2021年7月28日 星期三

使用 Google Outline VPN 建立 VPN

使用 Google Outline VPN 建立 VPN

Outline VPN - 存取自由開放的網際網路 https://getoutline.org/zh-TW/
"Outline 可讓任何人建立和執行自己專屬的 VPN,以及分享 VPN 的存取權。由於經過特殊設計,Outline 可防禦封鎖機制,並讓你控制自己的伺服器設定,包含伺服器的所在位置。Outline 採用公開透明的技術及完整開放原始碼,而且經由兩家安全性機構進行稽核,可確保這款軟體採用最新技術且安全無虞。"

Google Outline VPN是爲了讓新聞從業人員使用的一個開放原始計劃,透過他可以方便管理與安裝 VPN。

如果有台 server可以提供安裝 outline-server

sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh)"

> Verifying that Docker is installed .......... NOT INSTALLED
> Would you like to install Docker? This will run 'curl https://get.docker.com/ | sh'. [Y/n]
> Installing Docker ........................... OK
> Verifying Docker installation OK
............... > Verifying that Docker daemon is running ..... OK
> Setting PUBLIC_HOSTNAME to external IP ...... OK
> Creating persistent state dir ............... OK
> Generating secret key ....................... OK
> Generating TLS certificate .................. OK
> Generating SHA-256 certificate fingerprint .. OK
> Writing config .............................. OK
> Starting Shadowbox .......................... OK
> Starting Watchtower ......................... OK
> Waiting for Outline server to be healthy .... OK
> Creating first user ......................... OK
> Adding API URL to config .................... OK
> Checking host firewall ...................... BLOCKED
CONGRATULATIONS! Your Outline server is up and running.

To manage your Outline server, please copy the following line (including curly
brackets) into Step 2 of the Outline Manager interface:

{"apiUrl":"https://111111:39299/DAJsfdfaf33A","certSha256":""}

You won’t be able to access it externally, despite your server being correctly
set up, because there's a firewall (in this machine, your router or cloud
provider) that is preventing incoming connections to ports 59299 and 26780.

Make sure to open the following ports on your firewall, router or cloud provider:
- Management port 39290, for TCP
- Access key port 22780, for TCP and UDP

記得設定firewall開放必須要開放的port

sudo iptables -I INPUT -p tcp -m tcp --dport 26780 -j ACCEPT
sudo iptables -I INPUT -p udp -m udp --dport 22780 -j ACCEPT
sudo iptables -I INPUT -p tcp -m tcp --dport 39299 -j ACCEPT
sudo netfilter-persistent save
sudo netfilter-persistent reload

安裝完後把獲得的設置貼到manager上
{"apiUrl":"https://111111:39299/DAJsfdfaf33A","certSha256":""}

把code從管理界面分享過去相對應的client裝上軟體後,就可以使用了,還可以設定流量。
  
張貼者:
標籤:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)