本博客是仅用于学习,使阅读者明白如何常见的网络架构
注意,阿里云国内厂商风险较高,建议使用国外如微软等厂商
碎碎念
一切都起源于阿里云的一个学生优惠的政策,也就是说学生每年都有¥300的代金券
这里面能买的东西其实都挺鸡肋的,要么是半年的服务器,要么是可以买一年的,没有带宽,一旦说是自己买了带宽,那价格就飞上天了。
但是在下面有一个比较有意思的服务器,就是2C 0.5G 200Mbps峰值带宽海外服务器
按照价格的话,只需需要自己在支付¥36就可以用一年的海外服务器,嘿嘿,这个服务器的作用的话就很明显了,简直就是某种用途的的天选服务器,0.5G的内存,基本上什么都干不了,只能做一个代理。那么说干就干了。
基本上个人使用也就是这个作用了。
地区选择
其实可以发现可以选择的地方并不多,真正能入我眼的话,其实只有三个地方了
首尔、美国、东南亚
既然想买的话,肯定要选一个延迟最低的
接下来使用自己对经常呆的地方,看一下日常使用延迟,分别用下面三个命令测试一下
ping oss-ap-northeast-2.aliyuncs.com
ping oss-ap-southeast-3.aliyuncs.com
ping oss-us-west-1.aliyuncs.com
要是这么看的话,其实还是首尔韩国延迟最低了。感觉现在和国内差不多了。
系统的话,要尽可能地选一个占用较小的系统,并且还符合我平时使用ubuntu的习惯,那就是Debian大人了
这样的话,说干就干,买韩国的了。
部署服务
服务器开荒,那点命令之前都写过了,就不赘述了,可以看我之前的文章
由于内存0.5实在是太小了,先开一点交换虚拟内存,免得崩了
开启 Swap 虚拟内存(防卡死崩溃)。
sudo fallocate -l 1G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab然后就是使用一键安装脚本了在root环境下,进行一键安装即可
sudo -i
bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)首先就会问,使用什么数据库,以及你的服务打算跑到什么端口
这个不用想,我们就0.5G的内存,直接选1)SQLite
端口号的话,就随便选一个即可,在这里选的9081端口。
然后的话,就是问你,要不要部署SSL证书,这个就没必要了,因为本来就是只有自己在用,并且也从来没打算吧面板暴露到公网环境下使用,所以说,就直接4跳过了。
然后的话,就是问你,要不要把你的面板暴露到公网,这个的话就没必要了,反正只有自己在用,服务器也是在自己的手里,所以就不要暴露了,这里选。y,意思是面板只有自己服务器才能访问
后面如果想要访问面板,可以用类似于下面的命令,将服务器的端口映射到本地
ssh -L 2222:127.0.0.1:9081 root@**.**.**.**
#If using an SSH key:
ssh -i <sshkeypath> -L 2222:127.0.0.1:9081 root@**.**.**.**
#Then open in your browser:
http://localhost:2222/FjM1OL**********然后的话,后面会输出这些面板信息你就可以获取面板信息,访问你的面板了
═══════════════════════════════════════════
Panel Installation Complete!
