Great wall in Spring 自己的工作需要使用谷歌邮箱等服务,加上照片通过谷歌照片备份,日常便捷的科学工具就很重要。之前也用过云梯(https://www.ytpub.com/)等基于pp2p和l2tp翻墙工具。基本使用还可以,只是经常会断开,尤其是移动网络连接失败率高,另外基于这些协议的vpn容易带宽不够,youtube高清视频基本没法正常观看。

后来发现shadowsocks这个协议不错,移动网络容易连接,带宽也比较大,当然你可以自己搭建shadowsocks服务器。不想麻烦的话也可以像我一样在https://shadowsocks.com.hk购买,购买可以使用我的邀请连接,双方都有优惠。购买后,在帮助中心有详细的教程,帮助大家在各平台使用shadowsocks,例如Android手机上可以使用影梭。Linux和Chromebook设置起来稍微复杂一点,这里简述我在Linux和Chromebook的设置方法。

在Linux上配置配置shadowsocks

购买shadowsocks后会得到如下链接配置信息: Shadowsocks configure

新建一个配置文件,例如”/root/ss/sslocal.json”,把上面”服务端口”填入server_port字段,选择合适的”节点服务器地址”填入”server”字段,填入密码即可。

root@iZwz9ddnvx1jmhxak0x32uZ:~# cat ss/sslocal.json
{
    "server": "vipxxxxxxxxxxxx.net",
    "server_port": 5xxxx,
    "local_address": "127.0.0.1",
    "local_port": 1080,
    "password": "Yxxxxxxxxxx2",
    "timeout": 300,
    "method": "aes-256-cfb",
    "fast_open": false
}

可以用如下脚本重启服务

root@iZwz9ddnvx1jmhxak0x32uZ:~# cat ss_restart
sslocal -c /root/ss/sslocal.json -d stop
nohup sslocal -c /root/ss/sslocal.json -d start --fast-open --pid-file /var/run/shadowsocks.pid --log-file /root/ss/ss.log
tail -f /root/ss/ss.log

使所有http访问都使用shadowsocks

通过上述设置,启动sslocal服务后,通过本地shadowsocks端口1080已经可以科学上网了。平时使用http或https的软件还需要做如下设置。下文以openSUSE Leap 42.1和Ubuntu 14.04为例说明。

Provixy是把socks5协议和http协议转发工具,下面我们把shadowsocks转发到http 1080端口.

为Chromebook配置shadowsocks

这个话题估计比较小众,我把我博客原文贴过来,供大家参考:

Configure shadowsocks for ARM powered chromebook

Shadowsocks-chromeapp is a application of vpn client for chromebook. It is a nodejs application. If there is a nodejs environment(nodejs, npm, cake and so on, it may varies for different nodejs version)in chromebook, we could build and run it. But by default, there is no such environment in chromebook.

There are lots of articles describing how to use shadowsocks in a chromebook. But all of(most of?) these chromebooks are x86 processor inside. For arm based chromebook, one could not use the prebuilt binaries directly(bacause which depends on the binaries do not exists arm based chromebook). And one could not make use of the link of package in these articles too. So, it take me more time to eventually enable shadowsocks in my ASUS chromebook flip(C100PA-BD02).

For x86 chromebook, this one describe the two methods for enable shadowsocks. Here is the application after we build successful: ss-externsion

I do not plan to repeat the words above. Here is the specific step for what I am doing in my chromebook. What I need to do is setup the nodejs environment. For any distribution, we could install the nodejs and npm packages through the package manager. But for chromebook, we could not. We have to download and copy the library and binary to specific directory by hand. Luckily, the only dependency of nodejs is glibc.

We need to disable os verification and enable write permission. I paste the log of enable write permission.

  1. Check the version of glibc in order to determine which package we should download

    There is a soft link point to the real version ld. In my case, it is glibc 2.19.

    chronos@localhost / $ ls -l  /lib/ld*.so.*
    lrwxrwxrwx 1 root root 10 Jun 10  2015 /lib/ld-linux-armhf.so.3 -> ld-2.19.so
    

    glibc 2.19 is used in opensuse 13.2 ss-prepare-software-check-glibc-version

  2. Download nodejs and its dependency.

    We could find out that there is no more dependence except glibc for nodejs: ss-prepare-software-nodejs

    # wget http://download.opensuse.org/ports/update/13.2/armv7hl/nodejs-4.3.1-15.1.armv7hl.rpm
    [...]
    nodejs-3.3.1-15.1.armv7hl.rpm      100%[================================================================>]   5.13M   116KB/s    in 58s
    
  3. Convert from rpm package to cpio image format, and extract it

    # rpm2cpio nodejs-4.3.1-15.1.armv7hl.rpm > nodejs-4.3.1-15.1.armv7hl.cpio
    # mkdir nodejs
    # cd nodejs/
    # cpio -iudm < ../nodejs-4.3.1-15.1.armv7hl.cpio
    xxx blocks
    
  4. Enable write permission for filesystem

    Now, we have the nodejs bin and lib, we could copy them to the filesystem and build our application. But we need make fileystem writable before it. Otherwise we will encounter the following error message:

    chronos@localhost ~/Downloads/nodejs $ cp -va usr/bin/* /usr/bin/
    ‘usr/bin/node’ -> ‘/usr/bin/node’
    cp: cannot create regular file ‘/usr/bin/node’: Read-only file system
    ‘usr/bin/npm’ -> ‘/usr/bin/npm’
    cp: cannot create symbolic link ‘/usr/bin/npm’: Read-only file system
    
    $ sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification
    
      ERROR: YOU ARE TRYING TO MODIFY THE LIVE SYSTEM IMAGE /dev/mmcblk0.
    
      The system may become unusable after that change, especially when you have
      some auto updates in progress. To make it safer, we suggest you to only
      change the partition you have booted with. To do that, re-execute this command
      as:
    
        sudo ./make_dev_ssd.sh --remove_rootfs_verification --partitions 2
    
      If you are sure to modify other partition, please invoke the command again and
      explicitly assign only one target partition for each time  (--partitions N )
    
    ERROR: IMAGE /dev/mmcblk0 IS NOT MODIFIED.
    $ sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions 2
    
      ERROR: YOUR FIRMWARE WILL ONLY BOOT SIGNED IMAGES.
    
      Modifying the kernel or root filesystem will result in an unusable system.  If
      you really want to make this change, allow the firmware to boot self-signed
      images by running:
    
        sudo crossystem dev_boot_signed_only=0
    
      before re-executing this command.
    
    ERROR: IMAGE /dev/mmcblk0 IS NOT MODIFIED.
    $ sudo crossystem dev_boot_signed_only=0
    $ sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions 2
    Kernel A: Disabled rootfs verification.
    Backup of Kernel A is stored in: /mnt/stateful_partition/backups/kernel_A_20160303_114351.bin
    Kernel A: Re-signed with developer keys successfully.
    Successfully re-signed 2 of 1 kernel(s)  on device /dev/mmcblk0.
    $
    
  5. Copy the nodejs files into system

    sudo cp -a ./usr/lib/* /usr/lib/
    sudo cp -a ./usr/bin/* /usr/bin/
    
  6. Now, we could follow the this arcicle descrbie how to build shadowsocks-chromeapp. Here is the shadowsocks application for chromebook. Node and NPM on Chromebook (Chrome OS).

  7. We could use the proxy through SwithyOmega: ss-SwitchyOmega

参考链接

赞赏

wechat 9.9 wechat 0.99