Mac's Blog

Find a gap and cover it.

0%

CentOS7部署Shadowsocks

发表于 更新于 分类于

安装Python

1
2
yum install -y python-pip
pip install --upgrade pip

安装Shadowsocks

1
pip install shadowsocks

编辑配置文件

1
nano /etc/shadowsocks.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
{
  "server": "::",
  "local_address": "127.0.0.1",
  "local_port": 1080,
  "port_password": {
    "8080": "password",
    "8081": "password",
    "443": "password",
    "54321": "password",
    "54322": "password",
    "54323": "password",
    "54324": "password"
},
  "timeout": 600,
  "method": "rc4-md5"
}

设置启动服务

1
nano /etc/systemd/system/shadowsocks.service
1
2
3
4
5
6
7
8
9
[Unit]
Description=Shadowsocks

[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/ssserver -c /etc/shadowsocks.json

[Install]
WantedBy=multi-user.target
1
2
3
systemctl enable shadowsocks
systemctl start shadowsocks
systemctl status shadowsocks -l

配置防火墙

firewall

1
2
3
4
5
6
7
8
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=8081/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=54322/tcp --permanent
firewall-cmd --zone=public --add-port=54321/tcp --permanent
firewall-cmd --zone=public --add-port=54323/tcp --permanent
firewall-cmd --zone=public --add-port=54324/tcp --permanent
firewall-cmd --reload

iptables

1
2
3
4
5
6
7
8
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 8081 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 54321 -j ACCEPT
iptables -A INPUT -p tcp --dport 54322 -j ACCEPT
iptables -A INPUT -p tcp --dport 54323 -j ACCEPT
iptables -A INPUT -p tcp --dport 54324 -j ACCEPT
iptables -P OUTPUT ACCEPT