最近因为国庆的原因,shadowsocks一直被封,而且就算换了ip地址也会在短短20分钟就会被封禁。所以为了科学上网,只能找出新的方式,也就是v2ray了。
关于v2ray:
直接搬一下官网的介绍吧:
V2Ray 是 Project V 下的一个工具。Project V 是一个包含一系列构建特定网络环境工具的项目,而 V2Ray 属于最核心的一个。 官方中介绍Project V 提供了单一的内核和多种界面操作方式。内核(V2Ray)用于实际的网络交互、路由等针对网络数据的处理,而外围的用户界面程序提供了方便直接的操作流程。不过从时间上来说,先有 V2Ray 才有 Project V。 如果还是不理解,那么简单地说,V2Ray 是一个与 Shadowsocks 类似的代理软件,可以用来科学上网(翻墙)学习国外先进科学技术。
社区readme
官网readme
安装:
安装方式比较简单,直接按照官网的不同os的安装方式就行。需要注意的是,v2ray的服务端和shadowsocks一样,服务端和客户端其实是同样的程序,所以你只需要在两边都同样的安装就可以,我这边的vps是ubuntu,所以就按照ubuntu的方式进行安装,其他方式可以参考官方安装指南
bash <(curl -L -s https://install.direct/go.sh)
这个时候你需要知道你的文件所在的位置:
/usr/bin/v2ray/v2ray:V2Ray 程序;
/usr/bin/v2ray/v2ctl:V2Ray 工具;
/etc/v2ray/config.json:配置文件;
/usr/bin/v2ray/geoip.dat:IP 数据文件
/usr/bin/v2ray/geosite.dat:域名数据文件
配置服务端:
服务端的配置文件在/etc/v2ray/config.json中
{
"inbounds": [{
"port": 12345,//1
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "5b6073e8-70b4-4cf7-b9ef-60fcff8d4489",//2
"alterId": 64//3
}
]
}
}],
"outbounds": [{
"protocol": "freedom",
"settings": {}
},{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}],
"routing": {
"rules": [
{
"type": "field",
"ip": ["geoip:private"],
"outboundTag": "blocked"
}
]
}
}
服务端的配置是注意1,2,3这三个地方是需要配置的,默认uuid应该是配置好了的,在你安装的时候,然后选择一个自己喜欢的端口进行监听就行。
启动服务
service v2ray start
这样你的vps就已经在开始监听1处的端口,收到网络请求就会走v2ray相关的逻辑了。
客户端配置:
因为我本身客户端是mac的,所以就说一下mac客户端的配置吧,其他的基本同理,只需要记住对应的端口和uuid。
mac和window是有压缩包的,在下载完压缩包后解压缩出来就可以看到同样的config.json
// Config file of V2Ray. This file follows standard JSON format, with comments support.
// Uncomment entries below to satisfy your needs. Also read our manual for more detail at
// https://www.v2ray.com/
{
"log": {
// By default, V2Ray writes access log to stdout.
// "access": "/path/to/access/log/file",
// By default, V2Ray write error log to stdout.
// "error": "/path/to/error/log/file",
// Log level, one of "debug", "info", "warning", "error", "none"
"loglevel": "warning"
},
// List of inbound proxy configurations.
"inbounds": [{
// Port to listen on. You may need root access if the value is less than 1024.
"port": 1080,
// IP address to listen on. Change to "0.0.0.0" to listen on all network interfaces.
"listen": "127.0.0.1",
// Tag of the inbound proxy. May be used for routing.
"tag": "socks-inbound",
// Protocol name of inbound proxy.
"protocol": "socks",
// Settings of the protocol. Varies based on protocol.
"settings": {
"auth": "noauth",
"udp": false,
"ip": "127.0.0.1"
},
// Enable sniffing on TCP connection.
"sniffing": {
"enabled": true,
// Target domain will be overriden to the one carried by the connection, if the connection is HTTP or HTTPS.
