一、shadowsocks协议
=====教程文档===== (VPS)
视频链接:节点搭建系列(3):SS被精准探测端口秒封?节点搭建初体验,创建年轻人的第一台VPS,shadowsocks协议已被精准探测?plugin插件原理,使用v2ray-plugin插件拯救ss协议
vultr新注册赠送100美金:https://vps.bulianglin.com/
(FinalShell)管理VPS工具:http://www.hostbuf.com/t/988.html
(shadowsocks-windows)支持插件的ss客户端 https://github.com/shadowsocks/shadow...
(v2ray-plugin)shadowsocks插件:https://github.com/shadowsocks/v2ray-...
(v2rayN)方便测速但不支持ss插件:https://github.com/2dust/v2rayN
防火墙相关设置:
查看状态:
ufw status
开放端口:ufw allow 8388
拒绝端口:ufw deny 8388
删除规则:ufw delete allow 8388
关闭防火墙:ufw disable
启动防火墙:ufw enable
1)搭建shadowsocks网络结构
**
1.安装shadowsocks: apt install shadowsocks-libev
2.查看shadowsocks状态: systemctl status shadowsocks-libev.service
3.编辑ss配置文件: vim /etc/shadowsocks-libev/config.json
改为:
{
"server":["::1", "0.0.0.0"],
"mode":"tcp_and_udp",
"server_port":8388,
"local_port":1080,
"password":"g2bWLECpro19",
"timeout":86400,
"method":"chacha20-ietf-poly1305"
}
4.重启shadowsocks: systemctl restart shadowsocks-libev.service
5.查看shadowsocks运行日志:journalctl -u shadowsocks-libev.service -f
6.v2ray的配置:
2)搭建搭建shadowsocks+plugin结构
7.安装v2ray-plugin:apt install shadowsocks-v2ray-plugin
8.查看释放内容:dpkg -L shadowsocks-v2ray-plugin
/.
/usr
/usr/bin
/usr/bin/ss-v2ray-plugin
/usr/share
/usr/share/doc
/usr/share/doc/shadowsocks-v2ray-plugin
/usr/share/doc/shadowsocks-v2ray-plugin/changelog.Debian.gz
/usr/share/doc/shadowsocks-v2ray-plugin/copyright
/usr/share/man
/usr/share/man/man1
/usr/share/man/man1/ss-v2ray-plugin.1.gz
9.修改配置文件:vi /etc/shadowsocks-libev/config.json
{
"server":["::1", "0.0.0.0"],
"mode":"tcp_and_udp",
"server_port":8388,
"local_port":1080,
"password":"g2bWLECpro19",
"timeout":86400,
"method":"chacha20-ietf-poly1305",
"plugin":"ss-v2ray-plugin",
"plugin_opts":"server"
}
10.重启shadowsocks: systemctl restart shadowsocks-libev.service
11.查看shadowsocks运行日志:journalctl -u shadowsocks-libev.service -f
12.Shadowsocks配置
⭐注意!!!(Shadowsocks服务器端口下的密码不是服务器密码,而是服务器Shadowsocks配置的password)
13.v2ray添加本地socks代理
出现日志:(即代表成功)
Jul 23 17:45:52 vultr ss-server[3168]: 2025/07/23 17:45:52 tcp:39.144.218.41:16415 accepted tcp:127.0.0.1:0
二、torjan协议搭建
=====教程文档=====
视频链接:节点搭建系列(4):目前最好的翻墙协议?史上最详细trojan协议原理解析与实战搭建,流量伪装成https实现绕过防火墙探测进行科学上网。彻底弄明白什么是网站证书、什么是TLS/SSL - YouTube
(VPS)vultr新用户赠送100美金:https://vps.bulianglin.com/
(FinalShell)管理VPS工具:http://www.hostbuf.com/t/988.html
(trojan-go)https://github.com/p4gefau1t/trojan-go
trojan-go官方文档:https://p4gefau1t.github.io/trojan-go/
1)搭建trojan网络结构(域名解析证书)
1.创建trojan目录文件夹,并把文件下载下来并解压
1、
mkdir trojan
2、cd trojan
3、wget https://github.com/p4gefau1t/trojan-go/releases/download/v0.10.6/trojan-go-linux-amd64.zip
4、unzip trojan-go-linux-amd64.zip
2、创建并编辑配置文件
1、
touch config.json
2、vi config.json{ "run_type": "server", "local_addr": "0.0.0.0", "local_port": 443, "remote_addr": "192.83.167.78", "remote_port": 80, "password": [ "111" //可自定义设置,密码(配置记得删除此注释) ], "ssl": { "cert": "server.crt", "key": "server.key" } }
3、将域名解析到对应服务器(ping网络时,记得关梯子)
C:\Users\Administrator>ping vpn.lizhanyzp.top
正在 Ping vpn.lizhanyzp.top [45.76.19.191] 具有 32 字节的数据:
来自 45.76.19.191 的回复: 字节=32 时间=298ms TTL=48
来自 45.76.19.191 的回复: 字节=32 时间=298ms TTL=48
来自 45.76.19.191 的回复: 字节=32 时间=297ms TTL=48
来自 45.76.19.191 的回复: 字节=32 时间=295ms TTL=4845.76.19.191 的 Ping 统计信息:
数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
最短 = 295ms,最长 = 298ms,平均 = 297ms
4、申请证书
1、 安装acme:
curl https://get.acme.sh | sh
2、安装socat:apt install socat
3、添加软链接:ln -s /root/.acme.sh/acme.sh /usr/local/bin/acme.sh
4、注册账号:acme.sh --register-account -m 256079913@qq.com
5、开放80端口:ufw allow 80
6、申请证书:acme.sh --issue -d 你的域名 --standalone -k ec-256(域名验证)
命令:acme.sh --issue -d vpn.lizhanyzp.top --standalone -k ec-256
7、 安装证书:
acme.sh --installcert -d 你的域名 --ecc --key-file /root/trojan/server.key --fullchain-file /root/trojan/server.crt
