歇斯底里搭建教程

相关链接

1
2
3
4
5
6
7
8
9

- **v2rayN 下载**:[https://github.com/2dust/v2rayN/releases/latest](https://github.com/2dust/v2rayN/releases/latest)
- **Hysteria 2下载**:[https://github.com/apernet/hysteria/releases](https://github.com/apernet/hysteria/releases)
- **Hysteria 2文档**:[https://v2.hysteria.network/zh/](https://v2.hysteria.network/zh/)
- **sing-box文档**:[https://sing-box.sagernet.org/zh/](https://sing-box.sagernet.org/zh/)
- **Android客户端(SFA)**:[https://install.appcenter.ms/users/nekohasekai/apps/sfa/distribution_groups/publictest](https://install.appcenter.ms/users/nekohasekai/apps/sfa/distribution_groups/publictest)
- **IOS客户端(TestFlight)**:[https://testflight.apple.com/join/AcqO44FH](https://testflight.apple.com/join/AcqO44FH) (1.5.0 beta版支持Hysteria 2)
- **IOS客户端(AppStore)**:[https://apps.apple.com/us/app/sing-box/id6451272673](https://apps.apple.com/us/app/sing-box/id6451272673) (暂不支持Hysteria 2)

用到的命令

升级VPS系统组件

1
2
3
4
5
6
7
sudo -i
yum update -y #CentOS 命令
apt update -y
yum install -y curl #CentOS 命令
apt install -y curl
yum install -y socat #CentOS 命令
apt install -y socat

防火墙组建安装,关闭防火墙,开放防火墙端口

1
2
3
4
5
6
7
8
9
yum install firewalld #安装防火墙组件
apt update
apt install ufw -y
firewall-cmd --state # 查看防火墙状态
ufw status
systemctl stop firewalld.service # 停止防火墙
ufw disable        # 关闭防火墙
systemctl disable firewalld.service # 禁止防火墙开机自启
systemctl disable ufw  # 禁用开机启动

安装 Acme 脚本

1
curl https://get.acme.sh | sh

一键安装Hysteria2

1
bash <(curl -fsSL https://get.hy2.sh/)

生成自签证书

1
openssl req -x509 -nodes -newkey ec:<(openssl ecparam -name prime256v1) -keyout /etc/hysteria/server.key -out /etc/hysteria/server.crt -subj "/CN=bing.com" -days 36500 && sudo chown hysteria /etc/hysteria/server.key && sudo chown hysteria /etc/hysteria/server.crt

Hysteria2服务管理

1
2
3
4
5
6
7
8
9
10
11
12
#启动Hysteria2
systemctl start hysteria-server.service
#重启Hysteria2
systemctl restart hysteria-server.service
#查看Hysteria2状态
systemctl status hysteria-server.service
#停止Hysteria2
systemctl stop hysteria-server.service
#设置开机自启
systemctl enable hysteria-server.service
#查看日志
journalctl -u hysteria-server.service

服务器配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
cat << EOF > /etc/hysteria/config.yaml
listen: :443 #监听端口

#使用CA证书
#acme:
#  domains:
#    - XXXXXXXXXXXXX #你的域名,需要先解析到服务器ip
#  email: XXXXXXXX@XXXXXX.com

#使用自签证书
#tls:
#  cert: /etc/hysteria/server.crt
#  key: /etc/hysteria/server.key

auth:
  type: password
  password: 123456#设置认证密码
  
masquerade:
  type: proxy
  proxy:
    url: https://bing.com #伪装网址
    rewriteHost: true

    EOF

客户端配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
server: IP地址:端口号  #服务器地址
auth: 123456   #密码,同服务器配置密码

bandwidth:
  up: 0 mbps
  down: 0 mbps
  
tls:
  sni: bing.com
  insecure: true #使用自签时需要改成true

socks5:
  listen: 127.0.0.1:1080
http:
  listen: 127.0.0.1:8080

sing-box配置文件(Android/IOS)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
{
  "dns": {
    "servers": [
      {
        "tag": "cf",
        "address": "https://1.1.1.1/dns-query"
      },
      {
        "tag": "local",
        "address": "223.5.5.5",
        "detour": "direct"
      },
      {
        "tag": "block",
        "address": "rcode://success"
      }
    ],
    "rules": [
      {
        "geosite": "category-ads-all",
        "server": "block",
        "disable_cache": true
      },
      {
        "outbound": "any",
        "server": "local"
      },
      {
        "geosite": "cn",
        "server": "local"
      }
    ],
    "strategy": "ipv4_only"
  },
  "inbounds": [
    {
      "type": "tun",
      "inet4_address": "172.19.0.1/30",
      "auto_route": true,
      "strict_route": false,
      "sniff": true
    }
  ],
  "outbounds": [
    {
      "type": "hysteria2",
      "tag": "proxy",
      "server": "xxxxxxxxx", #服务器IP地址
      "server_port": 443,
      "up_mbps": 0,
      "down_mbps": 0,
      "password": "123456",#密码
      "tls": {
        "enabled": true,
        "server_name": "bing.com",
        "insecure": true
      }
    },
    {
      "type": "direct",
      "tag": "direct"
    },
    {
      "type": "block",
      "tag": "block"
    },
    {
      "type": "dns",
      "tag": "dns-out"
    }
  ],
  "route": {
    "rules": [
      {
        "protocol": "dns",
        "outbound": "dns-out"
      },
      {
        "geosite": "cn",
        "geoip": [
          "private",
          "cn"
        ],
        "outbound": "direct"
      },
      {
        "geosite": "category-ads-all",
        "outbound": "block"
      }
    ],
    "auto_detect_interface": true
  }
}