Pages

Tuesday, 20 October 2015

利用基于go的qTunnel翻墙(已停止服务的“曲径”背后的翻墙程序。我用其翻墙成功)

qTunnel - a simpler and (possibily) faster tunnel program

qtunnel is a network tunneling software working as an encryption wrapper between clients and servers (remote/local). It can work as a Stunnel/stud replacement.
qtunnel has been serving over 10 millions connections on Qu Jing each day for the past few months.
Why Another Wrapper
Stunnel/stud is great in SSL/TLS based environments, but what we want is a lighter and faster solution that only does one job: transfer encrypted data between servers and clients. We don't need to deal with certification settings and we want the transfer is as fast as possible. So we made qTunnel. Basically, it's a Stunnel/stud without certification settings and SSL handshakes, and it's written in Go.

Requirements

qtunnel is writen in golang 1.3.1, after building it can run on almost every OS.

Build

To build qtunnel
$ make
To test qtunnel
$ make test

Usage

$ ./bin/qtunnel -h
Usage of ./bin/qtunnel:
    -backend="127.0.0.1:6400": host:port of the backend
    -clientmode=false: if running at client mode
    -crypto="rc4": encryption method
    -listen=":9001": host:port qtunnel listen on
    -logto="stdout": stdout or syslog
    -secret="secret": password used to encrypt the data
qtunnel supports two encryption methods: rc4 and aes256cfb. Both servers and clients should use the same crypto and same secret.
from https://github.com/getqujing/qtunnel
https://github.com/getqujing/qtunnel/issues/6
---------
我的补充说明:
登陆你的linux vps,

git clone github.com/getqujing/qtunnel
cd qtunnel
$ ls
LICENSE README.md src
Makefile debian
$ make
$ ls
LICENSE README.md debian src
Makefile bin pkg
(make之后,新出现了bin,pkg目录)
$ cd bin
~:/vm/qtunnel/bin$ ls
~:/vm/qtunnel/bin$ qtunnel
(这个qtunnel就是qtunnel程序的可执行文件)
~:/vm/qtunnel/bin$ nohup ./qtunnel -backend=127.0.0.1:40080 -listen=:9001 -secret=你所设置的密码 -clientmode=false -crypto=aes256cfb -logto=stdout > /dev/null &
(这里的40080端口是vps上所搭建的某个socks proxy app比如mocks[http://briteming.blogspot.com/2012/02/socks-server-mocks.html]的端口。9001是qtunnel的端口,你可设为服务器上某个未被占用的端口。这样服务器端就搭建好了。)

客户端的设置:(客户机器为linux或者mac)
git clone github.com/getqujing/qtunnel
cd qtunnel
$ ls
LICENSE README.md src
Makefile debian
$ make

$ ls
LICENSE README.md debian src
Makefile bin pkg
(make之后,新出现了bin,pkg目录)
$ cd bin
yudeMacBook-Air:bin brite$ ls
qtunnel
yudeMacBook-Air:bin brite$
(这个qtunnel就是qtunnel程序的可执行文件)
yudeMacBook-Air:bin brite$ nohup ./qtunnel -listen=127.0.0.1:7071 -backend=your_vps_ip:9001 -secret=你所设置的密码 -clientmode=true -crypto=aes256cfb -logto="stdout" > /dev/null &
(这样,客户端就搭建好了。这里的7071为本地的qtunnel程序所监听的端口号,你可设为本地机器上任何一个未被占用的端口号。)
然后,设置浏览器的socks代理为127.0.0.1:7071,即可翻墙。

注意:如果在服务器上所用的后端为http proxy app,比如squid(不过不建议使用squid,squid太臃肿了)或者proxy.py程序(参见http://briteming.blogspot.jp/2015/11/proxypy-pythonhttp.html),则设置浏览器的代理时,应选择相应的http proxy类型。

相关帖子:http://briteming.blogspot.com/2015/09/gotunnel.html