daviddwlee84/MasterCoding

Break GFW related

Opened this issue · 12 comments

daviddwlee84 commented

Install on a brand new machine

v2fly/fhs-install-v2ray: Bash script for installing V2Ray in operating systems such as Debian / CentOS / Fedora / openSUSE that support systemd

sudo apt update
sudo apt install curl

sudo bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
sudo systemctl v2ray enable; sudo systemctl v2ray start

/etc/systemd/system/v2ray.service

[Unit]
Description=V2Ray Service
Documentation=https://www.v2ray.com/ https://www.v2fly.org/
After=network.target nss-lookup.target

[Service]
# If the version of systemd is 240 or above, then uncommenting Type=exec and commenting out Type=simple
#Type=exec
Type=simple
# This service runs as root. You may consider to run it as another user for security concerns.
# By uncommenting User=nobody and commenting out User=root, the service will run as user nobody.
# More discussion at https://github.com/v2ray/v2ray-core/issues/1011
User=root
#User=nobody
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true
ExecStart=/usr/local/bin/v2ray -config /etc/v2ray/config.json
Restart=on-failure

[Install]
WantedBy=multi-user.target

/etc/v2ray/config.json

{
  "inbounds": [
    {
      "port": 16823, // 服务器监听端口
      "protocol": "vmess",    // 主传入协议
      "settings": {
        "clients": [
          {
            "id": "b831381d-6324-4d53-ad4f-8cda48b30811",  // 用户 ID,客户端与服务器必须相同
            "alterId": 64
          }
        ]
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",  // 主传出协议
      "settings": {}
    }
  ]
}
daviddwlee84 commented

Install Docker Engine on Ubuntu | Docker Documentation

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

sudo sh -eux <<EOF
# Install newuidmap & newgidmap binaries
apt-get install -y uidmap
EOF
# Add this to ~/.bashrc
export DOCKER_HOST=unix:///run/user/1000/docker.sock
daviddwlee84 commented

SSR

git clone https://github.com/shadowsocksrr/shadowsocksr.git
cd shadowsocksr
bash initcfg.sh
cd shadowsocks
sudo python3 server.py -p 20443 -k password -m aes-128-cfb -O auth_aes128_md5 -o tls1.2_ticket_auth_compatible

Client

daviddwlee84 commented

SS就是用小丑面具蒙面,SSR就是尝试把小丑面具涂白或者涂黑。都是戴面具。V2ray_WS_TLS相当于带人皮面具,易容。torjan基本上是带了人皮面具,但是这张面具是逃犯的。

git clone https://github.com/atrandys/v2ray-ws-tls.git
cd v2ray-ws-tls
sudo bash 2ray_ws_tls1.3.sh
daviddwlee84 commented

Trojan

Get nginx and open 80, 443 port

Basically this is used for "fake webpage"

You should be able to test if the HTTP work

Get a certificate and set it for nginx

Whether you use nginx or not, you will need the certificate anyway

sudo apt install snap
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo certbot certonly --nginx
# email
# y
# y
# domain name
  • /etc/nginx/sites-available/default
    • Enable 443 settings (this will left for trojan
    • set server_name as the domain name
    • follow by # managed by Certbot is the auto setting

By default, it should automatically set for the nginx (/etc/nginx/sites-available/default). To check where the certificates are sudo certbot certificates.

You should be able to test if the HTTPS work

Install trojan

sudo bash -c "$(curl -fsSL https://raw.githubusercontent.com/trojan-gfw/trojan-quickstart/master/trojan-quickstart.sh)"
  • /etc/systemd/system/trojan.service
  • /usr/local/etc/trojan/config.json
    • Modify Certificate Path and Private Key Path
    • Since nginx use the 443 port, so you might need to change it
      • sudo /usr/local/bin/trojan /usr/local/etc/trojan/config.json test if this work
sudo systemctl restart trojan

Client

Windows

  1. Download windows zip
  2. Change config.json

iOS