CentOS 7下搭建Shadowsocks科学上网服务

by Leave a Comment

由于众所周知的原因,国内无法访问google等网站,给工作生活带来极大的不便,幸好手上的新加坡 vps 是可以无障碍访问国际互联网的,在上面搭建了shadowsocks,实现手机、pc科学上网服务。

Shadowsocks(中文名称:影梭)是使用Python等语言开发的、基于Apache许可证开源的代理软件。Shadowsocks使用socks5代理,用于保护网络流量。

Shadowsocks 安装配置极其简单,可以在windows、mac、iOS和android上稳定运行,由于可以灵活的自定义端口,可以突破某些运营商的vpn端口封锁(下面例子中使用的就是443端口)

以下是具体步骤:

服务器端

yum install python-setuptools && easy_install pip
pip install shadowsocks

配置优化

vi /etc/security/limits.conf

添加

* soft nofile 51200
* hard nofile 51200

执行

ulimit -n 51200

vim /etc/sysctl.conf
fs.file-max = 51200

net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 4096

net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_congestion_control = hybla

 

启动

ssserver -p 443 -k yourpassword -m rc4-md5 -d start

如果想添加自启动服务,请接着看下面:

添加配置文件

vim /etc/shadowsocks.json
{
 "server": "0.0.0.0",
 "server_port": 443,
 "local_address": "127.0.0.1",
 "local_port": 1080,
 "password": "your password here",
 "timeout": 300,
 "method": "rc4-md5",
 "workers": 50,
 "fast_open": true
}

添加启动脚本

vim /etc/init.d/shadowsocks
#!/bin/sh

start(){
 ssserver -c /etc/shadowsocks.json -d start
}

stop(){
 ssserver -c /etc/shadowsocks.json -d stop
}

case "$1" in
start)
 start
 ;;
stop)
 stop
 ;;
reload)
 stop
 start
 ;;
*)
 echo "Usage: $0 {start|reload|stop}"
 exit 1
 ;;
esac

编写启动服务

vim /etc/systemd/system/shadowsocks.service
[Unit]
Description=Shadowsocks Server
Documentation=https://github.com/shadowsocks/shadowsocks
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/usr/bin/ssserver -c /etc/shadowsocks.json -d start
ExecReload=/usr/bin/ssserver -c /etc/shadowsocks.json -d restart
ExecStop=/usr/bin/ssserver -d stop

[Install]
WantedBy=multi-user.target

添加服务到自启动

sudo systemctl enable shadowsocks

下载客户端
https://shadowsocks.org/en/download/clients.html

配置客户端(Android为例,PC客户端的配置也类似)

配置项:服务器ip(your ip)、远程端口(443)、密码(yourpassword)、加密方法(rc4-md5)

配置好后点击右上角toogler启动连接

shadowsocks config

shadowsocks config

Google & Google Play已能正常打开

 

shadowsocks google

shadowsocks google

shadow socks google play

shadow socks google play

 

Posted in: linux, vpsTagged: ,

Post Navigation