v2ray #
服务端 #
wget -N --no-check-certificate -q -O install.sh "https://raw.githubusercontent.com/wulabing/Xray_onekey/nginx_forward/install.sh" && chmod +x install.sh && bash install.sh
# 启动方式
# 启动 Xray:systemctl start xray
# 停止 Xray:systemctl stop xray
# 启动 Nginx:systemctl start nginx
# 停止 Nginx:systemctl stop nginx
# 相关目录
# Web 目录:/www/xray_web
# Xray 服务端配置:/usr/local/etc/xray/config.json
# Nginx 目录: /etc/nginx
openai #
安装参考 [[ubuntu/docker]]
docker run -d --name warp -p 127.0.0.1:7081:1080 -p 127.0.0.1:7082:8080 --restart unless-stopped amirdaaee/cloudflare-warp:latest
curl -x "socks5://127.0.0.1:7081" ipinfo.io
vim /usr/local/etc/xray/config.json
# outbounds 加上
{
"protocol": "socks",
"settings": {
"servers": [
{
"address": "127.0.0.1",
"port": 7081,
"users": []
}
]
},
"tag": "warp_proxy"
},
# routing - rules 加上
{
"type": "field",
"outboundTag": "warp_proxy",
"domain": ["openai.com"]
},
# 然后重启
systemctl restart xray
ip 白名单 #
# 第一次
# 安装依赖与目录
sudo apt-get update
sudo apt-get install -y iptables-persistent ipset
sudo mkdir -p /etc/iptables
# 创建 ipset 集合(白名单容器)
sudo ipset create PROXY_WL hash:ip -exist
# iptables 链与规则(仅建立一次,幂等)
# 端口
HTTP_PORT=3128
SOCKS_PORT=29108
# 若链不存在则创建
sudo iptables -L PROXY_WHITELIST -n >/dev/null 2>&1 || sudo iptables -N PROXY_WHITELIST
# 链首:匹配 ipset 的来源就放行(幂等)
sudo iptables -C PROXY_WHITELIST -m set --match-set PROXY_WL src -j RETURN 2>/dev/null \
|| sudo iptables -I PROXY_WHITELIST 1 -m set --match-set PROXY_WL src -j RETURN
# 内网/回环(按需保留)
for cidr in 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16; do
sudo iptables -C PROXY_WHITELIST -s $cidr -j RETURN 2>/dev/null || \
sudo iptables -A PROXY_WHITELIST -s $cidr -j RETURN
done
# 链尾:其余丢弃
sudo iptables -C PROXY_WHITELIST -j DROP 2>/dev/null || sudo iptables -A PROXY_WHITELIST -j DROP
# 把链挂到端口(TCP:HTTP+SOCKS)
sudo iptables -C INPUT -p tcp -m multiport --dports $HTTP_PORT,$SOCKS_PORT -j PROXY_WHITELIST 2>/dev/null \
|| sudo iptables -A INPUT -p tcp -m multiport --dports $HTTP_PORT,$SOCKS_PORT -j PROXY_WHITELIST
# 如果需要 SOCKS 的 UDP(可选)
sudo iptables -C INPUT -p udp --dport $SOCKS_PORT -j PROXY_WHITELIST 2>/dev/null \
|| sudo iptables -A INPUT -p udp --dport $SOCKS_PORT -j PROXY_WHITELIST
# 持久化 + 自启动(保证重启也生效)
# 保存当前 iptables/ipset
sudo sh -c 'iptables-save > /etc/iptables/rules.v4'
sudo sh -c 'ip6tables-save > /etc/iptables/rules.v6' # 用不到IPv6也可留空
sudo sh -c 'ipset save > /etc/iptables/ipset.conf'
# 创建 ipset 开机恢复服务(带 -exist,幂等)
sudo tee /etc/systemd/system/ipset-restore.service >/dev/null <<'EOF'
[Unit]
Description=Restore ipset sets
DefaultDependencies=no
Before=netfilter-persistent.service
[Service]
Type=oneshot
