小方刚成功搭建了可商业化销售的SSH翻墙代理(原来的目的不是为了销售,而为了教会的弟兄姊妹可以便宜和迅速的翻墙)
I just created a SSH Proxy server with business retail solution. Here it is.
1. 购买Linode服务器: 512套餐即可,200G的流量如果不够,可以再加。如果内存不够,就直接无缝升级Linode到更高的套餐。
1. Get a Linode server. 512MB option is enough. If 200G data transfer is not enough, you can upgrade to higher one seamlessly.
2. 登录Linode控制台,在东京建立一个服务器(东京快,我测试了,使用迅雷,在翻墙状态下,可以达到4MB/秒的速度)。SSH连接服务器,后,创建翻墙服务器路径:
2. Go to console of Linode and place a new server node. In China mainland, TOKYO branch is recommended. And make a new path in your node with:
mkdir -p /opt/gfw |
3. 在/opt/gfw里面下载本文需要使用到的文件,我上传在 这里 了。备注:这些文件有的是我自己写的,有的是我参考别人并做修改的。
3. Download the folder of files to /opt/gfw.
4. 解压缩下载下来的文件
4. Exact the files
tar zxf sshserver.tar.gz |
文件说明:
File structure:
limit.pl: 这个是用来限制同一时间,只能有一个SSH用户登录,并且后来登录的会强制迫使之前登录的退出。这样可以有效防止一号多用,显失公平。
limit.pl: This file enable Linux to force only one session allowed for an account login. By this file, to share/spread the SSH account is limited.
createUser.sh: 这个是用来初次创建用户的。如果用户已经存在,则会弹出警告,并退出程序。使用方法下面详解
createUser.sh: This is a file for create a new user. Say there is a new user purchase the account, you should run this file to create a new account for him. The manual will be listed below.
updateUser.sh: 这个是用来更新用户的过期时间,在用户续费的时候会用到。
updateUser.sh: This is for updating user expired date while user renews his account.
tcBandwidth.sh 这个是使用Linux TC来控制单用户的单线程连接速度,防止个别用户占用太多速度(默认限速为200Kb=25KB/线程,需要手工修改配置)
tcBandwidth.sh: This is a Linux TC program which is limit the connection bandwidth (download/upload). We use this program to prevent single user from occupying too much bandwidth.
5. 配置具体文件
5. Configurations
5.1 编辑开机启动文件
5.1 Edit Linux RC (system auto start configurations)
vim /etc/rc.d/rc.local |
(Ubuntu: /etc/rc.local)
添加以下文本
Add the following text
/opt/gfw/limit.pl &
/opt/gfw/tcBandwidth.sh start
5.2 修改单用户限速配置 (当前目录为/opt/gfw/)
5.2 Change bandwidth limitation (Assume current work directory is /opt/gfw/)
vim tcBandwidth.sh |
* 将IP修改成你的Linode服务器的公网IP,这个必须改哦。
* Change IP as your public Linode IP
* DNLD是下载限制,UPLD是上传限制,默认单线程200Kb=25KB。在SSH代理客户端里,我猜测其道理刚好是相好的。也就是要限制下载速度,应该是修改UPLD,反之亦然。
* DNLD is for download bandwidth limitation, UPLD is for uploading. The default value is 200KB/s=25KB/s. Within SSH proxy, as we are using port forwarding mechanism, I guess DNLD may be uploading bandwidth, and vice-versa (Sorry, I don't know TC well)
5.3 首次启动服务
5.3 Start service
yum groupinstall "Development Tools" "Development Libraries"(Ubuntu: apt-get install perl)
chmod +x /opt/gfw/*
/opt/gfw/limit.pl & /opt/gfw/tcBandwidth.sh start |
6. 创建用户 (参数)
./createUser 用户名 密码 过期时间 |
6. Create user (parameter) |
./createUser.sh username password expired_date |
其中,过期时间以月为单位,如果不填写,默认是3个月。
By default, expired date is 3 month.
如要创建一个叫xiaofang的用户,密码高为11111, 4个月后账户到期:
For instance, to create a user with password 11111 and being expired in 4 month:
./createUser.sh xiaofang 11111 4 |
7. 用户续费
7. Account expired date renew
./updateUser.sh 用户名 过期时间 |
./updateUser.sh username new_expired_date |
参数含义与创建用户相同
The parameter description is the same as createUser
8. 客户端设置——小方版,请点击这里。
8. Client settings — by Paul Lan, click Here.
原文:http://www.xiaofang.me
没有评论:
发表评论