背景
所在单位的网络QoS与网络限制非常严重,甚至于禁止了SSH、RDP等协议,导致无法正常连接远程桌面、服务器。且网速时不时只有不到1M的下行,上网检索资料变得异常卡顿。
尝试了在阿里云杭州VPS上部署了wireguard,连接过去,但效果不理想,只是解除了网络策略限制,可以连接SSH、RDP了,但速度依旧是一言难尽。
配置突破
因某些原因,具体不细说
暴力发包
服务端
在杭州VPS上面配置hy2服务端,
listen: :60000
tls:
cert: /etc/ssl/www.crt
key: /etc/ssl/www.key
auth:
type: password
password: FxaBzTbNmsyus3m7ym其中www.crt与www.key为自签证书
客户端
server: 1.1.1.1:60000
auth: FxaBzTbNmsyus3m7ym
bandwidth:
up: 100 mbps
down: 15 mbps
socks5:
listen: 127.0.0.1:7798
tls:
insecure: trueTun网卡实现
使用sing-box client
规则忽略hy2,避免无法正常连接到杭州服务器
{
"log": {
"level": "warn",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "remote",
"address": "223.5.5.5",
"detour": "proxy"
},
{
"tag": "local",
"address": "223.5.5.5",
"detour": "direct"
},
{
"tag": "block",
"address": "rcode://success"
},
{
"tag": "local_local",
"address": "223.5.5.5",
"detour": "direct"
}
],
"rules": [
{
"server": "block",
"disable_cache": true,
"geosite": [
"category-ads-all"
]
},
{
"outbound": "any",
"server": "local_local"
}
],
"strategy": "ipv4_only"
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"interface_name": "singbox_tun",
"inet4_address": "172.19.0.1/30",
"inet6_address": "fdfe:dcba:9876::1/126",
"mtu": 9000,
"auto_route": true,
"strict_route": true,
"stack": "gvisor",
"sniff": true
}
],
"outbounds": [
{
"type": "socks",
"tag": "proxy",
"server": "127.0.0.1",
"server_port": 7798,
"version": "5"
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
},
{
"type": "dns",
"tag": "dns_out"
}
],
"route": {
"auto_detect_interface": true,
"rules": [
{
"outbound": "dns_out",
"protocol": [
"dns"
]
},
{
"outbound": "dns_out",
"protocol": [
"dns"
]
},
{
"outbound": "block",
"network": "udp",
"port": [
135,
137,
138,
139,
5353
]
},
{
"outbound": "block",
"ip_cidr": [
"224.0.0.0/3",
"ff00::/8"
]
},
{
"outbound": "block",
"source_ip_cidr": [
"224.0.0.0/3",
"ff00::/8"
]
},
{
"outbound": "dns_out",
"port": [
53
],
"process_name": [
"hysteria-windows-amd64.exe",
"hysteria-windows-386.exe",
"hysteria.exe"
]
},
{
"outbound": "direct",
"process_name": [
"hysteria-windows-amd64.exe",
"hysteria-windows-386.exe",
"hysteria.exe"
]
},
{
"outbound": "proxy",
"port_range": [
"0:65535"
]
}
]
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:19090"
}
}
}最终效果
Great post!
Your content always strikes the perfect balance between thoughtfulness and accessibility. I’d love to see you explore how these ideas align with topics like digital transformation or ethical leadership. Your analysis on their broader relevance could be truly eye-opening. Thanks for consistently delivering such meaningful insights—can’t wait to read more!
Site - https://gpt4geeks.com
AngelAxome 03-16
机房网络不好我都怀疑是你干的触发了网络规则
俊 2024-03-05