在mac机器上,安装go环境。然后,
cd $GOPATH
go get -u -v github.com/xjdrew/kone/
(可执行文件kone就会出现在$GOBIN/里面)
wget https://github.com/xjdrew/kone/raw/master/example.ini -O kone.ini
nano kone.ini
kone.ini的内容如下:
[general]
# outbound network interface
#out = utun6
# virtual network
# tun name, auto allocate if not set
# DEFAULT VALUE: ""
# tun = utun6
# inet addr/mask
# DEFAULT VALUE: 10.192.0.1/16
network = 10.192.0.1/16
# nat config
[tcp]
#listen-port = 82
#nat-port-start = 10000
#nat-port-end = 60000
[udp]
#listen-port = 82
#nat-port-start = 10000
#nat-port-end = 60000
[dns]
# DEFAULT VALUE: 53
dns-port = 53
nameserver = 127.0.0.1
# backend dns
# DEFAULT VALUE: 114.114.114.114, 223.5.5.5
# nameserver = 172.16.100.200
nameserver = 8.8.8.8:53
nameserver = 8.8.4.4:53
# dns-ttl = 600
# dns-packet-size = 4096
# dns-read-timeout = 5
# dns-write-timeout = 5
[route]
# eg: sudo ip route add 91.108.4.0/22 dev tun0
v = 10.192.0.1/16
v = 91.108.4.0/22
v = 91.108.56.0/22
v = 109.239.140.0/24
v = 149.154.160.0/20
v = 149.154.167.0/24
# define a proxy named "A"
[proxy "A"]
url = http://example.com:3228
# define a proxy named "B"
[proxy "B"]
url = socks5://127.0.0.1:1080
default = yes
# define a pattern and outbound proxy
# if don't set proxy, packets will be sent to target directly
[pattern "proxy-website"]
proxy = B
scheme = DOMAIN-SUFFIX
v = twitter.com
v = facebook.com
v = blogspot.com
v = wordpress.com
v = blogger.com
v = dongtaiwang.com
v = youtube.com
v = free.fr
v = rfi.fr
v = botanwang.com
v = exblog.jp
v = fc2.com
v = secretchina.com
v = epochtimes.com
v = aboluowang.com
v = hatenablog.com
v = hatena.ne.jp
v = github.com
v = ntdtv.com
v = youmaker.com
[pattern "direct-website"]
scheme = DOMAIN-SUFFIX
v = cn
v = apple.com
[pattern "direct-website-keyword"]
scheme = DOMAIN-KEYWORD
v = baidu
v = qq
[pattern "internal-ip"]
scheme = IP-CIDR
v = 172.16.0.0/16
v = 192.168.0.0/16
[pattern "proxy-country"]
proxy = B
scheme = IP-COUNTRY
v = US
v = HK
# rules define the order of checking pattern
[rule]
pattern = proxy-website
pattern = direct-website
pattern = direct-website-keyword
pattern = internal-ip
pattern = proxy-country
# set to a proxy for domaines that don't match any pattern
# DEFAULT VALUE: ""
final = B
[manager]
listen = "0.0.0.0:9200"
看到配置文件里面的url = socks5://127.0.0.1:1080了吗?你的mac机器上需运行ss客户端,建议运行shadowsocks-libev版的客户端程序ss-local,(运行brew install shadowsocks-libev可以获得ss-local的可执行文件)
整个命令为:
ss-local -s your-vps-public-ip -p ss-port-number -k your-key -m aes-256-cfb -l 1080 -u
( "-u"是enable udp relay的意思)
然后,
sudo route delete default && sudo echo ip route delete default dev utun6 && sudo route add your-vps-public-ip 192.168.1.1
sudo kone -config ~/kone.ini
sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1
因为kone已经内置了dns proxy功能,所以不要再额外运行其他的dns proxy程序。
以后如果遇到被封网站http://abc.xyz.com,就把该网站的根域名xyz.com,以
v = xyz.com 的形式添加到kone.ini文件里的scheme = DOMAIN-SUFFIX 的下一行。
然后运行sudo kone -config ~/kone.ini
项目地址:https://github.com/xjdrew/kone
不过用这个kone却打不开twitter.com网站,怪事。
解决方法:pkill mDNSResponder || true
看文字内容还行,看youtube太慢。
--------------
把路由器的默认dns修改为:10.192.0.1:
相关帖子:https://briteming.blogspot.com/2018/10/clash-clashx.html
cd $GOPATH
go get -u -v github.com/xjdrew/kone/
(可执行文件kone就会出现在$GOBIN/里面)
wget https://github.com/xjdrew/kone/raw/master/example.ini -O kone.ini
nano kone.ini
kone.ini的内容如下:
[general]
# outbound network interface
#out = utun6
# virtual network
# tun name, auto allocate if not set
# DEFAULT VALUE: ""
# tun = utun6
# inet addr/mask
# DEFAULT VALUE: 10.192.0.1/16
network = 10.192.0.1/16
# nat config
[tcp]
#listen-port = 82
#nat-port-start = 10000
#nat-port-end = 60000
[udp]
#listen-port = 82
#nat-port-start = 10000
#nat-port-end = 60000
[dns]
# DEFAULT VALUE: 53
dns-port = 53
nameserver = 127.0.0.1
# backend dns
# DEFAULT VALUE: 114.114.114.114, 223.5.5.5
# nameserver = 172.16.100.200
nameserver = 8.8.8.8:53
nameserver = 8.8.4.4:53
# dns-ttl = 600
# dns-packet-size = 4096
# dns-read-timeout = 5
# dns-write-timeout = 5
[route]
# eg: sudo ip route add 91.108.4.0/22 dev tun0
v = 10.192.0.1/16
v = 91.108.4.0/22
v = 91.108.56.0/22
v = 109.239.140.0/24
v = 149.154.160.0/20
v = 149.154.167.0/24
# define a proxy named "A"
[proxy "A"]
url = http://example.com:3228
# define a proxy named "B"
[proxy "B"]
url = socks5://127.0.0.1:1080
default = yes
# define a pattern and outbound proxy
# if don't set proxy, packets will be sent to target directly
[pattern "proxy-website"]
proxy = B
scheme = DOMAIN-SUFFIX
v = twitter.com
v = facebook.com
v = blogspot.com
v = wordpress.com
v = blogger.com
v = dongtaiwang.com
v = youtube.com
v = free.fr
v = rfi.fr
v = botanwang.com
v = exblog.jp
v = fc2.com
v = secretchina.com
v = epochtimes.com
v = aboluowang.com
v = hatenablog.com
v = hatena.ne.jp
v = github.com
v = ntdtv.com
v = youmaker.com
[pattern "direct-website"]
scheme = DOMAIN-SUFFIX
v = cn
v = apple.com
[pattern "direct-website-keyword"]
scheme = DOMAIN-KEYWORD
v = baidu
v = qq
[pattern "internal-ip"]
scheme = IP-CIDR
v = 172.16.0.0/16
v = 192.168.0.0/16
[pattern "proxy-country"]
proxy = B
scheme = IP-COUNTRY
v = US
v = HK
# rules define the order of checking pattern
[rule]
pattern = proxy-website
pattern = direct-website
pattern = direct-website-keyword
pattern = internal-ip
pattern = proxy-country
# set to a proxy for domaines that don't match any pattern
# DEFAULT VALUE: ""
final = B
[manager]
listen = "0.0.0.0:9200"