"destOverride": ["http", "tls"]
}
}],
// List of outbound proxy configurations.
"outbounds": [{
// Protocol name of the outbound proxy.
"protocol": "vmess",
// Settings of the protocol. Varies based on protocol.
"settings": {
"vnext": [
{
"address": "35.201.180.24",
"port": 12345,
"users": [
{
"id": "5b6073e8-70b4-4cf7-b9ef-60fcff8d4489",
"alterId": 64
}
]
}
]
},
// Tag of the outbound. May be used for routing.
"tag": "direct"
},{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}],
// Transport is for global transport settings. If you have multiple transports with same settings
// (say mKCP), you may put it here, instead of in each individual inbound/outbounds.
//"transport": {},
// Routing controls how traffic from inbounds are sent to outbounds.
"routing": {
"domainStrategy": "IPOnDemand",
"rules":[
{
// Blocks access to private IPs. Remove this if you want to access your router.
"type": "field",
"ip": ["geoip:private"],
"outboundTag": "blocked"
},
{
// Blocks major ads.
"type": "field",
"domain": ["geosite:category-ads"],
"outboundTag": "blocked"
}
]
},
// Dns settings for domain resolution.
"dns": {
// Static hosts, similar to hosts file.
"hosts": {
// Match v2ray.com to another domain on CloudFlare. This domain will be used when querying IPs for v2ray.com.
"domain:v2ray.com": "www.vicemc.net",
// The following settings help to eliminate DNS poisoning in mainland China.
// It is safe to comment these out if this is not the case for you.
"domain:github.io": "pages.github.com",
"domain:wikipedia.org": "www.wikimedia.org",
"domain:shadowsocks.org": "electronicsrealm.com"
},
"servers": [
"1.1.1.1",
{
"address": "114.114.114.114",
"port": 53,
// List of domains that use this DNS first.
"domains": [
"geosite:cn"
]
},
"8.8.8.8",
"localhost"
]
},
// Policy controls some internal behavior of how V2Ray handles connections.
// It may be on connection level by user levels in 'levels', or global settings in 'system.'
"policy": {
// Connection policys by user levels
"levels": {
"0": {
"uplinkOnly": 0,
"downlinkOnly": 0
}
},
"system": {
"statsInboundUplink": false,
"statsInboundDownlink": false
}
},
// Stats enables internal stats counter.
// This setting can be used together with Policy and Api.
//"stats":{},
// Api enables gRPC APIs for external programs to communicate with V2Ray instance.
//"api": {
//"tag": "api",
//"services": [
// "HandlerService",
// "LoggerService",
// "StatsService"
//]
//},
// You may add other entries to the configuration, but they will not be recognized by V2Ray.
"other": {}
}
哈哈,这次的客户端比较长,但是我们需要关注的也就是outbounds,因为我们是需要关注我们输出的位置。在outbounds中配置好对应的端口,还有对应的uuid,alertid。就算配置完成了。然后启动客户端。
./v2ray
好,应该已经能够完成连接了。当你开心的去拿上梯子去翻的时候,却发现还是没有办法上网,这是为什么原因呢。
这是因为当前的客户端只监听了inbound端口,然后从outbound端口出。那么你当前的http请求都是走的80端口,当然就不会从v2ray经过了。所以还需要将当前的所有网络连接都重新定向到设定的端口,默认也就是1080端口。
这个地方修改的方式就很多了,我这里采用的chrome+switchomega,将当前浏览器的所有连接都走本地的127.0.0.1:1080端口。
这样其实原理也就很清楚了:
1.本地的网络连接走127.0.0.1:1080端口,经过v2ray的inbounds监听,于是会连接到服务的对端,也就是outbounds
2.服务端监听的inbound端口收到客户端发来的请求,发现outbounds就是freedom,于是就自由连接,再将结果返回客户端
3.这样就完成了一整个的代理