Prerequisites
Build and install with recent mbedTLS and libsodium
1 2 3 4 5 6 7 8 9 10 11 12 13 14
| export LIBSODIUM_VER=1.0.11 export MBEDTLS_VER=2.4.0 wget https://github.com/jedisct1/libsodium/releases/download/1.0.11/libsodium-$LIBSODIUM_VER.tar.gz tar xvf libsodium-$LIBSODIUM_VER.tar.gz pushd libsodium-$LIBSODIUM_VER ./configure --prefix=/usr && make sudo make install popd wget https://tls.mbed.org/download/mbedtls-$MBEDTLS_VER-gpl.tgz tar xvf mbedtls-$MBEDTLS_VER-gpl.tgz pushd mbedtls-$MBEDTLS_VER make SHARED=1 CFLAGS=-fPIC sudo make DESTDIR=/usr install popd
|
Other
1 2
| yum install epel-release -y yum install gcc gettext autoconf libtool automake make pcre-devel asciidoc xmlto udns-devel libev-devel -y
|
Get the latest source code
1 2 3
| git clone https://github.com/shadowsocks/shadowsocks-libev.git cd shadowsocks-libev git submodule update --init --recursive
|
Installation
1 2
| ./autogen.sh && ./configure && make sudo make install
|
Configuration
Create the configuration file
1 2
| mkdir -p /etc/shadowsocks vi /etc/shadowsocks/config.json
|
Put the following text into the file:
1 2 3 4 5 6 7 8 9
| { "server":"0.0.0.0", "server_port":40002, "local_address": "127.0.0.1", "local_port":1080, "password":"mypassword", "timeout":300, "method":"chacha20", }
|
To run with deamon in CentOS7
Create and edit a file:
1
| vi /etc/systemd/system/shadowsocks.service
|
Add the following text to the file shadowsocks.service
:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
| [Unit] Description=Shadowsocks After=network.target [Service] Type=forking PIDFile=/run/shadowsocks/ss.pid PermissionsStartOnly=true ExecStartPre=/bin/mkdir -p /run/shadowsocks ExecStartPre=/bin/chown nobody:nobody /run/shadowsocks ExecStart=/usr/local/bin/ss-server -u -c /etc/shadowsocks/config.json -v -f /var/run/shadowsocks/ss.pid Restart=on-abort User=nobody Group=nobody UMask=0027 [Install] WantedBy=multi-user.target
|
To run
1 2
| systemctl start shadowsocks systemctl enable shadowsocks
|
To stop
1
| systemctl stop shadowsocks
|
Check the log
You can also use the following command:
1
| journalctl | grep ss-server
|
or
1
| journalctl -u shadowsocks.service
|
More usage about journalctl
Firewalld
1
| vi /etc/firewalld/services/shadowsocks.xml
|
Add the following text:
1 2 3 4 5 6 7
| <?xml version="1.0" encoding="utf-8"?> <service> <short>shadowsocks</short> <description>enable shadowsocks.</description> <port protocol="tcp" port="39999"/> <port protocol="udp" port="39999"/> </service>
|
Add a firewall policy use the command firewall-cmd
1 2
| firewall-cmd --permanent --zone=public --add-service=shadowsocks firewall-cmd --reload
|
Reference material
Last updated: 2017/02/19