Shadowsocks则是当前比较受欢迎的科学上网工具,本文介绍了如何使用Systemd作为开启启动脚本的管理工具,在 CentOS 7 下安装和配置 Shadowsocks 服务。
安装pip
pip是 python 的包管理工具。在本文中将使用 python 版本的 shadowsocks,此版本的 shadowsocks 已发布到 pip 上,因此我们需要通过 pip 命令来安装。
在控制台中执行以下命令安装pip
curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py" python get-pip.py
安装配置 shadowsocks
在控制台执行以下命令安装 shadowsocks
pip install --upgrade pip pip install shadowsocks
创建配置文件 vi /etc/shadowsocks.json 并输入内容如下:
{
"server": "0.0.0.0",
"server_port": 443,
"local_address": "127.0.0.1",
"local_port":1080,
"password": "mima",
"timeout":300,
"method": "aes-256-cfb",
"fast_open": false
}
method 为加密方法,可选aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, chacha20, salsa20, rc4, table
server_port 为服务监听端口(可以使用443等常见端口防止被屏蔽)
password 为密码
如果想多端口,可以创建配置文件如下:
{
"server":"0.0.0.0",
"local_address": "127.0.0.1",
"local_port":1080,
"port_password":{
"8381": "D77b73E578",
"8382": "53AFf96aEf",
"8383": "6E18a11eA2",
"8384": "OTU0OWQ2Nz"
},
"timeout":300,
"method":"aes-256-cfb",
"fast_open": false
}
启动或停止 shadowsocks 服务
#启动 ssserver -c /etc/shadowsocks.json -d start #停止 ssserver -c /etc/shadowsocks.json -d stop
CentOS 7默认使用的是firewall作为防火墙,输入以下指令放行ss端口
firewall-cmd --permanent --add-port=443/tcp firewall-cmd --reload
配置开机启动脚本
创建启动脚本文件 vi /etc/systemd/system/shadowsocks.service 并输入内容如下:
[Unit] Description=Shadowsocks [Service] TimeoutStartSec=0 ExecStart=/usr/bin/ssserver -c /etc/shadowsocks.json [Install] WantedBy=multi-user.target
启动 shadowsocks 服务
systemctl enable shadowsocks systemctl start shadowsocks
附:一键安装脚本
chmod +x 修改权限后执行
#!/bin/bash
# Install Shadowsocks on CentOS 7
echo "Installing Shadowsocks..."
random-string()
{
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1
}
CONFIG_FILE=/etc/shadowsocks.json
SERVICE_FILE=/etc/systemd/system/shadowsocks.service
SS_PASSWORD=$(random-string 32)
SS_PORT=8388
SS_METHOD=aes-256-cfb
SS_IP=`ip route get 1 | awk '{print $NF;exit}'`
GET_PIP_FILE=/tmp/get-pip.py
# install pip
curl "https://bootstrap.pypa.io/get-pip.py" -o "${GET_PIP_FILE}"
python ${GET_PIP_FILE}
# install shadowsocks
pip install --upgrade pip
pip install shadowsocks
# create shadowsocls config
cat <<EOF | sudo tee ${CONFIG_FILE}
{
"server": "0.0.0.0",
"server_port": ${SS_PORT},
"password": "${SS_PASSWORD}",
"method": "${SS_METHOD}"
}
EOF
# create service
cat <<EOF | sudo tee ${SERVICE_FILE}
[Unit]
Description=Shadowsocks
[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/ssserver -c ${CONFIG_FILE}
[Install]
WantedBy=multi-user.target
EOF
# start service
systemctl enable shadowsocks
systemctl start shadowsocks
# view service status
sleep 5
systemctl status shadowsocks -l
echo "================================"
echo ""
echo "Congratulations! Shadowsocks has been installed on your system."
echo "You shadowsocks connection info:"
echo "--------------------------------"
echo "server: ${SS_IP}"
echo "server_port: ${SS_PORT}"
echo "password: ${SS_PASSWORD}"
echo "method: ${SS_METHOD}"
echo "--------------------------------"