═══════════════════════════════════════════
Username: DWS*******
Password: w1***********
Port: 9081
WebBasePath: FjM1O**********
Database: SQLite (/etc/x-ui/x-ui.db)
Access URL: http://127.0.0.1:9081/FjM1O**********
API Token: kI**********************************
═══════════════════════════════════════════面板配置
通过上面的你的信息,访问你的面板(记得映射端口,前面设置了,不暴露到公网)
首先,点击左侧的入站,然后添加入站按钮,获得当前的面板
第一步:【基础配置】标签
备注:随便填个名字,比如
首尔-VLESS。端口:强烈建议把截图里的
30784删掉,改成443。(记得要去阿里云后台防火墙将端口打开)(原理说明:Reality 协议的核心逻辑是把你的流量伪装成正常的 HTTPS 网页浏览。而全世界正常的 HTTPS 流量几乎都是走 443 端口的。用 443 端口伪装度最高。)
第二步:协议、传输保持不变,修改【安全】标签
点击顶部的“安全”。
找到“安全 (Security)”下拉菜单,选择
reality。选中后,下方会弹出一大堆 Reality 的专属设置,按下面都按照默认即可
第三步:【嗅探】标签
点击顶部的“嗅探”。
将“启用嗅探”的开关打开(这有助于更精准地路由你的流量)。
然后点击创建即可
然后点击左侧的客户端,,关联入站,选择刚才的那个节点即可。然后点击创建
在这里创建结束之后理论上,你就可以使用了
回到之前的入站,导出链接,理论上就可以用了,在浏览器打开就可以直接打开你的支持的代理软件。
但是啊,可定还有很多人,想在clash上使用,所以说可以这样使用
配置订阅
(你可以先去安全设定里面改一下用户名密码之类的东西,不在这里赘述了)
左侧的面板设置-->订阅设置,
Clash / Mihomo 订阅 的开关打开。因为你用的是 Clash Verge 客户端,打开这个能让服务器直接下载兼容的Clash 配置文件。
监听端口,可以选择一个自己喜欢的端口
URL路径选一个你喜欢的,防止被逆向
反向代理URL的话要填写规定的http://你的IP:端口号/你设置的URL路径/
在资料里面可以给自己的订阅起一个名字,这里的话叫做首尔自建房了
然后clash环节,直接启用路由,然后路由规则,填写下面的内容
{
"dns": {
"enable": true,
"ipv6": false,
"default-nameserver": [
"223.5.5.5",
"119.29.29.29"
],
"enhanced-mode": "fake-ip",
"fake-ip-range": "198.18.0.1/16",
"use-hosts": true,
"nameserver-policy": {
"+.google.com": "https://dns.cloudflare.com/dns-query",
"+.googleapis.com": "https://dns.cloudflare.com/dns-query",
"+.googlevideo.com": "https://dns.cloudflare.com/dns-query",
"+.gstatic.com": "https://dns.cloudflare.com/dns-query",
"+.youtube.com": "https://dns.cloudflare.com/dns-query",
"+.facebook.com": "https://dns.cloudflare.com/dns-query",
"+.x.com": "https://dns.cloudflare.com/dns-query",
"+.github.com": "https://dns.cloudflare.com/dns-query",
"+.openai.com": "https://dns.cloudflare.com/dns-query"
},
"nameserver": [
"https://doh.pub/dns-query",
"https://dns.alidns.com/dns-query",
"tls://dot.pub:853",
"tls://dns.alidns.com:853"
],
"fallback": null,
"fallback-filter": {
"geoip": true,
"geoip-code": "CN",
"ipcidr": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.168.0.0/16",
"224.0.0.0/4",
"240.0.0.0/4"
],
"domain": [
"+.google.com",
"+.facebook.com",
"+.youtube.com",
"+.googlevideo.com"
]
},
"fake-ip-filter": [
"*.lan",
"*.local",
"*.localhost",
"*.test",
"localhost.ptlogin2.qq.com",
