Linux搭建Trojan服务
一、准备工作
1、购买国外服务器
2、国外注册商注册域名&解析到服务器
二、搭建Trojan服务端
1、运行一键安装trojan脚本
curl -O https://raw.githubusercontent.com/atrandys/trojan/master/trojan_mult.sh && chmod +x trojan_mult.sh && ./trojan_mult.shtrojan_mult.sh源码:
#!/bin/bash
function blue(){
echo -e "\033[34m\033[01m$1\033[0m"
}
function green(){
echo -e "\033[32m\033[01m$1\033[0m"
}
function red(){
echo -e "\033[31m\033[01m$1\033[0m"
}
function version_lt(){
test "$(echo "$@" | tr " " "\n" | sort -rV | head -n 1)" != "$1";
}
source /etc/os-release
RELEASE=$ID
VERSION=$VERSION_ID
if [ "$RELEASE" == "centos" ]; then
release="centos"
systemPackage="yum"
elif [ "$RELEASE" == "debian" ]; then
release="debian"
systemPackage="apt-get"
elif [ "$RELEASE" == "ubuntu" ]; then
release="ubuntu"
systemPackage="apt-get"
fi
systempwd="/etc/systemd/system/"
function install_trojan(){
$systemPackage install -y nginx
if [ ! -d "/etc/nginx/" ]; then
red "nginx安装有问题,请使用卸载trojan后重新安装"
exit 1
fi
cat > /etc/nginx/nginx.conf <<-EOF
user root;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 120;
client_max_body_size 20m;
#gzip on;
server {
listen 80;
server_name $your_domain;
root /usr/share/nginx/html;
index index.php index.html index.htm;
}
}
EOF
systemctl restart nginx
sleep 3
rm -rf /usr/share/nginx/html/*
cd /usr/share/nginx/html/
wget https://github.com/atrandys/trojan/raw/master/fakesite.zip >/dev/null 2>&1
unzip fakesite.zip >/dev/null 2>&1
sleep 5
if [ ! -d "/usr/src" ]; then
mkdir /usr/src
fi
if [ ! -d "/usr/src/trojan-cert" ]; then
mkdir /usr/src/trojan-cert /usr/src/trojan-temp
mkdir /usr/src/trojan-cert/$your_domain
if [ ! -d "/usr/src/trojan-cert/$your_domain" ]; then
red "不存在/usr/src/trojan-cert/$your_domain目录"
exit 1
fi
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --register-account -m test@$your_domain --server zerossl
~/.acme.sh/acme.sh --issue -d $your_domain --nginx
if test -s /root/.acme.sh/$your_domain/fullchain.cer; then
cert_success="1"
fi
elif [ -f "/usr/src/trojan-cert/$your_domain/fullchain.cer" ]; then
cd /usr/src/trojan-cert/$your_domain
create_time=`stat -c %Y fullchain.cer`
now_time=`date +%s`
minus=$(($now_time - $create_time ))
if [ $minus -gt 5184000 ]; then
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --register-account -m test@$your_domain --server zerossl
~/.acme.sh/acme.sh --issue -d $your_domain --nginx
if test -s /root/.acme.sh/$your_domain/fullchain.cer; then
cert_success="1"
fi
else
green "检测到域名$your_domain证书存在且未超过60天,无需重新申请"
cert_success="1"
fi
else
mkdir /usr/src/trojan-cert/$your_domain
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --register-account -m test@$your_domain --server zerossl
~/.acme.sh/acme.sh --issue -d $your_domain --nginx
if test -s /root/.acme.sh/$your_domain/fullchain.cer; then
cert_success="1"
fi
fi
if [ "$cert_success" == "1" ]; then
cat > /etc/nginx/nginx.conf <<-EOF
user root;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 120;
client_max_body_size 20m;
#gzip on;
server {
listen 127.0.0.1:80;
server_name $your_domain;
root /usr/share/nginx/html;
index index.php index.html index.htm;
}
server {
listen 0.0.0.0:80;
server_name $your_domain;
return 301 https://$your_domain\$request_uri;
}
}
EOF
systemctl restart nginx
systemctl enable nginx
cd /usr/src
wget https://api.github.com/repos/trojan-gfw/trojan/releases/latest >/dev/null 2>&1
latest_version=`grep tag_name latest| awk -F '[:,"v]' '{print $6}'`
rm -f latest
green "开始下载最新版trojan amd64"
wget https://github.com/trojan-gfw/trojan/releases/download/v${latest_version}/trojan-${latest_version}-linux-amd64.tar.xz
tar xf trojan-${latest_version}-linux-amd64.tar.xz >/dev/null 2>&1
rm -f trojan-${latest_version}-linux-amd64.tar.xz
#下载trojan客户端
green "开始下载并处理trojan windows客户端"
wget https://github.com/atrandys/trojan/raw/master/trojan-cli.zip
wget -P /usr/src/trojan-temp https://github.com/trojan-gfw/trojan/releases/download/v${latest_version}/trojan-${latest_version}-win.zip
unzip -o trojan-cli.zip >/dev/null 2>&1
unzip -o /usr/src/trojan-temp/trojan-${latest_version}-win.zip -d /usr/src/trojan-temp/ >/dev/null 2>&1
mv -f /usr/src/trojan-temp/trojan/trojan.exe /usr/src/trojan-cli/
green "请设置trojan密码,建议不要出现特殊字符"
read -p "请输入密码 :" trojan_passwd
#trojan_passwd=$(cat /dev/urandom | head -1 | md5sum | head -c 8)
