Trojan-Go+Cloudflare拯救被墙VPS IP

发表于 | 分类于 | |

Trojan-Go+CDN(Cloudflare)拯救被墙VPS IP

Trojan-Go项目地址
Trojan-Go官方文档
搭建教程:
1:准备工具:VPS一台(系统镜像CentOS7)/域名1个
2:解析域名至VPS
方法:登陆Cloudflare添加域名生成NS1与NS2;然后将NS1与NS2复制至域名服务商的DNS处完成解析绑定;最后将SSL/TLS设成Full (strict)——这一步很重要。
注:若证书要使用CF进行申请,请不要将CF云朵点成黄色,否则无法成功!!!
3:用xshell连接VPS;关闭防火墙;

1
2
systemctl stop firewalld
systemctl disable firewalld

4:下载Trojan-Go脚本并解压:

1
wget -N --no-check-certificate https://github.com/p4gefau1t/trojan-go/releases/download/v0.6.0/trojan-go-linux-amd64.zip && unzip trojan-go-linux-amd64.zip

进入example目录运行如下命令:

1
2
cd example
mv * ../

5:配置证书(证书有效期一般为3个月)

1
sudo ./trojan-go -autocert request

根据提示输入域名邮箱生成证书文件server.crt与server.key

注:证书到期后,更请新运行如下命令

1
sudo ./trojan-go -autocert renew

6:编辑服务端server.json文件

1
vi server.json

将参数更改成如下配置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
{
  "run_type": "server",
  "local_addr": "0.0.0.0",
  "local_port": 443,
  "remote_addr": "127.0.0.1",
  "remote_port": 80,
  "log_level": 1,
  "log_file": "",
  "password": [
"siemenstutorials(自行设定密码)"],
  "buffer_size": 32,
  "dns": [],
  "disable_http_check": false,
  "ssl": {
    "verify": true,
    "verify_hostname": true,
    "cert": "server.crt(证书名)",
    "key": "server.key(证书名)",
    "key_password": "",
    "cipher": "",
    "cipher_tls13": "",
    "curves": "",
    "prefer_server_cipher": false,
    "sni": "www.siemenstutorials.tk(请替换)",
    "alpn": [
      "http/1.1"
    ],
    "session_ticket": true,
    "reuse_session": true,
    "plain_http_response": "",
    "fallback_port": 0,
    "fingerprint": "firefox",
    "serve_plain_text": false
  },
  "tcp": {
    "no_delay": true,
    "keep_alive": true,
    "reuse_port": false,
    "prefer_ipv4": false,
    "fast_open": false,
    "fast_open_qlen": 20
  },
  "mux": {
    "enabled": true, #默认faluse
    "concurrency": 8,
    "idle_timeout": 60
  },
  "router": {
    "enabled": false,
    "bypass": [],
    "proxy": [],
    "block": [],
    "default_policy": "proxy",
    "domain_strategy": "as_is",
    "geoip": "geoip.dat",
    "geosite": "geosite.dat"
  },
  "websocket": {
    "enabled": true,
    "path": "/trojan(请自行设置路径)",
    "hostname": "www.siemenstutorials.tk(请替换)",
    "obfuscation_password": "",
    "double_tls": true,
    "ssl": {
      "verify": true,
      "verify_hostname": true,
      "cert": "server.crt(设置)",
      "key": "server.key(设置)",
      "key_password": "",
      "prefer_server_cipher": false,
      "sni": "",
      "session_ticket": true,
      "reuse_session": true,
      "plain_http_response": "",
      "key_log": ""
    }
  },
  "transport_plugin": {
    "enabled": false,
    "type": "",
    "command": "",
    "plugin_option": "",
    "arg": [],
    "env": []
  },
  "forward_proxy": {
    "enabled": false,
    "proxy_addr": "",
    "proxy_port": 0,
    "username": "",
    "password": ""
  },
  "mysql": {
    "enabled": false,
    "server_addr": "localhost",
    "server_port": 3306,
    "database": "",
    "username": "",
    "password": "",
    "check_rate": 60
  },
  "redis": {
    "enabled": false,
    "server_addr": "localhost",
    "server_port": 6379,
    "password": ""
  },
  "api": {
    "enabled": false,
    "api_addr": "",
    "api_port": 0,
    "api_tls": false,
    "ssl": {
      "cert": "",
      "key": "",
      "key_password": "",
      "client_cert": []
    }
  }
}

7:编辑client.json文件:
vi client.json
修改后参数如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
{
    "run_type": "client",
    "local_addr": "127.0.0.1",
    "local_port": 1080,
    "remote_addr": "www.siemenstutorials.tk",
    "remote_port": 443,
    "password": [
        "siemenstutorials"
    ],
    "ssl": {
        "sni": "www.siemenstutorials.tk"
    },
    "mux" :{
        "enabled": true
    },
    "router":{
        "enabled": true,
        "bypass": [
            "geoip:cn",
            "geoip:private",
            "geosite:cn",
            "geosite:geolocation-cn"
        ],
        "block": [
            "geosite:category-ads"
        ],
        "proxy": [
            "geosite:geolocation-!cn"
        ],
        "default_policy": "proxy"
    }
}

注:输入i进入insert状态进行修改;输入ESC后再输入 :wq退出编辑

8:连通性测试:
在VPS端输入

1
./trojan-go -config ./server.json

在本地windows客户端Trojan-Qt5进行设置参数;Trojan-Qt5下载
添加Trojan节点
设置参数见下图:

9:确认正常访问YT后设置服务端后台无日志运行:

1
nohup ./trojan-go -config ./server.json &

注意:若要实现开机自动重启请选择ubuntu和Debian系统;因CentOS7经测试无法自动运行。
Ubuntu
apt-get install nginx
apt install unzip

END

TG交流群

支付宝收款签约

年付81元G口VPS

SiemensTutorials

VTURAY网络加速

亚马逊测评资源网|

美国住宅动态