使用整段 IPv6 以避免被墙的设置方案:
假设我们拥有 2602:feda:db8::/48
这段 IPv6 地址,且该段地址被静态路由至我们的服务器。
首先配置防火墙,详略。
将整段 IPv6 地址配置至服务器:
$ text-builder -index /path/to/index.txt
Or run $ sh build-all
to build all your index files.本人不提供任何保证和技术支持,使用者自负风险。
There are no guarantees, no any support. Use it at your own risk.
IP,Name,Test_Num,Record,Record_Type,Duration,TTL,Answer_Count,Response | |
61.135.159.46,Tom CN,0,backbonetutorials.com.,A,442.88611412,300,1,"104.28.23.110, 104.28.22.110", | |
61.135.159.46,Tom CN,0,help.github.com.,A,324.376106262,30,2,github.map.fastly.net. -> 103.245.222.133, | |
61.135.159.46,Tom CN,0,www.geekwire.com.,A,937.829971313,300,2,geekwire.com. -> 104.130.53.67, | |
61.135.159.46,Tom CN,0,www.dwuser.com.,A,489.170074463,3600,1,108.61.83.130, | |
61.135.159.46,Tom CN,0,css-tricks.com.,A,356.249094009,300,1,"199.83.128.152, 199.83.132.152", | |
61.135.159.46,Tom CN,0,lifesinger.github.io.,A,200.210094452,3600,2,github.map.fastly.net. -> 103.245.222.133, | |
61.135.159.46,Tom CN,0,ja.wikipedia.org.,A,414.385795593,600,1,208.80.154.224, | |
61.135.159.46,Tom CN,0,www.google.com.,A,72.8459358215,84,1,"173.194.127.49, 173.194.127.51, 173.194.127.50, 173.194.127.52, 173.194.127.48", | |
61.135.159.46,Tom CN,0,www.beatsbydre.com.,A,678.999185562,300,3,wildcard.beatsbydre.com.edgekey.net. -> e7716.b.akamaiedge.net. -> 23.42.181.121, |
由于路由管控系统的建立,实时动态黑洞路由已成为最有效的封锁手段,TCP连接重置和DNS污染成为次要手段,利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。
朴素VPN只需要一次内核配置(Linux内核),即可永久稳定运行,不需要任何用户态守护进程。所有流量转换和加密全部由内核完成,原生性能,开销几乎没有。静态配置,避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT,移动的内网用户可以使用此方法。支持广泛,基于L2TPv3标准,Linux内核3.2+都有支持,其他操作系统原则上也能支持。但有两个局限:需要root权限;一个隧道只支持一个用户。
朴素VPN利用UDP封装的静态L2TP隧道实现VPN,内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN,但是这种协议无法穿越NAT,因此必须利用UDP封装。内核3.18将支持Foo-over-UDP,在UDP里面直接封装IP,与静态的L2TP-over-UDP很类似。
#!/bin/bash | |
VERBOSITY=0 | |
TEMP_D="" | |
DEF_DISK_FORMAT="raw" | |
DEF_FILESYSTEM="iso9660" | |
error() { echo "$@" 1>&2; } | |
errorp() { printf "$@" 1>&2; } | |
fail() { [ $# -eq 0 ] || error "$@"; exit 1; } |
The following entities have either sold or leaked personal data about me, including email addresses and phone numbers. Be wary of sharing your data with them.
These entities have either sold or leaked specific unique email addresses of mine to unauthorized parties, such as spammers.
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE | |
Version 2, December 2004 | |
Copyright (C) 2011 YOUR_NAME_HERE <YOUR_URL_HERE> | |
Everyone is permitted to copy and distribute verbatim or modified | |
copies of this license document, and changing it is allowed as long | |
as the name is changed. | |
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE |
// be sure to import the the border-radius and box-shadow mixins: | |
// @import "compass/css3/border-radius" | |
// @import "compass/css3/box-shadow" | |
#menu | |
:margin-bottom 15px | |
:font-family "Lucida Grande", Arial, sans-serif | |
:font-size 11px | |
:font-weight bold | |
:padding 4px 6px |