cat > /usr/src/trojan-cli/config.json <<-EOF
{
"run_type": "client",
"local_addr": "127.0.0.1",
"local_port": 1080,
"remote_addr": "$your_domain",
"remote_port": 443,
"password": [
"$trojan_passwd"
],
"log_level": 1,
"ssl": {
"verify": true,
"verify_hostname": true,
"cert": "",
"cipher_tls13":"TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"sni": "",
"alpn": [
"h2",
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"curves": ""
},
"tcp": {
"no_delay": true,
"keep_alive": true,
"fast_open": false,
"fast_open_qlen": 20
}
}
EOF
rm -rf /usr/src/trojan/server.conf
cat > /usr/src/trojan/server.conf <<-EOF
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 443,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"$trojan_passwd"
],
"log_level": 1,
"ssl": {
"cert": "/usr/src/trojan-cert/$your_domain/fullchain.cer",
"key": "/usr/src/trojan-cert/$your_domain/private.key",
"key_password": "",
"cipher_tls13":"TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"no_delay": true,
"keep_alive": true,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": ""
}
}
EOF
cd /usr/src/trojan-cli/
zip -q -r trojan-cli.zip /usr/src/trojan-cli/
rm -rf /usr/src/trojan-temp/
rm -f /usr/src/trojan-cli.zip
trojan_path=$(cat /dev/urandom | head -1 | md5sum | head -c 16)
#mkdir /usr/share/nginx/html/${trojan_path}
#mv /usr/src/trojan-cli/trojan-cli.zip /usr/share/nginx/html/${trojan_path}/
cat > ${systempwd}trojan.service <<-EOF
[Unit]
Description=trojan
After=network.target
[Service]
Type=simple
PIDFile=/usr/src/trojan/trojan/trojan.pid
ExecStart=/usr/src/trojan/trojan -c "/usr/src/trojan/server.conf"
ExecReload=/bin/kill -HUP \$MAINPID
Restart=on-failure
RestartSec=1s
[Install]
WantedBy=multi-user.target
EOF
chmod +x ${systempwd}trojan.service
systemctl enable trojan.service
cd /root
~/.acme.sh/acme.sh --installcert -d $your_domain \
--key-file /usr/src/trojan-cert/$your_domain/private.key \
--fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
--reloadcmd "systemctl restart trojan"
green "==========================================================================="
green "windows客户端路径/usr/src/trojan-cli/trojan-cli.zip,此客户端已配置好所有参数"
green "==========================================================================="
echo
echo
green " 客户端配置文件"
green "==========================================================================="
cat /usr/src/trojan-cli/config.json
green "==========================================================================="
else
red "==================================="
red "https证书没有申请成功,本次安装失败"
red "==================================="
fi
}
function preinstall_check(){
nginx_status=`ps -aux | grep "nginx: worker" |grep -v "grep"`
if [ -n "$nginx_status" ]; then
systemctl stop nginx
fi
$systemPackage -y install net-tools socat >/dev/null 2>&1
Port80=`netstat -tlpn | awk -F '[: ]+' '$1=="tcp"{print $5}' | grep -w 80`
Port443=`netstat -tlpn | awk -F '[: ]+' '$1=="tcp"{print $5}' | grep -w 443`
if [ -n "$Port80" ]; then
process80=`netstat -tlpn | awk -F '[: ]+' '$5=="80"{print $9}'`
red "==========================================================="
red "检测到80端口被占用,占用进程为:${process80},本次安装结束"
red "==========================================================="
exit 1
fi
if [ -n "$Port443" ]; then
process443=`netstat -tlpn | awk -F '[: ]+' '$5=="443"{print $9}'`
red "============================================================="
red "检测到443端口被占用,占用进程为:${process443},本次安装结束"
red "============================================================="
exit 1
fi
if [ -f "/etc/selinux/config" ]; then
CHECK=$(grep SELINUX= /etc/selinux/config | grep -v "#")
if [ "$CHECK" == "SELINUX=enforcing" ]; then
green "$(date +"%Y-%m-%d %H:%M:%S") - SELinux状态非disabled,关闭SELinux."
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
#loggreen "SELinux is not disabled, add port 80/443 to SELinux rules."
#loggreen "==== Install semanage"
#logcmd "yum install -y policycoreutils-python"
#semanage port -a -t http_port_t -p tcp 80
#semanage port -a -t http_port_t -p tcp 443
#semanage port -a -t http_port_t -p tcp 37212
#semanage port -a -t http_port_t -p tcp 37213
elif [ "$CHECK" == "SELINUX=permissive" ]; then
green "$(date +"%Y-%m-%d %H:%M:%S") - SELinux状态非disabled,关闭SELinux."
