Jang go Seta Shadowsocks mo VPS go Tlola Thibelo

Shadowsocks ke sediriswa se sengwe sa mekgwa e e nonofileng ka botlalo ya go tlola thibelo ya internet, e e tumileng ka botlalo mo mafatsheng a a nang le di-thibelo tse di khutshwane, e e tumileng ka botlalo. Go farologana le di-VPN tsa setso, Shadowsocks e dirisa proxy ya SOCKS5 e e nang le go patilela, e e dira gore traffic ya yona e se ka e farologana le HTTPS e e tlwaelegileng. Kaelo e e tla go bontsha jang go tsenya server ya gago ya Shadowsocks mo Hiddence VPS ka metsotswana e le 10.

Ke ka ntlha yang Shadowsocks?

• Go Ipatlela: Traffic e patilwe jaaka dikgolagano tsa HTTPS tse di tlwaelegileng, e thata go e bona ke ditsamaiso tsa DPI
• Lebotlalo: Go tlhoka go tlala go farologana le VPN, lebotlalo le le atameng le le motlhofo
• Go Fetolwa: E a bereka mo maemong a application, e ka setiwa bakeng sa mananeo a a rileng
• Cross-platform: Di-client bakeng sa Windows, macOS, Linux, Android, iOS
• E bulegile: Go bonala ka botlalo ga khoutu le tshireletso

Dintlha tse di Tlhokegang

• Hiddence VPS (bogolo jwa RAM bo bo ka nako e e ka nang le 1 GB, Linux OS efe kapa efe)
• Ubuntu 22.04 kgotsa 24.04 (e e laoletsweng)
• Pono ya root mo servereng
• Client ya SSH bakeng sa kgolagano
• Metsotswana e le 5-10 ya nako ya gago

Go Tsenya Shadowsocks-Rust (E e Laoletsweng)

Re tla dirisa kgatiso ya shadowsocks-rust — e e potlana ka botlalo le e e nang le selekanyo, e e kwadilweng ka Rust.

Kgato 1: Lokisetsa System

# Golagana le server ka SSH
ssh root@your-server-ip

# Ntsha ditlhophiso tsa system
sudo apt update && sudo apt upgrade -y

# Tsenya di-package tse di tlhokegang
sudo apt install curl wget -y

Kgato 2: Tsenya Shadowsocks-Rust

# Tsaya version e e bofelong
wget $(curl -s https://api.github.com/repos/shadowsocks/shadowsocks-rust/releases/latest | grep 'browser_download_url.*x86_64-unknown-linux-gnu.tar.xz' | cut -d '"' -f 4)

# Ntsha archive
tar -xvf shadowsocks-*.tar.xz

# Tsamaisa di-binary go directory ya system
sudo mv ssserver /usr/local/bin/
sudo mv sslocal /usr/local/bin/
sudo chmod +x /usr/local/bin/ss*

# Netefatsa go tsenywa
ssserver --version

Kgato 3: Peakanyo

# Dira directory bakeng sa peakanyo
sudo mkdir -p /etc/shadowsocks

# Dira faele ya peakanyo
sudo nano /etc/shadowsocks/config.json

# Tsenya peakanyo e e latelang:
{
    "server": "0.0.0.0",
    "server_port": 8388,
    "password": "YOUR_STRONG_PASSWORD_HERE",
    "timeout": 300,
    "method": "chacha20-ietf-poly1305",
    "fast_open": true,
    "mode": "tcp_and_udp",
    "nameserver": "8.8.8.8"
}

# Ntshafatse YOUR_STRONG_PASSWORD_HERE ka password e e nonofileng
# O ka dira: openssl rand -base64 32

# Mekgwa ya go patilela e e laoletsweng:
# chacha20-ietf-poly1305 (E e Laoletsweng) — go lekana ga lebotlalo le tshireletso
# aes-256-gcm — motlhofo wa AES
# aes-128-gcm — e potlana ka botlalo, bakeng sa mobile
# 2022-blake3-aes-256-gcm — SS2022 e e bofelong

Kgato 4: Go Simolola ka Boitekanelo

A re dire tiro ya systemd bakeng sa go simolola ka boitekanelo ga Shadowsocks fa system e simolola.

