centos7 使用Shadowsocks和Privoxy 實現命令行可以科學上網

来源:https://www.cnblogs.com/qingfeng2010/archive/2019/02/27/10441108.html
-Advertisement-
Play Games

1、更新yum 這裡可能更新時間有點長,,穩住~別急 yum -y upgrade 2、安裝 epel-release 這個必須先安裝,因為: python-pip 和 privoxy 都在EPEL源裡面,,有的小伙伴可能已經換了國內的源,所以請先檢查安裝這兩個包,以防不測(萬一你換的源里沒有呢() ...


1、更新yum  這裡可能更新時間有點長,,穩住~別急
yum -y upgrade
2、安裝 epel-release 這個必須先安裝,因為: python-pip 和 privoxy 都在EPEL源裡面,,有的小伙伴可能已經換了國內的源,所以請先檢查安裝這兩個包,以防不測(萬一你換的源里沒有呢()^_^)
yum install -y epel-release
3、安裝 python-pip
yum install -y python-pip

#安裝完成後需要更新一下

pip install --upgrade pip
4、安裝 shadowsocks 、安裝
#install ss
pip install shadowsocks
#install privoxy
yum install -y privoxy

 

5、配置 shadowsocks
vim /etc/shadowsocks.json
添加以下內容
{
    "server": "156.12.22.29",
    "server_port": "55555",
    "local_address": "127.0.0.1",
    "local_port": "6666",
    "password": "service_password",
    "method": "aes-256-cfb",
    "timeout": "300",
    "workers": "1"
}

每個欄位解釋

  server :: shadowsocks伺服器的ip   server_port :: shadowsocks伺服器埠   local_address :: 本機監聽地址,不需要修改   local_port :: 本機監聽埠,不要和正在使用的埠衝突   password :: shadowsocks伺服器密碼   method :: shadowsocks伺服器的加密方式   6、配置 privoxy
vim /etc/privoxy/config
# 確認下麵這一行沒有被註釋掉 listen-address 127.0.0.1:8118 ## 預設埠是8118,不需要修改
# 新增一行 forward-socks5t / 127.0.0.1:6666 .
## 埠必須與 /etc/shadowsocks.json 中 local_port 欄位的值相同,
## 註意:行尾有一個英文句號(.)

 

7、啟動 shadowsocks+ 測試
# 以 daemon 模式啟動 
[root@centos-linux ~]# sslocal -c /etc/shadowsocks.json -d start
INFO: loading config from /etc/shadowsocks.json
2019-02-26 23:30:12 INFO loading libcrypto from libcrypto.so.10
started
# 確認 sslocal 已監聽在預設埠 lsof -i | grep sslocal
[root@centos-linux ~]# lsof -i | grep sslocal
sslocal 24367 root 4u IPv4 53001198 0t0 TCP localhost:ircu-2 (LISTEN)
sslocal 24367 root 5u IPv4 53001199 0t0 UDP localhost:ircu-2
[root@centos-linux ~]# curl --socks5 127.0.0.1:6666 http://httpbin.org/ip
{
"origin": "156.12.22.29, 156.12.22.29" # 註意 :: 必須與 /etc/shadowsocks.json 中 server 欄位的值相同
}
  8、啟動 privoxy +測試
systemctl start privoxy
[root@centos-linux ~]# curl --proxy https://127.0.0.1:8118 -Is https://google.com | grep -w 200
HTTP/1.1 200 Connection established
9、設置開機啟動
sh -c 'echo "sudo /usr/bin/sslocal -c /etc/shadowsocks.json -d start" >> /etc/rc.d/rc.local' # 如果 rc.local 沒有可執行許可權就給它加上
systemctl enable privoxy
10、測試是否能科學上網  
#啟用代理
export http_proxy='127.0.0.1:8118'
export https_proxy='127.0.0.1:8118'

# 停用代理
export http_proxy=''
export https_proxy=''
curl -I https://golang.org/
#執行命令後出現如下信息,說明成功
[root@centos-linux ~]# curl -I https://golang.org/
HTTP/1.1 200 Connection established
 
HTTP/1.1 200 OK
Date: Tue, 26 Feb 2019 15:41:47 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 google
Transfer-Encoding: chunked
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"

 

  11、為了更方便使用,啟動和停用寫成一個shell腳本
#創建文件 /etc/profile.d/vm-proxy.sh,文件內容如下
[root@centos-linux ~]# cat /etc/profile.d/vm-proxy.sh
function cmd-proxy-on {
export no_proxy="127.0.0.1,localhost,localaddress,.localdomain.com,tencentyun.com";
export http_proxy='127.0.0.1:8118';
export https_proxy=$http_proxy;
echo 'HTTP proxy started.'
}
export -f cmd-proxy-on

# 第二種聲明函數的方式
cmd-proxy-off() {
unset http_proxy;
unset https_proxy;
echo 'HTTP proxy stopped.'
}
export -f cmd-proxy-off
#source 腳本
chmod +x /etc/profile.d/vm-proxy.sh
source /etc/profile.d/vm-proxy.sh
  最後測試腳本
[root@centos-linux ~]# vim /etc/profile.d/vm-proxy.sh
[root@centos-linux ~]# chmod +x /etc/profile.d/vm-proxy.sh
[root@centos-linux ~]# source /etc/profile.d/vm-proxy.sh
[root@centos-linux ~]# cmd-proxy-on
HTTP proxy started.
[root@centos-linux ~]# curl -I https://golang.org/
HTTP/1.1 200 Connection established
 
HTTP/1.1 200 OK
Date: Tue, 26 Feb 2019 15:47:18 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 google
Transfer-Encoding: chunked
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
 
[root@centos-linux ~]# cmd-proxy-off
HTTP proxy stopped.
[root@centos-linux ~]# curl -I https://golang.org/
 
curl: (7) Failed connect to golang.org:443; 拒絕連接