--- title: 【记录】Warp 与 Tor 共存 urlname: -ji-lu-Warp-yu-Tor-gong-cun date: 2023-07-01 19:52:07 tags: ['warp', 'tor', 'socks5'] --- ## 注册 Zero Trust 1. 访问 [CF Zero Trust](https://one.dash.cloudflare.com),按网上教程注册 2. 开启 GitHub Authentication: Setting - Authentication - Login methods - Add new 3. 添加 Device enrollment: Setting - WARP Client - Device enrollment permissions - Manage - Add a rule 4. Selector 选 Emails; Value 填 GitHub 的邮箱 5. 访问 [Warp-go](https://github.com/fscarmen/warp), 按教程 [WARP Teams 获取并用于 Linux 的方法](https://github.com/fscarmen/warp/blob/main/README.md#WARP-Teams-%E8%8E%B7%E5%8F%96%E5%B9%B6%E7%94%A8%E4%BA%8E-Linux-%E7%9A%84%E6%96%B9%E6%B3%95) 获取 warp-account.conf 6. 访问 https://your-team-name.cloudflareaccess.com/warp 审查元素也可获取 authtoken 7. 记录 warp-account.conf 文件中的 ["account"]["private_key"] 和 ["config"]["peers"]["public_key"] 8. 运行 `bash api.sh -i -f ./warp-account.conf` 获取 reserved ## 部署 Tor ```bash mkdir -p ~/app/tor && cd ~/app/tor && nano Dockerfile && nano docker-compose.yml echo 'SocksPort 0.0.0.0:9050' > torrc docker build -t limour/tor . docker image ls | grep limour/tor sudo docker network create sswitch sudo docker-compose up -d && sudo docker-compose logs docker run --rm --net=sswitch alpine/curl --socks5-hostname "tor:9050" "https://check.torproject.org/api/ip" ``` ```Dockerfile # set alpine as the base image of the Dockerfile FROM alpine:latest # update the package repository and install Tor RUN apk update && apk --no-cache add tor # Copy over the torrc created above and set the owner to `tor` COPY torrc /etc/tor/torrc RUN chown -R tor /etc/tor # Set `tor` as the default user during the container runtime USER tor # Set `tor` as the entrypoint for the image ENTRYPOINT ["tor"] # Set the default container command # This can be overridden later when running a container CMD ["-f", "/etc/tor/torrc"] ``` ```yml version: '3.3' services: tor: restart: always image: limour/tor networks: default: external: true name: sswitch ``` + 安装好 [docker](/DOCKER-an-zhuang-liu-cheng-ji-lu) ## 部署 Warp ```bash mkdir -p ~/app/socks5 && cd ~/app/socks5 && nano docker-compose.yml mkdir ./config nano ./config/config.json wget https://github.com/SagerNet/sing-geoip/releases/latest/download/geoip.db -O config/geoip.db wget https://github.com/SagerNet/sing-geosite/releases/latest/download/geosite.db -O config/geosite.db sudo docker-compose up -d && sudo docker-compose logs ``` ```json { "log": { "level": "info" }, "inbounds": [ { "type": "socks", "tag": "socks-in", "listen": "::", "listen_port": 5353, "tcp_fast_open": false, "udp_fragment": true, "sniff": true, "sniff_override_destination": false, "sniff_timeout": "300ms", "udp_timeout": 300, "proxy_protocol": false, "proxy_protocol_accept_no_header": false } ], "outbounds": [ { "type": "direct" }, { "type": "wireguard", "tag": "wireguard", "server": "engage.cloudflareclient.com", "server_port": 2408, "local_address": ["10.0.0.2/32"], "private_key": "记录的private_key", "peer_public_key": "记录的public_key", "reserved": [0, 0, 0] // 记录的reserved值 }, { "type": "socks", "tag": "tor", "server": "tor", "server_port": 9050 } ], "route": { "rules": [ { "domain_suffix": [".onion"], "outbound": "tor" }, { "domain_suffix": ["openai.com"], "outbound": "wireguard" }, { "domain_suffix": [".cn"], "outbound": "wireguard" }, { "domain_suffix": ["check.torproject.org"], "outbound": "tor" }, { "domain_suffix": ["myip.ipip.net"], "outbound": "wireguard" }, { "geoip": ["cn"], "outbound": "wireguard" }, { "geosite": ["cn"], "outbound": "wireguard" }, { "domain_keyword": ["bing","microsoft"], "outbound": "wireguard" } ] } } ``` ```yml version: '3.3' services: socks5: restart: always volumes: - './config/:/etc/sing-box/' image: gzxhwq/sing-box:git networks: default: external: true name: sswitch ``` ## 测试 Warp 和 Tor ```bash docker run --rm --net=sswitch alpine/curl --socks5-hostname socks5:5353 https://myip.ipip.net docker run --rm --net=sswitch alpine/curl --socks5-hostname socks5:5353 https://api.ipify.org/?format=json docker run --rm --net=sswitch alpine/curl --socks5-hostname "socks5:5353" "https://check.torproject.org/api/ip" docker run --rm --net=sswitch alpine/curl --socks5-hostname "socks5:5353" "https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion" ```