隐私政策
留言板
金色传说
kubernetes
terraform
云生原
helm
代码编程
Java
Python
Shell
DevOps
Ansible
Gitlab
Jenkins
运维
老司机
Linux 杂锦
Nginx
数据库
elasticsearch
监控
上帝视角
DJI FPV
DJI mini 3 pro
关于本站
最近在scrapy外部世界,所以少不了各种梯子,基本协议就那几样,此篇就记录下linux服务器上如何配置代理(此处服务器为客户端!!!)
Clash部署
clash地址:https://github.com/Dreamacro/clash,目前博主用的就是这个,还行吧
clash客户端下载
[root@localhost src]# mkdir /usr/local/clash
[root@localhost src]# cd /usr/local/clash
[root@localhost clash]# wget https://github.com/Dreamacro/clash/releases/download/v1.7.1/clash-linux-amd64-v1.7.1.gz
[root@localhost clash]# gunzip clash-linux-amd64-v1.7.1.gz
[root@localhost clash]# chmod +x clash-linux-amd64-v1.7.1
[root@localhost clash]# ln -s /usr/local/clash/clash-linux-amd64-v1.7.1 clash
[root@localhost clash]# ll
total 8780
lrwxrwxrwx 1 root root 41 Jan 17 00:08 clash -> /usr/local/clash/clash-linux-amd64-v1.7.1
-rwxr-xr-x 1 root root 8990720 Dec 7 2021 clash-linux-amd64-v1.7.1
clash客户端配置
此处需要用到clash客户端的订阅链接,需要读者自行准备好,在浏览器打开订阅链接,得到的是一份.yaml配置文件
[root@localhost clash]# wget -O /usr/local/clash/config.yaml "https://xxxx你的订阅链接xxx" --no-check-certificate
[root@localhost clash]# wget -O Country.mmdb https://github.com/Dreamacro/maxmind-geoip/releases/latest/download/Country.mmdb
[root@localhost clash]# ll
total 14556
lrwxrwxrwx 1 root root 41 Dec 30 00:08 clash -> /usr/local/clash/clash-linux-amd64-v1.7.1
-rwxr-xr-x 1 root root 8990720 Dec 7 2021 clash-linux-amd64-v1.7.1
-rw-r--r-- 1 root root 264769 Dec 30 00:13 config.yaml
-rw-r--r-- 1 root root 5647210 Dec 12 08:10 Country.mmdb
systemd启动配置文件
[root@localhost clash]# systemctl cat clash.service
# /usr/lib/systemd/system/clash.service
[Unit]
Description=Clash
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
ExecStartPre=/usr/local/clash/clash -t -f /usr/local/clash/config.yaml
ExecStart=/usr/local/clash/clash -d /usr/local/clash
ExecStop=/bin/kill -s QUIT $MAINPID
LimitNOFILE=65535
[Install]
WantedBy=multi-user.target
# 重载配置文件
[root@localhost clash]# systemctl daemon-reload启动clash客户端服务
[root@localhost clash]# systemctl status clash
● clash.service - Clash
Loaded: loaded (/usr/lib/systemd/system/clash.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2022-01-02 01:01:40 CST; 4s ago
Process: 10480 ExecStop=/bin/kill -s QUIT $MAINPID (code=exited, status=0/SUCCESS)
Process: 10512 ExecStartPre=/usr/local/clash/clash -t -f /usr/local/clash/config.yaml (code=exited, status=0/SUCCESS)
Main PID: 10517 (clash)
CGroup: /system.slice/clash.service
└─10517 /usr/local/clash/clash -d /usr/local/clash
Jan 02 01:01:40 localhost.localdomain clash[10512]: time="2022-01-02T01:01:40+08:00" level=info msg="Start initial compatible provider 代理"
Jan 02 01:01:40 localhost.localdomain clash[10512]: configuration file /usr/local/clash/config.yaml test is successful
Jan 02 01:01:40 localhost.localdomain systemd[1]: Started Clash.
