Debian下Shadowsocks-server的配置

本文描述了Debian下shadowsocks的配置,可以说比较简单

apt-get install python-pip
pip install shadowsocks 

网络优化(可选项)

在终端输入vi /etc/sysctl.d/local.conf
创建配置文件

# max open files
fs.file-max = 1024000
# max read buffer
net.core.rmem_max = 67108864
# max write buffer
net.core.wmem_max = 67108864
# default read buffer
net.core.rmem_default = 65536
# default write buffer
net.core.wmem_default = 65536
# max processor input queue
net.core.netdev_max_backlog = 4096
# max backlog
net.core.somaxconn = 4096

# resist SYN flood attacks
net.ipv4.tcp_syncookies = 1
# reuse timewait sockets when safe
net.ipv4.tcp_tw_reuse = 1
# turn off fast timewait sockets recycling
net.ipv4.tcp_tw_recycle = 0
# short FIN timeout
net.ipv4.tcp_fin_timeout = 30
# short keepalive time
net.ipv4.tcp_keepalive_time = 1200
# outbound port range
net.ipv4.ip_local_port_range = 10000 65000
# max SYN backlog
net.ipv4.tcp_max_syn_backlog = 4096
# max timewait sockets held by system simultaneously
net.ipv4.tcp_max_tw_buckets = 5000
# TCP receive buffer
net.ipv4.tcp_rmem = 4096 87380 67108864
# TCP write buffer
net.ipv4.tcp_wmem = 4096 65536 67108864
# turn on path MTU discovery
net.ipv4.tcp_mtu_probing = 1

# for high-latency network
net.ipv4.tcp_congestion_control = hybla
# forward ivp4
net.ipv4.ip_forward = 1

配置生效:sysctl –system

配置Shadowsocks

在终端输入vi /etc/shadowsocks.json创建配置文件

{
"server":"my_server_ip",  #填入你的IP地址
 "local_address": "127.0.0.1",
 "local_port":1080,
 "port_password": {
    "8381": "foobar1",    #端口号,密码
    "8382": "foobar2",
    "8383": "foobar3",
    "8384": "foobar4"
 },
"timeout":300,
 "method":"aes-256-cfb",
"fast_open": false
}

Explanation of the fields(配置说明):

Name Explanation
server the address your server listens
server_port server port
local_address the address your local listens
local_port local port
password password used for encryption
timeout in seconds
method default: “aes-256-cfb”, see Encryption
fast_open use TCP_FASTOPEN, true / false
workers number of workers, available on Unix/Linux
  • 现在就可以启动了,有两种方式启动,前端和后端。
    前端启动:ssserver -c /etc/shadowsocks.json
    后端启动:ssserver -c /etc/shadowsocks.json -d start
    停止:ssserver -c /etc/shadowsocks.json -d stop
    重启(修改配置要重启才生效):ssserver -c /etc/shadowsocks.json -d restart
  • 设置开机启动
    在终端输入vim /etc/rc.local
    把里面最后的带有ssserver的一大段默认的代码删除掉,
    再把ssserver -c /etc/shadowsocks.json -d start加进去,
    保存退出。