MarkDown
1、准备一台服务器并解析域名
- 解析域名:【点击进入】
放行端口或者禁用防火墙:
ufw disable2、申请证书
安装依赖包
apt update -y&&apt install -y curl&&apt install -y socat- 安装证书申请程序
curl https://get.acme.sh | sh -s email=my@example.com 申请证书
~/.acme.sh/acme.sh --issue -d 你的域名 --standalone3、安装Sing-box
下载Sing-box源文件
wget https://github.com/SagerNet/sing-box/releases/download/v1.6.2/sing-box-1.6.2-linux-amd64.tar.gz解压下载好的文件
tar -zxvf sing-box-1.6.2-linux-amd64.tar.gz4、创建并设置配置文件
进入Sing-box文件夹
cd /root/sing-box-1.6.2-linux-amd64- 分别创建一个名为ech.config和ech.key的文件
- 生成ech公钥和私钥,
- 把公钥复制粘贴到ech.config文件中
- 把私钥复制粘贴到ech.key文件中
- 在Sing-box文件夹下创建一个名为server.json的文件
- 生成ech公钥和私钥
./sing-box generate ech-keypair www.bing.com --pq-signature-schemes-enabled - 把以下代码粘贴进去
{ "log": { "disabled": false, "level": "info", "timestamp": true }, "dns": { "servers": [ { "tag": "cf", "address": "https://1.1.1.1/dns-query", "strategy": "ipv4_only", "detour": "direct" }, { "tag": "block", "address": "rcode://success" } ], "rules": [ { "geosite": [ "category-ads-all" ], "server": "block", "disable_cache": true } ], "final": "cf", "strategy": "", "disable_cache": false, "disable_expire": false }, "inbounds": [ { "type": "vless", "tag": "vless-in", "listen": "::", "listen_port": 443, "tcp_fast_open": false, "tcp_multi_path": false, "udp_fragment": false, "sniff": false, "sniff_override_destination": false, "sniff_timeout": "300ms", "domain_strategy": "prefer_ipv4", "udp_timeout": 300, "proxy_protocol": false, "proxy_protocol_accept_no_header": false, "users": [ { "name": "naiyou", "uuid": "你的UUID", "flow": "" } ], "tls": { "enabled": true, "server_name": "你的域名", "certificate_path": "你的证书文件路径", "key_path": "你的密钥文件路径", "ech": { "enabled": true, "pq_signature_schemes_enabled": true, "dynamic_record_sizing_disabled": false, "key_path": "你的ECH KEYS文件路径" } }, "transport": { "type": "ws", "path": "你的PATH路径", "headers": {}, "max_early_data": 0, "early_data_header_name": "" } } ], "outbounds": [ { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns-out" } ], "route": { "geoip": { "path": "geoip.db", "download_url": "https://github.com/SagerNet/sing-geoip/releases/latest/download/geoip.db", "download_detour": "direct" }, "geosite": { "path": "geosite.db", "download_url": "https://github.com/SagerNet/sing-geosite/releases/latest/download/geosite.db", "download_detour": "direct" }, "rules": [ { "protocol": "dns", "outbound": "dns-out" }, { "geosite": [ "category-ads-all" ], "outbound": "block" } ], "auto_detect_interface": true, "final": "direct" }, "experimental": {} } 设置Sing-box后台运行
nohup ./sing-box run -c server.json &5、客户端配置
下载客户端源文件:【点击进入】
- 创建一个名为client.json的文件
- 把下面的配置文件粘贴到client.json文件中
{ "dns": { "servers": [ { "tag": "alidns", "address": "https://223.5.5.5/dns-query", "address_strategy": "prefer_ipv4", "strategy": "ipv4_only", "detour": "direct" }, { "tag": "cf", "address": "https://1.1.1.1/dns-query", "strategy": "ipv4_only", "detour": "direct" }, { "tag": "block", "address": "rcode://success" } ], "rules": [ { "geosite": [ "cn" ], "domain_suffix": [ ".cn" ], "server": "alidns", "disable_cache": false }, { "geosite": [ "category-ads-all" ], "server": "block", "disable_cache": true } ], "final": "cf", "strategy": "", "disable_cache": false, "disable_expire": false }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "::", "listen_port": 5353, "tcp_fast_open": false, "tcp_multi_path": false, "udp_fragment": false, "sniff": true, "sniff_override_destination": false, "sniff_timeout": "300ms", "domain_strategy": "prefer_ipv4", "udp_timeout": 300, "proxy_protocol": false, "proxy_protocol_accept_no_header": false, "set_system_proxy": true } ], "outbounds": [ { "type": "vless", "tag": "proxy", "server": "你的域名", "server_port": 443, "uuid": "你的UUID", "flow": "", "tls": { "enabled": true, "ech": { "enabled": true, "pq_signature_schemes_enabled": true, "dynamic_record_sizing_disabled": false, "config": "你的ech.config文件内容" } }, "packet_encoding": "", "transport": { "type": "ws", "path": "你服务端配置的PATH路径", "headers": {}, "max_early_data": 0, "early_data_header_name": "" } }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns-out" } ], "route": { "geoip": { "path": "geoip.db", "download_url": "https://github.com/SagerNet/sing-geoip/releases/latest/download/geoip.db", "download_detour": "direct" }, "geosite": { "path": "geosite.db", "download_url": "https://github.com/SagerNet/sing-geosite/releases/latest/download/geosite.db", "download_detour": "direct" }, "rules": [ { "protocol": "dns", "outbound": "dns-out" }, { "geosite": [ "cn", "private" ], "geoip": [ "cn", "private" ], "domain_suffix": [ ".cn" ], "outbound": "direct" }, { "geosite": [ "category-ads-all" ], "outbound": "block" } ], "auto_detect_interface": true, "final": "proxy" }, "experimental": {} } - 将ech.config文件中的每一行都打印出来
awk 'NF {printf "%s\\n",$0}' ech.config - 下载Sing-box客户端,并把sing-box.exe放入到此目录下\zz_v2rayN-With-Core-SelfContained\zz_v2rayN-With-Core-SelfContained\bin\sing_box