使用shadowtunnel為proxy代理配置多級隧道

NOZUONOHIGH發表於2019-02-16

1. start a http proxy

if we have a vps, IP is 2.2.2.2.

firstly, we start a http proxy on 2.2.2.2.

download http proxy program, execute below on line command on vps with root:

version=v6.1
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-amd64.tar.gz
tar -C /usr/bin -xf proxy-linux-amd64.tar.gz
nohup proxy http -p 127.0.0.1:38080 &

for s390x

version=v5.4
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-s390x.tar.gz
tar -C /usr/bin -xf proxy-linux-s390x.tar.gz
nohup proxy http -p 127.0.0.1:38080 &

2. start a tunnel on vps

download shadowtunnel program, execute below on line command on vps with root:

version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-amd64.tar.gz && 
tar -C /usr/bin -xf shadowtunnel-linux-amd64.tar.gz

for s390x

version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-s390x.tar.gz
tar -C /usr/bin -xf shadowtunnel-linux-s390x.tar.gz

start a tunnel on vps listening on :44443 and forward to 127.0.0.1:38080 :

nohup shadowtunnel -e -f 127.0.0.1:38080 -l :44443 &

3. start a tunnel on local machine

start a tunnel on local machine listening on :44443 and forward to 2.2.2.2:44443 :

shadowtunnel -E -f 2.2.2.2:44443 -l :44443

4. set http proxy configuration in chrome

setting local chrome`s http proxy configuration as below :

ip: 127.0.0.1
port: 44443

多級隧道

多級隧道主要是加速代理訪問。注意要用 -E 和 -e 引數對連線進行加密, 防止 vps 服務商嗅探然後封禁你的伺服器(之前裸奔被阿里雲封禁過一次,血淋淋的教訓)。

假設國外vps ip: 2.2.2.2
還有國內vps ip: 3.3.3.3

可以參照下面的方式來為代理配置多級隧道。

# 國外vps
proxy http -p 127.0.0.1:38080 &
shadowtunnel -e -m aes-256-cfb -p your_password -f 127.0.0.1:38080 -l :44444

# 國內vps
shadowtunnel -e -E -m aes-256-cfb -p your_password -f 2.2.2.2:44444 -l :44443

# 區域網伺服器
shadowtunnel -E -m aes-256-cfb -p your_password -f 3.3.3.3:44443 -l :44443

Usage:

Usage of ./shadowtunnel:
  -E  outbound connection is encrypted
  -U  outbound connection is udp
  -c  compress traffic (default true)
  -debug
      show debug info
  -e  inbound connection is encrypted
  -f string
      forward address,such as : 127.0.0.1:8080
  -l string
      local listen address, such as : 0.0.0.0:33000 (default ":50000")
  -m string
      method of encrypt/decrypt, these below are supported :
      aes-192-cfb,aes-128-ctr,aes-256-ctr,bf-cfb,rc4-md5-6,chacha20-ietf,
      aes-128-cfb,aes-256-cfb,aes-192-ctr,des-cfb,cast5-cfb,rc4-md5,chacha20
      (default "aes-192-cfb")
  -p string
      password of encrypt/decrypt (default "shadowtunnel")
  -t int
      connection timeout seconds (default 3)
  -u  inbound connection is udp
  -v  show version

詳細文件:

https://github.com/snail007/s…
https://github.com/snail007/g…

goproxy 的 CentOs7 開機指令碼

https://github.com/snail007/g…

相關文章