13 bypass GFW
13.1 V2Ray
The next generation, to be continued.
13.2 shadowsocks
13.2.1 installing
sudo apt -y install python-pip python-m2crypto16sudo -H pip install shadowsocks- Chrome extension SwitchyOmega.
13.2.2 configuration file
sudo mkdir /etc/shadowsocks
sudo vim /etc/shadowsocks/ipv4.json
{
"server": "my ipv4",
"server_port": 21,
"local_port": 1084,
"password": "my password",
"fast_open": true
}13.2.3 managing by systemd
sudo vim /etc/systemd/system/shadowsocks-ipv4.service
[Unit]
Description=Shadowsocks client ipv4
[Service]
ExecStart=/usr/local/bin/ssserver -c /etc/shadowsocks/ipv4.json
[Install]
WantedBy=multi-user.target- for client, use
sslocalinstead ofsserver, and addUser=nobody - for CentOS, use
/usr/bin/instead of/usr/local/bin/
13.2.4 details
Refer to https://github.com/shadowsocks/shadowsocks/wiki/Configuration-via-Config-File .
server_port此外,选择合适的端口也能优化梯子的速度,广大SS用户的实践经验表明,检查站(GFW)存在一种机制来降低自身的运算压力,即常用的协议端口(如http,smtp,ssh,https,ftp等)的检查较少,所以建议SS绑定这些常用的端口(如:21,22,25,80,443),速度也会有显著提升。
I use 80 for ipv4, since 80 < 443 and 4 < 6.
local_portIt’s ignored by
ssserver, but I add it so that I can just directly copy the configuration files from local to server without any modifications.methodThey are so many different opinions. I finally gave up and chose to just trust the developers 17.
fast_opensudo vim /etc/sysctl.d/local.conf# turn on TCP Fast Open on both client and server side net.ipv4.tcp_fastopen = 3sudo sysctl --systemworkersFor example, if you set to 4, you will get 4 child process.
对于python来说,是没有正真意义上的多线程的,因此通过worker实现多进程,提高性能,通常来说,一个cpu核心给4个worker应该差不多
13.2.5 optimization
According to https://github.com/shadowsocks/shadowsocks/wiki/Encryption, installing M2Crypto will make encryption a little faster.↩︎
They will choose the best method for me, I even don’t bother to set it.↩︎
That method trades off RAM for speed. Actually, there are only a few free memory left on my VPS, so it can hardly perform anything else after turning on this feature.↩︎