setenforce 0
sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config
fi
fi
if [ "$release" == "centos" ]; then
if [ -n "$(grep ' 6\.' /etc/redhat-release)" ] ;then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
if [ -n "$(grep ' 5\.' /etc/redhat-release)" ] ;then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
firewall_status=`systemctl status firewalld | grep "Active: active"`
if [ -n "$firewall_status" ]; then
green "检测到firewalld开启状态,添加放行80/443端口规则"
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --reload
fi
rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm --force --nodeps
elif [ "$release" == "ubuntu" ]; then
if [ -n "$(grep ' 14\.' /etc/os-release)" ] ;then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
if [ -n "$(grep ' 12\.' /etc/os-release)" ] ;then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
ufw_status=`systemctl status ufw | grep "Active: active"`
if [ -n "$ufw_status" ]; then
ufw allow 80/tcp
ufw allow 443/tcp
ufw reload
fi
apt-get update
elif [ "$release" == "debian" ]; then
ufw_status=`systemctl status ufw | grep "Active: active"`
if [ -n "$ufw_status" ]; then
ufw allow 80/tcp
ufw allow 443/tcp
ufw reload
fi
apt-get update
fi
$systemPackage -y install wget unzip zip curl tar >/dev/null 2>&1
green "======================="
blue "请输入绑定到本VPS的域名"
green "======================="
read your_domain
real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'`
local_addr=`curl ipv4.icanhazip.com`
if [ $real_addr == $local_addr ] ; then
green "=========================================="
green " 域名解析正常,开始安装trojan"
green "=========================================="
sleep 1s
install_trojan
else
red "===================================="
red "域名解析地址与本VPS IP地址不一致"
red "若你确认解析成功你可强制脚本继续运行"
red "===================================="
read -p "是否强制运行 ?请输入 [Y/n] :" yn
[ -z "${yn}" ] && yn="y"
if [[ $yn == [Yy] ]]; then
green "强制继续运行脚本"
sleep 1s
install_trojan
else
exit 1
fi
fi
}
function repair_cert(){
systemctl stop nginx
#iptables -I INPUT -p tcp --dport 80 -j ACCEPT
#iptables -I INPUT -p tcp --dport 443 -j ACCEPT
Port80=`netstat -tlpn | awk -F '[: ]+' '$1=="tcp"{print $5}' | grep -w 80`
if [ -n "$Port80" ]; then
process80=`netstat -tlpn | awk -F '[: ]+' '$5=="80"{print $9}'`
red "==========================================================="
red "检测到80端口被占用,占用进程为:${process80},本次安装结束"
red "==========================================================="
exit 1
fi
green "============================"
blue "请输入绑定到本VPS的域名"
blue "务必与之前失败使用的域名一致"
green "============================"
read your_domain
real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'`
local_addr=`curl ipv4.icanhazip.com`
if [ $real_addr == $local_addr ] ; then
~/.acme.sh/acme.sh --register-account -m test@$your_domain --server zerossl
~/.acme.sh/acme.sh --issue -d $your_domain --standalone
~/.acme.sh/acme.sh --installcert -d $your_domain \
--key-file /usr/src/trojan-cert/$your_domain/private.key \
--fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
--reloadcmd "systemctl restart trojan"
if test -s /usr/src/trojan-cert/$your_domain/fullchain.cer; then
green "证书申请成功"
systemctl restart trojan
systemctl start nginx
else
red "申请证书失败"
fi
else
red "================================"
red "域名解析地址与本VPS IP地址不一致"
red "本次安装失败,请确保域名解析正常"
red "================================"
fi
}
function remove_trojan(){
red "================================"
red "即将卸载trojan"
red "同时卸载安装的nginx"
red "================================"
systemctl stop trojan
systemctl disable trojan
systemctl stop nginx
systemctl disable nginx
rm -f ${systempwd}trojan.service
if [ "$release" == "centos" ]; then
yum remove -y nginx
else
apt-get -y autoremove nginx
apt-get -y --purge remove nginx
apt-get -y autoremove && apt-get -y autoclean
find / | grep nginx | sudo xargs rm -rf
fi
rm -rf /usr/src/trojan/
rm -rf /usr/src/trojan-cli/
rm -rf /usr/share/nginx/html/*
rm -rf /etc/nginx/
rm -rf /root/.acme.sh/
green "=============="
green "trojan删除完毕"
green "=============="
}
function update_trojan(){
/usr/src/trojan/trojan -v 2>trojan.tmp
curr_version=`cat trojan.tmp | grep "trojan" | awk '{print $4}'`
wget https://api.github.com/repos/trojan-gfw/trojan/releases/latest >/dev/null 2>&1
latest_version=`grep tag_name latest| awk -F '[:,"v]' '{print $6}'`
rm -f latest
rm -f trojan.tmp
if version_lt "$curr_version" "$latest_version"; then
green "当前版本$curr_version,最新版本$latest_version,开始升级……"
mkdir trojan_update_temp && cd trojan_update_temp
wget https://github.com/trojan-gfw/trojan/releases/download/v${latest_version}/trojan-${latest_version}-linux-amd64.tar.xz >/dev/null 2>&1
tar xf trojan-${latest_version}-linux-amd64.tar.xz >/dev/null 2>&1
mv ./trojan/trojan /usr/src/trojan/
cd .. && rm -rf trojan_update_temp
systemctl restart trojan
/usr/src/trojan/trojan -v 2>trojan.tmp
green "服务端trojan升级完成,当前版本:`cat trojan.tmp | grep "trojan" | awk '{print $4}'`,客户端请在trojan github下载最新版"
rm -f trojan.tmp
else
green "当前版本$curr_version,最新版本$latest_version,无需升级"
fi
}
start_menu(){
clear
green " ======================================="
green " 介绍: 一键安装trojan "
green " 系统: centos7+/debian9+/ubuntu16.04+"
green " 作者: A "
blue " 注意:"
red " *1. 不要在任何生产环境使用此脚本"
red " *2. 不要占用80和443端口"
red " *3. 若第二次使用脚本,请先执行卸载trojan"
green " ======================================="
echo
green " 1. 安装trojan"
red " 2. 卸载trojan"
green " 3. 升级trojan"
green " 4. 修复证书"
blue " 0. 退出脚本"
echo
read -p "请输入数字 :" num
case "$num" in
