段落1、需求描述
1台服务器,已配置的Shadowsocks-libev ,IP地址为 10.11.11.247
ss://aes-128-gcm:P1122330099@10.11.11.247:16805
1台服务器,配置的V2ray服务端,IP地址为 10.11.11.223
现在,需要让v2ray的流量,走到SS去。
实现的路由方向为:客户端 ~ ~ V2ray服务 ~ ~ SS服务
# Shadowsocks-libev IPv6出站优先的配置,参考 https://dasmz.com/?p=1804
# 编译安装Shadowsocks-libev服务端,AEAD加密算法支持,参考 https://dasmz.com/?p=1845
# 基于v2ray使用免费的socks5的IP为落地 ,参考 https://dasmz.com/?p=560
# VMess MD5 认证信息 淘汰机制 https://dasmz.com/?p=1051
段落2、需要配置V2ray的outbound参数
V2服务端配置文件
{ "log": { "access": "/var/log/v2ray/access.log", "error": "/var/log/v2ray/errors.log", "loglevel": "info" }, "inbound": { "port": 18505, "protocol": "vmess", "settings": { "clients": [ { "id": "5b61942a-b2ee-434b-b39b-83daa7fcda39", "level": 1, "alterId": 6 } ] } }, "outbounds": [ { "protocol": "shadowsocks", "settings": { "servers": [ { "address": "10.11.11.247", "method": "aes-128-gcm", "ota": false, "password": "P1122330099", "port": 16805 } ] } } ], "routing": { "strategy": "rules", "settings": { "rules": [ { "type": "field", "ip": [ "10.0.0.0/8" ], "outboundTag": "blocked" } ] } } }
上方是出站到Shadowsocks的服务端配置样例,已经过测试,有效。Shadowsocks的OTA已废弃,务必选择AEAD的加密算法。
客户端配置
{ "log": { "access": "", "error": "", "loglevel": "warning" }, "inbounds": [ { "tag": "proxy", "port": 10808, "listen": "127.0.0.1", "protocol": "socks", "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "settings": { "auth": "noauth", "udp": false } } ], "outbounds": [ { "tag": "proxy", "protocol": "vmess", "settings": { "vnext": [ { "address": "10.11.11.223", "port": 18505, "users": [ { "id": "5b61942a-b2ee-434b-b39b-83daa7fcda39", "alterId": 6, "email": "t@t.tt", "security": "auto" } ] } ] }, "streamSettings": { "network": "tcp" }, "mux": { "enabled": false, "concurrency": -1 } }, { "tag": "direct", "protocol": "freedom", "settings": {} }, { "tag": "block", "protocol": "blackhole", "settings": { "response": { "type": "http" } } } ], "routing": { "domainStrategy": "IPIfNonMatch", "rules": [ { "type": "field", "inboundTag": [ "api" ], "outboundTag": "api" } ] } }
可能的报错,如果程序启动失败,大概率是v2ray对于非AEAD的加密算法的抛弃 例如 V2Ray 4.44.0 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.3 linux/amd64) A unified platform for anti-censorship. 2022/04/12 18:14:05 [Info] main/jsonem: Reading config: /etc/v2ray/config.json main: failed to read config files: [/etc/v2ray/config.json] > infra/conf: unknown cipher method: aes-128-cfb
附录1、参考链接的清单
参考V2的SS协议配置 https://www.v2ray.com/en/configuration/protocols/shadowsocks.html
参考v2fly的配置 https://guide.v2fly.org/basics/shadowsocks.html#%E6%9C%8D%E5%8A%A1%E5%99%A8%E9%85%8D%E7%BD%AE
Pingback引用通告: 视频文件的目录索引 更新到2022-04-17 | Dasmz