Article directory
foreword
Because it is actually necessary to build a socks5 proxy server on your own CentOS, and record the whole process for your reference
The morning and evening in this long fate
often make me stare into the distance
proxy server
Actual work sometimes requires the use of a proxy server. Through the proxy server, the real IP can be hidden to a certain extent, and the request data is sent to the proxy server. The proxy server sends our request to the server, so that the server will think that It is the proxy server that is requesting the service, and does not know the IP of the user who actually requests the service to obtain the message. The general process is as follows: Simply
put, the proxy server will forward our request traffic, and the server will think that the proxy server is requesting the service.
socks5 protocol
At present, the three mainstream proxy protocols include Socks5 proxy, HTTP proxy, and HTTPS proxy. Since the socks5 protocol works between the transport layer and the application layer, it uses the TCP/IP protocol for communication, and is compatible with various protocols in the application layer. properties, so it is widely used.
Centos builds ss5 proxy server
install ss5
First, you need to prepare a server to be used as a proxy server. Here, a Centos cloud server is used for configuration. The
installation dependency environment is as follows
yum -y install gcc openldap-devel pam-devel openssl-devel
After creating a directory, after entering the directory, wget downloads the ss5 installation file
wget http://jaist.dl.sourceforge.net/project/ss5/ss5/3.8.9-8/ss5-3.8.9-8.tar.gz
Unzip the installation file
tar zxvf ss5-3.8.9-8.tar.gz
Compile after entering the directory
cd ss5-3.8.9
./configure
make && make install
If there is no error, it means that ss5 is successfully installed
Modify the configuration file
Next modify the configuration file, first make a backup
cp /etc/opt/ss5/ss5.conf /etc/opt/ss5/ss5.conf.bak
Modify the configuration file
vi /etc/opt/ss5/ss5.conf
:set nu can mark the line number, find 87 lines and uncomment
#auth 0.0.0.0/0
修改为
auth 0.0.0.0/0
Find the line 203 and uncomment it, and enable authentication at the same time . Note
the modified u Note: If you don’t need to add user password authentication here, just remove the comment, and you don’t need to modify the /etc/opt/ss5/ss5.passwd file
#permit - 0.0.0.0/0 - 0.0.0.0/0 - - - - -
修改为
permit u 0.0.0.0/0 - 0.0.0.0/0 - - - - -
:wq save configuration and exit
Add username and password
In the /etc/opt/ss5/ss5.passwd file, you can add a username and password, write a username and password per line, and separate the username and password with a space, for example:
test ss5test
If necessary, it is recommended to increase the password complexity
Modify ss5 port
Modify the port configuration file
vi /etc/sysconfig/ss5
Uncomment line 2 and modify it to the port you need. The default port is 1080
SS5_OPTS=" -u root -b 0.0.0.0:9988"
Tweak ss5 performance
The adjustment here is based on actual needs, mainly to modify the system resource configuration. If ss5 does not affect normal use or the number of users is small, it is not necessary to modify
ulimit -SHn 10240
ulimit -SHs unlimited
echo 100000 >/proc/sys/net/nf_conntrack_max
Modify ss5 startup permissions
Modify execution permissions
chmod u+x /etc/rc.d/init.d/ss5
chmod +x /etc/init.d/ss5
boot up
chkconfig --add ss5
systemctl restart ss5
Start the ss5 service
Start ss5 and check the status
systemctl start ss5
systemctl status ss5
can be tested after normal startup. If the connection fails, consider releasing the port. The cloud server has opened all ports.
If not, consider removing the user name and password authentication. /etc The /opt/ss5/ss5.passwd file is cleared, the 203rd line of the /etc/opt/ss5/ss5.conf file is only commented, and the others remain unchanged
ss5 test
Use QQ to test, set up in the upper right corner of the QQ login interface
or add a proxy in the proxy software, and then check your own IP
through the online website , you can see that our request has been sent through the server
So far, the ss5 proxy server has been successfully set up, if there are other Questions, welcome to leave a comment