安装 ss-libev
因为机器比较多,于是一直是用 teddysun 大佬的一键脚本安装 shadowsocks-libev1
2wget https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-libev-debian.sh
bash shadowsocks-libev-debian.sh
按照提示来,填写密码、端口,加密方式建议 chacha20 xchacha20-ietf-poly1305
修改配置
由于最近某个特殊的日子(指过生日), Firewall 天天发威,之前安装用的 chacha20 加密方式感觉也不太行了, 经过两三天的测试,发现 加密方式用 xchacha20-ietf-poly1305 会比较好。
通过 teddysun 大佬的一键脚本安装的 shadowsocks-libev ,配置文件位于
/etc/shadowsocks-libev/config.json
编辑配置文件1
vim /etc/shadowsocks-libev/config.json
示例配置如下,Str0ngPa55word 记得改成自己的密码1
2
3
4
5
6
7
8
9
10
11{
"server":"0.0.0.0",
"server_port":3389,
"password":"Str0ngPa55word",
"timeout":300,
"user":"nobody",
"method":"xchacha20-ietf-poly1305",
"fast_open":true,
"nameserver":"8.8.8.8",
"mode":"tcp_and_udp"
}
重启 shadowsocks1
service shadowsocks restart
你可以通过以下命令查看状态,来判断配置是否生效1
service shadowsocks status
返回如下1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20● shadowsocks.service - LSB: Fast tunnel proxy that helps you bypass firewalls
Loaded: loaded (/etc/init.d/shadowsocks; generated)
Active: active (running) since Mon 2019-09-23 07:07:16 UTC; 3s ago
Docs: man:systemd-sysv-generator(8)
Process: 111025 ExecStop=/etc/init.d/shadowsocks stop (code=exited, status=0/SUCCESS)
Process: 111027 ExecStart=/etc/init.d/shadowsocks start (code=exited, status=0/SUCCESS)
Tasks: 1 (limit: 1046)
CGroup: /system.slice/shadowsocks.service
└─111038 /usr/local/bin/ss-server -v -c /etc/shadowsocks-libev/config.json -f /var/run/shadowsocks-libev.pid
Sep 23 07:07:16 Redacted systemd[1]: Stopped LSB: Fast tunnel proxy that helps you bypass firewalls.
Sep 23 07:07:16 Redacted systemd[1]: Starting LSB: Fast tunnel proxy that helps you bypass firewalls...
Sep 23 07:07:16 Redacted /usr/local/bin/ss-server[111038]: using tcp fast open
Sep 23 07:07:16 Redacted /usr/local/bin/ss-server[111038]: UDP relay enabled
Sep 23 07:07:16 Redacted /usr/local/bin/ss-server[111038]: initializing ciphers... xchacha20-ietf-poly1305
Sep 23 07:07:16 Redacted shadowsocks[111027]: Starting Shadowsocks-libev success
Sep 23 07:07:16 Redacted systemd[1]: Started LSB: Fast tunnel proxy that helps you bypass firewalls.
Sep 23 07:07:16 Redacted /usr/local/bin/ss-server[111038]: using nameserver: 8.8.8.8
Sep 23 07:07:16 Redacted /usr/local/bin/ss-server[111038]: tcp server listening at 0.0.0.0:3389
Sep 23 07:07:16 Redacted /usr/local/bin/ss-server[111038]: udp server listening at 0.0.0.0:3389
我们可以看到日志里面:
- initializing ciphers… xchacha20-ietf-poly1305
- listening at 0.0.0.0:3389
这些和我们配置的参数相符合
魔改bbr
1 | git clone https://github.com/FunctionClub/YankeeBBR.git |
会弹出喜感的蓝底背景提示框1
2
3
4
5
6
7
8
9
10
11
12
13
14┌────────────────────────────────────────┤ Configuring linux-image-3.16.0-4-amd64 ├────────────────────────────────────────┐
│ │
│ You are running a kernel (version 3.16.0-4-amd64) and attempting to remove the same version. │
│ │
│ This can make the system unbootable as it will remove /boot/vmlinuz-3.16.0-4-amd64 and all modules under the directory │
│ /lib/modules/3.16.0-4-amd64. This can only be fixed with a copy of the kernel image and the corresponding modules. │
│ │
│ It is highly recommended to abort the kernel removal unless you are prepared to fix the system after removal. │
│ │
│ Abort kernel removal? │
│ │
│ <Yes> <No> │
│ │
└──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
问你要不要放弃移除旧的内核
选no
检测到 3 个其余内核,开始卸载…
开始卸载 linux-image-3.16.0-4-amd64 内核…
然后就会移除多余的内核
重启完成后
再运行1
bash bbr.sh start
就可以启动魔改bbr了
验证 bbr 是否开启
运行1
sysctl net.ipv4.tcp_available_congestion_control
返回:1
net.ipv4.tcp_available_congestion_control = bbr cubic reno
运行:1
sysctl net.ipv4.tcp_congestion_control
返回:1
net.ipv4.tcp_congestion_control = bbr
运行:1
lsmod | grep bbr
返回值有tcp_bbr
则说明bbr已启动
(完)