1. start a http proxy
if we have a vps, IP is 2.2.2.2.
firstly, we start a http proxy on 2.2.2.2.
download http proxy program, execute below on line command on vps with root:
version=v6.1
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-amd64.tar.gz
tar -C /usr/bin -xf proxy-linux-amd64.tar.gz
nohup proxy http -p 127.0.0.1:38080 &
for s390x
version=v5.4
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-s390x.tar.gz
tar -C /usr/bin -xf proxy-linux-s390x.tar.gz
nohup proxy http -p 127.0.0.1:38080 &
2. start a tunnel on vps
download shadowtunnel program, execute below on line command on vps with root:
version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-amd64.tar.gz &&
tar -C /usr/bin -xf shadowtunnel-linux-amd64.tar.gz
for s390x
version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-s390x.tar.gz
tar -C /usr/bin -xf shadowtunnel-linux-s390x.tar.gz
start a tunnel on vps listening on :44443 and forward to 127.0.0.1:38080 :
nohup shadowtunnel -e -f 127.0.0.1:38080 -l :44443 &
3. start a tunnel on local machine
start a tunnel on local machine listening on :44443 and forward to 2.2.2.2:44443 :
shadowtunnel -E -f 2.2.2.2:44443 -l :44443
4. set http proxy configuration in chrome
setting local chrome`s http proxy configuration as below :
ip: 127.0.0.1
port: 44443
多級隧道
多級隧道主要是加速代理訪問。注意要用 -E 和 -e 引數對連線進行加密, 防止 vps 服務商嗅探然後封禁你的伺服器(之前裸奔被阿里雲封禁過一次,血淋淋的教訓)。
假設國外vps ip: 2.2.2.2
還有國內vps ip: 3.3.3.3
可以參照下面的方式來為代理配置多級隧道。
# 國外vps
proxy http -p 127.0.0.1:38080 &
shadowtunnel -e -m aes-256-cfb -p your_password -f 127.0.0.1:38080 -l :44444
# 國內vps
shadowtunnel -e -E -m aes-256-cfb -p your_password -f 2.2.2.2:44444 -l :44443
# 區域網伺服器
shadowtunnel -E -m aes-256-cfb -p your_password -f 3.3.3.3:44443 -l :44443
Usage:
Usage of ./shadowtunnel:
-E outbound connection is encrypted
-U outbound connection is udp
-c compress traffic (default true)
-debug
show debug info
-e inbound connection is encrypted
-f string
forward address,such as : 127.0.0.1:8080
-l string
local listen address, such as : 0.0.0.0:33000 (default ":50000")
-m string
method of encrypt/decrypt, these below are supported :
aes-192-cfb,aes-128-ctr,aes-256-ctr,bf-cfb,rc4-md5-6,chacha20-ietf,
aes-128-cfb,aes-256-cfb,aes-192-ctr,des-cfb,cast5-cfb,rc4-md5,chacha20
(default "aes-192-cfb")
-p string
password of encrypt/decrypt (default "shadowtunnel")
-t int
connection timeout seconds (default 3)
-u inbound connection is udp
-v show version
詳細文件:
https://github.com/snail007/s…
https://github.com/snail007/g…