Using Laravel Valet for localhost development, So it installs
dnsmasq
with it. dnsmasq runs on port53
, The default DNS port. So we setup dnscrypt-proxy on port5300
with the default config files in this gist.
brew install dnscrypt-proxy
#!/bin/sh -e | |
hostname=$1 | |
device=$2 | |
file=$HOME/.dynv6.addr6 | |
[ -e $file ] && old=`cat $file` | |
if [ -z "$hostname" -o -z "$token" ]; then | |
echo "Usage: token=<your-authentication-token> [netmask=64] $0 your-name.dynv6.net [device]" | |
exit 1 | |
fi |
#!/bin/bash | |
# | |
# Script for updating DNS records on Hurricane Electirc's DNS system (https://dns.he.net). | |
# | |
# The record will be updated with the IP address that originates the request. | |
# | |
# Usage | |
# ----- | |
# | |
# Create config file `/etc/he-dns-update.conf`: |
# /etc/logrotate.d/cloudflared | |
/var/log/cloudflared/cloudflared.log { | |
rotate 7 | |
daily | |
compress | |
missingok | |
notifempty | |
} |
from __future__ import print_function | |
import requests | |
import threading | |
import sys | |
def eprint(*args, **kwargs): | |
print(*args, file=sys.stderr, **kwargs) |
Using Laravel Valet for localhost development, So it installs
dnsmasq
with it. dnsmasq runs on port53
, The default DNS port. So we setup dnscrypt-proxy on port5300
with the default config files in this gist.
brew install dnscrypt-proxy
目前 Vmess + WebSocket + TLS (以下简称 wss)方式,因其特征如同 HTTPS 流量,可以隐藏 V2Ray 路径,主动侦测会得到正常 HTTP 网站响应,具有良好的伪装能力,目前被广泛用于反审查。
但是如此强大的伪装能力,需要付出严重的性能代价:TLS 1.3 握手需要消耗 1-rtt,WS 握手也需要消耗 1-rtt,增大了握手延迟。V2Ray 增加了 mux 以减少握手的发生,然而实际使用中 mux 体验并不好,很多用户选择关闭。
最近兴起了一个新的反审查工具——Trojan,这个工具将一个类似 Socks 的协议直接通过 TLS 传输,并将认证失败的流量交由 Web 服务器处理。降低 WS 延迟的同时,提供与 wss 方式一样的伪装能力。但是该工具较为年轻,没有路由功能,各平台图形化客户端也不完善。