Last active
June 23, 2020 06:44
-
-
Save lewangdev/8e47ed4ecc05b4106bc612b3e57424cd to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Retries": 1, | |
| "ServeNodes": [ | |
| "dns://127.0.0.1:15353?dns=https-chain://1.1.1.1/dns-query", | |
| "red://:1081" | |
| ], | |
| "ChainNodes": [ | |
| "https://user:pass@ip:port?peer=/etc/qiangguo/gost/peer.txt" | |
| ] | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # strategy for node selecting | |
| strategy random | |
| max_fails 5 | |
| fail_timeout 180s | |
| # period for live reloading | |
| reload 60s | |
| # peers | |
| #peer https://user:pass@ip1:port1 | |
| #peer https://user:pass@ip2:port2 | |
| #peer https://user:pass@ip3:port3 | |
| peer https://user:pass@ip4:port4 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh - | |
| QiangGuoDir=/etc/qiangguo | |
| ## IPSET | |
| # OR ipset create gfwlist hash:ip | |
| ipset -N gfwlist iphash | |
| # Telegram IP Range from https://ipinfo.io/AS62041 | |
| ipset add gfwlist 149.154.160.0/20 | |
| ipset add gfwlist 149.154.164.0/22 | |
| ipset add gfwlist 91.108.4.0/22 | |
| ipset add gfwlist 91.108.56.0/22 | |
| ipset add gfwlist 91.108.8.0/22 | |
| curl -skLo ${QiangGuoDir}/gfwlist.conf https://raw.githubusercontent.com/hq450/fancyss/master/rules/gfwlist.conf | |
| sed -i 's/7913/15353/g' ${QiangGuoDir}/gfwlist.conf | |
| rm -f /etc/dnsmasq.d/gfwlist.conf | true | |
| ln -s ${QiangGuoDir}/gfwlist.conf /etc/dnsmasq.d/gfwlist.conf | |
| /etc/init.d/dnsmasq restart | |
| ## NAT | |
| # 在 nat 表中创建链 | |
| iptables -t nat -N GFWLIST | |
| iptables -t nat -N QIANGGUO | |
| # 所有的 tcp 都转发到 QIANGGUO | |
| iptables -t nat -I PREROUTING 1 -p tcp -j QIANGGUO | |
| # 跳过一些不需要转发的 IP,如本地 IP,局域网 IP,组播 IP等特殊用途的 IP | |
| iptables -t nat -A QIANGGUO -d 0.0.0.0/8 -j RETURN | |
| iptables -t nat -A QIANGGUO -d 127.0.0.0/8 -j RETURN | |
| iptables -t nat -A QIANGGUO -d 10.0.0.0/8 -j RETURN | |
| iptables -t nat -A QIANGGUO -d 192.168.0.0/16 -j RETURN | |
| iptables -t nat -A QIANGGUO -d 224.0.0.0/4 -j RETURN | |
| iptables -t nat -A QIANGGUO -d 240.0.0.0/4 -j RETURN | |
| # 跳过代理服务器 IP | |
| iptables -t nat -A QIANGGUO -d <Server Ip> -j RETURN | |
| # 剩下的 IP 到转发到 GFWLIST 进行检查 | |
| iptables -t nat -A QIANGGUO -p tcp -j GFWLIST | |
| # 如果 IP 在 gfwlist 中,则转发到端口 1081 | |
| iptables -t nat -A GFWLIST -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1081 | |
| nohup ${QiangGuoDir}/gost/gost -C ${QiangGuoDir}/gost/config-elb.json >/dev/null 2>&1 & |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment