How to Set up ss (single-user and multi-user) on a VPS server )?, Vpsss
My environment is CentOS6. The commands of the CentOS7 firewall are different from those of CentOS6.
Install shadowsocks
yum updatewget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks.shchmod +x shadowsocks.sh./shadowsocks.sh 2>&1 | tee shadowsocks.log
Configure the password, port, and encryption method as prompted. Refer to the figure below:
Configuration File
View the configuration file:
cat /etc/shadowsocks.json
1. Single User
The default configuration information is for a single user.
{ "server":"0.0.0.0", "server_port":443, "local_address":"127.0.0.1", "local_port":1080, "password":"aabbcc", "timeout":300, "method":"aes-256-cfb", "fast_open":false}
1. Multiple users
{ "server":"0.0.0.0", "local_address":"127.0.0.1", "local_port":1080, "port_password":{ "443":"pwd000", "9001":"pwd123", "9002":"pwd234", "9003":"pwd345", "9004":"pwd456" }, "timeout":300, "method":"aes-256-cfb", "fast_open": false}
After the configuration file is modified
/Etc/init. d/shadowsocks restart or service shadowsocks restart
Start:/etc/init. d/shadowsocks start
Stop:/etc/init. d/shadowsocks stop
Restart:/etc/init. d/shadowsocks restart
Status:/etc/init. d/shadowsocks status
If a multi-user configuration file is configured, some ports cannot access Google.
Open cmd to check whether the port can be connected.
Telnet ip Port
If the connection fails, open the firewall configuration file to check whether the port is opened.
cat /etc/sysconfig/iptables
If not, open the firewall port.
Edit the iptables configuration file
vi /etc/sysconfig/iptables
Add rule-a input-p tcp-m tcp -- dport port number-j ACCEPT
Add the following code to the configuration file. # Open port 9001-a input-p tcp-m tcp -- dport 9001-j ACCEPT # Open all ports between 9001-9009-a input-p tcp-m tcp -- dport 9001: 9009-j ACCEPT
Note: the rule to be added must be added to any position on the code line of the REJECT. It cannot be added to the following line of the Code; otherwise, the rule will not take effect:
Restart Firewall
Service iptables restart or/etc/init. d/iptables restart
OK. The access connection is successful.