You must have Shadowsocks services which can be gained in the following way before actually starting to configure. Purchase Shadowsocks Service directly online. Recommendation: Just My Socks Quick Shadowsocks configuration using Just My Socks, please click here . Build the service yourself. Please refer to Configure V2Ray(Shadowsocks mode) + 加速:普通BBR/魔改BBR on KVM VPS (Tested on Ubuntu 16.04) . The environment this article used, FYI: OpenWrt 18.06.1/LuCI openwrt-18.06 The Overall Idea: DNS part: if the requested address is in gfwlist forward DNS request to 127.0.0.1:5353 which is listened by dns-forwarder dns-forwarder forwards the request to 8.8.8.8 for translating 8.8.8.8 is in gfwlist, so match iptables rules and is fowared to 1080 ss-redir listen on port 1080, foward request to shadowsocks server else use public DNS servers or the DNS servers provided by the ISP other data: if the requested address is in gfwlist match ipt
*Install haproxy > sudo apt-get install haproxy *Configure haproxy >vim /etc/haproxy/haproxy.cfg global ulimit-n 51200 log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy pidfile /var/run/haproxy.pid user haproxy group haproxy daemon defaults log global mode tcp option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend ss-in mode tcp bind $Your_IP:8002 default_backend shadowsocks backend shadowsocks mode tcp balance roundrobin server ss1 $Your_SS_IP1:$Your_SS_PORT1 maxconn 20480 server ss2 $Your_SS_IP2:$Your_SS_PORT2 maxconn 20480 --The haproxy only allows the remote ss servers with the same password. As here haproxy is only providing the function like a load balancing switch. It's like a multi channel valve which does NOT provide any shadowsocks protocol level function
评论
发表评论