网络 tcp 拥堵优化

install

本脚本适用环境 系统支持: CentOS 6+ , Debian 7+ , Ubuntu 12+ 虚拟技术: OpenVZ 以外的( KVM 、 Xen 、 VMware 等) 内存要求:≥ 128M 日期  : 2017 年 02 月 22 日

关于本脚本:

  1. 本脚本已在 Vultr 上的 VPS 全部测试通过。
  2. 当脚本检测到 VPS 的虚拟方式为 OpenVZ 时,会提示错误,并自动退出安装。
  3. 某些服务商(如 DigitalOcean ) 可能 需要首先将 VPS 配置为可自定义内核,然后 grub2 的配置才会生效。
  4. 脚本运行完重启发现开不了机的,打开 VPS 后台控制面板的 VNC, 开机卡在 grub 引导 , 手动选择内核即可。
  5. 由于是使用最新版系统内核,最好请勿在生产环境安装,以免产生不可预测之后果。

安装命令:

wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh 
chmod +x bbr.sh
./bbr.sh
reboot

uname -r
sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control
sysctl net.core.default_qdisc
lsmod | grep bbr

内核升级方法:

如果是 CentOS 系统,执行如下命令即可升级内核:

    yum --enablerepo=elrepo-kernel -y install kernel-ml kernel-ml-devel

CentOS 6: sed -i 's/^default=.*/default=0/g' /boot/grub/grub.conf

CentOS 7: grub2-set-default 0

最后,重启 VPS 即可。

我是如何抓到妹子的

按浏览器渲染方式不同分:

  1. 后端渲染完整页面
  2. 前端延迟渲染页面

对于第一种,很简单请求分析 dom 就可以了

很遗憾, 今天我们抓的是第二种

很自然地分析源码,各种混淆后,放弃了…

防火墙

firewall-cmd --state
systemctl stop firewalld.service

时间校准

yum install ntp //安装ntp服务
systemctl enable ntpd //开机启动服务
systemctl start ntpd //启动服务
timedatectl set-timezone Asia/Shanghai //更改时区
timedatectl set-ntp yes //启用ntp同步
ntpq -p //同步时间

安装服务端

yum install -y unzip vim
wget https://toutyrater.github.io/install-release.sh
chmod +x ./install-release.sh
./install-release.sh

配置

本文例子用 vmess and http 模式, 端口为 12222

{
  "inbound": {
    "port": 12222, 
    "protocol": "vmess",
    "settings": {
      "clients": [
        {
          "id": "b831381d-6324-4d53-ad4f-8cda48b30811",
          "level": 1,
          "alterId": 64
        }
      ]
    },
    "streamSettings": {
      "network": "tcp",
      "tcpSettings": {
        "header": { 
          "type": "http",
          "response": {
            "version": "1.1",
            "status": "200",
            "reason": "OK",
            "headers": {
              "Content-Type": ["application/octet-stream", "application/x-msdownload", "text/html", "application/x-shockwave-flash"],
              "Transfer-Encoding": ["chunked"],
              "Connection": ["keep-alive"],
              "Pragma": "no-cache"
            }
          }
        }
      }
    }
  },
  "outbound": {
    "protocol": "freedom",
    "settings": {}
  },
  "outboundDetour": [
    {
      "protocol": "blackhole",
      "settings": {},
      "tag": "blocked"
    }
  ],
  "routing": {
    "strategy": "rules",
    "settings": {
      "rules": [
        {
          "type": "field",
          "ip": [
            "0.0.0.0/8",
            "10.0.0.0/8",
            "100.64.0.0/10",
            "127.0.0.0/8",
            "169.254.0.0/16",
            "172.16.0.0/12",
            "192.0.0.0/24",
            "192.0.2.0/24",
            "192.168.0.0/16",
            "198.18.0.0/15",
            "198.51.100.0/24",
            "203.0.113.0/24",
            "::1/128",
            "fc00::/7",
            "fe80::/10"
          ],
          "outboundTag": "blocked"
        }
      ]
    }
  }
}

启动

vim /etc/v2ray/config.json
systemctl start v2ray
systemctl status v2ray

client

{
  "inbound": {
    "port": 8390,
    "protocol": "socks",
    "settings": {
      "auth": "noauth"
    }
  },
  "outbound": {
    "protocol": "vmess",
    "mux": {"enabled": true},
    "settings": {
      "vnext": [
        {
          "address": "proxy-us.way.gg",
          "port": 12222,
          "users": [
            {
              "id": "b831381d-6324-4d53-ad4f-8cda48b30811",
              "alterId": 64
            }
          ]
        }
      ]
    },
    "streamSettings": {
      "network": "tcp",
      "tcpSettings": {
        "header": {  
          "type": "http",
          "request": {
            "version": "1.1",
            "method": "GET",
            "path": ["/"],
            "headers": {
              "Host": ["www.cloudflare.com", "www.amazon.com"],
              "User-Agent": [
                "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36",
                        "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/53.0.2785.109 Mobile/14A456 Safari/601.1.46"
              ],
              "Accept-Encoding": ["gzip, deflate"],
              "Connection": ["keep-alive"],
              "Pragma": "no-cache"
            }
          }
        }
      }
    }
  },
  "outboundDetour": [
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "direct"
    }
  ],
  "routing": {
    "strategy": "rules",
    "settings": {
      "domainStrategy": "IPIfNonMatch",
      "rules": [
        {
          "type": "field",
          "ip": [
            "0.0.0.0/8",
            "10.0.0.0/8",
            "100.64.0.0/10",
            "127.0.0.0/8",
            "169.254.0.0/16",
            "172.16.0.0/12",
            "192.0.0.0/24",
            "192.0.2.0/24",
            "192.168.0.0/16",
            "198.18.0.0/15",
            "198.51.100.0/24",
            "203.0.113.0/24",
            "::1/128",
            "fc00::/7",
            "fe80::/10"
          ],
          "outboundTag": "direct"
        },
        {
          "type": "chinasites",
          "outboundTag": "direct"
        },
        {
          "type": "chinaip",
          "outboundTag": "direct"
        }
      ]
    }
  }
}

启动

./v2ray -config http_client.json

如果使用 macport 管理 php 版本的同学, 我们不应该用软链接管理 /usr/bin

应该用:

port select --set php php71

切换版本.

→ which php
/opt/local/bin/php

→ ll /opt/local/bin/php
lrwxr-xr-x  1 vanilla  admin    20B  1 16 15:36 /opt/local/bin/php -> /opt/local/bin/php71

android xposed

解锁 /system 保护

adb root
adb shell
adb shell
mount -o remount /system
reboot

安装 xposeed

解决xposed框架无法激活“segmentation fault”

http://a-attach.rcnice.com/adx.apk