最近因为18+1 大,导致无法正常科学上网,影响开发时通过google找技术资料。
虽然百度找到了google镜像,勉强可以继续用google搜索技术资料。
但是现在的npm无法正常install,感觉和无法用ss翻墙有关系。
所以不得去去用自己的VPS去尝试安装shadowsocks了。
centos shadowsocks 安装
[root@crifan ~]# python --version Python 2.7.5 [root@crifan ~]# yum -y install python-setuptools && easy_install pip Loaded plugins: fastestmirror Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast base | 3.6 kB 00:00:00 epel/x86_64/metalink | 15 kB 00:00:00 epel | 4.3 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/6): base/7/x86_64/group_gz | 156 kB 00:00:00 (2/6): base/7/x86_64/primary_db | 5.7 MB 00:00:00 (3/6): epel/x86_64/updateinfo | 841 kB 00:00:00 (4/6): extras/7/x86_64/primary_db | 110 kB 00:00:00 (5/6): updates/7/x86_64/primary_db | 2.9 MB 00:00:00 (6/6): epel/x86_64/primary_db | 4.8 MB 00:00:00 Determining fastest mirrors * base: mirrors.linode.com * epel: www.gtlib.gatech.edu * extras: mirrors.linode.com * updates: mirrors.linode.com Resolving Dependencies --> Running transaction check ---> Package python-setuptools.noarch 0:0.9.8-4.el7 will be updated ---> Package python-setuptools.noarch 0:0.9.8-7.el7 will be an update --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================================================================================== Package Arch Version Repository Size ========================================================================================================================================================================================== Updating: python-setuptools noarch 0.9.8-7.el7 base 397 k Transaction Summary ========================================================================================================================================================================================== Upgrade 1 Package Total download size: 397 k Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. python-setuptools-0.9.8-7.el7.noarch.rpm | 397 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : python-setuptools-0.9.8-7.el7.noarch 1/2 Cleanup : python-setuptools-0.9.8-4.el7.noarch 2/2 Verifying : python-setuptools-0.9.8-7.el7.noarch 1/2 Verifying : python-setuptools-0.9.8-4.el7.noarch 2/2 Updated: python-setuptools.noarch 0:0.9.8-7.el7 Complete! Searching for pip Best match: pip 8.1.2 Adding pip 8.1.2 to easy-install.pth file Installing pip script to /usr/bin Installing pip2.7 script to /usr/bin Installing pip2 script to /usr/bin Using /usr/lib/python2.7/site-packages Processing dependencies for pip Finished processing dependencies for pip
然后去安装:
然后去安装:
[root@crifan ~]# pip install shadowsocks Collecting shadowsocks Downloading shadowsocks-2.8.2.tar.gz Installing collected packages: shadowsocks Running setup.py install for shadowsocks … done Successfully installed shadowsocks-2.8.2 You are using pip version 8.1.2, however version 9.0.1 is available. You should consider upgrading via the ‘pip install –upgrade pip’ command. |
顺带去升级一下pip:
[root@crifan ~]# pip install --upgrade pip Collecting pip Downloading pip-9.0.1-py2.py3-none-any.whl (1.3MB) 100% || 1.3MB 731kB/s Installing collected packages: pip Found existing installation: pip 8.1.2 Uninstalling pip-8.1.2: Successfully uninstalled pip-8.1.2 Successfully installed pip-9.0.1
用密码生成工具:
生成一个: q1tv4pqmw7sc8nwa
先去配置:
[root@crifan ~]# cat /etc/shadowsocks.json { "server": "0.0.0.0", "server_port": 215123, "password": "q1tv4pqmw7sc8nwa", "method": "aes-256-cfb", "timeout": 300 }
启动试试:
[root@crifan ~]# ssserver -c /etc/shadowsocks.json -d start INFO: loading config from /etc/shadowsocks.json 2017-10-23 15:38:32 INFO loading libcrypto from libcrypto.so.10 started |
去测试看看,结果好像测试失败:
[root@crifan ~]# curl –socks5 127.0.0.1:215123 http://httpbin.org/ip curl: (7) Failed connect to 127.0.0.1:215123; Connection refused |
先不管,去加上试试:
结果去连接试试,无法翻墙。
centos shadowsocks 失败
貌似可能是防火墙的问题?
