2016年4月23日 星期六

debian 7 部署 gfw.press + 3proxy 輕鬆翻牆

前言

twitter上有一用戶名為趙國劣紳石斑魚大爺@chinashiyu開發了新一代翻牆工具:
gfw.press https://github.com/chinashiyu/gfw.press
推上高手@FWT_T_O_O分析了源碼 https://goo.gl/pYWnmY
使得我甚感興趣,經過在推上和2人交流後,決定嘗試部署一下

部署3proxy工作

測試部署的系統為debian 7 x86 ,vps為openvz 128/128 vswap nat ipv4 share vps
1)先執行系統更新 apt-get update && apt-get upgrade -y
2)安裝需要的元件
   apt-get install nano curl build-essential libssl-dev openjdk-7-jre git -y
3)下載gfw.press和3proxy源碼
   git clone https://github.com/z3APA3A/3proxy.git
   git clone https://github.com/chinashiyu/gfw.press.git
4)轉入3proxy目錄
   cd 3proxy/
5)編譯3proxy
   make -f Makefile.Linux  等待完成
6) 轉入下一層src目錄
   cd src
7) mkdir -p /usr/local/etc/3proxy/bin/  製造新目錄
8) 安裝3proxy到系統
    install 3proxy /usr/local/etc/3proxy/bin/3proxy
    install mycrypt /usr/local/etc/3proxy/bin/mycrypt
9)制造3proxy.cfg
    touch /usr/local/etc/3proxy/3proxy.cfg
10) 製造3proxy的log文件目錄
     mkdir -p /usr/local/etc/3proxy/log/
11)設置權限
     chown -R root:root /usr/local/etc/3proxy/
     chown -R 65535 /usr/local/etc/3proxy/log/
     touch /usr/local/etc/3proxy/3proxy.pid
     chown 65535 /usr/local/etc/3proxy/3proxy.pid
12)編輯3proxy.cfg
     nano /usr/local/etc/3proxy/3proxy.cfg  內容如下


-------------begin------this line is not the part of 3proxy.cfg-----------


# configure nameserver and nscache which good to save speed, traffic and bandwidth
# Important -> DNS-Server must work. At the moment the Free Google DNS is configured
nscache 8192
nserver 8.8.8.8
timeouts 1 5 30 60 180 1800 15 60

#specify the startup mode as Deamon
daemon

#write pid of current process to file. It can be used to manipulate 3proxy with signals under Unix.
pidfile 3proxy.pid

#Path to configuration file to use on 3proxy restart or to save configuration.
config 3proxy.cfg

#If file monitored changes in modification time or size,
# proxy reloads configuration within one minute.
monitor 3proxy.cfg

# log allows to specify log file location and rotation, D means logfile is created daily
log log/3proxy.log D
logformat "L%d-%m-%Y %H:%M:%S %z %N.%p %E %U %C:%c %R:%r %O %I %h %T"

# We will keep last 30 log files
rotate 30

# user authentication is not needed, we catch tariffic from gfw.press only
# gfw.press has password to auth
auth none

# and allow HTTP and HTTPS traffic.
allow * * * 80-88,8080-8088 HTTP
allow * * * 443,8443 HTTPS

# Sets the proxy on port 3128 with high anonymous flag -a
# You need root priviliges to bind to a port lower than 1000
proxy -i127.0.0.1 -a -p3128
#socks -i127.0.0.1 -a -p1080
flush

# now we needn't any root rights. We can chroot and setgid/setuid.
chroot /usr/local/etc/3proxy/
setgid 65535
setuid 65535


-------------end of 3proxy.cfg--------------------------------------

13)轉到/etc/init.d/目錄,我們需要寫個開機啟動腳本
     cd /etc/init.d/
     nano 3proxyinit  , 腳本內容如下


-----------begin 3proxyinit------------------------------------------

#!/bin/sh
#
### BEGIN INIT INFO
# Provides: 3Proxy
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Initialize 3proxy server
# Description: starts 3proxy
### END INIT INFO

cd /usr/local/etc/3proxy/
case "$1" in
start)
echo Starting 3Proxy

/usr/local/etc/3proxy/bin/3proxy /usr/local/etc/3proxy/3proxy.cfg
;;
stop)
echo Stopping 3Proxy
kill `pidof 3proxy`
;;
*)
echo Usage: \$0 "{start|stop}"
exit 1
esac
exit 0


------------end of 3proxyinit---------------------------

14)使其成為執行檔
     chmod +x 3proxyinit
     update-rc.d 3proxyinit defaults
15)運行3proxy
     cd
    /etc/init.d/3proxyinit start

如需要停止便使用  /etc/init.d/3proxyinit stop

以上參考 http://www.tor.eu/?p=685
3proxy的安裝完成,接下來設置gfw.press

1) 轉到gfw.press目錄
    cd gfw.press
2) 編輯user.txt
    nano user.txt ,  其內容是

   10006 ChangeMe1
   10007 ChangeMe2
   10008 ChangeMe3

前面的是端口,後面的是密碼,更改為你喜歡的,格式是端口 空格一個 密碼,每條一行

3)把server.sh改成可執行文件
    chmod +x server.sh
4) 執行server.sh
    ./server.sh &
5) 檢查是否在協同工作
    netstat -nlp | grep -i listen

--------scriptshot--------------------------------------------------

root@inethome:~/gfw.press# netstat -nlp | grep -i listen
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3048/sshd      
tcp        0      0 127.0.0.1:3128          0.0.0.0:*               LISTEN      9572/3proxy    
tcp6       0      0 :::19501                :::*                    LISTEN      9585/java      
tcp6       0      0 :::19502                :::*                    LISTEN      9585/java      
tcp6       0      0 :::19503                :::*                    LISTEN      9585/java      
tcp6       0      0 :::19504                :::*                    LISTEN      9585/java      
tcp6       0      0 :::19505                :::*                    LISTEN      9585/java      
tcp6       0      0 :::22                   :::*                    LISTEN      3048/sshd    

---------end---------------------------------------------------------------------------

正常會是這樣,java的進程看開了多少個端口,我只開了5個,因為vps太渣
服務器部署工作已完成

客戶端安裝(window 10)

http://gfw.press/GFW.Press.msi 下載客戶端,雙擊安裝
chrome 使用SwitchyOmega新建一個情景模式,選http協議
代理伺服器 127.0.0.1 代理埠 3128

運行gfw.press客戶端,填入相關資訊,按確定,chrome轉為代理模式上網
訪問http://whatismyproxy.com  看看是否IP轉變了

後記

感謝推友@FWT_T_O_O解答疑問,感謝趙國劣紳石斑魚大爺@chinashiyu無私奉獻
據說可設為socks代理,只需在gfw.press目錄下增加一個server.json

內容如是

{
    "ProxyHost": 127.0.0.1,
    "ProxyPort": 1080,
 }

在3proxy.cfg中把

#socks -i127.0.0.1 -a -p1080 改為
socks -i127.0.0.1 -a -p1080
我已預先寫了,但時間關係沒有測試,有興趣的推油自行測試

:)


沒有留言:

張貼留言