1)
preinstall_check
;;
2)
remove_trojan
;;
3)
update_trojan
;;
4)
repair_cert
;;
0)
exit 1
;;
*)
clear
red "请输入正确数字"
sleep 1s
start_menu
;;
esac
}
start_menu2、安装Trojan
①输入1,安装Trojan
②输入前面解析到服务器的域名
【注意】域名解析未生效会导致,提示域名解析失败或申请证书时验证域名失败,需要等域名解析生效后,输入2,卸载Trojan再重试,直到证书申请成功(提示了证书信息即为成功,可以无视“https证书没有申请成功,本次安装失败”的提示)
③修复证书(提示:https证书没有申请成功,本次安装失败)
输入4,修复证书,输入前面输入的域名,提示“证书申请成功”即可
最后重新运行安装脚本,输入1,安装Trojan
④设置Trojan密码,输出Trojan配置信息即为安装成功
三、连接测试
1、下载并打开V2rayN
https://github.com/2dust/v2rayN/releases/download/3.27/v2rayN-Core.zip2、添加[Trojan]服务器
3、启动测试
①设置活动服务器
②开启PAC,并自动配置系统代理
右键V2rayN的托盘小图标→http代理→开启PAC,并自动配置系统代理(PAC模式)
③访问google.com测试
四、开启TCP网络加速
1、运行五合一的TCP网络加速脚本
wget -N --no-check-certificate "https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/tcp.sh"chmod +x tcp.sh./tcp.shtcp.sh源码:
#!/usr/bin/env bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
#=================================================
# System Required: CentOS 6/7,Debian 8/9,Ubuntu 16+
# Description: BBR+BBR魔改版+BBRplus+Lotserver
# Version: 1.4.0
# Author: 千影,cx9208
# Blog: https://www.939.me/
# 推荐使用5.5以上内核直接开启的bbr速度最佳
#=================================================
sh_ver="1.4.0"
github="raw.githubusercontent.com/chiakge/Linux-NetSpeed/master"
Green_font_prefix="\033[32m" && Red_font_prefix="\033[31m" && Green_background_prefix="\033[42;37m" && Red_background_prefix="\033[41;37m" && Font_color_suffix="\033[0m"
Info="${Green_font_prefix}[信息]${Font_color_suffix}"
Error="${Red_font_prefix}[错误]${Font_color_suffix}"
Tip="${Green_font_prefix}[注意]${Font_color_suffix}"
#安装BBR内核
installbbr(){
kernel_version="4.11.8"
if [[ "${release}" == "centos" ]]; then
rpm --import http://${github}/bbr/${release}/RPM-GPG-KEY-elrepo.org
yum install -y http://${github}/bbr/${release}/${version}/${bit}/kernel-ml-${kernel_version}.rpm
yum remove -y kernel-headers
yum install -y http://${github}/bbr/${release}/${version}/${bit}/kernel-ml-headers-${kernel_version}.rpm
yum install -y http://${github}/bbr/${release}/${version}/${bit}/kernel-ml-devel-${kernel_version}.rpm
elif [[ "${release}" == "debian" || "${release}" == "ubuntu" ]]; then
mkdir bbr && cd bbr
wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.1_1.1.1d-0+deb10u2_amd64.deb
wget -N --no-check-certificate http://${github}/bbr/debian-ubuntu/linux-headers-${kernel_version}-all.deb
wget -N --no-check-certificate http://${github}/bbr/debian-ubuntu/${bit}/linux-headers-${kernel_version}.deb
wget -N --no-check-certificate http://${github}/bbr/debian-ubuntu/${bit}/linux-image-${kernel_version}.deb
dpkg -i libssl1.1_1.1.1d-0+deb10u2_amd64.deb
dpkg -i linux-headers-${kernel_version}-all.deb
dpkg -i linux-headers-${kernel_version}.deb
dpkg -i linux-image-${kernel_version}.deb
cd .. && rm -rf bbr
fi
detele_kernel
BBR_grub
echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}BBR/BBR魔改版${Font_color_suffix}"
stty erase '^H' && read -p "需要重启VPS后,才能开启BBR/BBR魔改版,是否现在重启 ? [Y/n] :" yn
[ -z "${yn}" ] && yn="y"
if [[ $yn == [Yy] ]]; then
echo -e "${Info} VPS 重启中..."
reboot
fi
}
#安装BBRplus内核
installbbrplus(){
kernel_version="4.14.129-bbrplus"
if [[ "${release}" == "centos" ]]; then
wget -N --no-check-certificate https://${github}/bbrplus/${release}/${version}/kernel-${kernel_version}.rpm
yum install -y kernel-${kernel_version}.rpm
rm -f kernel-${kernel_version}.rpm
kernel_version="4.14.129_bbrplus" #fix a bug
elif [[ "${release}" == "debian" || "${release}" == "ubuntu" ]]; then
mkdir bbrplus && cd bbrplus
wget -N --no-check-certificate http://${github}/bbrplus/debian-ubuntu/${bit}/linux-headers-${kernel_version}.deb
wget -N --no-check-certificate http://${github}/bbrplus/debian-ubuntu/${bit}/linux-image-${kernel_version}.deb
dpkg -i linux-headers-${kernel_version}.deb
dpkg -i linux-image-${kernel_version}.deb
cd .. && rm -rf bbrplus
fi
detele_kernel
BBR_grub
echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}BBRplus${Font_color_suffix}"
stty erase '^H' && read -p "需要重启VPS后,才能开启BBRplus,是否现在重启 ? [Y/n] :" yn
[ -z "${yn}" ] && yn="y"
if [[ $yn == [Yy] ]]; then
echo -e "${Info} VPS 重启中..."
reboot
fi
}
#安装Lotserver内核
installlot(){
if [[ "${release}" == "centos" ]]; then
rpm --import http://${github}/lotserver/${release}/RPM-GPG-KEY-elrepo.org
yum remove -y kernel-firmware
yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-firmware-${kernel_version}.rpm
yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-${kernel_version}.rpm
yum remove -y kernel-headers
yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-headers-${kernel_version}.rpm
yum install -y http://${github}/lotserver/${release}/${version}/${bit}/kernel-devel-${kernel_version}.rpm
elif [[ "${release}" == "ubuntu" ]]; then
bash <(wget --no-check-certificate -qO- "http://${github}/Debian_Kernel.sh")
elif [[ "${release}" == "debian" ]]; then
bash <(wget --no-check-certificate -qO- "http://${github}/Debian_Kernel.sh")
fi
detele_kernel
BBR_grub
echo -e "${Tip} 重启VPS后,请重新运行脚本开启${Red_font_prefix}Lotserver${Font_color_suffix}"
stty erase '^H' && read -p "需要重启VPS后,才能开启Lotserver,是否现在重启 ? [Y/n] :" yn
[ -z "${yn}" ] && yn="y"
if [[ $yn == [Yy] ]]; then
echo -e "${Info} VPS 重启中..."
reboot
fi
}
#启用BBR
startbbr(){
remove_all
if [[ `echo ${kernel_version} | awk -F'.' '{print $1}'` -ge "5" ]]; then
echo "net.core.default_qdisc=cake" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
else
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
fi
sysctl -p
echo -e "${Info}BBR启动成功!"