抽空再参考该帖的做法去搞清楚当前防火墙规则,添加对应端口,保存,重启规则,估计就可以了。
参考:
去添加端口,结果提示没有运行:
[root@crifan ~]# firewall-cmd –permanent –add-port=215123/tcp FirewallD is not running |
算了,改去安装:
shadowsocks-libev
[root@crifan ~]# cd /etc/yum.repos.d/ [root@crifan yum.repos.d]# curl -O https://copr.fedorainfracloud.org/coprs/librehat/shadowsocks/repo/epel-7/librehat-shadowsocks-epel-7.repo % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 346 100 346 0 0 415 0 --:--:-- --:--:-- --:--:-- 415 [root@crifan yum.repos.d]# yum install -y shadowsocks-libev Loaded plugins: fastestmirror librehat-shadowsocks | 3.0 kB 00:00:00 librehat-shadowsocks/x86_64/primary_db | 23 kB 00:00:00 Loading mirror speeds from cached hostfile * base: mirrors.linode.com * epel: www.gtlib.gatech.edu * extras: mirrors.linode.com * updates: mirrors.linode.com Resolving Dependencies --> Running transaction check ---> Package shadowsocks-libev.x86_64 0:3.0.8-2.el7.centos will be installed --> Processing Dependency: libsodium >= 1.0.4 for package: shadowsocks-libev-3.0.8-2.el7.centos.x86_64 --> Processing Dependency: mbedtls for package: shadowsocks-libev-3.0.8-2.el7.centos.x86_64 --> Processing Dependency: udns for package: shadowsocks-libev-3.0.8-2.el7.centos.x86_64 --> Processing Dependency: libev for package: shadowsocks-libev-3.0.8-2.el7.centos.x86_64 --> Running transaction check ---> Package libev.x86_64 0:4.15-7.el7 will be installed ---> Package libsodium.x86_64 0:1.0.5-1.el7 will be installed ---> Package mbedtls.x86_64 0:2.6.0-1.el7 will be installed ---> Package udns.x86_64 0:0.4-3.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================================================================================== Package Arch Version Repository Size ========================================================================================================================================================================================== Installing: shadowsocks-libev x86_64 3.0.8-2.el7.centos librehat-shadowsocks 260 k Installing for dependencies: libev x86_64 4.15-7.el7 extras 44 k libsodium x86_64 1.0.5-1.el7 epel 144 k mbedtls x86_64 2.6.0-1.el7 epel 261 k udns x86_64 0.4-3.el7 epel 60 k Transaction Summary ========================================================================================================================================================================================== Install 1 Package (+4 Dependent packages) Total download size: 769 k Installed size: 2.3 M Downloading packages: (1/5): libev-4.15-7.el7.x86_64.rpm | 44 kB 00:00:00 (2/5): libsodium-1.0.5-1.el7.x86_64.rpm | 144 kB 00:00:00 (3/5): mbedtls-2.6.0-1.el7.x86_64.rpm | 261 kB 00:00:00 (4/5): udns-0.4-3.el7.x86_64.rpm | 60 kB 00:00:00 warning: /var/cache/yum/x86_64/7/librehat-shadowsocks/packages/shadowsocks-libev-3.0.8-2.el7.centos.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID 753d8f08: NOKEY 509 kB 00:00:00 ETA Public key for shadowsocks-libev-3.0.8-2.el7.centos.x86_64.rpm is not installed (5/5): shadowsocks-libev-3.0.8-2.el7.centos.x86_64.rpm | 260 kB 00:00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Total 659 kB/s | 769 kB 00:00:01 Retrieving key from https://copr-be.cloud.fedoraproject.org/results/librehat/shadowsocks/pubkey.gpg Importing GPG key 0x753D8F08: Userid : "librehat_shadowsocks (None) <librehat#shadowsocks@copr.fedorahosted.org>" Fingerprint: 260e 3142 3f6f dcfd e43b 1f86 f876 b86a 753d 8f08 From : https://copr-be.cloud.fedoraproject.org/results/librehat/shadowsocks/pubkey.gpg Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : mbedtls-2.6.0-1.el7.x86_64 1/5 Installing : libev-4.15-7.el7.x86_64 2/5 Installing : libsodium-1.0.5-1.el7.x86_64 3/5 Installing : udns-0.4-3.el7.x86_64 4/5 Installing : shadowsocks-libev-3.0.8-2.el7.centos.x86_64 5/5 Verifying : udns-0.4-3.el7.x86_64 1/5 Verifying : libsodium-1.0.5-1.el7.x86_64 2/5 Verifying : libev-4.15-7.el7.x86_64 3/5 Verifying : mbedtls-2.6.0-1.el7.x86_64 4/5 Verifying : shadowsocks-libev-3.0.8-2.el7.centos.x86_64 5/5 Installed: shadowsocks-libev.x86_64 0:3.0.8-2.el7.centos Dependency Installed: libev.x86_64 0:4.15-7.el7 libsodium.x86_64 0:1.0.5-1.el7 mbedtls.x86_64 0:2.6.0-1.el7 udns.x86_64 0:0.4-3.el7 Complete!
