HIN

卑微的我写点东西记录自己

(此项目已经停止)wuliwuli如何利用国外VPS搭建多协议代理服务squid PAC代理服务器,科学上网.*

[PAC](http://www.wuliwuli.xyz/)
=======
wuliwuli项目主要介绍如何利用国外VPS搭建多协议代理服务。

GFW 封锁了 HTTP/Socks5 代理,HTTP 代理是关键词过滤,Socks5 代理则是封锁协议。不过某些特殊的低端口并没有这么处理,已知的有 21,25。

20端口已经被封杀,21端口目前会被限速400Kbps,换算后约合50KB/S,建议使用25端口,不限速。

[这里](http://www.wuliwuli.xyz/) 提供了我在 [vultr](http://hin.bcn.cc/wuliwuli.pac) 上搭建的公共代理。

更新SQ防扫认证,登录信息为
帐号:user
密码:www.wuliwuli.xyz

搭建代理服务器
==============
在 25 端口搭建 http/https 代理。

Ubuntu 16.04 x64(需要一行一行复制安装,user默认密码www.wuliwuli.xyz):

apt-get -y install squid
curl http://hin.bcn.cc/github/viutr/ubuntu-squid.conf > /etc/squid/squid.conf
echo "user:PHcmhqSueHN2A" >> /etc/squid/passwd
mkdir -p /var/cache/squid
chmod -R 777 /var/cache/squid
service squid stop
squid -z
service squid restart

CentOS 6.7 x64(推荐用此系统):

setenforce 0
ulimit -n 800000
echo "* soft nofile 800000" >> /etc/security/limits.conf
echo "* hard nofile 800000" >> /etc/security/limits.conf
echo "alias net-pf-10 off" >> /etc/modprobe.d/dist.conf
echo "alias ipv6 off" >> /etc/modprobe.d/dist.conf
killall sendmail
/etc/init.d/postfix stop
chkconfig --level 2345 postfix off
chkconfig --level 2345 sendmail off
yum -y install squid wget
wget http://hin.bcn.cc/github/viutr/centos-squid.conf -O /etc/squid/squid.conf
echo "user:PHcmhqSueHN2A" >> /etc/squid/passwd
mkdir -p /var/cache/squid
chmod -R 777 /var/cache/squid
squid -z
service squid restart
chkconfig --level 2345 squid on
iptables -t nat -F
iptables -t nat -X
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -F
iptables -X
iptables -P FORWARD ACCEPT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t raw -F
iptables -t raw -X
iptables -t raw -P PREROUTING ACCEPT
iptables -t raw -P OUTPUT ACCEPT
service iptables save

装完后记得reboot重启下服务器确保生效。

然后使用 [PAC](http://hin.bcn.cc/wuliwuli.pac) 右键另存为 PAC 文件后修改其中的01.server.wuliwuli.xyz为你的服务器IP即可。

用户验证方式使用squid代理服务器,为网页弹出认证框 SQ防扫验证
如果是自己的服务器自己使用.可以取消验证.

取消方法
vi /etc/squid/squid.conf

去掉
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Welcome to pac.viutr.com proxy web server
acl squid_user proxy_auth REQUIRED
http_access allow squid_user
http_access deny all

并且新增一行
http_access allow all
然后保存退出,重启服务

service squid restart

修改后(无鉴权)文件
acl manager proto cache_object

acl localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all

http_port 25
coredump_dir /var/spool/squid
refresh_pattern -i ^ftp: 525600 95% 525600 reload-into-ims
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 reload-into-ims
refresh_pattern -i . 525600 95% 525600 reload-into-ims
strip_query_terms off
visible_hostname www.viutr.com
cache_mgr www@chok.me
cache_store_log none
cache_access_log none
cache_mem 512 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 128 MB
maximum_object_size_in_memory 128 MB
dns_nameservers 8.8.8.8 8.8.4.4
client_lifetime 1 minutes
half_closed_clients off
fqdncache_size 65535
ipcache_size 65535
ipcache_low 90
ipcache_high 95

点赞

发表评论

电子邮件地址不会被公开。 必填项已用*标注