安装ShadowsocksR客户端with Shorewall

用docker安装ShadowsocksR配合ipset,shorewall智能科技上网..

ShadowsocksR客户端

vim docker-compose.yml

version: "2"

services:
     ssr:
        container_name: ssr
        #image: kdaye/shadowsocksr
        image: registry.cn-hangzhou.aliyuncs.com/kj/shadowsocksr
        ports:
                - "1080:1080/tcp"
                - "1080:1080/udp"
        network_mode: host
command: ss-redir -s your_server_ip -p 8388 -k passwd -b 0.0.0.0 -l 1080 -m aes-256-cfb -o tls1.2_ticket_auth -O auth_aes128_md5 -u

运行
docker-compose up -d

Shorewall

先安装ipset
pacman -Sy ipset

vim /etc/shorewall/start

ipset -N gfwlist iphash
iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080
# 设置路由器自身智能走代理
iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080

下载Dnsmasq的gfwlist.conf,重启dnsmasq。

参考
https://github.com/kdaye/HomeServer

Show Comments