}
#启用BBRplus
startbbrplus(){
remove_all
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbrplus" >> /etc/sysctl.conf
sysctl -p
echo -e "${Info}BBRplus启动成功!"
}
#编译并启用BBR魔改
startbbrmod(){
remove_all
if [[ "${release}" == "centos" ]]; then
yum install -y make gcc
mkdir bbrmod && cd bbrmod
wget -N --no-check-certificate http://${github}/bbr/tcp_tsunami.c
echo "obj-m:=tcp_tsunami.o" > Makefile
make -C /lib/modules/$(uname -r)/build M=`pwd` modules CC=/usr/bin/gcc
chmod +x ./tcp_tsunami.ko
cp -rf ./tcp_tsunami.ko /lib/modules/$(uname -r)/kernel/net/ipv4
insmod tcp_tsunami.ko
depmod -a
else
apt-get update
if [[ "${release}" == "ubuntu" && "${version}" = "14" ]]; then
apt-get -y install build-essential
apt-get -y install software-properties-common
add-apt-repository ppa:ubuntu-toolchain-r/test -y
apt-get update
fi
apt-get -y install make gcc
mkdir bbrmod && cd bbrmod
wget -N --no-check-certificate http://${github}/bbr/tcp_tsunami.c
echo "obj-m:=tcp_tsunami.o" > Makefile
ln -s /usr/bin/gcc /usr/bin/gcc-4.9
make -C /lib/modules/$(uname -r)/build M=`pwd` modules CC=/usr/bin/gcc-4.9
install tcp_tsunami.ko /lib/modules/$(uname -r)/kernel
cp -rf ./tcp_tsunami.ko /lib/modules/$(uname -r)/kernel/net/ipv4
depmod -a
fi
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=tsunami" >> /etc/sysctl.conf
sysctl -p
cd .. && rm -rf bbrmod
echo -e "${Info}魔改版BBR启动成功!"
}
#编译并启用BBR魔改
startbbrmod_nanqinlang(){
remove_all
if [[ "${release}" == "centos" ]]; then
yum install -y make gcc
mkdir bbrmod && cd bbrmod
wget -N --no-check-certificate https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/bbr/centos/tcp_nanqinlang.c
echo "obj-m := tcp_nanqinlang.o" > Makefile
make -C /lib/modules/$(uname -r)/build M=`pwd` modules CC=/usr/bin/gcc
chmod +x ./tcp_nanqinlang.ko
cp -rf ./tcp_nanqinlang.ko /lib/modules/$(uname -r)/kernel/net/ipv4
insmod tcp_nanqinlang.ko
depmod -a
else
apt-get update
if [[ "${release}" == "ubuntu" && "${version}" = "14" ]]; then
apt-get -y install build-essential
apt-get -y install software-properties-common
add-apt-repository ppa:ubuntu-toolchain-r/test -y
apt-get update
fi
apt-get -y install make gcc-4.9
mkdir bbrmod && cd bbrmod
wget -N --no-check-certificate https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/bbr/tcp_nanqinlang.c
echo "obj-m := tcp_nanqinlang.o" > Makefile
make -C /lib/modules/$(uname -r)/build M=`pwd` modules CC=/usr/bin/gcc-4.9
install tcp_nanqinlang.ko /lib/modules/$(uname -r)/kernel
cp -rf ./tcp_nanqinlang.ko /lib/modules/$(uname -r)/kernel/net/ipv4
depmod -a
fi
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=nanqinlang" >> /etc/sysctl.conf
sysctl -p
echo -e "${Info}魔改版BBR启动成功!"
