使用shadowtunnel配置多級代理
1. start a http proxy
if we have a vps, IP is 2.2.2.2.
firstly, we start a http proxy on 2.2.2.2.
download http proxy program, execute below on line command on vps with root:
version=v6.1 curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-amd64.tar.gz tar -C /usr/bin -xf proxy-linux-amd64.tar.gz nohup proxy http -p 127.0.0.1:38080 &
fors390x
version=v5.4 curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-s390x.tar.gz tar -C /usr/bin -xf proxy-linux-s390x.tar.gz nohup proxy http -p 127.0.0.1:38080 &
2. start a tunnel on vps
download shadowtunnel program, execute below on line command on vps with root:
version=v1.1 curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-amd64.tar.gz && \ tar -C /usr/bin -xf shadowtunnel-linux-amd64.tar.gz
fors390x
version=v1.1 curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-s390x.tar.gz tar -C /usr/bin -xf shadowtunnel-linux-s390x.tar.gz
start a tunnel on vps listening on :44443 and forward to 127.0.0.1:38080 :
nohup shadowtunnel -e -f 127.0.0.1:38080 -l :44443 &
3. start a tunnel on local machine
start a tunnel on local machine listening on :44443 and forward to 2.2.2.2:44443 :
shadowtunnel -E -f 2.2.2.2:44443 -l :44443
4. set http proxy configuration in chrome
setting local chrome's http proxy configuration as below :
ip: 127.0.0.1
5. done
多級隧道
多級隧道主要是加速代理訪問。注意要用 -E 和 -e 引數對連線進行加密, 防止vps運營商嗅探然後封禁你的伺服器(之前裸奔被阿里雲封禁過一次,血淋淋的教訓)。
假設國外vps ip: 2.2.2.2
還有國內vps ip: 3.3.3.3
可以參照下面的方式來配置多級代理。
# 國外vps proxy http -p 127.0.0.1:38080 & shadowtunnel -e -m aes-256-cfb -p your_password -f 127.0.0.1:38080 -l :44444 # 國內vps shadowtunnel -e -E -m aes-256-cfb -p your_password -f 2.2.2.2:44444 -l :44443 # 區域網伺服器 shadowtunnel -E -m aes-256-cfb -p your_password -f 3.3.3.3:44443 -l :44443
Usage:
Usage of ./shadowtunnel: -Eoutbound connection is encrypted -Uoutbound connection is udp -ccompress traffic (default true) -debug show debug info -einbound connection is encrypted -f string forward address,such as : 127.0.0.1:8080 -l string local listen address, such as : 0.0.0.0:33000 (default ":50000") -m string method of encrypt/decrypt, these below are supported : aes-192-cfb,aes-128-ctr,aes-256-ctr,bf-cfb,rc4-md5-6,chacha20-ietf, aes-128-cfb,aes-256-cfb,aes-192-ctr,des-cfb,cast5-cfb,rc4-md5,chacha20 (default "aes-192-cfb") -p string password of encrypt/decrypt (default "shadowtunnel") -t int connection timeout seconds (default 3) -uinbound connection is udp -vshow version
詳細文件:
ofollow,noindex" target="_blank">https://github.com/snail007/s... https://github.com/snail007/g...