当前位置:首页 > 资讯 > 热门博客 > 正文

在CentOS 6.6上安装ShadowSocks服务端

发表于: 2015-05-10   作者:stock0991   来源:转载   浏览:
摘要: 1、查看系统[root@localhost ~]# cat /etc/issue CentOS release 6.6 (Final) [root@localhost ~]# uname -a Linux localhost.localdomain 2.6.32-042stab106.6 #1 SMP Mon Apr 20 14:48:47 MSK 2015 x86_64 x86_64 x86_6

1、查看系统

[root@localhost ~]# cat /etc/issue
CentOS release 6.6 (Final)
[root@localhost ~]# uname -a
Linux localhost.localdomain 2.6.32-042stab106.6 #1 SMP Mon Apr 20 14:48:47 MSK 2015 x86_64 x86_64 x86_64 GNU/Linux


2、安装ShadowSocks

# yum install python-setuptools && easy_install pip
# pip install shadowsocks


3、创建配置文件/etc/shadowsocks.json

[root@localhost /]# touch /etc/shadowsocks.json
[root@localhost /]# vi /etc/shadowsocks.json
{
"server":"138.128.208.158",
"server_port":443,
"local_address": "127.0.0.1",
"local_port":1080,
"password":"MyPass",
"timeout":300,
"method":"rc4-md5"
}

备注:加密方式官方默认使用aes-256-cfb,推荐使用rc4-md5,因为 RC4比AES速度快好几倍。

各字段说明:

    server:服务器IP

    server_port:服务器端口

    local_port:本地端端口

    password:用来加密的密码

    timeout:超时时间(秒)

    method:加密方法,可选择 “bf-cfb”, “aes-256-cfb”, “des-cfb”, “rc4″等


4、使用配置文件在后台运行shadowsocks服务

[root@localhost /]# ssserver -c /etc/shadowsocks.json -d start


备注:若无配置文件,在后台可以使用一下命令运行:

[root@localhost /]# ssserver -p 443 -k MyPass -m rc4-md5 -d start


5、停止服务

[root@localhost /]# ssserver -c /etc/shadowsocks.json -d stop


6、添加开机自启动服务

[root@localhost opt]# vi /etc/init.d/shadowsocks

添加如下内容:

#!/bin/sh
# chkconfig: 2345 90 10
# description: Start or stop the Shadowsocks server
#
### BEGIN INIT INFO
# Provides: Shadowsocks
# Required-Start: $network $syslog
# Required-Stop: $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: Start or stop the Shadowsocks server
### END INIT INFO
# Author: xju <qing0991@163.com>
name=shadowsocks
BIN=/usr/bin/ssserver
conf=/etc/shadowsocks.json
start(){
    $BIN -c $conf -d start
    RETVAL=$?
    if [ "$RETVAL" = "0" ]; then
        echo "$name start success"
    else
        echo "$name start failed"
    fi
}
stop(){
    pid=`ps -ef | grep -v grep | grep -v ps | grep -i "${BIN}" | awk '{print $2}'`
    if [ ! -z $pid ]; then
        $BIN -c $conf -d stop
        RETVAL=$?
        if [ "$RETVAL" = "0" ]; then
            echo "$name stop success"
        else
            echo "$name stop failed"
        fi
    else
        echo "$name is not running"
        RETVAL=1
    fi
}
status(){
    pid=`ps -ef | grep -v grep | grep -v ps | grep -i "${BIN}" | awk '{print $2}'`
    if [ -z $pid ]; then
        echo "$name is not running"
        RETVAL=1
    else
        echo "$name is running with PID $pid"
        RETVAL=0
    fi
}
case "$1" in
'start')
    start
    ;;
'stop')
    stop
    ;;
'status')
    status
    ;;
'restart')
    stop
    start
    RETVAL=$?
    ;;
*)
    echo "Usage: $0 { start | stop | restart | status }"
    RETVAL=1
    ;;
esac
exit $RETVAL

添加执行权限:

[root@localhost ~]# chmod a+x  /etc/init.d/shadowsocks

添加开机自动服务:

[root@localhost ~]# chkconfig --add shadowsocks
[root@localhost ~]# chkconfig --list shadowsocks
Note: This output shows SysV services only and does not include native
      systemd services. SysV configuration data might be overridden by native
      systemd configuration.
      If you want to list systemd services use 'systemctl list-unit-files'.
      To see services enabled on particular target use
      'systemctl list-dependencies [target]'.
shadowsocks    0:off1:off2:on3:on4:on5:on6:off


启动停止服务:

[root@localhost ~]# service shadowsocks status
shadowsocks is running with PID 507
[root@localhost ~]# shadowsocks stop          
-bash: shadowsocks: command not found
[root@localhost ~]# service shadowsocks status
shadowsocks is running with PID 507
[root@localhost ~]# service shadowsocks stop  
INFO: loading config from /etc/shadowsocks.json
stopped
shadowsocks stop success
[root@localhost ~]# service shadowsocks start
INFO: loading config from /etc/shadowsocks.json
2015-10-01 03:50:54 INFO     loading libcrypto from libcrypto.so.10
started
shadowsocks start success
[root@localhost ~]# service shadowsocks restart
INFO: loading config from /etc/shadowsocks.json
stopped
shadowsocks stop success
INFO: loading config from /etc/shadowsocks.json
2015-10-01 03:51:04 INFO     loading libcrypto from libcrypto.so.10
started
shadowsocks start success



备注:(1)开机自启动服务可以简单设置:

    # vi /etc/rc.local

    ssserver -c /etc/shadowsocks.json -d start

  (2)若要配置多个用户,可以添加配置文件如/etc/shadowsocks1.json,设置不同的端口号(如:444)就行。


7、优化服务

7.1 increase the maximum number of open file descriptors

# vi /etc/security/limits.conf

* soft nofile 51200
* hard nofile 51200

执行:

# ulimit -n 51200


7.2 Tune the kernel parameters

# vi /etc/sysctl.conf

fs.file-max = 51200


net.core.rmem_max = 67108864

net.core.wmem_max = 67108864

net.core.netdev_max_backlog = 250000

net.core.somaxconn = 4096


net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_tw_recycle = 0

net.ipv4.tcp_fin_timeout = 30

net.ipv4.tcp_keepalive_time = 1200

net.ipv4.ip_local_port_range = 10000 65000

net.ipv4.tcp_max_syn_backlog = 8192

net.ipv4.tcp_max_tw_buckets = 5000

net.ipv4.tcp_fastopen = 3

net.ipv4.tcp_mem = 25600 51200 102400

net.ipv4.tcp_rmem = 4096 87380 67108864

net.ipv4.tcp_wmem = 4096 65536 67108864

net.ipv4.tcp_mtu_probing = 1

net.ipv4.tcp_congestion_control = hybla


执行:

# sysctl -p


重启shadowsocks服务:

# servie shadowsocks restart



备注:若要配置多用户模式,只需修改配置文件:

[root@localhost ~]# cat  /etc/shadowsocks.json
{
    "server":"145.78.20.216",
    "port_password":{
        "9000":"MyPass1",
        "9001":"MyPass2",
        "9002":"MyPass3"
    },
    "local_address":"127.0.0.1",
    "local_port":1080,
    "timeout":300,
    "method":"rc4-md5"
}




参考文献:

http://shadowsocks.org/en/index.html

https://github.com/shadowsocks/shadowsocks/wiki/Shadowsocks-使用说明

http://wuchong.me/blog/2015/02/02/shadowsocks-install-and-optimize/

http://shadowsocks.org/en/config/advanced.html











本文出自 “IT技术学习与交流” 博客,谢绝转载!

在CentOS 6.6上安装ShadowSocks服务端

  • 0

    开心

    开心

  • 0

    板砖

    板砖

  • 0

    感动

    感动

  • 0

    有用

    有用

  • 0

    疑问

    疑问

  • 0

    难过

    难过

  • 0

    无聊

    无聊

  • 0

    震惊

    震惊

版权所有 IT知识库 CopyRight © 2009-2015 IT知识库 IT610.com , All Rights Reserved. 京ICP备09083238号