然后去设置:
[root@crifan yum.repos.d]# cat /etc/shadowsocks-libev/config.json { “server”: “0.0.0.0”, “server_port”: 215123, “password”: “q1tv4pqew7sc8nwy”, “method”: “aes-256-cfb”, “timeout”: 300, “mode”: “tcp_and_udp” } |
再去:
systemctl start shadowsocks-libev
去看看运行状态:
[root@crifan yum.repos.d]# systemctl status shadowsocks-libev [0m shadowsocks-libev.service – Shadowsocks-libev Default Server Service Loaded: loaded (/usr/lib/systemd/system/shadowsocks-libev.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2017-10-23 20:32:02 CST; 25s ago Docs: man:shadowsocks-libev(8) Main PID: 20915 (ss-server) CGroup: /system.slice/shadowsocks-libev.service 20915 /usr/bin/ss-server -c /etc/shadowsocks-libev/config.json -u Oct 23 20:32:02 crifan.com systemd[1]: Started Shadowsocks-libev Default Server Service. Oct 23 20:32:02 crifan.com systemd[1]: Starting Shadowsocks-libev Default Server Service… Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: UDP relay enabled Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: initializing ciphers… aes-256-cfb Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: tcp server listening at 0.0.0.0:215123 Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: udp server listening at 0.0.0.0:215123 |
结果尝试添加端口,还是同样问题:
暂时不需要去解决
[root@crifan yum.repos.d]# journalctl -u shadowsocks-libev — Logs begin at Thu 2017-10-12 03:56:54 CST, end at Mon 2017-10-23 20:39:17 CST. — Oct 23 20:32:02 crifan.com systemd[1]: Started Shadowsocks-libev Default Server Service. Oct 23 20:32:02 crifan.com systemd[1]: Starting Shadowsocks-libev Default Server Service… Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: UDP relay enabled Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: initializing ciphers… aes-256-cfb Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: tcp server listening at 0.0.0.0:215123 Oct 23 20:32:02 crifan.com ss-server[20915]: 2017-10-23 20:32:02 INFO: udp server listening at 0.0.0.0:215123 |
但是客户端去配置了之后,即使用域名,也还是连不上
centos shadowsocks 如何确认是否工作
centos shadowsock 连不上
centos shadowsock 判断出错原因
然后去:
[root@crifan yum.repos.d]# netstat -anut Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:18515 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 45.79.205.194:443 60.188.23.73:60151 CLOSE_WAIT tcp 0 0 45.79.205.194:443 115.195.89.69:63626 ESTABLISHED … tcp 0 0 45.79.205.194:80 150.138.125.159:29940 TIME_WAIT tcp 0 0 45.79.205.194:80 61.147.173.23:11375 TIME_WAIT tcp 0 0 127.0.0.1:44484 127.0.0.1:6379 TIME_WAIT tcp 0 0 45.79.205.194:443 36.110.147.78:38664 ESTABLISHED tcp 0 0 45.79.205.194:443 118.116.110.178:38408 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN udp 0 0 0.0.0.0:18515 0.0.0.0:* udp 0 0 127.0.0.1:323 0.0.0.0:* udp6 0 0 ::1:323 :::* |
发现里面根本没有215123的端口
算了,换个小一点的21512
[root@crifan yum.repos.d]# cat /etc/shadowsocks-libev/config.json { “server”: “0.0.0.0”, “server_port”: 21512, “password”: “q1tv4pamw7sc8nwy”, “method”: “aes-256-cfb”, “timeout”: 300, “mode”: “tcp_and_udp” } |
