Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
123 lines (108 sloc) 2.61 KB

yum install m2crypto python-setuptools easy_install pip pip install shadowsocks vi /etc/shadowsocks.json

{
    "server":"0.0.0.0",
    "server_port":8608,
    "local_address": "127.0.0.1",
    "local_port":1080,
    "password":"20051815",
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": false,
    "workers": 1
}

vi /usr/lib/firewalld/services/ss.xml

<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>SS</short>
  <description>Shadowsocks port
  </description>
  <port protocol="tcp" port="8608"/>
</service>

firewall-cmd --permanent --add-service=ss (systemctl start firewalld) cd /usr/lib/firewalld/services ssserver -c /etc/shadowsocks.json easy_install supervisor echo_supervisord_conf > /etc/supervisord.conf

vi /etc/supervisord.conf

[program:ssserver]
command = ssserver -c /etc/shadowsocks.json
autostart=true
autorestart=true
startsecs=3

vi /etc/rc.local

supervisord
ipsec start

chmod +x /etc/rc.local supervisord wget http://download.strongswan.org/strongswan.tar.gz && tar zxvf strongswan* cd strongswan* yum install -y make gcc gmp-devel openssl openssl-devel ./configure make && sudo make install vi /etc/ipsec.conf

config setup
     # strictcrlpolicy=yes
     uniqueids=never #允许多设备同时在线
     # charondebug="cfg 2, dmn 2, ike 2, net 0" #要看Log时,取消注释本行
  
 conn IPsec_xauth_psk
     keyexchange=ikev1
     left=23.106.129.23 #这里换成你登录 VPN 用的域名或 IP
     leftauth=psk
     leftsubnet=0.0.0.0/0
     right=%any
     rightauth=psk
     rightauth2=xauth
     rightsourceip=10.0.0.0/24
     auto=add
  
 conn %default
     keyexchange=ikev1
     dpdaction=hold
     dpddelay=600s
     dpdtimeout=5s
     lifetime=24h
     ikelifetime=240h
     rekey=no
     left=23.106.129.23 #这里换成你登录 VPN 用的域名或 IP,与生成证书时相同
     leftsubnet=0.0.0.0/0
     leftcert=vpnHostCert.pem
     leftsendcert=always
     right=%any
     rightdns=8.8.8.8
     rightsourceip=10.0.0.0/24

vi /etc/ipsec.secrets

#验证用户所需的信息
: PSK "SECRET" # 这里 SECRET 可随意替换成你想要的密钥
kongfm : XAUTH "20051815"

ipsec start ps -ef vi /etc/rc.local vi /etc/ipsec.conf vi /usr/lib/firewalld/services/ipsec.xml firewall-cmd --permanent --add-service=ipsec yum install firewalld firewall-config systemctl start firewalld firewall-cmd --permanent --add-service=ipsec firewall-cmd --permanent --add-masquerade firewall-cmd --reload firewall-cmd --permanent --add-service=ss firewall-cmd --reload ipsec start vi /etc/ipsec.conf vi /etc/ipsec.secrets ipsec start vim /etc/shadowsocks.json

You can’t perform that action at this time.