使用整段 IPv6 以避免被墙的设置方案:
假设我们拥有 2602:feda:db8::/48 这段 IPv6 地址,且该段地址被静态路由至我们的服务器。
首先配置防火墙,详略。
将整段 IPv6 地址配置至服务器:
lmc999
lmc999
/ full-subnet-proxy.md
Created
July 22, 2022 06:02
— forked from KaraRyougi/full-subnet-proxy.md
IPv6 完全随机化连接
lmc999
/ RiseupVPN-NetworkManager.md
Created
April 7, 2022 07:22
— forked from crass/RiseupVPN-NetworkManager.md
Use RiseupVPN via NetworkManager
A short tutorial on using the RiseupVPN via NetworkManager's OpenVPN plugin.
I didn't want to run an extra binary.
First using a webbrowser download this CA certificate. This will allow us to securely communicate with various Riseup servers.
Next you'll want to download the user certificate and private key (all in one file). I use curl to do this because its easier. If you want to use your browser you'll need to add the Riseup CA cert to your browser's trusted root certs.
curl -vL --cacert riseup-vpn.ca.crt -o riseup-vpn.pem https://api.black.riseup.net/3/cert
What's left is choosing an openvpn gateway. This command will show the available endpoints as a list of json objects. Some of the gateways have transport type "obfs4" which is a protocol for obsfucating vpn traffic. I ignore those endpoints because I don't think they are useable via the plain openvpn NetworkManager plugin (but I haven't verified that).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| address=/abema.io/10.254.0.1 | |
| address=/abema.tv/10.254.0.1 | |
| address=/ameba.jp/10.254.0.1 | |
| address=/hayabusa.io/10.254.0.1 | |
| address=/hayabusa.media/10.254.0.1 | |
| address=/licensing.theoplayer.com/10.254.0.1 | |
| address=/s.yimg.jp/10.254.0.1 | |
| address=/akabeesoft2.com/10.254.0.1 | |
| address=/akabeesoft3.com/10.254.0.1 | |
| address=/akatsukiworks.com/10.254.0.1 |
lmc999
/ speederClient.service
Created
July 12, 2019 07:50
— forked from tanpengsccd/speederClient.service
udp2raw.service & speeder.service
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=speeder service | |
| After=syslog.target network.target auditd.service | |
| [Service] | |
| Type=notify | |
| NotifyAccess=all | |
| User=root | |
| ExecStart=/usr/local/bin/speederv2_amd64 -c -l0.0.0.0:34000 -r47.74.239.218:34002 -f2:18 --timeout 0 | |
| ExecReload=/bin/kill -HUP | |
| ExecStop=/bin/kill -s QUIT PrivateTmp=true |
lmc999
/ limit-tc.sh
Created
April 11, 2019 07:17
— forked from dj31416/limit-tc.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Full path to tc binary | |
| TC=$(which tc) | |
| # | |
| # NETWORK CONFIGURATION | |
| # interface - name of your interface device | |
| # interface_speed - speed in mbit of your $interface | |
| # ip - IP address of your server, change this if you don't want to use |