nginx_tcp_proxy代理酸酸乳

一、安装低版本的nginx（高版本不支持tcp代理模块：nginx_tcp_proxy_module）
Nginx默认只支持http反向代理，要支持tcp反向代理，需在编译时增加tcp代理模块【nginx_tcp_proxy_module】
nginx tcp代理功能由nginx_tcp_proxy_module模块提供，同时监测后端主机状态。
该模块包括的模块有： ngx_tcp_module, ngx_tcp_core_module, ngx_tcp_upstream_module, ngx_tcp_proxy_module, ngx_tcp_upstream_ip_hash_module。
1、nginx安装,步骤如下：
cd /root
wget http://nginx.org/download/nginx-1.6.3.tar.gz
tar zxvf nginx-1.6.3.tar.gz

wget https://github.com/yaoweibin/nginx_tcp_proxy_module/archive/master.zip
unzip master

cd /root/nginx-1.6.3
patch -p1 < /root/nginx_tcp_proxy_module-master/tcp.patch
./configure --add-module=/root/nginx_tcp_proxy_module-master
make
make install
2、nginx.conf文件里加以下内容，意思是来自nginx800端口的流量都转向python的13141端口（这里的python也就是shadowsock）
tcp {
access_log /home/wwwlogs/socket.log;

timeout 1d;
proxy_read_timeout 1d;
proxy_send_timeout 1d;
proxy_connect_timeout 30;
upstream cluster9 {
server 28.132.10.19:13141;
check interval=60000 rise=2 fall=5 timeout=10000 type=tcp;
}
server {
listen 800;
so_keepalive on;
tcp_nodelay on;
proxy_pass cluster9;
}
}
二、修改shadowsock服务端的文件：config.json、user-config.json
1、修改config.json
{
"server": "28.132.10.19", ##只是把这里修改成公网IP
"server_ipv6": "::",
"server_port": 8388,
"local_address": "127.0.0.1",
"local_port": 1080,

"password": "m",
"method": "aes-128-ctr",
"protocol": "auth_aes128_md5",
"protocol_param": "",
"obfs": "tls1.2_ticket_auth_compatible",
"obfs_param": "",
"speed_limit_per_con": 0,
"speed_limit_per_user": 0,

"additional_ports" : {}, // only works under multi-user mode
"additional_ports_only" : false, // only works under multi-user mode
"timeout": 120,
"udp_timeout": 60,
"dns_ipv6": false,
"connect_verbose_info": 0,
"redirect": "",
"fast_open": false
}
2、修改user-config.json
{
"server": "28.132.10.19",
"server_ipv6": "::",
"server_port": 8388,
"local_address": "127.0.0.1",
"local_port": 1080,

"password": "m",
"method": "aes-128-ctr",
"protocol": "auth_sha1_v4_compatible",
"protocol_param": "",
"obfs": "tls1.2_ticket_auth_compatible",
"obfs_param": "",
"speed_limit_per_con": 0,
"speed_limit_per_user": 0,

"additional_ports" : {
"13141": {
"passwd": "kaiser",
"method": "rc4-md5",
"protocol": "auth_aes128_md5",
"protocol_param": "#",
"obfs": "plain",
"obfs_param": ""
},
"231": {
"passwd": "pass",
"method": "aes-128-ctr",
"protocol": "auth_aes128_md5",
"protocol_param": "#",
"obfs": "tls1.2_ticket_auth_compatible",
"obfs_param": ""
}
},

"additional_ports_only" : true, // only works under multi-user mode
"timeout": 120,
"udp_timeout": 60,
"dns_ipv6": false,
"connect_verbose_info": 1,
"redirect": "",
"fast_open": true
}