"+.stun.*.*",
"+.stun.*.*.*",
"lens.l.google.com",
"*.srv.nintendo.net",
"+.stun.playstation.net",
"xbox.*.*.microsoft.com",
"*.*.xboxlive.com",
"+.msftncsi.com",
"+.msftconnecttest.com"
]
},
"rules": [
"DOMAIN-SUFFIX,local,DIRECT",
"DOMAIN-SUFFIX,localhost,DIRECT",
"IP-CIDR,10.0.0.0/8,DIRECT,no-resolve",
"IP-CIDR,17.0.0.0/8,DIRECT,no-resolve",
"IP-CIDR,100.64.0.0/10,DIRECT,no-resolve",
"IP-CIDR,127.0.0.0/8,DIRECT,no-resolve",
"IP-CIDR,172.16.0.0/12,DIRECT,no-resolve",
"IP-CIDR,192.168.0.0/16,DIRECT,no-resolve",
"IP-CIDR,198.18.0.0/16,DIRECT,no-resolve",
"IP-CIDR,224.0.0.0/4,DIRECT,no-resolve",
"IP-CIDR6,::1/128,DIRECT,no-resolve",
"IP-CIDR6,fc00::/7,DIRECT,no-resolve",
"IP-CIDR6,fe80::/10,DIRECT,no-resolve",
"DOMAIN-KEYWORD,admarvel,REJECT",
"DOMAIN-KEYWORD,admaster,REJECT",
"DOMAIN-KEYWORD,adsage,REJECT",
"DOMAIN-KEYWORD,adsmogo,REJECT",
"DOMAIN-KEYWORD,adsrvmedia,REJECT",
"DOMAIN-KEYWORD,adwords,REJECT",
"DOMAIN-KEYWORD,adservice,REJECT",
"DOMAIN-KEYWORD,domob,REJECT",
"DOMAIN-KEYWORD,duomeng,REJECT",
"DOMAIN-KEYWORD,dwtrack,REJECT",
"DOMAIN-KEYWORD,guanggao,REJECT",
"DOMAIN-KEYWORD,lianmeng,REJECT",
"DOMAIN-KEYWORD,omgmta,REJECT",
"DOMAIN-KEYWORD,openx,REJECT",
"DOMAIN-KEYWORD,partnerad,REJECT",
"DOMAIN-KEYWORD,supersonicads,REJECT",
"DOMAIN-KEYWORD,umeng,REJECT",
"DOMAIN-KEYWORD,zjtoolbar,REJECT",
"DOMAIN-SUFFIX,appsflyer.com,REJECT",
"DOMAIN-SUFFIX,doubleclick.net,REJECT",
"DOMAIN-SUFFIX,mmstat.com,REJECT",
"DOMAIN-SUFFIX,apps.apple.com,PROXY",
"DOMAIN-SUFFIX,itunes.apple.com,PROXY",
"DOMAIN-SUFFIX,blobstore.apple.com,PROXY",
"DOMAIN,safebrowsing.urlsec.qq.com,DIRECT",
"DOMAIN-SUFFIX,apple.com,DIRECT",
"DOMAIN-SUFFIX,apple-cloudkit.com,DIRECT",
"DOMAIN-SUFFIX,icloud.com,DIRECT",
"DOMAIN-SUFFIX,icloud-content.com,DIRECT",
"DOMAIN-SUFFIX,mzstatic.com,DIRECT",
"DOMAIN-SUFFIX,aaplimg.com,DIRECT",
"DOMAIN-SUFFIX,cdn-apple.com,DIRECT",
"DOMAIN-SUFFIX,akadns.net,DIRECT",
"DOMAIN-KEYWORD,baidu,DIRECT",
"DOMAIN-KEYWORD,alibaba,DIRECT",
"DOMAIN-KEYWORD,alicdn,DIRECT",
"DOMAIN-KEYWORD,alipay,DIRECT",
"DOMAIN-KEYWORD,taobao,DIRECT",
"DOMAIN-KEYWORD,tencent,DIRECT",
"DOMAIN-KEYWORD,bilibili,DIRECT",
"DOMAIN-KEYWORD,weibo,DIRECT",
"DOMAIN-KEYWORD,douyin,DIRECT",
"DOMAIN-KEYWORD,bytedance,DIRECT",
"DOMAIN-KEYWORD,xiaomi,DIRECT",
"DOMAIN-KEYWORD,huawei,DIRECT",
"DOMAIN-KEYWORD,netease,DIRECT",