}
#启用Lotserver
startlotserver(){
remove_all
if [[ "${release}" == "centos" ]]; then
yum install ethtool
else
apt-get update
apt-get install ethtool
fi
bash <(wget --no-check-certificate -qO- https://raw.githubusercontent.com/chiakge/lotServer/master/Install.sh) install
sed -i '/advinacc/d' /appex/etc/config
sed -i '/maxmode/d' /appex/etc/config
echo -e "advinacc=\"1\"
maxmode=\"1\"">>/appex/etc/config
/appex/bin/lotServer.sh restart
start_menu
}
#卸载全部加速
remove_all(){
rm -rf bbrmod
sed -i '/net.core.default_qdisc/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_congestion_control/d' /etc/sysctl.conf
sed -i '/fs.file-max/d' /etc/sysctl.conf
sed -i '/net.core.rmem_default/d' /etc/sysctl.conf
sed -i '/net.core.wmem_default/d' /etc/sysctl.conf
sed -i '/net.core.somaxconn/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_tw_reuse/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_tw_recycle/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_fin_timeout/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_keepalive_time/d' /etc/sysctl.conf
sed -i '/net.ipv4.ip_local_port_range/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_rmem/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_wmem/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_mtu_probing/d' /etc/sysctl.conf
sed -i '/net.ipv4.ip_forward/d' /etc/sysctl.conf
sed -i '/fs.inotify.max_user_instances/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_syncookies/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_fin_timeout/d' /etc/sysctl.conf
sed -i '/net.ipv4.route.gc_timeout/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_synack_retries/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_syn_retries/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_timestamps/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_max_orphans/d' /etc/sysctl.conf
sed -i '/net.core.rmem_max/d' /etc/sysctl.conf
sed -i '/net.core.wmem_max/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf
sed -i '/net.core.netdev_max_backlog/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_slow_start_after_idle/d' /etc/sysctl.conf
sed -i '/net.ipv4.ip_forward/d' /etc/sysctl.conf
if [[ -e /appex/bin/lotServer.sh ]]; then
bash <(wget --no-check-certificate -qO- https://github.com/MoeClub/lotServer/raw/master/Install.sh) uninstall
fi
clear
echo -e "${Info}:清除加速完成。"
sleep 1s
}
#优化系统配置
optimizing_system(){
sed -i '/fs.file-max/d' /etc/sysctl.conf
sed -i '/fs.inotify.max_user_instances/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_tw_reuse/d' /etc/sysctl.conf
sed -i '/net.ipv4.ip_local_port_range/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_rmem/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_wmem/d' /etc/sysctl.conf
sed -i '/net.core.somaxconn/d' /etc/sysctl.conf
sed -i '/net.core.rmem_max/d' /etc/sysctl.conf
sed -i '/net.core.wmem_max/d' /etc/sysctl.conf
sed -i '/net.core.wmem_default/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_max_tw_buckets/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_max_syn_backlog/d' /etc/sysctl.conf
sed -i '/net.core.netdev_max_backlog/d' /etc/sysctl.conf
sed -i '/net.ipv4.tcp_slow_start_after_idle/d' /etc/sysctl.conf
sed -i '/net.ipv4.ip_forward/d' /etc/sysctl.conf
echo "fs.file-max = 1000000
fs.inotify.max_user_instances = 8192
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_rmem = 16384 262144 8388608
net.ipv4.tcp_wmem = 32768 524288 16777216
net.core.somaxconn = 8192
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.wmem_default = 2097152
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_max_syn_backlog = 10240
net.core.netdev_max_backlog = 10240
net.ipv4.tcp_slow_start_after_idle = 0
# forward ipv4
net.ipv4.ip_forward = 1">>/etc/sysctl.conf
sysctl -p
echo "* soft nofile 1000000
* hard nofile 1000000">/etc/security/limits.conf
echo "ulimit -SHn 1000000">>/etc/profile
read -p "需要重启VPS后,才能生效系统优化配置,是否现在重启 ? [Y/n] :" yn
[ -z "${yn}" ] && yn="y"
if [[ $yn == [Yy] ]]; then
echo -e "${Info} VPS 重启中..."
reboot
fi
}
#更新脚本
Update_Shell(){
echo -e "当前版本为 [ ${sh_ver} ],开始检测最新版本..."
sh_new_ver=$(wget --no-check-certificate -qO- "http://${github}/tcp.sh"|grep 'sh_ver="'|awk -F "=" '{print $NF}'|sed 's/\"//g'|head -1)
[[ -z ${sh_new_ver} ]] && echo -e "${Error} 检测最新版本失败 !" && start_menu
if [[ ${sh_new_ver} != ${sh_ver} ]]; then
echo -e "发现新版本[ ${sh_new_ver} ],是否更新?[Y/n]"
read -p "(默认: y):" yn
[[ -z "${yn}" ]] && yn="y"
if [[ ${yn} == [Yy] ]]; then
wget -N --no-check-certificate http://${github}/tcp.sh && chmod +x tcp.sh
echo -e "脚本已更新为最新版本[ ${sh_new_ver} ] !"
else
echo && echo " 已取消..." && echo
fi
else
echo -e "当前已是最新版本[ ${sh_new_ver} ] !"
sleep 5s
fi
}
#开始菜单
start_menu(){
clear
echo && echo -e " TCP加速 一键安装管理脚本 ${Red_font_prefix}[v${sh_ver}]${Font_color_suffix}
-- 就是爱生活 | 94ish.me --
${Green_font_prefix}0.${Font_color_suffix} 升级脚本
————————————内核管理————————————
${Green_font_prefix}1.${Font_color_suffix} 安装 BBR/BBR魔改版内核
${Green_font_prefix}2.${Font_color_suffix} 安装 BBRplus版内核
${Green_font_prefix}3.${Font_color_suffix} 安装 Lotserver(锐速)内核
————————————加速管理————————————
${Green_font_prefix}4.${Font_color_suffix} 使用BBR加速
${Green_font_prefix}5.${Font_color_suffix} 使用BBR魔改版加速
${Green_font_prefix}6.${Font_color_suffix} 使用暴力BBR魔改版加速(不支持部分系统)
${Green_font_prefix}7.${Font_color_suffix} 使用BBRplus版加速
${Green_font_prefix}8.${Font_color_suffix} 使用Lotserver(锐速)加速
————————————杂项管理————————————
${Green_font_prefix}9.${Font_color_suffix} 卸载全部加速
${Green_font_prefix}10.${Font_color_suffix} 系统配置优化
${Green_font_prefix}11.${Font_color_suffix} 退出脚本
————————————————————————————————" && echo
check_status
if [[ ${kernel_status} == "noinstall" ]]; then
echo -e " 当前状态: ${Green_font_prefix}未安装${Font_color_suffix} 加速内核 ${Red_font_prefix}请先安装内核${Font_color_suffix}"
else
echo -e " 当前状态: ${Green_font_prefix}已安装${Font_color_suffix} ${_font_prefix}${kernel_status}${Font_color_suffix} 加速内核 , ${Green_font_prefix}${run_status}${Font_color_suffix}"
fi
echo
read -p " 请输入数字 [0-11]:" num
case "$num" in
0)
Update_Shell
;;
1)
check_sys_bbr
;;
2)
check_sys_bbrplus
;;
3)
check_sys_Lotsever
;;
4)
startbbr
;;
5)
startbbrmod
;;
6)
startbbrmod_nanqinlang
;;
7)
startbbrplus
;;
8)
startlotserver
;;
9)
remove_all
;;
10)
optimizing_system
;;
11)
exit 1
;;
*)
clear
echo -e "${Error}:请输入正确数字 [0-11]"
sleep 5s
start_menu
;;
esac
}
#############内核管理组件#############
#删除多余内核
detele_kernel(){
if [[ "${release}" == "centos" ]]; then
rpm_total=`rpm -qa | grep kernel | grep -v "${kernel_version}" | grep -v "noarch" | wc -l`
if [ "${rpm_total}" > "1" ]; then
echo -e "检测到 ${rpm_total} 个其余内核,开始卸载..."
