shell脚本-ssr科学上网
AI-摘要
KunKunYu GPT
AI初始化中...
介绍自己
生成本文简介
推荐相关文章
前往主页
前往tianli博客
1.1 centos7部署
参考网址<https://tlanyan.me/shadowsock-clients/>
我是安装完成后有链接,但是不能用。bash <(curl -sL https://s.hijk.art/ss.sh)
```
或者
```yaml
#!/bin/bash
# shadowsocksR/SSR CentOS 7/8一键安装教程
# Author: zakkary<https://www.wangairui.com>
echo "#############################################################"
echo "# CentOS 7/8 ShadowsocksR/SSR 一键安装脚本 #"
echo "# 网址: https://www.wangairui.com #"
echo "# 作者: zakkary #"
echo "#############################################################"
echo ""
red='\033[0;31m'
green="\033[0;32m"
plain='\033[0m'
FILENAME="ShadowsocksR-v3.2.2"
URL="https://github.com/shadowsocksrr/shadowsocksr/archive/3.2.2.tar.gz"
BASE=`pwd`
function checkSystem()
{
result=$(id | awk '{print $1}')
if [ $result != "uid=0(root)" ]; then
echo "请以root身份执行该脚本"
exit 1
fi
if [ ! -f /etc/centos-release ];then
res=`which yum`
if [ "$?" != "0" ]; then
echo "系统不是CentOS"
exit 1
fi
else
result=`cat /etc/centos-release|grep -oE "[0-9.]+"`
main=${result%%.*}
if [ $main -lt 7 ]; then
echo "不受支持的CentOS版本"
exit 1
fi
fi
}
function getData()
{
read -p "请设置SSR的密码(不输入则随机生成):" password
[ -z "$password" ] && password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1`
echo ""
echo "密码: $password"
echo ""
while true
do
read -p "请设置SSR的端口号[1-65535]:" port
[ -z "$port" ] && port="12345"
expr $port + 0 &>/dev/null
if [ $? -eq 0 ]; then
if [ $port -ge 1 ] && [ $port -le 65535 ]; then
echo ""
echo "端口号: $port"
echo ""
break
else
echo "输入错误,端口号为1-65535的数字"
fi
else
echo "输入错误,端口号为1-65535的数字"
fi
done
echo "请选择SSR的加密方式:"
echo "1)aes-256-cfb"
echo "2)aes-192-cfb"
echo "3)aes-128-cfb"
echo "4)aes-256-ctr"
echo "5)aes-192-ctr"
echo "6)aes-128-ctr"
echo "7)aes-256-cfb8"
echo "8)aes-192-cfb8"
echo "9)aes-128-cfb8"
echo "10)camellia-128-cfb"
echo "11)camellia-192-cfb"
echo "12)camellia-256-cfb"
echo "13)chacha20-ietf"
read -p "请选择加密方式(默认aes-256-cfb)" answer
if [ -z "$answer" ]; then
method="aes-256-cfb"
else
case $answer in
1)
method="aes-256-cfb"
;;
2)
method="aes-192-cfb"
;;
3)
method="aes-128-cfb"
;;
4)
method="aes-256-ctr"
;;
5)
method="aes-192-ctr"
;;
6)
method="aes-128-ctr"
;;
7)
method="aes-256-cfb8"
;;
8)
method="aes-192-cfb8"
;;
9)
method="aes-128-cfb8"
;;
10)
method="camellia-128-cfb"
;;
11)
method="camellia-192-cfb"
;;
12)
method="camellia-256-cfb"
;;
13)
method="chacha20-ietf"
;;
*)
echo "无效的选择,使用默认加密方式"
method="aes-256-cfb"
esac
fi
echo ""
echo "加密方式: $method"
echo ""
echo "请选择SSR的协议:"
echo "1)origin"
echo "2)verify_deflate"
echo "3)auth_sha1_v4"
echo "4)auth_aes128_md5"
echo "5)auth_aes128_sha1"
echo "6)auth_chain_a"
echo "7)auth_chain_b"
echo "8)auth_chain_c"
echo "9)auth_chain_d"
echo "10)auth_chain_e"
echo "11)auth_chain_f"
read -p "请选择加密方式(默认origin)" answer
if [ -z "$answer" ]; then
protocol="origin"
else
case $answer in
1)
protocol="origin"
;;
2)
protocol="verify_deflate"
;;
3)
protocol="auth_sha1_v4"
;;
4)
protocol="auth_aes128_md5"
;;
5)
protocol="auth_aes128_sha1"
;;
6)
protocol="auth_chain_a"
;;
7)
protocol="auth_chain_b"
;;
8)
protocol="auth_chain_c"
;;
9)
protocol="auth_chain_d"
;;
10)
protocol="auth_chain_e"
;;
11)
protocol="auth_chain_f"
;;
*)
echo "无效的选择,使用默认协议"
protocol="origin"
esac
fi
echo ""
echo "协议: $protocol"
echo ""
echo "请选择SSR混淆模式:"
echo "1)plain"
echo "2)http_simple"
echo "3)http_post"
echo "4)tls1.2_ticket_auth"
echo "5)tls1.2_ticket_fastauth"
read -p "请选择混淆模式(默认plain)" answer
if [ -z "$answer" ]; then
obfs="plain"
else
case $answer in
1)
obfs="plain"
;;
2)
obfs="http_simple"
;;
3)
obfs="http_post"
;;
4)
obfs="tls1.2_ticket_auth"
;;
5)
obfs="tls1.2_ticket_fastauth"
;;
*)
echo "无效的选择,使用默认混淆模式"
obfs="plain"
esac
fi
echo ""
echo "混淆: $obfs"
echo ""
}
function preinstall()
{
sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 60/' /etc/ssh/sshd_config
systemctl restart sshd
ret=`nginx -t`
if [ "$?" != "0" ]; then
echo "更新系统..."