"DOMAIN-KEYWORD,meituan,DIRECT",
"DOMAIN-KEYWORD,pinduoduo,DIRECT",
"DOMAIN-KEYWORD,kuaishou,DIRECT",
"DOMAIN-KEYWORD,jingdong,DIRECT",
"DOMAIN-KEYWORD,officecdn,DIRECT",
"DOMAIN-SUFFIX,qq.com,DIRECT",
"DOMAIN-SUFFIX,weixin.com,DIRECT",
"DOMAIN-SUFFIX,wechat.com,DIRECT",
"DOMAIN-SUFFIX,gtimg.com,DIRECT",
"DOMAIN-SUFFIX,qcloud.com,DIRECT",
"DOMAIN-SUFFIX,myqcloud.com,DIRECT",
"DOMAIN-SUFFIX,qpic.cn,DIRECT",
"DOMAIN-SUFFIX,tenpay.com,DIRECT",
"DOMAIN-SUFFIX,tmall.com,DIRECT",
"DOMAIN-SUFFIX,jd.com,DIRECT",
"DOMAIN-SUFFIX,360buyimg.com,DIRECT",
"DOMAIN-SUFFIX,iqiyi.com,DIRECT",
"DOMAIN-SUFFIX,youku.com,DIRECT",
"DOMAIN-SUFFIX,ykimg.com,DIRECT",
"DOMAIN-SUFFIX,tudou.com,DIRECT",
"DOMAIN-SUFFIX,acfun.tv,DIRECT",
"DOMAIN-SUFFIX,hdslb.com,DIRECT",
"DOMAIN-SUFFIX,sohu.com,DIRECT",
"DOMAIN-SUFFIX,sogou.com,DIRECT",
"DOMAIN-SUFFIX,zhihu.com,DIRECT",
"DOMAIN-SUFFIX,zhimg.com,DIRECT",
"DOMAIN-SUFFIX,douban.com,DIRECT",
"DOMAIN-SUFFIX,doubanio.com,DIRECT",
"DOMAIN-SUFFIX,163.com,DIRECT",
"DOMAIN-SUFFIX,126.com,DIRECT",
"DOMAIN-SUFFIX,126.net,DIRECT",
"DOMAIN-SUFFIX,127.net,DIRECT",
"DOMAIN-SUFFIX,yeah.net,DIRECT",
"DOMAIN-SUFFIX,sina.com,DIRECT",
"DOMAIN-SUFFIX,sinaimg.cn,DIRECT",
"DOMAIN-SUFFIX,ximalaya.com,DIRECT",
"DOMAIN-SUFFIX,xmcdn.com,DIRECT",
"DOMAIN-SUFFIX,csdn.net,DIRECT",
"DOMAIN-SUFFIX,gitee.com,DIRECT",
"DOMAIN-SUFFIX,jianshu.com,DIRECT",
"DOMAIN-SUFFIX,cnblogs.com,DIRECT",
"DOMAIN-SUFFIX,oschina.net,DIRECT",
"DOMAIN-SUFFIX,ele.me,DIRECT",
"DOMAIN-SUFFIX,ctrip.com,DIRECT",
"DOMAIN-SUFFIX,suning.com,DIRECT",
"DOMAIN-SUFFIX,dianping.com,DIRECT",
"DOMAIN-SUFFIX,amap.com,DIRECT",
"DOMAIN-SUFFIX,autonavi.com,DIRECT",
"DOMAIN-SUFFIX,mi.com,DIRECT",
"DOMAIN-SUFFIX,miui.com,DIRECT",
"DOMAIN-SUFFIX,ifeng.com,DIRECT",
"DOMAIN-SUFFIX,youdao.com,DIRECT",
"DOMAIN-SUFFIX,iciba.com,DIRECT",
"DOMAIN-SUFFIX,xunlei.com,DIRECT",
"DOMAIN-SUFFIX,smzdm.com,DIRECT",
"DOMAIN-SUFFIX,sspai.com,DIRECT",
"DOMAIN-SUFFIX,36kr.com,DIRECT",
"DOMAIN-SUFFIX,speedtest.net,DIRECT",
"DOMAIN-SUFFIX,microsoft.com,DIRECT",
"DOMAIN-SUFFIX,microsoftonline.com,DIRECT",
"DOMAIN-SUFFIX,office.com,DIRECT",
"DOMAIN-SUFFIX,office365.com,DIRECT",
"DOMAIN-SUFFIX,windows.com,DIRECT",
"DOMAIN-SUFFIX,windowsupdate.com,DIRECT",
"DOMAIN-SUFFIX,live.com,DIRECT",
"DOMAIN-SUFFIX,msn.com,DIRECT",
"DOMAIN-SUFFIX,cn,DIRECT",
"DOMAIN-KEYWORD,-cn,DIRECT",
