安装:
登录centos:
安装SSR
yum install m2crypto git libsodium
git clone -b manyuser https://github.com/breakwa11/shadowsocks.git
执行完成后会出现shadowsocks目录,根目录是数据库版,个人用户忽略,子目录的shadowsocks是单用户版本,即/shadowsocks/shadowsocks
cd shadowsocks/shadowsocks
python server.py -p 8778 -k password -m rc4-md5 -o http_simple
# -p 端口 -k 密码 -m 加密方式 -o 混淆插件
如果要后台运行
python server.py -p 8778 -k password -m rc4-md5 -o http_simple -d start
如果要停止/重启
python server.py -d stop/restart
查看日志:
tail -f /var/log/shadowsocks.log
也可通过配置文件启动
建立配置文件
vi /etc/shadowsocks.json
{
"server": "0.0.0.0",
"server_ipv6": "::",
"server_port": 8888,
"local_address": "127.0.0.1",
"local_port": 1080,
"password": "password",
"timeout": 600,
"method": "rc4-md5",
"protocol": "auth_sha1_v2", //不使用混淆插件写成:"origin"
"protocol_param": "",
"obfs": "tls1.2_ticket_auth", //不使用混淆插件写成: "plain"
"obfs_param": "",
"redirect": "",
"dns_ipv6": false,
"fast_open": true,
"workers": 1
}
运行执行配置文件:
python ./shadowsocks/shaowsocks/server.py /etc/shadowsocks.json -d start
加入启动项:
新建启动脚本:
vi /etc/systemd/system/shadowsocks.service
[Unit]
Description=Start or stop the Shadowsocks R server
After=network.target
Wants=network.target
[Service]
Type=forking
PIDFile=/var/run/shadowsocks.pid
ExecStart=/usr/bin/python /shadowsocks/shadowsocks/server.py --pid-file /var/run/shadowsocks.pid -c /etc/shadowsocks.json -d start
ExecStop=/usr/bin/python /shadowsocks/shadowsocks/server.py --pid-file /var/run/shadowsocks.pid -c /etc/shadowsocks.json -d stop
[Install]
WantedBy=multi-user.target
执行以下命令启动shadowsocks服务:
systemctl enable shadowsocks
systemctl start shadowsocks
查看状态:
systemctl status shadowsocks
如果成功返回Activ: activ (running)等信息。
ss优化:
编辑文件 limits.conf
vi /etc/security/limits.conf
增加以下两行
* soft nofile 51200
* hard nofile 51200
启动shadowsocks服务器之前,设置以下参数
ulimit -n 51200
调整TCP拥塞控制算法为hybla
sysctl net.ipv4.tcp_available_congestion_control
得到
net.ipv4.tcp_available_congestion_control = cubic reno
表示我们系统的TCP拥塞控制算法只能选择cubic或者reno算发,hybla算法并没有启用,我们就要启用hybla算法。
运行:
/sbin/modprobe tcp_hybla
sysctl net.ipv4.tcp_available_congestion_control
得到net.ipv4.tcp_available_congestion_control = cubic reno hybla
这时表明hybla已经可以使用了。
调整内核参数:
修改配置文件 /etc/sysctl.conf
fs.file-max = 51200
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 4096
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_congestion_control = hybla
修改后执行 sysctl -p 使配置生效
启动ssr服务即可。
(完)
没有评论:
发表评论