yum update -y
fi
echo "安装必要软件"
yum install -y epel-release telnet curl wget vim net-tools libsodium openssl unzip tar
if [ $main -eq 8 ]; then
ln -s /usr/bin/python3 /usr/bin/python
fi
yum install -y nginx
systemctl enable nginx && systemctl restart nginx
if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then
sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config
setenforce 0
fi
}
function installSSR()
{
if [ ! -d /usr/local/shadowsocks ]; then
echo 下载安装文件
if ! wget --no-check-certificate -O ${FILENAME}.tar.gz ${URL}; then
echo -e "[${red}Error${plain}] 下载文件失败!"
exit 1
fi
tar -zxf ${FILENAME}.tar.gz
mv shadowsocksr-3.2.2/shadowsocks /usr/local
if [ ! -f /usr/local/shadowsocks/server.py ]; then
echo "安装失败,请到 https://www.hijk.pw 网站反馈"
cd ${BASE} && rm -rf shadowsocksr-3.2.2 ${FILENAME}.tar.gz
exit 1
fi
fi
cat > /etc/shadowsocksR.json<<-EOF
{
"server":"0.0.0.0",
"server_ipv6":"[::]",
"server_port":${port},
"local_port":1080,
"password":"${password}",
"timeout":600,
"method":"${method}",
"protocol":"${protocol}",
"protocol_param":"",
"obfs":"${obfs}",
"obfs_param":"",
"redirect":"",
"dns_ipv6":false,
"fast_open":false,
"workers":1
}
EOF
cat > /usr/lib/systemd/system/shadowsocksR.service <<-EOF
[Unit]
Description=shadowsocksR
Documentation=https://www.hijk.pw/
After=network-online.target
Wants=network-online.target
[Service]
Type=forking
LimitNOFILE=32768
ExecStart=/usr/local/shadowsocks/server.py -c /etc/shadowsocksR.json -d start
ExecReload=/bin/kill -s HUP \$MAINPID
ExecStop=/bin/kill -s TERM \$MAINPID
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable shadowsocksR && systemctl restart shadowsocksR
sleep 3
res=`netstat -nltp | grep ${port} | grep python`
if [ "${res}" = "" ]; then
echo "ssr启动失败,请检查端口是否被占用!"
exit 1
fi
}
function setFirewall()
{
systemctl status firewalld > /dev/null 2>&1
if [ $? -eq 0 ];then
firewall-cmd --permanent --add-port=${port}/tcp
firewall-cmd --permanent --add-port=${port}/udp
firewall-cmd --permanent --add-service=http
firewall-cmd --reload
fi
}
function installBBR()
{
result=$(lsmod | grep bbr)
if [ "$result" != "" ]; then
echo BBR模块已安装
echo "3" > /proc/sys/net/ipv4/tcp_fastopen
echo "net.ipv4.tcp_fastopen = 3" >> /etc/sysctl.conf
bbr=true
return
fi
if [ $main -eq 8 ]; then
echo "tcp_bbr" >> /etc/modules-load.d/modules.conf
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
bbr=true
return
fi
echo 安装BBR模块...
