2023-10-29-【探索】使用Tunnel加速VPS的连接.md 3.2 KB


title: 【探索】使用Tunnel加速VPS的连接 urlname: Use-Tunnel-to-speed-up-the-connection-of-VPS date: 2023-10-29 04:36:52 index_img: https://api.limour.top/randomImg?d=2023-10-29 04:36:52 tags: [clash, ss, Tunnel, '探索']

hide: true

准备依赖

  • 自建DoH服务

    mkdir -p ~/app/ss && cd ~/app/ss && nano docker-compose.yml
    cat > ./config.json <<EOF
    {
    "server":"0.0.0.0",
    "server_port":9000,
    "password":"password0",
    "timeout":300,
    "method":"aes-256-gcm",
    "fast_open":false,
    "nameserver":"8.8.8.8",
    "mode":"tcp_and_udp"
    }
    EOF
    
    version: '3.3'
    services:
    ss:
    restart: unless-stopped
    ports:
      - '20077:9000'
      - '20077:9000/udp'
    volumes:
      - './config.json:/etc/shadowsocks-libev/config.json'
      - '/etc/localtime:/etc/localtime:ro'
    image: teddysun/shadowsocks-libev
    

    配置Tunnel

  • 项目地址: Github; Wiki; Android

  • 新建规则-类型选Local-编辑文件,内容如下

    mixed-port: 7890
    allow-lan: true
    bind-address: '*'
    mode: rule
    log-level: info
    external-controller: :9090
    dns:
    enable: true
    ipv6: false
    default-nameserver: [223.5.5.5, 119.29.29.29]
    enhanced-mode: fake-ip
    fake-ip-range: 198.18.0.1/16
    use-hosts: true
    nameserver: ['https://my.com/token']
    proxies:
    - { name: '自建节点', type: ss, server: 127.0.0.1, port: 7777, cipher: aes-256-gcm, password: password0, udp: true }
    tunnels:
    - { network: [tcp, udp], address: 127.0.0.1:7777, target: ssip:20077, proxy: "手动选择"}
    proxy-providers:
    provider1:
    type: http
    path: ./provider1.yaml
    url: Clash的订阅地址
    interval: 86400
    health-check:
      enable: false
      url: https://www.gstatic.com/generate_204
      interval: 300
    provider2:
    type: http
    path: ./provider2.yaml
    url: Clash的订阅地址
    interval: 86400
    filter: "(?i)AA-中继-HK|AA-中继-JP|AA-V2ray-HK|AA-V2ray-JP"
    exclude-filter: "(?i)海外直连|打機神線"
    health-check:
      enable: false
      url: https://www.gstatic.com/generate_204
      interval: 300
    proxy-groups:
    - { name: PROXY, type: select, proxies: ["手动选择", "自建节点", "自动选择", DIRECT] }
    - { name: "手动选择", type: select, use: [provider1, provider2], proxies: ["自动选择"] }
    - { name: "自动选择", type: url-test, use: [provider1, provider2], url: 'https://www.gstatic.com/generate_204', interval: 3600 }
    rules:
    - GEOIP,LAN,DIRECT
    - GEOIP,CN,DIRECT
    - MATCH,PROXY
    

    测试加速

  • DNS测试

  • UDP测试

附加 格式转换

  • 前端; 后端
  • 因为 converter 时不时出现RCE漏洞,因此 /token 需要保密

    mkdir -p ~/app/converter && cd ~/app/converter && nano docker-compose.yml
    sudo docker-compose up -d # 反代地址 converter:25500, 将 /sub 反代到 /token,末尾没有 /
    
    version: '3'
    services:
    converter:
    image: tindy2013/subconverter:latest
    restart: always
      
    networks:
    default:
    external: true
    name: ngpm