1. start a http proxy
if we have a vps, IP is 2.2.2.2.
firstly, we start a http proxy on 2.2.2.2.
download http proxy program, execute below on line command on vps with root:
version=v6.1
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-amd64.tar.gz
tar -C /usr/bin -xf proxy-linux-amd64.tar.gz
nohup proxy http -p 127.0.0.1:38080 &
for s390x
version=v5.4
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-s390x.tar.gz
tar -C /usr/bin -xf proxy-linux-s390x.tar.gz
nohup proxy http -p 127.0.0.1:38080 &
2. start a tunnel on vps
download shadowtunnel program, execute below on line command on vps with root:
version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-amd64.tar.gz && \
tar -C /usr/bin -xf shadowtunnel-linux-amd64.tar.gz
for s390x
version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-s390x.tar.gz
tar -C /usr/bin -xf shadowtunnel-linux-s390x.tar.gz
start a tunnel on vps listening on :44443 and forward to 127.0.0.1:38080 :
nohup shadowtunnel -e -f 127.0.0.1:38080 -l :44443 &
3. start a tunnel on local machine
start a tunnel on local machine listening on :44443 and forward to 2.2.2.2:44443 :
shadowtunnel -E -f 2.2.2.2:44443 -l :44443
4. set http proxy configuration in chrome
setting local chrome's http proxy configuration as below :
ip: 127.0.0.1
port: 44443
5. done
多级隧道
多级隧道主要是加速代理访问。注意要用 -E 和 -e 参数对连接进行加密, 防止vps运营商嗅探然后封禁你的服务器(之前裸奔被阿里云封禁过一次,血淋淋的教训)。
假设国外vps ip: 2.2.2.2
还有国内vps ip: 3.3.3.3
可以参照下面的方式来配置多级代理。
# 国外vps
proxy http -p 127.0.0.1:38080 &
shadowtunnel -e -m aes-256-cfb -p your_password -f 127.0.0.1:38080 -l :44444
# 国内vps
shadowtunnel -e -E -m aes-256-cfb -p your_password -f 2.2.2.2:44444 -l :44443
# 局域网服务器
shadowtunnel -E -m aes-256-cfb -p your_password -f 3.3.3.3:44443 -l :44443
Usage:
Usage of ./shadowtunnel:
-E outbound connection is encrypted
-U outbound connection is udp
-c compress traffic (default true)
-debug
show debug info
-e inbound connection is encrypted
-f string
forward address,such as : 127.0.0.1:8080
-l string
local listen address, such as : 0.0.0.0:33000 (default ":50000")
-m string
method of encrypt/decrypt, these below are supported :
aes-192-cfb,aes-128-ctr,aes-256-ctr,bf-cfb,rc4-md5-6,chacha20-ietf,
aes-128-cfb,aes-256-cfb,aes-192-ctr,des-cfb,cast5-cfb,rc4-md5,chacha20
(default "aes-192-cfb")
-p string
password of encrypt/decrypt (default "shadowtunnel")
-t int
connection timeout seconds (default 3)
-u inbound connection is udp
-v show version
详细文档:
https://github.com/snail007/s...
https://github.com/snail007/g...
goproxy 的 CentOs7 开机脚本
https://github.com/snail007/g...
有疑问加站长微信联系(非本文作者)