怎样安装ShadowSocks Server

by ·0评论

1、查看系统

[root@localhost ~]# cat /etc/issue
CentOS release 6.6 (Final)
[root@localhost ~]# uname -a
Linux localhost.localdomain 2.6.32-042stab106.6 #1 SMP Mon Apr 20 14:48:47 MSK 2015 x86_64 x86_64 x86_64 GNU/Linux

2、安装ShadowSocks

# yum install python-setuptools && easy_install pip
# pip install shadowsocks

3、创建配置文件/etc/shadowsocks.json

[root@localhost /]# touch /etc/shadowsocks.json
[root@localhost /]# vi /etc/shadowsocks.json
{
"server":"138.128.208.158",
"server_port":443,
"local_address": "127.0.0.1",
"local_port":1080,
"password":"MyPass",
"timeout":300,
"method":"rc4-md5"
}

备注:加密方式官方默认使用aes-256-cfb,推荐使用rc4-md5,因为 RC4比AES速度快好几倍。

各字段说明:

server:服务器IP

server_port:服务器端口

local_port:本地端端口

password:用来加密的密码

timeout:超时时间(秒)

method:加密方法,可选择 “bf-cfb”, “aes-256-cfb”, “des-cfb”, “rc4″等

4、使用配置文件在后台运行shadowsocks服务

[root@localhost /]# ssserver -c /etc/shadowsocks.json -d start

备注:若无配置文件,在后台可以使用一下命令运行:

[root@localhost /]# ssserver -p 443 -k MyPass -m rc4-md5 -d start

5、停止服务

[root@localhost /]# ssserver -c /etc/shadowsocks.json -d stop

6、添加开机自启动服务

 [root@localhost opt]# vi /etc/init.d/shadowsocks

添加如下内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/sh
# chkconfig: 2345 90 10
# description: Start or stop the Shadowsocks server
#
### BEGIN INIT INFO
# Provides: Shadowsocks
# Required-Start: $network $syslog
# Required-Stop: $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: Start or stop the Shadowsocks server
### END INIT INFO
# Author: xju <[email protected]>
name=shadowsocks
BIN=/usr/bin/ssserver
conf=/etc/shadowsocks.json
start(){
    $BIN -c $conf -d start
    RETVAL=$?
    if "$RETVAL" "0" ]; then
        echo "$name start success"
    else
        echo "$name start failed"
    fi
}
stop(){
    pid=`ps -ef | grep -v grep grep -v ps grep -i "${BIN}" awk '{print $2}'`
    if [ ! -z $pid ]; then
        $BIN -c $conf -d stop
        RETVAL=$?
        if "$RETVAL" "0" ]; then
            echo "$name stop success"
        else
            echo "$name stop failed"
        fi
    else
        echo "$name is not running"
        RETVAL=1
    fi
}
status(){
    pid=`ps -ef | grep -v grep grep -v ps grep -i "${BIN}" awk '{print $2}'`
    if [ -z $pid ]; then
        echo "$name is not running"
        RETVAL=1
    else
        echo "$name is running with PID $pid"
        RETVAL=0
    fi
}
case "$1" in
'start')
    start
    ;;
'stop')
    stop
    ;;
'status')
    status
    ;;
'restart')
    stop
    start
    RETVAL=$?
    ;;
*)
    echo "Usage: $0 { start | stop | restart | status }"
    RETVAL=1
    ;;
esac
exit $RETVAL

添加执行权限:

1
[root@localhost ~]# chmod a+x  /etc/init.d/shadowsocks

添加开机自动服务:

1
2
3
4
5
6
7
8
9
[root@localhost ~]# chkconfig --add shadowsocks
[root@localhost ~]# chkconfig --list shadowsocks
Note: This output shows SysV services only and does not include native
      systemd services. SysV configuration data might be overridden by native
      systemd configuration.
      If you want to list systemd services use 'systemctl list-unit-files'.
      To see services enabled on particular target use
      'systemctl list-dependencies [target]'.
shadowsocks    0:off1:off2:on3:on4:on5:on6:off

启动停止服务:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
[root@localhost ~]# service shadowsocks status
shadowsocks is running with PID 507
[root@localhost ~]# shadowsocks stop          
-bash: shadowsocks: command not found
[root@localhost ~]# service shadowsocks status
shadowsocks is running with PID 507
[root@localhost ~]# service shadowsocks stop  
INFO: loading config from /etc/shadowsocks.json
stopped
shadowsocks stop success
[root@localhost ~]# service shadowsocks start
INFO: loading config from /etc/shadowsocks.json
2015-10-01 03:50:54 INFO     loading libcrypto from libcrypto.so.10
started
shadowsocks start success
[root@localhost ~]# service shadowsocks restart
INFO: loading config from /etc/shadowsocks.json
stopped
shadowsocks stop success
INFO: loading config from /etc/shadowsocks.json
2015-10-01 03:51:04 INFO     loading libcrypto from libcrypto.so.10
started
shadowsocks start success