systemctl restart shadowsocks-libev
然后就可以看到:
其中有tcp的和udp的21512的端口服务在运行了:
[root@crifan yum.repos.d]# netstat -autn Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:21512 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 45.79.205.194:443 222.188.39.139:52004 ESTABLISHED … tcp 0 1 45.79.205.194:80 61.147.173.53:45254 LAST_ACK tcp6 0 0 :::22 :::* LISTEN udp 0 0 0.0.0.0:21512 0.0.0.0:* udp 0 0 127.0.0.1:323 0.0.0.0:* udp6 0 0 ::1:323 :::* |
然后再去客户端试试
果然真的可以了用ss翻墙了,打开google了:
(就是Linode的Atlanta的江苏电信网速时不时很慢,搞得很无语)
【总结】
CentOS 7中,去有两种常见的shadowsocks的安装步骤:
方法1:
(1)确保自己Python是2.x的版本
python –version
(2)然后先去安装和升级pip
yum -y install python-setuptools && easy_install pip
pip install –upgrade pip
(3)再去安装shadowsocks:
pip install shadowsocks
(4)安装后,再去添加配置:
touch /etc/shadowsocks.json
vi /etc/shadowsocks.json
然后去启动和停止:
- ssserver -c /etc/shadowsocks.json -d start
- ssserver -c /etc/shadowsocks.json -d stop
方法2:
(1)安装shadowsocks-libev
cd /etc/yum.repos.d/ curl -O https://copr.fedorainfracloud.org/coprs/librehat/shadowsocks/repo/epel-7/librehat-shadowsocks-epel-7.repo yum install -y shadowsocks-libev
(2)安装后,再去添加配置:
vi /etc/shadowsocks-libev/config.json
两种方法的配置内容均可以为:
{ "server": "0.0.0.0", "server_port": 21512, "password": "q1tv4pqmw7sc8ney", "method": "aes-256-cfb", "timeout": 300, "mode": "tcp_and_udp" }
期间,想要设置安全的密码可以用生成工具:
然后可以通过命令去操作对应的shadowsocks的服务:
- 启动:
- systemctl start shadowsocks-libev
- 查看状态:
- systemctl status shadowsocks-libev
- 查看日志:
- journalctl -u shadowsocks-libev
- 重启:
- systemctl restart shadowsocks-libev
- 设置开机启动:
- systemctl enable shadowsocks-libev
注:
如果CentOS7中出现:
FirewallD is not running
表示此处的防火墙没有开启-》则不需要解决此问题-》不需要再去额外开启防火墙-》也更可以避免是由于防火墙导致ss无法工作。
所有内容,均可参考官网:
【后记】
再去想办法添加多个账户
systemctl start shadowsocks-libev 多账号
[root@crifan ~]# cat /etc/shadowsocks-libev/config.json { “server”: “0.0.0.0”, “port_password”: { 3050 : “password1″, 3051 : “password2”, 3052 : “password3”, 3053 : “password4”, 3054 : “password5”, 3055 : “password6”, }, “method”: “aes-256-cfb”, “timeout”: 300, “mode”: “tcp_and_udp” } |
结果出错:
[root@crifan ~]# systemctl restart shadowsocks-libev [root@crifan ~]# systemctl enable shadowsocks-libev [root@crifan ~]# systemctl status shadowsocks-libev [0m shadowsocks-libev.service – Shadowsocks-libev Default Server Service Loaded: loaded (/usr/lib/systemd/system/shadowsocks-libev.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Wed 2017-10-25 17:40:57 CST; 10s ago Docs: man:shadowsocks-libev(8) Main PID: 29493 (code=exited, status=255) Oct 25 17:40:57 crifan.com systemd[1]: Started Shadowsocks-libev Default Server Service. Oct 25 17:40:57 crifan.com systemd[1]: Starting Shadowsocks-libev Default Server Service… Oct 25 17:40:57 crifan.com ss-server[29493]: 2017-10-25 17:40:57 ERROR: 4:3: Unexpected `3` in object Oct 25 17:40:57 crifan.com systemd[1]: shadowsocks-libev.service: main process exited, code=exited, status=255/n/a Oct 25 17:40:57 crifan.com systemd[1]: Unit shadowsocks-libev.service entered failed state. Oct 25 17:40:57 crifan.com systemd[1]: shadowsocks-libev.service failed. |
