近来因形势不同以往,大墙发威,梯子不结实了,无奈,只能另辟蹊径。现觅得佳法,随小记以备后用。
零、前置工作
UBUNTU开放端口
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
$('.top').click(function () {
$('html, body').stop().animate({ scrollTop: 0 }, 'slow', 'swing');
});
$(window).scroll(function () {
if ($(this).scrollTop() > $(window).height()) {
$('.top').addClass("top-active");
} else {
$('.top').removeClass("top-active");
};
});
删除防火墙
apt-get purge netfilter-persistent
apt-get remove ufw
reboot
一、安装Go
X86-X64
wget "https://go.dev/dl/$(curl https://go.dev/VERSION?m=text).linux-amd64.tar.gz"
ARM
wget "https://go.dev/dl/$(curl https://go.dev/VERSION?m=text).linux-arm64.tar.gz"
X86-X64
tar -xf go*.linux-amd64.tar.gz -C /usr/local/
ARM
tar -xf go*.linux-arm64.tar.gz -C /usr/local/
echo 'export GOROOT=/usr/local/go' >> /etc/profile
echo 'export PATH=$GOROOT/bin:$PATH' >> /etc/profile
source /etc/profile
二、查看go是否安装成功
go version
三、安装 NaiveProxy 服务端(Caddy)
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive
上一步需要等一段时间
四、编译完成后,将 caddy 文件夹拷贝到 /usr/bin 目录
cp caddy /usr/bin/
/usr/bin/caddy version
setcap cap_net_bind_service=+ep /usr/bin/caddy
使用setcap命令设置 /usr/bin/caddy 可以非ROOT用户启动1024以下端口
setcap -r /usr/bin/caddy
清除附加权限
五、开启BBR
bash -c 'echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf'
bash -c 'echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf'
sysctl -p
六、配置Caddy
mkdir /etc/caddy/
vi /etc/caddy/Caddyfile
填入如下信息:
:443, example.com
tls [email protected]
route {
forward_proxy {
basic_auth yourname pass
hide_ip
hide_via
probe_resistance
}
file_server {
root /var/www/html
}
}
添加个helloword小网站
mkdir /var/www/html
cd /var/www/html
touch index.html
vi index.html
添加以下内容
<H2>Hello, World!To the world!!<H2>
保存退出
七、启动Caddy配置文件
caddy fmt --overwrite /etc/caddy/Caddyfile
格式化配置文件
caddy run --config /etc/caddy/Caddyfile
启动配置文件
八、创建自启动文件
vi /etc/systemd/system/naive.service
粘贴以下内容
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=root
Group=root
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
九、启动
systemctl daemon-reload
systemctl enable naive
systemctl start naive
systemctl status naive
十、服务端配置完毕,配置客户端
{
"listen": "socks://127.0.0.1:1080",
"proxy": "https://user:[email protected]",
"log": ""
}
