Debian利用shadowsocks和polipo终端代理翻墙

来自linux中国网wiki
Evan讨论 | 贡献2020年2月29日 (六) 06:22的版本 →‎apt
跳到导航 跳到搜索

shadowsocks和polipo

终端翻墙的方法,通过shadowsocks和polipo来实现

安装shadowsocks

安装python包管理工具:

sudo apt-get install python-pip

apt

#apt 
sudo apt install software-properties-common -y
#sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y
sudo apt update

#apt安装的 试过不能用 ,得用pip安装的才行 
sudo apt install shadowsocks-libev  

vi /etc/shadowsocks-libev/config.json
{
 "server":"127.0.0.1",
 "server_port":8388,
 "local_port":1080,
 "password":"focobguph",
 "timeout":60,
 "method":"chacha20-ietf-poly1305"
}

sudo systemctl enable shadowsocks-libev.service

pip

pip install shadowsocks
#sudo pip install shadowsocks #格式有时不对,要小心
vi shadowsocks.json#新建shadowsocks配置文件shadowsocks.json
{
"server": "xxx.xxx.xxx.xxx",
"server_port": xxxx,
"local_port": 1080,
"password": "xxxxxxx",
"timeout": 600,
"method": "aes-256-cfb"
}

eg

echo '{
    "server":"linuxsh.org",
    "server_port":443,
    "local_port":1080,
    "password":"laepassword",
    "timeout":600,
    "method":"aes-256-cfb"
}' >shadowsocks.json 

How to Set up Shadowsocks-libev Proxy Server on Ubuntu 16.04

安装polipo:

sudo apt-get install polipo -y

#修改polipo配置文件
echo 'logSyslog = true
logFile = /var/log/polipo/polipo.log
proxyAddress = "0.0.0.0"
socksParentProxy = "127.0.0.1:1080"
socksProxyType = socks5
chunkHighMark = 50331648
objectHighMark = 16384
serverMaxSlots = 64
serverSlots = 16
serverSlots1 = 32' >/etc/polipo/config 

启动服务

#启动shadowsocks服务: 如果是pip inst
sudo  sslocal -c /root/shadowsocks.json -d start
#重启polipo服务:
 /etc/init.d/polipo restart
设置http和https代理:
export http_proxy="http://127.0.0.1:8123/"
export https_proxy=$http_proxy 

如果想长期 加到 /etc/profile


cat >> /etc/profile <<EOF
export http_proxy=http://127.0.0.1:8123
export https_proxy=http://127.0.0.1:8123
export ftp_proxy=http://127.0.0.1:8123
EOF

 source /etc/profile

#不要代理的 也要加进去
export NO_PROXY='localhost,127.0.0.1,192.168.88.30,192.168.88.31,192.168.88.32,10.96.0.0,10.224.0.0,10.96.0.0/12,10.224.0.0/16'




这里最好是gnome3 手工设置代理呢 如果你是有桌面的话

127.0.0.1 8123
测试
访问谷歌,若有反应则成功:
w3m google.com
curl www.google.com #但是502 很容易让人误会会不成功我一开始也是这样

这个在ubbuntu16.04 server 中是成功的 centos的要再看一下

浏览器


#本地apt shadowsock and then  ok 20190728 因为我本地的端口是7070
chromium --proxy-server="http=socks5://127.0.0.1:1080"
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:7070"


chromium --proxy-server="http=socks5://127.0.0.1:1080"
chromium --proxy-server="https=socks5://127.0.0.1:1080"
/opt/google/chrome/chrome --proxy-server="https=socks5://127.0.0.1:1080"

chrominum-browser --proxy-server="https=socks5://127.0.0.1:1080"

https://www.linuxdashen.com/%E5%9C%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E4%B8%8B%E4%B8%BAchromium%E5%92%8Cgoogle-chrome%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BE%E7%BD%AE%E4%BB%A3%E7%90%86

gnome 全局

network proxy HTTP 127.0.0.1 8123 HTTPS 127.0.0.1 8123 这样就可以全局翻墙 然后 安装上chrome 扩展

SS+PAC

Manjaro17.0.1(xfce)+SS+PAC模式配置笔记

xfce

要看一下这个 上次就是终端可以 ss 但是浏览器不行 Xfce桌面环境下通过pac实现自动代理

为Xfce4桌面环境设置全局代理

Xfce设置代理Proxy

trouble shooting

"timeout": 600,  这个记得不能设置太短 我一开始也是不可以的,后来改了几处,加上重启什么的 竟然就好了  可能是一开始就是好的呢

Kali2.0 update到最新版本后安装shadowsocks服务报错问题 用于解决openssl升级到1.1.0以上版本,导致shadowsocks2.8.2启动报undefined symbol: EVP_CIPHER_CTX_cleanup错误

最近将kali升级到了最新版本,编译之后shadowsocks无法启动,报错如下:

INFO: loading config from ss.json 
2016-12-14 22:47:50 INFO loading libcrypto from libcrypto.so.1.1 
Traceback (most recent call last): 
File “/usr/local/bin/sslocal”, line 11, in 
sys.exit(main()) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/local.py”, line 39, in main 
config = shell.get_config(True) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 262, in get_config 
check_config(config, is_local) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/shell.py”, line 124, in check_config 
encrypt.try_cipher(config[‘password’], config[‘method’]) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 44, in try_cipher 
Encryptor(key, method) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 83, in init 
random_string(self._method_info[1])) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/encrypt.py”, line 109, in get_cipher 
return m[2](method, key, iv, op) 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 76, in init 
load_openssl() 
File “/usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py”, line 52, in load_openssl 
libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 
File “/usr/lib/python2.7/ctypes/init.py”, line 375, in getattr 
func = self.getitem(name) 
File “/usr/lib/python2.7/ctypes/init.py”, line 380, in getitem 
func = self._FuncPtr((name_or_ordinal, self)) 
AttributeError: /usr/lib/x86_64-Linux-gnu/libcrypto.so.1.1: undefined symbol: EVP_CIPHER_CTX_cleanup

这个问题是由于在openssl1.1.0版本中,废弃了EVP_CIPHER_CTX_cleanup函数,如官网中所说:

EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. 
EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().

修改方法:

# pip install
用vim打开文件:vim /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py (该路径请根据自己的系统情况自行修改,如果不知道该文件在哪里的话,可以使用find命令查找文件位置)
跳转到52行(shadowsocks2.8.2版本,其他版本搜索一下cleanup)
进入编辑模式
将第52行libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,) 
改为libcrypto.EVP_CIPHER_CTX_reset.argtypes = (c_void_p,)
再次搜索cleanup(全文件共2处,此处位于111行),将libcrypto.EVP_CIPHER_CTX_cleanup(self._ctx) 
改为libcrypto.EVP_CIPHER_CTX_reset(self._ctx)
保存并退出
启动shadowsocks服务:service shadowsocks start 或 sslocal -c ss配置文件目录

see also

Ubuntu16.04 终端翻墙

CentOS 7 安装 Shadowsocks 科学上网

在xfce下的chrome浏览器如何设置代理服务器?(已解决,换浏览器)


让终端走代理的几种方法

如何在ubuntu16通过终端设置shadowsocks实现科学上网


How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel