使用shadowtunnel配置多级代理

1. start a http proxy

if we have a vps, IP is 2.2.2.2.

firstly, we start a http proxy on 2.2.2.2.

download http proxy program, execute below on line command on vps with root:

version=v6.1
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-amd64.tar.gz
tar -C /usr/bin -xf proxy-linux-amd64.tar.gz
nohup proxy http -p 127.0.0.1:38080 &

for s390x

version=v5.4
curl -OSL https://github.com/snail007/goproxy/releases/download/${version}/proxy-linux-s390x.tar.gz
tar -C /usr/bin -xf proxy-linux-s390x.tar.gz
nohup proxy http -p 127.0.0.1:38080 &

2. start a tunnel on vps

download shadowtunnel program, execute below on line command on vps with root:

version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-amd64.tar.gz && \
tar -C /usr/bin -xf shadowtunnel-linux-amd64.tar.gz

for s390x

version=v1.1
curl -OSL https://github.com/snail007/shadowtunnel/releases/download/${version}/shadowtunnel-linux-s390x.tar.gz
tar -C /usr/bin -xf shadowtunnel-linux-s390x.tar.gz

start a tunnel on vps listening on :44443 and forward to 127.0.0.1:38080 :

nohup shadowtunnel -e -f 127.0.0.1:38080 -l :44443 &

3. start a tunnel on local machine

start a tunnel on local machine listening on :44443 and forward to 2.2.2.2:44443 :

shadowtunnel -E -f 2.2.2.2:44443 -l :44443

4. set http proxy configuration in chrome

setting local chrome's http proxy configuration as below :

ip: 127.0.0.1

5. done

多级隧道

多级隧道主要是加速代理访问。注意要用 -E 和 -e 参数对连接进行加密, 防止vps运营商嗅探然后封禁你的服务器（之前裸奔被阿里云封禁过一次，血淋淋的教训）。

假设国外vps ip： 2.2.2.2

还有国内vps ip： 3.3.3.3

可以参照下面的方式来配置多级代理。

# 国外vps
proxy http -p 127.0.0.1:38080 &
shadowtunnel -e -m aes-256-cfb -p your_password -f 127.0.0.1:38080 -l :44444

# 国内vps
shadowtunnel -e -E -m aes-256-cfb -p your_password -f 2.2.2.2:44444 -l :44443

# 局域网服务器
shadowtunnel -E -m aes-256-cfb -p your_password -f 3.3.3.3:44443 -l :44443

Usage：

Usage of ./shadowtunnel:
  -E  outbound connection is encrypted
  -U  outbound connection is udp
  -c  compress traffic (default true)
  -debug
      show debug info
  -e  inbound connection is encrypted
  -f string
      forward address,such as : 127.0.0.1:8080
  -l string
      local listen address, such as : 0.0.0.0:33000 (default ":50000")
  -m string
      method of encrypt/decrypt, these below are supported :
      aes-192-cfb,aes-128-ctr,aes-256-ctr,bf-cfb,rc4-md5-6,chacha20-ietf,
      aes-128-cfb,aes-256-cfb,aes-192-ctr,des-cfb,cast5-cfb,rc4-md5,chacha20
      (default "aes-192-cfb")
  -p string
      password of encrypt/decrypt (default "shadowtunnel")
  -t int
      connection timeout seconds (default 3)
  -u  inbound connection is udp
  -v  show version

详细文档：

https://github.com/snail007/s... https://github.com/snail007/g...

goproxy 的 CentOs7 开机脚本

https://github.com/snail007/g...