/install
+
=trouble shooting=
  
 +
"timeout": 600,  这个记得不能设置太短 我一开始也是不可以的,后来改了几处,加上重启什么的 竟然就好了  可能是一开始就是好的呢
  
 +
==Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本,导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误==
 +
<pre>
 +
最近将kali升级到了最新版本,编译之后shadowsocks无法启动,报错如下:
  
[[Install and Configure Kubernetes (k8s) on ubuntu]]
+
INFO: loading config from ss.json
 +
2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1
 +
Traceback (most recent call last):
 +
File “/usr/local/bin/sslocal”, line 11, in
 +
sys.exit(main())
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main
 +
config = shell.get_config(True)
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config
 +
check_config(config, is_local)
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config
 +
encrypt.try_cipher(config[‘password’], config[‘method’])
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher
 +
Encryptor(key, method)  
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init
 +
random_string(self._method_info[1]))
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher
 +
return m[2](method, key, iv, op)
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init
 +
load_openssl()
 +
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl
 +
libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,)
 +
File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr
 +
func = self.getitem(name)
 +
File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem
 +
func = self._FuncPtr((name_or_ordinal, self))
 +
AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup
  
[https://my.oschina.net/Kanonpy/blog/3006129 kubernetes部署(kubeadm国内镜像源)]
+
这个问题是由于在openssl1.1.0版本中,废弃了EVP_CIPHER_CTX_cleanup函数,如官网中所说:
  
 +
EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared.
 +
EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().
  
 +
修改方法:
  
[https://zhuanlan.zhihu.com/p/83254020 Debian 10中部署Kubernetes]
+
# pip install
 +
用vim打开文件:vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改,如果不知道该文件在哪里的话,可以使用find命令查找文件位置)
 +
跳转到52行(shadowsocks2.8.2版本,其他版本搜索一下cleanup)
 +
进入编辑模式
 +
将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,)
 +
改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,)
 +
再次搜索cleanup(全文件共2处,此处位于111行),将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx)
 +
改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx)
 +
保存并退出
 +
启动shadowsocks服务:service shadowsocks start 或 sslocal -c ss配置文件目录
  
[https://www.cnblogs.com/xuxinkun/p/11025020.html docker/kubernetes国内源/镜像源解决方式]
+
</pre>
  
 
=see also=
 
=see also=
  
 +
[https://www.jianshu.com/p/c30c1e7b90cf Ubuntu16.04 终端翻墙]
 +
 +
[https://blog.itnmg.net/2016/04/30/shadowsocks/ CentOS 7 安装 Shadowsocks 科学上网]
 +
 +
[http://forum.ubuntu.org.cn/viewtopic.php?t=291484 在xfce下的chrome浏览器如何设置代理服务器?(已解决,换浏览器)]
 +
 +
 +
[https://blog.fazero.me/2015/09/15/%E8%AE%A9%E7%BB%88%E7%AB%AF%E8%B5%B0%E4%BB%A3%E7%90%86%E7%9A%84%E5%87%A0%E7%A7%8D%E6%96%B9%E6%B3%95/ 让终端走代理的几种方法]
 +
 +
[http://adagio-cantabile.github.io/2016/12/06/install-shadowsocks-in-ubuntu.html 如何在ubuntu16通过终端设置shadowsocks实现科学上网]
 +
 +
 +
[https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel]
  
[[category:k8s]] [[category:容器]] [[category: container]]
+
[[category:linux]] [[category:ops]]

2020年2月29日 (六) 03:48的版本

shadowsocks和polipo

终端翻墙的方法,通过shadowsocks和polipo来实现

安装shadowsocks

安装python包管理工具: 

sudo apt-get install python-pip

apt

#apt 
sudo apt install software-properties-common -y
sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y
sudo apt update
sudo apt install shadowsocks-libev

vi /etc/shadowsocks-libev/config.json
{
 "server":"127.0.0.1",
 "server_port":8388,
 "local_port":1080,
 "password":"focobguph",
 "timeout":60,
 "method":"chacha20-ietf-poly1305"
}

sudo systemctl enable shadowsocks-libev.service

pip

pip install shadowsocks
#sudo pip install shadowsocks #格式有时不对,要小心
vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json
{
"server": "xxx.xxx.xxx.xxx",
"server_port": xxxx,
"local_port": 1080,
"password": "xxxxxxx",
"timeout": 600,
"method": "aes-256-cfb"
}

eg

echo '{
    "server":"linuxsh.org",
    "server_port":443,
    "local_port":1080,
    "password":"laepassword",
    "timeout":600,
    "method":"aes-256-cfb"
}' >shadowsocks.json