备注:(1)开机自启动服务可以简单设置:

    # vi /etc/rc.local

    ssserver -c /etc/shadowsocks.json -d start

  (2)若要配置多个用户,可以添加配置文件如/etc/shadowsocks1.json,设置不同的端口号(如:444)就行。

7、优化服务

7.1 increase the maximum number of open file descriptors

# vi /etc/security/limits.conf

* soft nofile 51200
* hard nofile 51200

执行:

1
# ulimit -n 51200

7.2 Tune the kernel parameters

1
# vi /etc/sysctl.conf

fs.file-max = 51200

net.core.rmem_max = 67108864

net.core.wmem_max = 67108864

net.core.netdev_max_backlog = 250000

net.core.somaxconn = 4096

net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_tw_recycle = 0

net.ipv4.tcp_fin_timeout = 30

net.ipv4.tcp_keepalive_time = 1200

net.ipv4.ip_local_port_range = 10000 65000

net.ipv4.tcp_max_syn_backlog = 8192

net.ipv4.tcp_max_tw_buckets = 5000

net.ipv4.tcp_fastopen = 3

net.ipv4.tcp_mem = 25600 51200 102400

net.ipv4.tcp_rmem = 4096 87380 67108864

net.ipv4.tcp_wmem = 4096 65536 67108864

net.ipv4.tcp_mtu_probing = 1

net.ipv4.tcp_congestion_control = hybla

执行:

1
# sysctl -p

重启shadowsocks服务:

1
# servie shadowsocks restart

备注:若要配置多用户模式,只需修改配置文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@localhost ~]# cat  /etc/shadowsocks.json
{
    "server":"145.78.20.216",
    "port_password":{
        "9000":"MyPass1",
        "9001":"MyPass2",
        "9002":"MyPass3"
    },
    "local_address":"127.0.0.1",
    "local_port":1080,
    "timeout":300,
    "method":"rc4-md5"
}

参考文献:

http://shadowsocks.org/en/index.html

https://github.com/shadowsocks/shadowsocks/wiki/Shadowsocks-使用说明

http://wuchong.me/blog/2015/02/02/shadowsocks-install-and-optimize/

http://shadowsocks.org/en/config/advanced.html

 

Ref: http://qing0991.blog.51cto.com/1640542/1649922

2017/3/6 补充Ubuntu Service文件

  1. Create the service file in /etc/init.d/shadowsocks
  2. chmod 700 /etc/init.d/shadowsocks
  3. update-rc.d shadowsocks defaults.
  4. update-rc.d shadowsocks enable.
#!/bin/sh 
### BEGIN INIT INFO 
# Provides: shadowsocks 
# Required-Start: $remote_fs $syslog 
# Required-Stop: $remote_fs $syslog 
# Default-Start: 2 3 4 5 
# Default-Stop: 0 1 6 
# Short-Description: start shadowsocks  
# Description: start shadowsocks 
### END INIT INFO 

start(){
ssserver -c /etc/shadowsocks.json -d start 
} 

stop(){ 
ssserver -c /etc/shadowsocks.json -d stop 
} 

case "$1" in 
start)
 start ;; 
stop)
 stop ;; 
reload)
 stop
 start ;; 
*) 

echo "Usage: $0 {start|reload|stop}" 
exit 1 

;; 

esac

如果用的是Ubuntu 16.04以上的话,可以编辑 /etc/systemd/system/shadowsocks.service

[Unit]
Description=Daemon to start shadowsocks server
Wants=network-online.target
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/ssserver -c /etc/shadowsocks.json -qq
User=nobody

[Install]
WantedBy=multi-user.target

sudo systemctl enable shadowsocks
sudo systemctl start shadowsocks

 

9/23/2019 Update:

Since python version of Shadowsocks was deprecated. It is better to use Shadowsocks-libev instead.

To install Shadowsocks-libev in Ubuntu 16.04. Can follow the below steps:

sudo apt install software-properties-common -y

sudo add-apt-repository ppa:max-c-lv/shadowsocks-libev -y

sudo apt update

sudo apt install shadowsocks-libev

The configuration file is located at /etc/shadowsocks-libev/config.json

start shadowsocks-libev service.

sudo systemctl start shadowsocks-libev.service

Enable auto-start at boot time.

sudo systemctl enable shadowsocks-libev.service

Refer: https://www.linuxbabe.com/ubuntu/shadowsocks-libev-proxy-server-ubuntu-16-04-17-10

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注

Time limit is exhausted. Please reload CAPTCHA.