去掉port_password中的最后一行的逗号,变为:
{ “server”: “0.0.0.0”, “port_password”: { 3050 : “password1″, 3051 : “password2”, 3052 : “password3”, 3053 : “password4”, 3054 : “password5”, 3055 : “password6” }, “method”: “aes-256-cfb”, “timeout”: 300, “mode”: “tcp_and_udp” } |
结果错误依旧。
把端口号加上双引号,之前错误解决,但是出现新问题:
然后继续想办法去:
shadowsocks-libev 多用户
参考:
去:
新建配置文件:
[root@crifan ~]# cat /etc/shadowsocks-libev/config2.json { “server”: “0.0.0.0”, “server_port”: 3051, “password”: “passowrd2”, “method”: “aes-256-cfb”, “timeout”: 300, “mode”: “tcp_and_udp” } |
然后启动:
[root@crifan ~]# setsid ss-server -c /etc/shadowsocks-libev/config2.json -u [root@crifan ~]# 2017-10-25 18:06:25 INFO: UDP relay enabled 2017-10-25 18:06:25 INFO: initializing ciphers… aes-256-cfb 2017-10-25 18:06:25 INFO: tcp server listening at 0.0.0.0:3051 2017-10-25 18:06:25 INFO: udp server listening at 0.0.0.0:3051 2017-10-25 18:06:25 INFO: running from root user |
然后确认的确3051端口启动了:
[root@crifan ~]# ps ax |grep ss-server 29680 ? Ss 0:00 /usr/bin/ss-server -c /etc/shadowsocks-libev/config.json -u 29709 ? Ss 0:00 ss-server -c /etc/shadowsocks-libev/config2.json -u 29717 pts/2 S+ 0:00 grep –color=auto ss-server [root@crifan ~]# netstat -lnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3507/sshd tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 29930/nginx: master tcp 0 0 0.0.0.0:21512 0.0.0.0:* LISTEN 7884/python tcp 0 0 0.0.0.0:3050 0.0.0.0:* LISTEN 29680/ss-server tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 30448/mysqld tcp 0 0 0.0.0.0:3051 0.0.0.0:* LISTEN 29709/ss-server tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 3529/redis-server 1 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 29930/nginx: master tcp6 0 0 :::22 :::* LISTEN 3507/sshd udp 0 0 0.0.0.0:3050 0.0.0.0:* 29680/ss-server udp 0 0 0.0.0.0:3051 0.0.0.0:* 29709/ss-server udp 0 0 0.0.0.0:21512 0.0.0.0:* 7884/python udp 0 0 0.0.0.0:50683 0.0.0.0:* 7884/python udp 0 0 127.0.0.1:323 0.0.0.0:* 3222/chronyd udp6 0 0 ::1:323 :::* 3222/chronyd Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 37493431 30448/mysqld /tmp/mysql.sock unix 2 [ ACC ] STREAM LISTENING 37493441 6657/php-fpm: pool /tmp/php-cgi.sock unix 2 [ ACC ] STREAM LISTENING 8736 1/init /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 8745 1/init /run/systemd/journal/stdout unix 2 [ ACC ] SEQPACKET LISTENING 8773 1/init /run/udev/control unix 2 [ ACC ] STREAM LISTENING 9893 1/init /var/run/dbus/system_bus_socket |
【总结】
通过新建配置文件:
/etc/shadowsocks-libev/config2.json
{ "server": "0.0.0.0", "server_port": 3051, "password": "passowrd2", "method": "aes-256-cfb", "timeout": 300, "mode": "tcp_and_udp" }
然后用:
setsid ss-server -c /etc/shadowsocks-libev/xxx.json -u
即可启动新端口的ss服务。
可以通过:
ps ax |grep ss-server
和
netstat -lnp
确认对应另外一个ss-server是否启用,以及新端口是否生效