Shadowsocks则是当前比较受欢迎的科学上网工具,本文介绍了如何使用Systemd作为开启启动脚本的管理工具,在 CentOS 7 下安装和配置 Shadowsocks 服务。
安装pip
pip是 python 的包管理工具。在本文中将使用 python 版本的 shadowsocks,此版本的 shadowsocks 已发布到 pip 上,因此我们需要通过 pip 命令来安装。
在控制台中执行以下命令安装pip
curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py" python get-pip.py
安装配置 shadowsocks
在控制台执行以下命令安装 shadowsocks
pip install --upgrade pip pip install shadowsocks
创建配置文件 vi /etc/shadowsocks.json 并输入内容如下:
{ "server": "0.0.0.0", "server_port": 443, "local_address": "127.0.0.1", "local_port":1080, "password": "mima", "timeout":300, "method": "aes-256-cfb", "fast_open": false }
method 为加密方法,可选aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, chacha20, salsa20, rc4, table
server_port 为服务监听端口(可以使用443等常见端口防止被屏蔽)
password 为密码
如果想多端口,可以创建配置文件如下:
{ "server":"0.0.0.0", "local_address": "127.0.0.1", "local_port":1080, "port_password":{ "8381": "D77b73E578", "8382": "53AFf96aEf", "8383": "6E18a11eA2", "8384": "OTU0OWQ2Nz" }, "timeout":300, "method":"aes-256-cfb", "fast_open": false }
启动或停止 shadowsocks 服务
#启动 ssserver -c /etc/shadowsocks.json -d start #停止 ssserver -c /etc/shadowsocks.json -d stop
CentOS 7默认使用的是firewall作为防火墙,输入以下指令放行ss端口
firewall-cmd --permanent --add-port=443/tcp firewall-cmd --reload
配置开机启动脚本
创建启动脚本文件 vi /etc/systemd/system/shadowsocks.service 并输入内容如下:
[Unit] Description=Shadowsocks [Service] TimeoutStartSec=0 ExecStart=/usr/bin/ssserver -c /etc/shadowsocks.json [Install] WantedBy=multi-user.target
启动 shadowsocks 服务
systemctl enable shadowsocks systemctl start shadowsocks
附:一键安装脚本
chmod +x 修改权限后执行
#!/bin/bash # Install Shadowsocks on CentOS 7 echo "Installing Shadowsocks..." random-string() { cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1 } CONFIG_FILE=/etc/shadowsocks.json SERVICE_FILE=/etc/systemd/system/shadowsocks.service SS_PASSWORD=$(random-string 32) SS_PORT=8388 SS_METHOD=aes-256-cfb SS_IP=`ip route get 1 | awk '{print $NF;exit}'` GET_PIP_FILE=/tmp/get-pip.py # install pip curl "https://bootstrap.pypa.io/get-pip.py" -o "${GET_PIP_FILE}" python ${GET_PIP_FILE} # install shadowsocks pip install --upgrade pip pip install shadowsocks # create shadowsocls config cat <<EOF | sudo tee ${CONFIG_FILE} { "server": "0.0.0.0", "server_port": ${SS_PORT}, "password": "${SS_PASSWORD}", "method": "${SS_METHOD}" } EOF # create service cat <<EOF | sudo tee ${SERVICE_FILE} [Unit] Description=Shadowsocks [Service] TimeoutStartSec=0 ExecStart=/usr/bin/ssserver -c ${CONFIG_FILE} [Install] WantedBy=multi-user.target EOF # start service systemctl enable shadowsocks systemctl start shadowsocks # view service status sleep 5 systemctl status shadowsocks -l echo "================================" echo "" echo "Congratulations! Shadowsocks has been installed on your system." echo "You shadowsocks connection info:" echo "--------------------------------" echo "server: ${SS_IP}" echo "server_port: ${SS_PORT}" echo "password: ${SS_PASSWORD}" echo "method: ${SS_METHOD}" echo "--------------------------------"