# Dira faele ya tiro
sudo nano /etc/systemd/system/shadowsocks.service

# Tsenya:
[Unit]
Description=Shadowsocks-Rust Server
After=network.target

[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/ssserver -c /etc/shadowsocks/config.json
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target

# Boloka mme o nolofatse tiro
sudo systemctl daemon-reload
sudo systemctl enable shadowsocks
sudo systemctl start shadowsocks

# Sekaseka maemo
sudo systemctl status shadowsocks

Kgato 5: Firewall

# Fa o dirisa UFW
sudo ufw allow 8388/tcp
sudo ufw allow 8388/udp
sudo ufw reload

# Fa o dirisa firewalld
sudo firewall-cmd --permanent --add-port=8388/tcp
sudo firewall-cmd --permanent --add-port=8388/udp
sudo firewall-cmd --reload

Kgato 6: Go Ntshafatsa

A re seteng system bakeng sa lebotlalo le le kwa godimo ka botlalo la kgolagano.

# Go ntshafatsa network stack
sudo nano /etc/sysctl.conf

# Tsenya go bofelong jwa faele:
# BBR congestion control
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr

# Oketsa di-buffer
net.core.rmem_max=134217728
net.core.wmem_max=134217728
net.ipv4.tcp_rmem=4096 87380 67108864
net.ipv4.tcp_wmem=4096 65536 67108864
net.ipv4.tcp_mtu_probing=1

# Fast Open
net.ipv4.tcp_fastopen=3

# Dirisa diphetogo
sudo sysctl -p

Kgato 7: Di-Client

Morago ga go seta server, o tlhoka go golaganya di-device tsa client. Dikaelo tse di feletseng bakeng sa platform e nngwe le nngwe ka tlase.

Client ya Windows

1. Go Tsaya le go Tsenya

Etelela go tsebe ya shadowsocks/shadowsocks-windows ya GitHub mme o tsaye version e e bofelong (faele ya Shadowsocks-x.x.x.zip). Ntsha archive go folder efe kapa efe mme o berekise Shadowsocks.exe.

2. Go Tsenya Server

Tobetsa ka seatla sa moja go setshwantsho sa Shadowsocks mo system tray (gaufi le tsebe) mme o kgethe Servers > Edit Servers. Tlatlatsa dintlha:

3. Nolofatsa Proxy

Tobetsa ka seatla sa moja go setshwantsho sa tray > System Proxy > Global (go proxy traffic tsotlhe) kgotsa PAC (mokgwa wa boitekanelo bakeng sa di-saete tse di thibetsweng). Nolofatsa 'Enable System Proxy'. Go feletse! Traffic ya gago tsotlhe jaanong e tsamaya ka Shadowsocks.

Client ya Android

1. Go Tsenya ga App

Tsenya 'Shadowsocks' ka Max Lv go tswa mo Google Play Store kgotsa o tsaye APK go tswa mo GitHub (shadowsocks/shadowsocks-android). Bula app morago ga go tsenya.

2. Go Tsenya Profile

Tobetsa konopo ya '+' (plus) mo botlhakoreng jwa tlase jwa moja. Kgethela 'Manual Settings'. Tlatlatsa di-field:

3. Kgolagano

Tobetsa setshwantsho sa pampiri ya sefofane mo botlhakoreng jwa tlase jwa skrine go golagana. Fa o golagana la ntlha, Android e tla kopa tumelo go dira kgolagano ya VPN — tobetsa 'OK'. Morago ga go golagana, setshwantsho sa senotlolo se tla bonala mo status bar.

Client ya iOS

1. Go Tsenya ga App

Bula App Store mme o batle 'Shadowrocket' (e e lefwang, ~$3) kgotsa 'Potatso Lite' (e sa lefeng). Shadowrocket e nonofile ka botlalo le e e ikemetseng. Tsenya app.

2. Peakanyo ya Server

Bakeng sa Shadowrocket: bula app, tobetsa '+' mo botlhakoreng jwa kwa godimo jwa moja. Kgethela Type: Shadowsocks. Tlatlatsa:

3. Nolofatsa Kgolagano

Fetola switch gaufi le leina la server go ON. iOS e tla kopa tumelo go tsenya peakanyo ya VPN — netefatsa tiro (e ka tlhoka Face ID / Touch ID). Maemo a 'Connected' a raya kgolagano e e atlegileng.

Client ya macOS

1. Tsenya ShadowsocksX-NG

Tsaya ShadowsocksX-NG go tswa mo GitHub (shadowsocks/ShadowsocksX-NG/releases). Bula faele ya DMG mme o tsamaisise application go folder ya Applications. Simolola ShadowsocksX-NG.

