centos7 使用ss和Privoxy 实现命令行访问google
1、更新yum 这里可能更新时间有点长,,稳住~别急
扫码关注我们
微信号:SRE实战
拒绝背锅 运筹帷幄
yum -y upgrade2、安装 epel-release 这个必须先安装,因为: python-pip 和 privoxy 都在EPEL源里面,, 有的小伙伴可能已经换了国内的源,所以请先检查安装这两个包,以防不测(万一你换的源里没有呢()^_^)
yum install -y epel-release3、安装 python-pip
yum install -y python-pip
#安装完成后需要更新一下
pip install --upgrade pip4、安装 shadowsocks 、安装
#install ss pip install shadowsocks #install privoxy yum install -y privoxy
SRE实战 互联网时代守护先锋,助力企业售后服务体系运筹帷幄!一键直达领取阿里云限量特价优惠。 5、配置 shadowsocks
vim /etc/shadowsocks.json 添加以下内容 { "server": "156.12.22.29", "server_port": "55555", "local_address": "127.0.0.1", "local_port": "6666", "password": "service_password", "method": "aes-256-cfb", "timeout": "300", "workers": "1" }
每个字段解释
server :: shadowsocks服务器的ip server_port :: shadowsocks服务器端口 local_address :: 本机监听地址,不需要修改 local_port :: 本机监听端口,不要和正在使用的端口冲突 password :: shadowsocks服务器密码 method :: shadowsocks服务器的加密方式 6、配置 privoxyvim /etc/privoxy/config # 确认下面这一行没有被注释掉 listen-address 127.0.0.1:8118 ## 默认端口是8118,不需要修改 # 新增一行 forward-socks5t / 127.0.0.1:6666 . ## 端口必须与 /etc/shadowsocks.json 中 local_port 字段的值相同, ## 注意:行尾有一个英文句号(.)
7、启动 shadowsocks+ 测试
# 以 daemon 模式启动 [root@centos-linux ~]# sslocal -c /etc/shadowsocks.json -d start INFO: loading config from /etc/shadowsocks.json 2019-02-26 23:30:12 INFO loading libcrypto from libcrypto.so.10 started # 确认 sslocal 已监听在预设端口 lsof -i | grep sslocal [root@centos-linux ~]# lsof -i | grep sslocal sslocal 24367 root 4u IPv4 53001198 0t0 TCP localhost:ircu-2 (LISTEN) sslocal 24367 root 5u IPv4 53001199 0t0 UDP localhost:ircu-2 [root@centos-linux ~]# curl --socks5 127.0.0.1:6666 http://httpbin.org/ip { "origin": "156.12.22.29, 156.12.22.29" # 注意 :: 必须与 /etc/shadowsocks.json 中 server 字段的值相同 }8、启动 privoxy +测试
systemctl start privoxy
[root@centos-linux ~]# curl --proxy https://127.0.0.1:8118 -Is https://google.com | grep -w 200 HTTP/1.1 200 Connection established9、设置开机启动
sh -c 'echo "sudo /usr/bin/sslocal -c /etc/shadowsocks.json -d start" >> /etc/rc.d/rc.local' # 如果 rc.local 没有可执行权限就给它加上 systemctl enable privoxy10、测试是否能科学上网
#启用代理 export http_proxy='127.0.0.1:8118' export https_proxy='127.0.0.1:8118' # 停用代理 export http_proxy='' export https_proxy=''
curl -I https://golang.org/ #执行命令后出现如下信息,说明成功 [root@centos-linux ~]# curl -I https://golang.org/ HTTP/1.1 200 Connection established HTTP/1.1 200 OK Date: Tue, 26 Feb 2019 15:41:47 GMT Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 google Transfer-Encoding: chunked Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
11、为了更方便使用,启动和停用写成一个shell脚本
#创建文件 /etc/profile.d/vm-proxy.sh,文件内容如下 [root@centos-linux ~]# cat /etc/profile.d/vm-proxy.sh function cmd-proxy-on { export no_proxy="127.0.0.1,localhost,localaddress,.localdomain.com,tencentyun.com"; export http_proxy='127.0.0.1:8118'; export https_proxy=$http_proxy; echo 'HTTP proxy started.' } export -f cmd-proxy-on # 第二种声明函数的方式 cmd-proxy-off() { unset http_proxy; unset https_proxy; echo 'HTTP proxy stopped.' } export -f cmd-proxy-off
#source 脚本 chmod +x /etc/profile.d/vm-proxy.sh source /etc/profile.d/vm-proxy.sh最后测试脚本
[root@centos-linux ~]# vim /etc/profile.d/vm-proxy.sh [root@centos-linux ~]# chmod +x /etc/profile.d/vm-proxy.sh [root@centos-linux ~]# source /etc/profile.d/vm-proxy.sh [root@centos-linux ~]# cmd-proxy-on HTTP proxy started. [root@centos-linux ~]# curl -I https://golang.org/ HTTP/1.1 200 Connection established HTTP/1.1 200 OK Date: Tue, 26 Feb 2019 15:47:18 GMT Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 google Transfer-Encoding: chunked Alt-Svc: quic=":443"; ma=2592000; v="44,43,39" [root@centos-linux ~]# cmd-proxy-off HTTP proxy stopped. [root@centos-linux ~]# curl -I https://golang.org/ curl: (7) Failed connect to golang.org:443; 拒绝连接
更多精彩
