Last active
February 20, 2023 16:47
-
-
Save wynemo/149ab6ef43f48b4ce9f32a5d5f868203 to your computer and use it in GitHub Desktop.
openvpn over shadowsocks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # in /etc/sysctl.conf | |
| # net.ipv4.ip_forward=1 | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT | |
| iptables -A FORWARD -j REJECT | |
| iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| shadowsocks服务器远程IP我们假设是45.67.89.123 | |
| 接下来把openvpn调通 要用udp协议 openvpn服务器和客户端都要指定udp协议 | |
| (可能tcp被封杀的比较厉害 自己先用udp的协议在没有代理的情况下把openvpn弄通可以上网) | |
| 然后架一个shadowsocks 本地端口2080 | |
| 通过ss的代理连openvpn(注意这个时候openvpn服务器和客户端是tcp协议 udp协议我试了用ss代理好像有问题) | |
| client.conf里加上这4行, 45.67.89.123换成你自己的ss server ip | |
| #by pass shadowsocks server address | |
| route 45.67.89.123 255.255.255.255 net_gateway | |
| #use ss socks5 | |
| socks-proxy 127.0.0.1 2080 | |
| 再次启动openvpn | |
| sudo openvpn --config client.conf | |
| 到此完毕, 只试了widnows和centos | |
| 参考: | |
| http://serverfault.com/questions/631037/how-to-route-only-specific-openvpn-traffic-through-a-openvpn-based-on-ip-filteri | |
| https://askubuntu.com/questions/260123/how-to-route-vpn-through-proxy/339090#339090 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment