Vincec's Dimension

酸酸 和 酸酸乳

Word count: 1,192 / Reading time: 7 min
2018/05/15 Share
  • Updated on June 2, 2018 - SSR

之前就有写过一点配置 酸酸 的心得,现在在这里单独开一篇整理归类一下。

Server端配置

酸酸 SS

ref: 科学上网的终极姿势-在-vultr-vps-上搭建

  • 注册 vps
  • ssh root@<host>
    -

    1
    2
    3
    wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks.sh
    chmod +x shadowsocks.sh
    ./shadowsocks.sh 2>&1 | tee shadowsocks.log
  • 输入个人密码

  • 选择端口
  • 加密方式
  • TCP Fast Open

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    nano /etc/rc.local
    #add
    #echo 3 > /proc/sys/net/ipv4/tcp_fastopen

    nano /etc/sysctl.conf
    #add
    #net.ipv4.tcp_fastopen = 3

    nano /etc/shadowsocks.json
    #modify
    #"fast_open":true
  • add firewall port (optional)

    1
    2
    3
    4
    5
    iptables -I INPUT -m state — state NEW -m tcp -p tcp — dport <newport> -j ACCEPT
    iptables -I INPUT -m state — state NEW -m udp -p udp — dport <newport> -j ACCEPT
    #<newport> with new port
    /etc/init.d/iptables save
    /etc/init.d/iptables restart
  • 重启 ss

/etc/init.d/shadowsocks restart

  • 部署锐速 (本人失败, 不支持的内核)
  • BBR加速 (ref:安装锐速加速:不支持的内核 #81

    1
    2
    3
    4
    yum -y install wget
    wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh
    chmod +x bbr.sh
    ./bbr.sh
  • 填 anyconnection server 的天坑


酸酸乳 SSR

酸酸 好像有时候会无缘无故上不去,于是更换了听说更加安全的 酸酸乳,也改了服务器到🇫🇷

  • 同样安装大神的脚本

    1
    2
    3
    wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocksR.sh
    chmod +x shadowsocksR.sh
    ./shadowsocksR.sh 2>&1 | tee shadowsocksR.log
  • 同样选择密码和 port 号等,之后更改可以在 nano /etc/shadowsocks.json

  • 重启 /etc/init.d/shadowsocks restart

Google BBR and Optimize the Server

  • BBR

    1
    2
    3
    4
    wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh
    chmod +x bbr.sh
    ./bbr.sh #may need reboot
    lsmod | grep bbr #show "tcp_bbr"
  • Optimize the Server

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    nano /etc/sysctl.conf
    #add after = bbr line

    fs.file-max = 51200
    net.core.rmem_max = 67108864
    net.core.wmem_max = 67108864
    net.core.netdev_max_backlog = 250000
    net.core.somaxconn = 4096
    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_tw_reuse = 1
    net.ipv4.tcp_tw_recycle = 0
    net.ipv4.tcp_fin_timeout = 30
    net.ipv4.tcp_keepalive_time = 1200
    net.ipv4.ip_local_port_range = 10000 65000
    net.ipv4.tcp_max_syn_backlog = 8192
    net.ipv4.tcp_max_tw_buckets = 5000
    net.ipv4.tcp_fastopen = 3
    net.ipv4.tcp_mem = 25600 51200 102400
    net.ipv4.tcp_rmem = 4096 87380 67108864
    net.ipv4.tcp_wmem = 4096 65536 67108864
    net.ipv4.tcp_mtu_probing = 1
    #save

    sysctl -p #apply the settings

    nano /etc/security/limits.conf
    #add
    * soft nofile 51200
    * hard nofile 51200
    #save

    nano /etc/pam.d/common-session
    #add
    session required pam_limits.so
    nano /etc/profile
    #add
    ulimit -n 51200

    ulimit -n 51200 #apply

    /etc/init.d/shadowsocks restart #restart the ssr
  • Share your server

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    nano /etc/shadowsocks.json
    #edit