"DOMAIN-KEYWORD,google,PROXY",
"DOMAIN-KEYWORD,gmail,PROXY",
"DOMAIN-KEYWORD,youtube,PROXY",
"DOMAIN-KEYWORD,facebook,PROXY",
"DOMAIN-KEYWORD,twitter,PROXY",
"DOMAIN-KEYWORD,instagram,PROXY",
"DOMAIN-KEYWORD,whatsapp,PROXY",
"DOMAIN-KEYWORD,telegram,PROXY",
"DOMAIN-KEYWORD,github,PROXY",
"DOMAIN-KEYWORD,blogspot,PROXY",
"DOMAIN-KEYWORD,dropbox,PROXY",
"DOMAIN-KEYWORD,wikipedia,PROXY",
"DOMAIN-KEYWORD,pinterest,PROXY",
"DOMAIN-KEYWORD,discord,PROXY",
"DOMAIN-KEYWORD,discordapp,PROXY",
"DOMAIN-KEYWORD,openai,PROXY",
"DOMAIN-KEYWORD,anthropic,PROXY",
"DOMAIN-KEYWORD,netflix,PROXY",
"DOMAIN-KEYWORD,spotify,PROXY",
"DOMAIN-KEYWORD,amazon,PROXY",
"DOMAIN-SUFFIX,t.co,PROXY",
"DOMAIN-SUFFIX,x.com,PROXY",
"DOMAIN-SUFFIX,twimg.com,PROXY",
"DOMAIN-SUFFIX,fb.me,PROXY",
"DOMAIN-SUFFIX,fbcdn.net,PROXY",
"DOMAIN-SUFFIX,youtu.be,PROXY",
"DOMAIN-SUFFIX,ytimg.com,PROXY",
"DOMAIN-SUFFIX,gstatic.com,PROXY",
"DOMAIN-SUFFIX,ggpht.com,PROXY",
"DOMAIN-SUFFIX,googlevideo.com,PROXY",
"DOMAIN-SUFFIX,v2ex.com,PROXY",
"DOMAIN-SUFFIX,medium.com,PROXY",
"DOMAIN-SUFFIX,reddit.com,PROXY",
"DOMAIN-SUFFIX,redd.it,PROXY",
"DOMAIN-SUFFIX,imgur.com,PROXY",
"DOMAIN-SUFFIX,pixiv.net,PROXY",
"DOMAIN-SUFFIX,nytimes.com,PROXY",
"DOMAIN-SUFFIX,nyt.com,PROXY",
"DOMAIN-SUFFIX,bbc.com,PROXY",
"DOMAIN-SUFFIX,bbc.co.uk,PROXY",
"DOMAIN-SUFFIX,steamcommunity.com,PROXY",
"DOMAIN-SUFFIX,twitch.tv,PROXY",
"DOMAIN-SUFFIX,vimeo.com,PROXY",
"DOMAIN-SUFFIX,tumblr.com,PROXY",
"DOMAIN-SUFFIX,linkedin.com,PROXY",
"DOMAIN-SUFFIX,licdn.com,PROXY",
"DOMAIN-SUFFIX,mega.nz,PROXY",
"DOMAIN-SUFFIX,archive.org,PROXY",
"DOMAIN-SUFFIX,wikimedia.org,PROXY",
"DOMAIN-SUFFIX,soundcloud.com,PROXY",
"IP-CIDR,91.108.4.0/22,PROXY,no-resolve",
"IP-CIDR,91.108.8.0/21,PROXY,no-resolve",
"IP-CIDR,91.108.12.0/22,PROXY,no-resolve",
"IP-CIDR,91.108.16.0/22,PROXY,no-resolve",
"IP-CIDR,91.108.56.0/22,PROXY,no-resolve",
"IP-CIDR,149.154.160.0/20,PROXY,no-resolve",
"IP-CIDR6,2001:67c:4e8::/48,PROXY,no-resolve",
"IP-CIDR6,2001:b28:f23d::/48,PROXY,no-resolve",
"IP-CIDR6,2001:b28:f23f::/48,PROXY,no-resolve",
"GEOIP,CN,DIRECT",
"MATCH,PROXY"
]
}
配置完一切之后,点击上方的保存以及重启面板即可
然后返回入站,导出我们的订阅链接即可
不过别着急,你可能会会发现你的订阅链接,没有办法直接导入calsh使用,因此需要中转一下
将你复制过来的链接,直接在浏览器打开,可以看到这么一个界面,点击calsh栏目的右侧,有一个复制,可以复制clash专用的订阅链接。然后你就可以直接使用了
然后接下来你就可以开心使用了
挖个坑
因为现在的使用的是http请求,所以后续我打算再利用最近白嫖的EO,或者ESA作一层加速,这样就可以很好的隐藏源站的IP信息了。