ExecStart=/usr/sbin/ipset restore -exist -f /etc/iptables/ipset.conf
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
# 启用/启动
sudo systemctl daemon-reload
sudo systemctl enable ipset-restore.service
sudo systemctl enable netfilter-persistent
sudo systemctl restart ipset-restore.service
sudo systemctl restart netfilter-persistent
# 安装 “白名单助手” 脚本
sudo tee /usr/local/sbin/proxy-wl >/dev/null <<'EOF'
#!/usr/bin/env bash
set -euo pipefail
SET=PROXY_WL
CONF_DIR=/etc/iptables
IPSET_CONF=$CONF_DIR/ipset.conf
IPT_V4=$CONF_DIR/rules.v4
usage() { echo "Usage: $0 {add IP|del IP|list|save}"; exit 1; }
[ $# -ge 1 ] || usage
cmd="$1"; shift || true
case "$cmd" in
add)
[ $# -eq 1 ] || usage
sudo ipset add "$SET" "$1" -exist
echo "[ADD] $1"
;;
del)
[ $# -eq 1 ] || usage
sudo ipset del "$SET" "$1"
echo "[DEL] $1"
;;
list)
sudo ipset list "$SET"
;;
save)
sudo mkdir -p "$CONF_DIR"
sudo sh -c "ipset save > '$IPSET_CONF'"
sudo sh -c "iptables-save > '$IPT_V4'"
# 幂等恢复一次
sudo /usr/sbin/ipset restore -exist -f "$IPSET_CONF"
echo "[SAVE] persisted & restored."
;;
*)
usage
;;
esac
EOF
sudo chmod +x /usr/local/sbin/proxy-wl
# 增删 ip
sudo proxy-wl add 1.180.13.249
sudo proxy-wl add 14.155.58.153
# sudo proxy-wl del 1.180.13.249
sudo proxy-wl list
sudo proxy-wl save
使用方法 #
cat <<'EOF' >> ~/.bashrc
# Proxy on/off helpers
proxy() {
local url="http://A1kq-V7mQ3pX:[email protected]:3128"
export http_proxy="$url"
export https_proxy="$url"
export HTTP_PROXY="$url"
export HTTPS_PROXY="$url"
# 常见 no_proxy 列表,可按需加入内网网段
export no_proxy="localhost,127.0.0.1,::1"
export NO_PROXY="$no_proxy"
echo "Proxy ON -> $url"
}
unproxy() {
unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
echo "Proxy OFF"
}
EOF
# 让当前 shell 生效
. ~/.bashrc
cat <<'EOF' >> ~/.zshrc
# Proxy on/off helpers
proxy() {
local url="http://A1kq-V7mQ3pX:[email protected]:3128"
export http_proxy="$url"
export https_proxy="$url"
export HTTP_PROXY="$url"
export HTTPS_PROXY="$url"
# 常见 no_proxy 列表,可按需加入内网网段
export no_proxy="localhost,127.0.0.1,::1"
export NO_PROXY="$no_proxy"
echo "Proxy ON -> $url"
}
unproxy() {
unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
echo "Proxy OFF"
}
EOF
# 让当前 shell 生效
. ~/.zshrc
Linux 客户端 #
v2rayA #
# 添加公钥
wget -qO - https://apt.v2raya.org/key/public-key.asc | sudo tee /etc/apt/keyrings/v2raya.asc
# 添加 V2RayA 软件源
echo "deb [signed-by=/etc/apt/keyrings/v2raya.asc] https://apt.v2raya.org/ v2raya main" | sudo tee /etc/apt/sources.list.d/v2raya.list
sudo apt update
# 安装 V2RayA
sudo apt install v2raya v2ray ## 也可以使用 xray 包
sudo systemctl start v2raya.service
sudo systemctl enable v2raya.service
参考: v2raya 快速上手
叶王 © 2013-2024 版权所有。如果本文档对你有所帮助,可以请作者喝饮料。