命令:acme.sh --installcert -d vpn.lizhanyzp.top --ecc --key-file /root/trojan/server.key --fullchain-file /root/trojan/server.crt
8、开启https端口:ufw allow 443
5、运行trojan ./trojan-go
6、配置本地trojan
7、trojan后台运行:nohup ./trojan-go > trojan.log 2>&1 &
自签证书:
生成私钥:openssl ecparam -genkey -name prime256v1 -out ca.key
生成证书:openssl req -new -x509 -days 36500 -key ca.key -out ca.crt -subj "/CN=bing.com"
查看后台运行进程:ps -aux
三、vmess+tcp搭建
⭐此方案需要域名申请证书,详情见torjan协议搭建中第四步
=====教程文档=====
**视频链接:**节点搭建系列(5):最稳定的翻墙方式?深入浅出VMESS+WS+TLS+WEB原理与搭建,Vmess节点还推荐吗?vmess和v2ray是什么关系?为什么vmess和系统时间有关?额外ID是个啥? - YouTube
**文档汇总:**https://api.buliang0.cf/guide
**(VPS)vultr新用户赠送100美金:**https://vps.bulianglin.com/
**(FinalShell)管理VPS工具:**http://www.hostbuf.com/t/988.html
**github:**fhs-install-v2ray
1.服务器安装V2ray
安装脚本命令:
bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
设置V2ray自启动:
systemctl enable v2ray
启动V2ray:
systemctl start v2ray
查看V2ray状态:
systemctl status v2ray.service
2.编辑配置文件
vi /usr/local/etc/v2ray/config.json
vmess+tcp:
{ "inbounds": [ { "port": 8388, "protocol": "vmess", "settings": { "clients": [ { "id": "af41686b-cb85-494a-a554-eeaa1514bca7", "alterId": 0 } ] } } ], "outbounds": [ { "protocol": "freedom", "settings": {} } ] }本地V2ray配置:
vmess+tcp(ws)+tls:
vi /usr/local/etc/v2ray/config.json
{ "inbounds": [ { "port": 8388, "protocol": "vmess", "settings": { "clients": [ { "id": "af41686b-cb85-494a-a554-eeaa1514bca7", "alterId": 0 } ] }, "streamSettings": { "network": "tcp", "security": "tls", "tlsSettings": { "certificates": [ { "certificateFile": "/usr/local/etc/v2ray/server.crt", "keyFile": "/usr/local/etc/v2ray/server.key" } ] } } } ], "outbounds": [ { "protocol": "freedom", "settings": {} } ] }⭐此处证书的位置需要与其确保一致
"certificateFile": "/usr/local/etc/v2ray/server.crt",
"keyFile": "/usr/local/etc/v2ray/server.key"
本地V2ray配置:
vmess+ws+tls+web:
1.安装nginx:
apt install nginx -y2.配置nginx:
vi /etc/nginx/nginx.conf(复制记得删除注释)server { listen 443 ssl; listen [::]:443 ssl; server_name vpn.lizhan.top; #你的域名 ssl_certificate /usr/local/etc/v2ray/server.crt; ssl_certificate_key /usr/local/etc/v2ray/server.key; ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers off; location / { proxy_pass https://www.bing.com; #伪装网址 proxy_ssl_server_name on; proxy_redirect off; sub_filter_once off; sub_filter "www.bing.com" $server_name; proxy_set_header Host "www.bing.com"; proxy_set_header Referer $http_referer; proxy_set_header X-Real-IP $remote_addr; proxy_set_header User-Agent $http_user_agent; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Language "zh-CN"; } location /ray { proxy_redirect off; proxy_pass http://127.0.0.1:10000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name vpn.lizhan.top; #你的域名 rewrite ^(.*)$ https://${server_name}$1 permanent; }3.重新加载nginx配置:
systemctl reload nginx.service
vi /usr/local/etc/v2ray/config.json
{ "inbounds": [ { "port": 8388, "listen":"127.0.0.1", "protocol": "vmess", "settings": { "clients": [ { "id": "af41686b-cb85-494a-a554-eeaa1514bca7", "alterId": 0 } ] }, "streamSettings": { "network": "ws", "wsSettings": { "path": "/ray" } } } ], "outbounds": [ { "protocol": "freedom", "settings": {} } ] }本地V2ray配置:与上述方案类似
3.重启V2ray:systemctl restart v2ray.service
4.关闭对应防火墙:ufw allow 8388
vless搭建教程地址:节点搭建系列(6):XTLS性能之王被精准识别?VLESS+XTLS+回落原理与搭建,V2Ray和Xray为何分家?VLESS、V2Ray、Xray、XTLS之间的关系,VLESS和trojan的关系
四、简便方案
教程地址:2025最新V2ray搭建教程,操作简单,支持vless,vmess,socks5节点等,3xui搭建vps梯子|搭建vpn服务器v2ray,clash节点
1.更新资源包:
apt update -y && apt install -y curl && apt install -y socat
2.安装面板:
bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
3.放行端口:
iptables -I INPUT -p tcp --dport 54321 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
#节点对应的端口也要放行
4、输出 x-ui、18进行ssl证书下发**(有域名)**
5、输入网址登陆后台,搭建规则
五、本地订阅转换教程
视频:解决订阅转换节点被盗用和无法转换大量节点,本地订阅转换教程,v2ray转clash,clash转v2ray,各种格式通用转换,节点格式转换,方便快捷
将节点挂在网页上,然后利用passwall订阅即可
