SS 是一款轻量级的 socks5 代理软件, 如果你有一台 VPS, 可以自己搭建 SS, 如果没有 vps, 可以通过我的推荐在 DigitalOcean 或者 Vultr 上购买一个 VPS. 下面简单介绍如何在 centos 7 下部署 SS.


目录

  1. A. Install SS
  2. B. Create a Shadowsocks Config
  3. C. Configure firewalld
  4. D. Create a Startup Service
  5. E. TCP Optimizing

SS 有好多版本, 一般的就是 python 版的, 安装也比较方便, 还有 go 和 erlang 版本的, c 版本的优化比较好.

A. Install SS

安装 Python 或 Nodejs 版本::

1
2
3
4
##python version
sudo pip install shadowsocks
##nodejs version
sudo npm install -g shadowsocks

安装 C 版本:

1
2
3
##c with libev version.
sudo wget https://copr.fedoraproject.org/coprs/librehat/shadowsocks/repo/epel-7/librehat-shadowsocks-epel-7.repo -o /etc/yum.repo.d/librehat-shadowsocks-epel-7.repo
sudo yum update and sudo yum install shadowsocks-libev

B. Create a Shadowsocks Config

1
2
3
4
5
6
7
8
9
10
11
12
13
cat << EOF > config.json
{
"server": "server_address",
"server_port": server_port,
"local_address": "127.0.0.1",
"local_port": local_port,
"password":"password",
"method": "aes-256-cfb",
"timeout": 300,
"fast_open": true,
"workers":1
}
EOF

按照自己需要修改.

“fast_open” 设置为 ‘true’, 需要运行如下命令:

1
2
## under root
echo "net.ipv4.tcp_fastopen = 3" >> /etc/sysctl.conf

C. Configure firewalld

If enabled firewalld, you need to add the following rule to open server port:

1
2
sudo firewall-cmd --permanet --add-port=server_port/tcp
sudo firewall-cmd --reload

D. Create a Startup Service

shadowsocks-libev 自带了了一个 shadowsocks-libev.service, 如果是 python 版的, 需要自己建立一个:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
## under root
cat << EOF > /usr/lib/systemd/shadowsocks.service
[Unit]
Description=ShadowSocks service
After=syslog.target network.target auditd.service

[Service]
Type=simple
User=nobody
ExecStart=/usr/local/bin/ss-server -c /etc/shadowsocks/config.json
ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID PrivateTmp=true
Restart=on-abort

[Install]
WantedBy=multi-user.target
EOF
systemctl enable shadowsocks[-libev]
systemctl start shadowsocks[-libev]

E. TCP Optimizing

One can do something to optimizing shadowsocks. Edit /etc/sysctl.conf as root:

1
2
3
4
5
6
7
8
9
10
# increase system file counts limit
fs.file-max = 51200
net.ipv4.tcp_syncookies = 1
# Allowing reuse tcp connection
net.ipv4.tcp_tw_reuse = 1
# decrease default TIMEOUT time
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_tww_buckets = 5000
net.ipv4.tcp_fastopen = 3

水水更健康 ╰( ̄▽ ̄)╮