for((integer = 1; integer <= ${rpm_total}; integer++)); do
rpm_del=`rpm -qa | grep kernel | grep -v "${kernel_version}" | grep -v "noarch" | head -${integer}`
echo -e "开始卸载 ${rpm_del} 内核..."
rpm --nodeps -e ${rpm_del}
echo -e "卸载 ${rpm_del} 内核卸载完成,继续..."
done
echo --nodeps -e "内核卸载完毕,继续..."
else
echo -e " 检测到 内核 数量不正确,请检查 !" && exit 1
fi
elif [[ "${release}" == "debian" || "${release}" == "ubuntu" ]]; then
deb_total=`dpkg -l | grep linux-image | awk '{print $2}' | grep -v "${kernel_version}" | wc -l`
if [ "${deb_total}" > "1" ]; then
echo -e "检测到 ${deb_total} 个其余内核,开始卸载..."
for((integer = 1; integer <= ${deb_total}; integer++)); do
deb_del=`dpkg -l|grep linux-image | awk '{print $2}' | grep -v "${kernel_version}" | head -${integer}`
echo -e "开始卸载 ${deb_del} 内核..."
apt-get purge -y ${deb_del}
echo -e "卸载 ${deb_del} 内核卸载完成,继续..."
done
echo -e "内核卸载完毕,继续..."
else
echo -e " 检测到 内核 数量不正确,请检查 !" && exit 1
fi
fi
}
#更新引导
BBR_grub(){
if [[ "${release}" == "centos" ]]; then
if [[ ${version} = "6" ]]; then
if [ ! -f "/boot/grub/grub.conf" ]; then
echo -e "${Error} /boot/grub/grub.conf 找不到,请检查."
exit 1
fi
sed -i 's/^default=.*/default=0/g' /boot/grub/grub.conf
elif [[ ${version} = "7" ]]; then
if [ ! -f "/boot/grub2/grub.cfg" ]; then
echo -e "${Error} /boot/grub2/grub.cfg 找不到,请检查."
exit 1
fi
grub2-set-default 0
fi
elif [[ "${release}" == "debian" || "${release}" == "ubuntu" ]]; then
/usr/sbin/update-grub
fi
}
#############内核管理组件#############
#############系统检测组件#############
#检查系统
check_sys(){
if [[ -f /etc/redhat-release ]]; then
release="centos"
elif cat /etc/issue | grep -q -E -i "debian"; then
release="debian"
elif cat /etc/issue | grep -q -E -i "ubuntu"; then
release="ubuntu"
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
elif cat /proc/version | grep -q -E -i "debian"; then
release="debian"
elif cat /proc/version | grep -q -E -i "ubuntu"; then
release="ubuntu"
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
fi
}
#检查Linux版本
check_version(){
if [[ -s /etc/redhat-release ]]; then
version=`grep -oE "[0-9.]+" /etc/redhat-release | cut -d . -f 1`
else
version=`grep -oE "[0-9.]+" /etc/issue | cut -d . -f 1`
fi
bit=`uname -m`
if [[ ${bit} = "x86_64" ]]; then
bit="x64"
else
bit="x32"
fi
}
#检查安装bbr的系统要求
check_sys_bbr(){
check_version
if [[ "${release}" == "centos" ]]; then
if [[ ${version} -ge "6" ]]; then
installbbr
else
echo -e "${Error} BBR内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
elif [[ "${release}" == "debian" ]]; then
if [[ ${version} -ge "8" ]]; then
installbbr
else
echo -e "${Error} BBR内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
elif [[ "${release}" == "ubuntu" ]]; then
if [[ ${version} -ge "14" ]]; then
installbbr
else
echo -e "${Error} BBR内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
else
echo -e "${Error} BBR内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
}
check_sys_bbrplus(){
check_version
if [[ "${release}" == "centos" ]]; then
if [[ ${version} -ge "6" ]]; then
installbbrplus
else
echo -e "${Error} BBRplus内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
elif [[ "${release}" == "debian" ]]; then
if [[ ${version} -ge "8" ]]; then
installbbrplus
else
echo -e "${Error} BBRplus内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
elif [[ "${release}" == "ubuntu" ]]; then
if [[ ${version} -ge "14" ]]; then
installbbrplus
else
echo -e "${Error} BBRplus内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
else
echo -e "${Error} BBRplus内核不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
}
#检查安装Lotsever的系统要求
check_sys_Lotsever(){
check_version
if [[ "${release}" == "centos" ]]; then
if [[ ${version} == "6" ]]; then
kernel_version="2.6.32-504"
installlot
elif [[ ${version} == "7" ]]; then
yum -y install net-tools
kernel_version="3.10.0-327"
installlot
else
echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
elif [[ "${release}" == "debian" ]]; then