2. Tsenya Server

Tobetsa setshwantsho sa sefofane mo menu bar (kwa godimo jwa moja). Kgethela Servers > Server Preferences. Tobetsa '+' go tsenya server e ntšha:

3. Nolofatsa Proxy

Tobetsa setshwantsho sa menu bar > Turn Shadowsocks On. Kgethela mokgwa wa proxy: 'Auto Proxy Mode' (e e laoletsweng, e dirisa PAC bakeng sa routing e e bohlale) kgotsa 'Global Mode' (traffic tsotlhe ka proxy). Go feletse!

Bonus: Go Seta ga Multi-User

Fa o batla go abelana server ka batsadi kgotsa malapa, dirisa peakanyo ya multi-port.

# Fetola peakanyo
sudo nano /etc/shadowsocks/config.json

# Dirisa foromo e e nang le di-port bakeng sa badirisi ba ba farologaneng:
{
    "servers": [
        {
            "server": "0.0.0.0",
            "server_port": 8388,
            "password": "user1_password",
            "method": "chacha20-ietf-poly1305"
        },
        {
            "server": "0.0.0.0",
            "server_port": 8389,
            "password": "user2_password",
            "method": "chacha20-ietf-poly1305"
        },
        {
            "server": "0.0.0.0",
            "server_port": 8390,
            "password": "user3_password",
            "method": "chacha20-ietf-poly1305"
        }
    ],
    "timeout": 300,
    "mode": "tcp_and_udp"
}

# O se ka wa lebala go bula di-port tse ntšha mo firewall
sudo ufw allow 8389:8390/tcp
sudo ufw allow 8389:8390/udp

# Boela morago tiro
sudo systemctl restart shadowsocks

E e Kwa Godimo: Go Dirisa Di-Plugin tsa Obfuscation

Bakeng sa tshireletso e e eketsegileng kgatlhanelo le DPI, dirisa di-plugin tse di patileng traffic ya Shadowsocks.

v2ray-plugin (E e Laoletsweng)

# Tsenya v2ray-plugin
wget https://github.com/shadowsocks/v2ray-plugin/releases/download/v1.3.2/v2ray-plugin-linux-amd64-v1.3.2.tar.gz
tar -xvf v2ray-plugin-*.tar.gz
sudo mv v2ray-plugin_linux_amd64 /usr/local/bin/v2ray-plugin
sudo chmod +x /usr/local/bin/v2ray-plugin

# Ntshafatse peakanyo ya Shadowsocks
{
    "server": "0.0.0.0",
    "server_port": 443,
    "password": "your_password",
    "method": "chacha20-ietf-poly1305",
    "plugin": "/usr/local/bin/v2ray-plugin",
    "plugin_opts": "server;tls;host=your-domain.com;cert=/path/to/cert.pem;key=/path/to/key.pem"
}

# Mo client tsenya:
# Plugin: v2ray-plugin
# Plugin Options: tls;host=your-domain.com

Go Rarabolola Mathata

Mathata a a Tlwaelegileng le Ditsarololo

• Ga o kgone go golagana: Sekaseka firewall mme o netefatse gore port e bulegile
• Kgolagano e botlhofo: Leka mokgwa o mongwe wa go patilela (aes-128-gcm e potlana ka botlalo)
• Go tlogelana ka metlha: Nolofatsa TCP Fast Open le BBR
• Server e thibediwa: Dirisa plugin ya obfuscation le port 443
• Sekaseka di-log: sudo journalctl -u shadowsocks -f

Ditshupo tsa Tshireletso

• Dirisa password e e nonofileng (bogolo jwa motlhofo bo bo ka nako e e ka nang le 20 characters, e e sa tlwaelegileng)
• Ntsha ditlhophiso tsa Shadowsocks ka metlha go version e e bofelong
• O se ka wa abelana dintlha tsa server ka phatlalatsa — fela ka batho ba ba tshepahalang
• Fetola port ya motlhofo (8388) go e e sa tlwaelegileng
• Dirisa mekgwa e e nang le selekanyo ya go patilela (chacha20-ietf-poly1305 kgotsa e e bofelong)
• Akanya go dirisa plugin ya obfuscation mo mafatsheng a a nang le thibelo e e berekang
• Tlhokomela tshebediso ya traffic: sudo apt install vnstat && vnstat -l
• Seta go ntsha ditlhophiso tsa system ka boitekanelo