Update README.md
This commit is contained in:
parent
645deadad4
commit
97a4808c48
47
README.md
47
README.md
@ -339,25 +339,42 @@ sudo sed -i '/^#net.ipv4.ip_forward=1/s/^#//' /etc/sysctl.conf || true # 取消
|
||||
echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf > /dev/null # 确保添加
|
||||
sudo sysctl -p > /dev/null || log_error "应用 sysctl 配置失败。"
|
||||
log_info "IP 转发已开启。"
|
||||
# ==============================================================================
|
||||
# 2. SSH SOCKS5 代理 (使用 Systemd 持久化)
|
||||
# ==============================================================================
|
||||
log_info "配置 SSH SOCKS5 代理 Systemd 服务..."
|
||||
SSH_SOCKS5_SERVICE_FILE="/etc/systemd/system/ssh-socks5.service"
|
||||
|
||||
# 动态创建 Service 文件
|
||||
cat <<EOF | sudo tee ${SSH_SOCKS5_SERVICE_FILE} > /dev/null
|
||||
[Unit]
|
||||
Description=SSH SOCKS5 Proxy Service
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
# 注意:这里需要确保用户 {{ remote_ssh_user }} 是一个实际存在的用户,并且可以访问其 $HOME/.ssh
|
||||
# 为了简化,我们暂时用root运行,但更推荐使用非root用户
|
||||
User=root
|
||||
ExecStart=/usr/bin/ssh -D ${LOCAL_SOCKS5_PORT} -N -p ${REMOTE_SSH_PORT} ${REMOTE_SSH_USER}@${REMOTE_SSH_IP} -o ExitOnForwardFailure=yes -o ServerAliveInterval=60 -o ServerAliveCountMax=3
|
||||
# 使用 Restart 策略确保连接断开时自动重连
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
log_info "启动并启用 SSH SOCKS5 代理服务..."
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl enable ssh-socks5.service || log_error "启用 ssh-socks5 服务失败。"
|
||||
sudo systemctl restart ssh-socks5.service || log_error "启动 ssh-socks5 服务失败。请检查连接和免密登录配置。"
|
||||
sleep 5 # 留出时间让服务启动和重试
|
||||
|
||||
# ==============================================================================
|
||||
# 2. SSH SOCKS5 代理 (保持不变)
|
||||
# ==============================================================================
|
||||
log_info "启动 SSH SOCKS5 代理 (${REMOTE_SSH_USER}@${REMOTE_SSH_IP}:${REMOTE_SSH_PORT})..."
|
||||
if [ ! -f "$HOME/.ssh/id_rsa" ] && [ ! -f "$HOME/.ssh/id_dsa" ]; then
|
||||
log_warn "SSH 密钥文件不存在。SSH 连接可能需要输入密码或先生成密钥对。"
|
||||
log_warn "请确保可以无密码SSH登录到远程服务器,或手动输入密码完成连接。"
|
||||
fi
|
||||
sudo pkill -f "ssh -D ${LOCAL_SOCKS5_PORT}" || true
|
||||
sudo ssh -D ${LOCAL_SOCKS5_PORT} -N -f -p ${REMOTE_SSH_PORT} ${REMOTE_SSH_USER}@${REMOTE_SSH_IP} -o ExitOnForwardFailure=yes
|
||||
if [ $? -ne 0 ]; then
|
||||
log_error "SSH SOCKS5 代理启动失败。请检查远程SSH服务器信息和连接。"
|
||||
fi
|
||||
log_info "SSH SOCKS5 代理已在 127.0.0.1:${LOCAL_SOCKS5_PORT} 启动。"
|
||||
sleep 2
|
||||
if ! ss -tnlp | grep ":${LOCAL_SOCKS5_PORT}" &>/dev/null; then
|
||||
log_error "SSH SOCKS5 代理端口 ${LOCAL_SOCKS5_PORT} 未在监听。请手动检查 SSH 进程。"
|
||||
fi
|
||||
log_info "SSH SOCKS5 代理已通过 Systemd 启动,并在 127.0.0.1:${LOCAL_SOCKS5_PORT} 监听,支持自动重连。"
|
||||
|
||||
# ==============================================================================
|
||||
# 3. Redsocks2 透明代理 (保持不变)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user