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="Start initial compatible provider 代理"
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="HTTP proxy listening at: 127.0.0.1:7890"
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="SOCKS proxy listening at: 127.0.0.1:7891"
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="Redirect proxy listening at: 127.0.0.1:7892"
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="Mixed(http+socks) proxy listening at: 127.0.0.1:7893"
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="RESTful API listening at: [::]:9090"
Jan 02 01:01:40 localhost.localdomain clash[10517]: time="2022-01-02T01:01:40+08:00" level=info msg="DNS server listening at: 127.0.0.1:8853"
[root@localhost clash]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:7890 0.0.0.0:* LISTEN 10517/clash
tcp 0 0 127.0.0.1:7891 0.0.0.0:* LISTEN 10517/clash
tcp 0 0 127.0.0.1:7892 0.0.0.0:* LISTEN 10517/clash
tcp 0 0 127.0.0.1:7893 0.0.0.0:* LISTEN 10517/clash
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 926/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1040/master
tcp6 0 0 :::9090 :::* LISTEN 10517/clash
tcp6 0 0 :::22 :::* LISTEN 926/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1040/master
udp 0 0 127.0.0.1:323 0.0.0.0:* 658/chronyd
udp 0 0 127.0.0.1:8853 0.0.0.0:* 10517/clash
udp 0 0 127.0.0.1:7891 0.0.0.0:* 10517/clash
udp 0 0 127.0.0.1:7892 0.0.0.0:* 10517/clash
udp 0 0 127.0.0.1:7893 0.0.0.0:* 10517/clash
udp 0 0 0.0.0.0:68 0.0.0.0:* 729/dhclient
udp6 0 0 ::1:323 :::* 658/chronyd
测试验证
此时通过上面的启动日志输出看到http proxy地址为127.0.0.1:7890,因为是127.0.0.1,所以本地使用curl测试下
curl代理配置方式
# 第一种配置代理
curl -x "http://user:pwd@127.0.0.1:7890" "http://openresty.xadocker.cn/getIp"
curl --proxy "http://user:pwd@127.0.0.1:7890" "http://openresty.xadocker.cn/getIp"
# 第二种便是配置环境变量,这样curl命令就不要加上代理参数,直接使用环境变量配置
# 设置 http proxy
export http_proxy="http://openresty.xadocker.cn/getIp"
# 设置 https proxy
export https_proxy="http://openresty.xadocker.cn/getIp"
# 若环境变量中有代理配置,取消使用代理
curl --noproxy "*" "http://openresty.xadocker.cn/getIp"
# 取消环境变量
unset http_proxy
unset https_proxy测试下访问
[root@nginx-cluster lua]# curl -x '192.168.44.150:7890' 'http://openresty.xadocker.cn/getIp' -L
{
"origin": "211.72.35.64"
}
[root@localhost clash]# curl -x '127.0.0.1:7890' 'https://www.google.com' -L
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title>
。。。。略clash配置解析:https://github.com/Dreamacro/clash/wiki/configuration
调整clash配置监听地址,需要调整allow-lan 为true和 bind-address
[root@localhost clash]# head -10 config.yaml
port: 7890
socks-port: 7891
redir-port: 7892
mixed-port: 7893
allow-lan: true
bind-address: 192.168.44.150
mode: rule
log-level: info
ipv6: false
hosts:
配置后重启服务查看状态
[root@localhost clash]# systemctl status clash
● clash.service - Clash
Loaded: loaded (/usr/lib/systemd/system/clash.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2022-01-02 01:37:17 CST; 4s ago
Process: 10851 ExecStop=/bin/kill -s QUIT $MAINPID (code=exited, status=0/SUCCESS)
Process: 10853 ExecStartPre=/usr/local/clash/clash -t -f /usr/local/clash/config.yaml (code=exited, status=0/SUCCESS)
Main PID: 10858 (clash)
CGroup: /system.slice/clash.service
└─10858 /usr/local/clash/clash -d /usr/local/clash
Jan 02 01:37:17 localhost.localdomain clash[10817]: gs 0x0
Jan 02 01:37:17 localhost.localdomain clash[10853]: configuration file /usr/local/clash/config.yaml test is successful
Jan 02 01:37:17 localhost.localdomain systemd[1]: Started Clash.
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="Start initial compatible provider 代理"
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="HTTP proxy listening at: 192.168.44.150:7890"
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="SOCKS proxy listening at: 192.168.44.150:7891"
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="Redirect proxy listening at: 192.168.44.150:7892"
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="RESTful API listening at: [::]:9090"
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="Mixed(http+socks) proxy listening at: 192.168.44.150:7893"
Jan 02 01:37:17 localhost.localdomain clash[10858]: time="2022-01-02T01:37:17+08:00" level=info msg="DNS server listening at: 127.0.0.1:8853"此时局域网内服务器用curl调用测试
[root@nginx-cluster lua]# curl -x '192.168.44.150:7890' 'https://www.google.com' -L
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots">Clash-dashboard
拉取dashboard代码
[root@localhost clash]# pwd
/usr/local/clash
[root@localhost clash]# git clone https://github.com/Dreamacro/clash-dashboard.git
[root@localhost clash]# ll
total 14556
lrwxrwxrwx 1 root root 41 Dec 30 00:08 clash -> /usr/local/clash/clash-linux-amd64-v1.7.1
drwxr-xr-x 4 root root 131 Dec 30 02:21 clash-dashboard
-rwxr-xr-x 1 root root 8990720 Dec 7 2021 clash-linux-amd64-v1.7.1
-rw-r--r-- 1 root root 264844 Dec 30 02:18 config.yaml
-rw-r--r-- 1 root root 5647210 Dec 12 08:10 Country.mmdb
[root@localhost clash]# cd clash-dashboard/
[root@localhost clash-dashboard]# git checkout -b gh-pages origin/gh-pages调整clash配置文件开启ui管控
[root@localhost clash]# head -15 config.yaml
port: 7890
socks-port: 7891
redir-port: 7892
mixed-port: 7893
allow-lan: true
bind-address: 192.168.44.150
mode: rule
log-level: info
ipv6: false
# 修改以下几行
secret: uipassword
external-controller: 0.0.0.0:9090
external-ui: /usr/local/clash/clash-dashboard此时重启打开ui地址:http://192.168.44.150:9090/ui/
