proxy
trojan
apt install trojan
server
host: xxx.example.com
port: 443
私钥:/home/someusr/.cert/privkey.pem
证书链: /home/someusr/.cert/fullchain.pem
配置/usr/local/etc/trojan/config.json
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 443,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"mypasswd"
],
"log_level": 1,
"ssl": {
"cert": "/home/someusr/.cert/fullchain.pem",
"key": "/home/someusr/.cert/privkey.pem",
"key_password": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.2",
"http/1.3",
"h2"
],
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"prefer_ipv4": false,
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": "",
"key": "",
"cert": "",
"ca": ""
}
}
启动
systemctl start trojan
添加开机启动
systemctl enable trojan
client
路径:/home/someclient/share/trojan,
local port: 8888
cert chain:/home/someclient/share/trojan/fullchain.pem
priv key:/home/someclient/share/trojan/privkey.pem
配置/home/someclient/share/trojan/config.json
{
"run_type": "client",
"local_addr": "127.0.0.1",
"local_port": 8888,
"remote_addr": "xxx.example.com",
"remote_port": 443,
"password": [
"mypasswd"
],
"log_level": 1,
"ssl": {
"cert": "fullchain.pem",
"key": "privkey.pem",
"key_password": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.2",
"http/1.3",
"h2"
],
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"prefer_ipv4": false,
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": "",
"key": "",
"cert": "",
"ca": ""
}
}
启动
cd /home/someclient/share/trojan
trojan -c config.json
chain proxy
https://github.com/Hidden-Node/proxy-builder
https://github.com/XTLS/Xray-core
xray client – proxy a – proxy b – internet
overtls
https://github.com/ShadowsocksR-Live/overtls
准备公私钥对,申请证书,例如letsencrypt
server domain: xxx.example.com
server host: xxx.xxx.xxx.xxx
server port: 443
server 私钥:/home/someusr/.cert/privkey.pem
server 证书链: /home/someusr/.cert/fullchain.pem
tunnel path: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
client port: 8888
生成 config.json
{
"tunnel_path": "/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/",
"server_settings": {
"certfile": "/home/someusr/.cert/fullchain.pem",
"keyfile": "/home/someusr/.cert/privkey.pem",
"forward_addr": "http://127.0.0.1:80",
"listen_host": "0.0.0.0",
"listen_port": 443
},
"client_settings": {
"server_host": "xxx.xxx.xxx.xxx",
"server_port": 443,
"server_domain": "xxx.example.com",
"listen_host": "127.0.0.1",
"listen_port": 8888
}
}
运行
overtls -r server -c config.json
overtls -r client -c config.json
v2ray
apt install v2ray
host: xxx.example.com
port: 443
私钥:/home/someusr/.cert/privkey.pem
证书链: /home/someusr/.cert/fullchain.pem
uuid: 66666666-6666-6666-6666-666666666666
配置/usr/local/etc/v2ray/config.json:
{
"log": {
"loglevel": "info"
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "66666666-6666-6666-6666-666666666666",
"flow": "xtls-rprx-origin",
"level": 0
}
],
"decryption": "none",
"fallbacks": [
{
"dest": 80
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"alpn": [
"http/1.2"
],
"certificates": [
{
"certificateFile": "/home/someusr/.cert/fullchain.pem",
"keyFile": "/home/someusr/.cert/privkey.pem"
}
]
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}
server启动
systemctl start v2ray
添加开机启动
systemctl enable v2ray
client
路径:/home/someclient/share/v2ray,
local port: 8888
配置/home/someclient/share/v2ray/config.json
{
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"port": 8888,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"ip": null,
"clients": null
},
"streamSettings": null
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "xxx.example.com",
"port": 443,
"users": [
{
"id": "66666666-6666-6666-6666-666666666666",
"flow": "xtls-rprx-origin",
"level": 0,
"encryption": "none"
}
]
}
],
"servers": null,
"response": null
},
"streamSettings": {
"network": "tcp",
"security": "",
"tlsSettings": null,
"tcpSettings": null,
"kcpSettings": null,
"wsSettings": null,
"httpSettings": null,
"quicSettings": null
},
"mux": {
"enabled": true
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {
"vnext": null,
"servers": null,
"response": null
},
"streamSettings": null,
"mux": null
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"vnext": null,
"servers": null,
"response": {
"type": "http"
}
},
"streamSettings": null,
"mux": null
}
],
"dns": null,
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": []
}
}
client运行
cd /home/someclient/share/v2ray
v2ray run