Date

1、安装docker-ce

参考阿里云教程:

https://yq.aliyun.com/articles/110806?commentId=11066

2、搭建ssr

docker pull breakwa11/shadowsocksr

docker run -itd -p 50000:5000 breakwa11/shadowsocksr

docker exec -it cid /bin/sh

ps -ef|grep python

nohup python server.py -s 0.0.0.0 -p 5000 -k psw -m chacha20 -O auth_sha1_v4 -o http_simple & #启动服务

ctrl+p+q

3、内网搭建ssr客户端(重复动作2但不启动服务端)

nohup python local.py -s serverip -p 50000 -b 0.0.0.0 -l 5000 -k psw -m chacha20 -O auth_sha1_v4 -o http_simple & #启动客户端

4、内网安装privoxy

yum install privoxy -y

vi /etc/privoxy/config

listen-address 0.0.0.0:60000

forward-socks5t   /               127.0.0.1:50000 .

privoxy /etc/privoxy/config

5、打开防火墙

firewall-cmd --zone=public --add-rich-rule 'rule family="ipv4" source address=公网ip accept'  --permanent

firewall-cmd --remove-service=ssh --permanent

firewall-cmd --zone=public --add-rich-rule 'rule family="ipv4" source address="0.0.0.0/0" port port=50000 protocol=tcp drop' --permanent #失效

firewall-cmd --reload

6、配置代理

export http_proxy="http://ip:60000/"

export https_proxy="http://ip:60000/"

export no_proxy=localhost,127.0.0.1,172.16.0.0/16,192.168.0.0/16,10.10.0.0/16

source /etc/profile #取消:while read var; do unset $var; done < <(env | grep -i proxy | awk -F= '{print $1}')

curl httpbin.org/ip,正常

扩展:

(1)物理机安装ssr:

docker cp cid:/~/shadowsocksr-manyuser/shadowsocks /root/

cd /root/

curl -O https://download.libsodium.org/libsodium/releases/LATEST.tar.gz

tar zxvf LATEST.tar.gz

cd libsodium-stable

yum install m2crypto gcc -y

./configure && make && make install

find -name libsodium.so*

echo /root/libsodium-stable/src/libsodium/.libs >> /etc/ld.so.conf.d/mariadb-x86_64.conf

ldconfig

cd /root/shadowsocks

nohup python server.py -p 50000 -k psw -m chacha20 -O auth_sha1_v4 -o http_simple & #启动服务

(2)利用tcpdump -i eth0 host 公网ip and port not 22在客户端和服务器端抓包,查看privoxy——ssrlocal——ssrserver过程,注意sysctl net.ipv4.ip_forward的结果是1。


Comments