if [[ ${version} = "7" || ${version} = "8" ]]; then
if [[ ${bit} == "x64" ]]; then
kernel_version="3.16.0-4"
installlot
elif [[ ${bit} == "x32" ]]; then
kernel_version="3.2.0-4"
installlot
fi
elif [[ ${version} = "9" ]]; then
if [[ ${bit} == "x64" ]]; then
kernel_version="4.9.0-4"
installlot
fi
else
echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
elif [[ "${release}" == "ubuntu" ]]; then
if [[ ${version} -ge "12" ]]; then
if [[ ${bit} == "x64" ]]; then
kernel_version="4.8.0-36"
installlot
elif [[ ${bit} == "x32" ]]; then
kernel_version="3.13.0-29"
installlot
fi
else
echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
else
echo -e "${Error} Lotsever不支持当前系统 ${release} ${version} ${bit} !" && exit 1
fi
}
check_status(){
kernel_version=`uname -r | awk -F "-" '{print $1}'`
kernel_version_full=`uname -r`
if [[ ${kernel_version_full} = "4.14.129-bbrplus" ]]; then
kernel_status="BBRplus"
elif [[ ${kernel_version} = "3.10.0" || ${kernel_version} = "3.16.0" || ${kernel_version} = "3.2.0" || ${kernel_version} = "4.8.0" || ${kernel_version} = "3.13.0" || ${kernel_version} = "2.6.32" || ${kernel_version} = "4.9.0" ]]; then
kernel_status="Lotserver"
elif [[ `echo ${kernel_version} | awk -F'.' '{print $1}'` == "4" ]] && [[ `echo ${kernel_version} | awk -F'.' '{print $2}'` -ge 9 ]] || [[ `echo ${kernel_version} | awk -F'.' '{print $1}'` -ge "5" ]]; then
kernel_status="BBR"
else
kernel_status="noinstall"
fi
if [[ ${kernel_status} == "Lotserver" ]]; then
if [[ -e /appex/bin/lotServer.sh ]]; then
run_status=`bash /appex/bin/lotServer.sh status | grep "LotServer" | awk '{print $3}'`
if [[ ${run_status} = "running!" ]]; then
run_status="启动成功"
else
run_status="启动失败"
fi
else
run_status="未安装加速模块"
fi
elif [[ ${kernel_status} == "BBR" ]]; then
run_status=`grep "net.ipv4.tcp_congestion_control" /etc/sysctl.conf | awk -F "=" '{gsub("^[ \t]+|[ \t]+$", "", $2);print $2}'`
if [[ ${run_status} == "bbr" ]]; then
run_status=`lsmod | grep "bbr" | awk '{print $1}'`
if [[ ${run_status} == "tcp_bbr" ]]; then
run_status="BBR启动成功"
else
run_status="BBR启动失败"
fi
elif [[ ${run_status} == "tsunami" ]]; then
run_status=`lsmod | grep "tsunami" | awk '{print $1}'`
if [[ ${run_status} == "tcp_tsunami" ]]; then
run_status="BBR魔改版启动成功"
else
run_status="BBR魔改版启动失败"
fi
elif [[ ${run_status} == "nanqinlang" ]]; then
run_status=`lsmod | grep "nanqinlang" | awk '{print $1}'`
if [[ ${run_status} == "tcp_nanqinlang" ]]; then
run_status="暴力BBR魔改版启动成功"
else
run_status="暴力BBR魔改版启动失败"
fi
else
run_status="未安装加速模块"
fi
elif [[ ${kernel_status} == "BBRplus" ]]; then
run_status=`grep "net.ipv4.tcp_congestion_control" /etc/sysctl.conf | awk -F "=" '{gsub("^[ \t]+|[ \t]+$", "", $2);print $2}'`
if [[ ${run_status} == "bbrplus" ]]; then
run_status=`lsmod | grep "bbrplus" | awk '{print $1}'`
if [[ ${run_status} == "tcp_bbrplus" ]]; then
run_status="BBRplus启动成功"
else
run_status="BBRplus启动失败"
fi
else
run_status="未安装加速模块"
fi
fi
}
#############系统检测组件#############
check_sys
check_version
[[ ${release} != "debian" ]] && [[ ${release} != "ubuntu" ]] && [[ ${release} != "centos" ]] && echo -e "${Error} 本脚本不支持当前系统 ${release} !" && exit 1
start_menu
2、安装BBRplus内核
3、使用BBRplus版加速
常见问题
1、为什么要用BBR加速,推荐用什么版本?
参考文章:
作用:把带宽利用到极致
推荐:BBRplus版本
2、Trojan客户端打开无法运行,提示缺少找不到vcruntime140.dll或找不到msvcp140.dll
原因缺少运行库,点击下载链接中的两个软件,一个是32位一个是64位,请全部安装即可。
3、如果遇到vcruntime140_1的错误,下载下面的文件放到C:\windows\system32目录下即可
4、trojan服务端怎么修改密码
trojan服务端配置文件路径如下,如需修改内容,修改以下文件即可。
/usr/src/trojan/server.conf
修改完成后,重启trojan服务端即可,同时客户端的密码也要同步修改哦。
systemctl restart trojan
5、关于申请证书没有成功的处理
可能的原因1:
一些原因导致使用nginx申请证书时出错,要么防火墙端口没开放,要么nginx未正常。建议用最纯净的系统安装。
可能的原因2:
出现这个问题最可能的原因之一是你的同一个域名多次申请证书,导致let’s encrypt官方的限制,同一域名每周最多5次申请。
如果你的同一个域名申请了很多此证书,这个处理方法可能有用:更换二级域名,例如原来使用的域名是www.abc.com或abc.com或xyz.abc.com,那么现在你添加一个二级域名解析例如xxx.abc.com,安装时使用这个域名即可
参考文章:
文章不足之处还请斧正!
本文By:NonNullPointer --2024/08/19