How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04

安装polipo:

sudo apt-get install polipo -y

#修改polipo配置文件
echo 'logSyslog = true
logFile = /var/log/polipo/polipo.log
proxyAddress = "0.0.0.0"
socksParentProxy = "127.0.0.1:1080"
socksProxyType = socks5
chunkHighMark = 50331648
objectHighMark = 16384
serverMaxSlots = 64
serverSlots = 16
serverSlots1 = 32' >/etc/polipo/config

启动服务

#启动shadowsocks服务: 如果是pip inst
sudo  sslocal -c /root/shadowsocks.json -d start
#重启polipo服务:
 /etc/init.d/polipo restart
设置http和https代理:
export http_proxy="http://127.0.0.1:8123/"
export https_proxy=$http_proxy 

如果想长期 加到 /etc/profile


cat >> /etc/profile <<EOF
export http_proxy=http://127.0.0.1:8123
export https_proxy=http://127.0.0.1:8123
export ftp_proxy=http://127.0.0.1:8123
EOF

 source /etc/profile

#不要代理的 也要加进去
export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16'




这里最好是gnome3 手工设置代理呢 如果你是有桌面的话

127.0.0.1 8123
测试
访问谷歌,若有反应则成功:
w3m google.com
curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样

这个在ubbuntu16.04 server 中是成功的 centos的要再看一下

浏览器


#本地apt shadowsock and then  ok 20190728 因为我本地的端口是7070
chromium --proxy-server="http=socks5://127.0.0.1:1080"
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070"


chromium --proxy-server="http=socks5://127.0.0.1:1080"
chromium --proxy-server="https=socks5://127.0.0.1:1080"
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080"

chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080"

https://www.linuxdashen.com/%E5%9C%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E4%B8%8B%E4%B8%BAchromium%E5%92%8Cgoogle-chrome%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BE%E7%BD%AE%E4%BB%A3%E7%90%86

gnome 全局

network proxy HTTP 127.0.0.1 8123 HTTPS 127.0.0.1 8123 这样就可以全局翻墙 然后 安装上chrome 扩展

SS+PAC

Manjaro17.0.1(xfce)+SS+PAC模式配置笔记

xfce

要看一下这个 上次就是终端可以 ss 但是浏览器不行 Xfce桌面环境下通过pac实现自动代理

为Xfce4桌面环境设置全局代理

Xfce设置代理Proxy

trouble shooting

"timeout": 600,  这个记得不能设置太短 我一开始也是不可以的,后来改了几处,加上重启什么的 竟然就好了  可能是一开始就是好的呢

Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本,导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误

最近将kali升级到了最新版本,编译之后shadowsocks无法启动,报错如下:

INFO: loading config from ss.json 
2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1 
Traceback (most recent call last): 
File “/usr/local/bin/sslocal”, line 11, in 
sys.exit(main()) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main 
config = shell.get_config(True) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config 
check_config(config, is_local) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config 
encrypt.try_cipher(config[‘password’], config[‘method’]) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher 
Encryptor(key, method) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init 
random_string(self._method_info[1])) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher 
return m[2](method, key, iv, op) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init 
load_openssl() 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl 
libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 
File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr 
func = self.getitem(name) 
File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem 
func = self._FuncPtr((name_or_ordinal, self)) 
AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup

这个问题是由于在openssl1.1.0版本中,废弃了EVP_CIPHER_CTX_cleanup函数,如官网中所说:

EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. 
EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().

修改方法:

# pip install
用vim打开文件:vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改,如果不知道该文件在哪里的话,可以使用find命令查找文件位置)
跳转到52行(shadowsocks2.8.2版本,其他版本搜索一下cleanup)
进入编辑模式
将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 
改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,)
再次搜索cleanup(全文件共2处,此处位于111行),将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx) 
改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx)
保存并退出
启动shadowsocks服务:service shadowsocks start 或 sslocal -c ss配置文件目录

see also

Ubuntu16.04 终端翻墙

CentOS 7 安装 Shadowsocks 科学上网

在xfce下的chrome浏览器如何设置代理服务器?(已解决,换浏览器)


让终端走代理的几种方法

如何在ubuntu16通过终端设置shadowsocks实现科学上网


How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel

取自“http://wiki.linuxchina.net/index.php?title=Install_and_Configure_Kubernetes_(k8s)_on_debian10&oldid=3058