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-ml -y
yum remove kernel-3.* -y
grub2-set-default 0
echo "tcp_bbr" >> /etc/modules-load.d/modules.conf
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
echo "3" > /proc/sys/net/ipv4/tcp_fastopen
echo "net.ipv4.tcp_fastopen = 3" >> /etc/sysctl.conf
bbr=false
}
function info()
{
ip=`curl -s -4 icanhazip.com`
port=`cat /etc/shadowsocksR.json | grep server_port | cut -d: -f2 | tr -d \",' '`
res=`netstat -nltp | grep ${port} | grep python`
[ -z "$res" ] && status="${red}已停止${plain}" || status="${green}正在运行${plain}"
password=`cat /etc/shadowsocksR.json | grep password | cut -d: -f2 | tr -d \",' '`
method=`cat /etc/shadowsocksR.json | grep method | cut -d: -f2 | tr -d \",' '`
protocol=`cat /etc/shadowsocksR.json | grep protocol | cut -d: -f2 | tr -d \",' '`
obfs=`cat /etc/shadowsocksR.json | grep obfs | cut -d: -f2 | tr -d \",' '`
echo ============================================
echo -e " ssr运行状态:${status}"
echo -e " ssr配置文件:${red}/etc/shadowsocksR.json${plain}"
echo ""
echo -e "${red}ssr配置信息:${plain}"
echo -e " IP(address): ${red}${ip}${plain}"
echo -e " 端口(port):${red}${port}${plain}"
echo -e " 密码(password):${red}${password}${plain}"
echo -e " 加密方式(method): ${red}${method}${plain}"
echo -e " 协议(protocol):" ${red}${protocol}${plain}
echo -e " 混淆(obfuscation):" ${red}${obfs}${plain}
echo
echo ============================================
}
function bbrReboot()
{
if [ "${bbr}" == "false" ]; then
echo
echo 为使BBR模块生效,系统将在30秒后重启
echo
echo -e "您可以按 ctrl + c 取消重启,稍后输入 ${red}reboot${plain} 重启系统"
sleep 30
reboot
fi
}
function install()
{
echo -n "系统版本: "
cat /etc/centos-release
checkSystem
getData
preinstall
installBBR
installSSR
setFirewall
info
cd ${BASE} && rm -rf shadowsocksr-3.2.2 ${FILENAME}.tar.gz
bbrReboot
}
function uninstall()
{
read -p "您确定真的要卸载SSR吗?(y/n)" answer
[ -z ${answer} ] && answer="n"
if [ "${answer}" == "y" ] || [ "${answer}" == "Y" ]; then
rm -f /etc/shadowsocksR.json
rm -f /var/log/shadowsocks.log
rm -rf /usr/local/shadowsocks
systemctl disable shadowsocksR && systemctl stop shadowsocksR && rm -rf /usr/lib/systemd/system/shadowsocksR.service
fi
echo -e " ${red}卸载成功${plain}"
}
action=$1
[ -z $1 ] && action=install
case "$action" in
install|uninstall|info)
${action}
;;
*)
echo "参数错误"
echo "用法: `basename $0` [install|uninstall]"
;;
esac1.2 Ubuntu配置Shadowsocks翻墙
#!/bin/bash
# Ubuntu配置Shadowsocks翻墙
# 2019-09-18
# 参考:http://blog.dongfei.xin/2018-04-13/Centos-%E9%85%8D%E7%BD%AE-Shadowsocks-%E7%BF%BB%E5%A2%99/
echo "#############################################################"
echo "# ubuntu/CentOS6 ShadowsocksR/SSR 一键安装脚本 #"
echo "# 网址: https://www.wangairui.com #"
echo "# 作者: zakkary #"
echo "#############################################################"
echo ""
SYSTEM_VERSION=$(cat /etc/os-release | head -n 1 | awk -F'"' '{print $2}')
echo "系统版本:${SYSTEM_VERSION}"
sleep 10
# 配置/etc/shadowsocks.json
function shadowsocks(){
# 服务器IP
SERVER_IP="68.183.225.185"
# 服务器端口
SERVER_PORT="15337"
# 密码
SERVER_PASSWORD="ssx.re-02268564"
# 加密方式
SERVER_METHOD="aes-256-cfb"
cat > /etc/shadowsocks.json << EOF
{
"server": "${SERVER_IP}",
"server_port": "${SERVER_PORT}",
"local_address": "127.0.0.1",
"local_port": 1080,
