科学上网:代理vps的实操
Published:
科学上网:代理vps的实操
vps
购买vps:
- 搬瓦工:老牌了,50刀一年
- Vultr:最便宜的是2.5刀一个月
- DigitalOcean
- Linode(现 Akamai)
- Hetzner
- Contabo
直接购买机场:
- 青云梯
- TNTCloud
- M78星云
- EdNovas云
实操:singbox+(VLESS+Reality)+V2ray系列
vps命令:
sudo -i
# 使用root会安装到 /usr/bin/sing-box
bash <(curl -fsSL https://sing-box.app/deb-install.sh)
sing-box version
sing-box generate uuid
sing-box generate reality-keypair
openssl rand -hex 8
# 应该返回 HTTP/2 200 或 HTTP/1.1 200
curl -I --tlsv1.3 https://www.microsoft.com
mkdir -p /etc/sing-box
nano /etc/sing-box/config.json # 见后面的代码
sing-box check -c /etc/sing-box/config.json
vim /etc/systemd/system/sing-box.service
systemctl daemon-reload
systemctl enable --now sing-box
systemctl status sing-box
# 这一步还需要在vps厂商那里再设置一次,不光命令行设置,谷歌云还需要添加防护墙策略的标记
ufw allow 443/tcp
ufw allow 443/udp
# 验证以下命令成功即可
nc -zv [你的服务器IP] 443
# 导出订阅的url
UUID="你的UUID"
VPS_IP="你的服务器IP"
PORT="443"
PUBLIC_KEY="你的PublicKey"
SHORT_ID="你的short_id"
SNI="www.microsoft.com"
REMARK="MyProxy"
echo "vless://${UUID}@${VPS_IP}:${PORT}?encryption=none&flow=xtls-rprx-vision&security=reality&sni=${SNI}&fp=chrome&pbk=${PUBLIC_KEY}&sid=${SHORT_ID}&type=tcp#${REMARK}"
# 开启BBR
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
sysctl net.ipv4.tcp_congestion_control
{
"log": {
"level": "info",
"timestamp": true
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "::",
"listen_port": 443,
"users": [
{
"uuid": "替换为你的UUID",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "www.microsoft.com",
"reality": {
"enabled": true,
"handshake": {
"server": "www.microsoft.com",
"server_port": 443
},
"private_key": "替换为你的PrivateKey",
"short_id": [
"替换为你的short_id"
]
}
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
],
"route": {
"rules": [
{
"action": "sniff"
}
],
"final": "direct"
}
}
[Unit]
Description=sing-box service
Documentation=https://sing-box.sagernet.org
After=network.target nss-lookup.target
[Service]
User=root
WorkingDirectory=/etc/sing-box
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
ExecStart=/usr/bin/sing-box run -c /etc/sing-box/config.json
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=10s
LimitNOFILE=infinity
[Install]
WantedBy=multi-user.target
之后再试试Xray/clash之类的
我的简洁笔记
协议越来越强
- http/https/socks5(不加密)
- shadowsocks/shadowsocksR(一种加密的socks协议,已成为过去式)
- VMess/VLESS/reality(为墙而生,VLESS是简洁版,reality是VLESS 扩展)
- Trojan(TLS over TCP)
- hysteria/hysteria2/TUIC(基于QUIC)
- NaïveProxy
- WireGuard(就是VPN,特征太明显了)
无脑选VLESS + Reality,或者NaïveProxy
服务器内核的派系与客户端
- V2Ray / V2fly / Xray系
- 服务器:V2Ray-core/Xray-core
- 面板:3X-UI / X-UI
- 客户端:
- win:V2RayN
- android:V2RayNG,V2box
- ios:V2box
- mac:V2RayU
- Clash系(作者失踪,变成mihomo)
- 服务器:Clash.Meta (Mihomo)
- 面板:None
- 客户端:,(windows)/ (android)/stash,(ios)
- 客户端:
- win:Clash verge,Clash.Meta/Mihomo,clash for win(已凉)
- android:Clash.Meta/Mihomo
- ios:clash-mi
- mac:Clash verge
- 跨平台的FIclash但ios好像没有
- sing-box系
- 服务器:sing-box
- 面板:Hiddify-manager
- 客户端:
- 跨平台:singbox/Hiddify/Karing
- shadowsocks系列(作者失踪)
客户端总结
- 安卓基本就是V2RayNG,FlClash,或者singbox,对应三大派系
- IOS比较麻烦,付费三件套不考虑的话,V2box,Clash-mi,或者singbox-VT
- Windows:V2RayN,Clash-mi,或者singbox
号称跨平台:Hiddify/Karing/FlClash