看到配置文件里面的url = socks5://127.0.0.1:1080了吗?你的mac机器上需运行ss客户端,建议运行shadowsocks-libev版的客户端程序ss-local,(运行brew install shadowsocks-libev可以获得ss-local的可执行文件)
整个命令为:
ss-local -s your-vps-public-ip -p ss-port-number -k your-key -m aes-256-cfb -l 1080 -u
( "-u"是enable udp relay的意思)
然后,
sudo route delete default && sudo echo ip route delete default dev utun6 && sudo route add your-vps-public-ip 192.168.1.1
sudo kone -config ~/kone.ini
sudo networksetup -setdnsservers "Wi-Fi" 127.0.0.1
因为kone已经内置了dns proxy功能,所以不要再额外运行其他的dns proxy程序。
以后如果遇到被封网站http://abc.xyz.com,就把该网站的根域名xyz.com,以
v = xyz.com 的形式添加到kone.ini文件里的scheme = DOMAIN-SUFFIX 的下一行。
然后运行sudo kone -config ~/kone.ini
项目地址:https://github.com/xjdrew/kone
不过用这个kone却打不开twitter.com网站,怪事。
解决方法:pkill mDNSResponder || true
看文字内容还行,看youtube太慢。
--------------
在树莓派上使用kone和clash
硬件需求
- 需要一个可以更改静态路由的路由器。
普通的非智能路由器,如tp-link之类,都有这个功能,所以普通路由器就可以实现了,不需要高大上的智能路由器。反而智能路由器,如小米、极路由之类没有开放这个功能。不过也没事,智能路由器都是可以刷固件的,我目前刷的padavan,信号和稳定性比原生的系统还要好。 - 树莓派可以正常使用互联网
安装kone
kone完全基于go语言开发,实现了tun2socks和fakeip功能。fakeip非常方便,可以接管你配置的域名流量.编译kone
kone官方直接在树莓派上面安装go,通过go来安装kone。不是非常喜欢,主要是太慢了,下载东西也慢。可以直接在我们自己电脑上面进行交叉编译。 |
|
配置树莓派
- 把树莓派设置成路由模式(需要切换到root用户)
1 2echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf sysctl -p - 目前我将用网线将树莓派和路由器连接上,并设置静态路由, 一般也可以不用配置静态路由,基本上ip是不会变化的。
1 2 3 4 5 6 7# 在 /etc/network/interfaces,修改eth0配置 auto eth0 iface eth0 inet static address 192.168.123.2 netmask 255.255.255.0 gateway 192.168.123.1 dns-nameservers 114.114.114.114
管理并启动kone
- 修改kone的配置文件
在代码目录misc/example/example.ini,提供了一份默认配置文件。 为了简化问题,只需要把默认配置文件拷贝到合适的目录,命名为my.ini,然后把[proxy "A"]配置项下的url改成你拥有的代理,目前支持http, socks5代理。
其他配置选项的含义,参考配置文件里面的说明,直接用default配置就可以.1 2 3[proxy "A"] url = socks5://127.0.0.1:7891 default = yes - 启动kone
目前使用supervisor管理,配置文件/etc/supervisor/conf.d/kone.conf
配置完成后1 2 3 4 5 6 7 8 9 10 11[program:kone] user=root command =/home/pi/kone/kone /home/pi/kone/my.ini autostart = true startsecs = 5 autorestart = true startretries = 1024 redirect_stderr = true stdout_logfile_maxbytes = 10MB stdout_logfile_backups = 10 stdout_logfile = /tmp/kone.logsupervisorctl update下就可以。
配置路由器
- 配置静态路由
在路由器上添加多条静态路由:
修改默认dns
把路由器的默认dns修改为:10.192.0.1:
- tp-link 路由器的修改参考这里:http://service.tp-link.com.cn/detail_article_575.html
- 保存配置后,重启路由器
测试
断开wifi重新连接,查看dns默认dns是不是10.192.0.1, 并ping www.github.com看下连接地址是不是10.192.x.x, 或者使用dig命令。安装clash
clash完全基于go语言开发,实现了完善的规则分流,自动和主备等多种选路策略。交叉编译
具体的命令如下: |
|
管理并启动clash
配置clash, 具体的clash配置可以从网上下载. supervisor的配置文件/etc/supervisor/conf.d/clash.conf |
|
clash配置说明
- clash不需要开dns的enhance mode
- 也不用配置iptables导流
- 下载clash-dashboard,放到配置文件夹中,直接使用http://192.168.123.2:9090/ui/#/proxies管理.
相关帖子:https://briteming.blogspot.com/2018/10/clash-clashx.html
No comments:
Post a Comment