"password": "${SERVER_PASSWORD}",
"timeout": 300,
"method": "${SERVER_METHOD}",
"fast_open": false,
"workers": 1
}
EOF
}
# Socks5全局代理
function socks5_install(){
# 安装sslocal
SYSTEM_VERSION=$(cat /etc/os-release | head -n 1 | awk -F'"' '{print $2}')
[[ ${SYSTEM_VERSION} == "Ubuntu" ]] && sudo apt update && sudo apt install -y python-pip || sudo yum install -y epel-release python-pip
sudo pip install shadowsocks
# 配置/etc/shadowsocks.json
shadowsocks
# 运行sslocal
nohup sslocal -c /etc/shadowsocks.json &>> /var/log/sslocal.log &
}
# Privoxy篇
function privoxy_install(){
# 安装privoxy
SYSTEM_VERSION=$(cat /etc/os-release | head -n 1 | awk -F'"' '{print $2}')
[[ ${SYSTEM_VERSION} == "Ubuntu" ]] && sudo apt install -y privoxy || sudo yum install -y privoxy
# 配置socks5全局代理
echo 'forward-socks5 / 127.0.0.1:1080 .' >> /etc/privoxy/config
# 设置http/https代理
# privoxy默认监听端口为8118
export http_proxy=http://127.0.0.1:8118
export https_proxy=http://127.0.0.1:8118
# 运行privoxy
service privoxy start
}
# 测试
function test(){
# 测试socks5全局代理
curl www.google.com
# 有数据返回成功
}
function simplified_use(){
alias ssoff='unset http_proxy && unset https_proxy && systemctl stop privoxy && pkill sslocal'
alias ssinit='nohup sslocal -c /etc/shadowsocks.json &>> /var/log/sslocal.log &'
alias sson='export http_proxy=http://127.0.0.1:8118 && export https_proxy=http://127.0.0.1:8118 && systemctl start privoxy'
# 开启ss代理
echo -e "\033[31m开启ss代理:先初始化ssinit,然后开启代理sson\033[0m"
# ssinit
# sson
# 关闭ss代理
echo -e "\033[31m关闭ss代理:关闭ss代理ssoff\033[0m"
# ssoff
}
function main(){
socks5_install
privoxy_install
}
main1.3 ssr-linux客户端部署
首先,你需要一个shadowsocks帐号,用于翻墙。
然后我们在centos上安装shadowsocks软件。推荐通过pip安装。
### 1 很简单
```yaml
yum install python-pip
pip install shadowsocks
```
### 2 随后,我们配置好帐号密码,新建/etc/shadowsocks.json文件:
vim /etc/shadowsocks.json
```yaml
{
"server":"your_server_ip", #ss服务器IP
"server_port":your_server_port, #端口
"local_address": "127.0.0.1", #本地ip
"local_port":1080, #本地端口
"password":"your_server_passwd",#连接ss密码
"timeout":300, #等待超时
"method":"rc4-md5", #加密方式
}
```
### 3 启动:我的是在/usr/local/bin/sslocal
```yaml
sslocal -c /etc/shadowsocks.json
```
### 4安装Privoxy
直接使用yum安装即可
```yaml
yum install privoxy
```
### 5 安装好后,修改一下配置
```yaml
vim /etc/privoxy/config
```
### 6 搜索forward-socks5t,将 forward-socks5t / 127.0.0.1:9050 . 取消注释并修改为
```yaml
forward-socks5t / 127.0.0.1:1080 .
```
`注意最后有个点`
### 7 然后取消以下几行代码注释,本地网络不翻墙
```yaml
forward 192.168.*.*/ .
forward 10.*.*.*/ .
forward 127.*.*.*/ .
forward localhost/ .
```
### 8启动privoxy
```yaml
privoxy /etc/privoxy/config
```
### 9配置/etc/profile
执行vim /etc/profile,添加如下二句:
```yaml
vim /etc/profile.d/privoxy.sh
```
```yaml
export http_proxy=http://127.0.0.1:8118
export https_proxy=http://127.0.0.1:8118
```
### 10 修改后使配置生效
```yaml
source /etc/profile.d/privoxy.sh
```
### 11 测试执行
```yaml
wget www.google.com
```
判断是否成功
如果不能访问,请重启机器,依次打开shadowsocks和privoxy再测试
### 12 本机不走代理配置
如果有IP在本机不需要强制走代理则在环境变量中添加配置如下
```yaml
export no_proxy="127.0.0.1, localhost, IP_ADDRESS_1, IP_ADDRESS_2, ... "
export no_proxy="IP"
```- 感谢你赐予我前进的力量
-
微信 
支付宝
赞赏者名单
因为你们的支持让我意识到写文章的价值🙏
作者编辑不易,如有转载请注明出处。完整转载来自https://wangairui.com 网站名称:猫扑linux
阅读建议
评论
匿名评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果