    {
    "server":"0.0.0.0",
    "server_ipv6":"::",
    "port_password": {
    "443": "password1",
    "1194": "password2",
    "8000": "password3",
    "8383": "password4",
    "8384": "password5",
    "3000": "password6",
    "3001": "password7",
    "3002": "password8",
    "3003": "password9",
    "3004": "password10",
    "3005": "password11",
    "3006": "password12",
    "3007": "password13",
    "3008": "password14",
    "3009": "password15",
    "3010": "password16"
    },
    "local_address":"127.0.0.1",
    "local_port":1080,
    "timeout":120,
    "method":"chacha20",
    "protocol":"origin",
    "protocol_param":"",
    "obfs":"http_simple_compatible",
    "obfs_param":"",
    "redirect":"",
    "dns_ipv6":false,
    "fast_open":true,
    "workers":1
    }

    /etc/init.d/shadowsocks restart #restart ssr

Client端配置

建议移步至酸酸乳

酸酸

酸酸乳

Linux

  1. Install dependencies
1
sudo apt-get install git python-m2crypto libsodium18
  1. Get SSR
1
2
cd ~/Downloads
git clone -b manyuser https://github.com/shadowsocksrr/shadowsocksr.git
  1. Edit configuration json
1
sudo nano /etc/shadowsocks.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
{
"server":"12.34.56.78",
"server_ipv6":"::",
"server_port":8388,
"local_address":"127.0.0.1",
"local_port":1080,
"password":"happy2017",
"timeout":300,
"udp_timeout":60,
"method":"aes-256-ctr",
"protocol":"auth_aes128_md5", //origin
"protocol_param":"",
"obfs":"tls1.2_ticket_auth", //http_simple
"obfs_param":"",
"fast_open":true,
"workers":1
}
  1. Run
1
sudo python ~/Downloads/shadowsocksr/shadowsocks/local.py -c /etc/shadowsocks.json -d start
  1. Check running (option)
1
sudo tail /var/log/shadowsocksr.log
  1. Stop
1
sudo python ~/Downloads/shadowsocksr/shadowsocks/local.py -c /etc/shadowsocks.json -d stop

Browsers

Git

  • 设置git代理
1
2
3
# shadowsocks的本地端口默认是1080
git config --global http.proxy ‘socks5://127.0.0.1:1080’
git config --global https.proxy ‘socks5://127.0.0.1:1080’
  • 取消git代理
1
2
git config --global --unset http.proxy
git config --global --unset https.proxy

Terminal

  • 设置ALL_PROXY, 可以通过curl -i http://ip.cn 查看IP改变来测试是否生效
1
2
3
4
export ALL_PROXY=socks5://127.0.0.1:1080 #设置代理
curl -i http://ip.cn #查看ip测试是否生效

unset ALL_PROXY #清除代理
  • Or edit ~/.zshrc or ~/.bashrc

_(拓展1 / 拓展2)_

1
2
export http_proxy="socks5://127.0.0.1:1080"
export https_proxy="socks5://127.0.0.1:1080"

Reference

-心累-

Author: VINCEC

Permalink: https://vince-amazing/blog/2018/05/15/ss-ssr/

Date: May 15th 2018, 9:09:26

Copyright license: The article usingCC licensing 4.0

CATALOG
  1. 1. Server端配置
    1. 1.1. 酸酸 SS
    2. 1.2. 酸酸乳 SSR
    3. 1.3. Google BBR and Optimize the Server
  2. 2. Client端配置
    1. 2.1. 酸酸
      1. 2.1.1. Win-ss
      2. 2.1.2. Mac-ss
      3. 2.1.3. Android-ss
      4. 2.1.4. IOS(国区下架情况)- ss
    2. 2.2. 酸酸乳
      1. 2.2.1. Win-ssr
      2. 2.2.2. Mac-ssr
      3. 2.2.3. Android-ssr
      4. 2.2.4. IOS(国区下架情况)- ssr
    3. 2.3. Linux
    4. 2.4. Browsers
    5. 2.5. Git
    6. 2.6. Terminal
  3. 3. Reference