SRE文档

深浅模式

1. 部署

系统选择ubuntu20.x

bash
VERSION=1.2.2 && bash <(curl -Ls https://raw.githubusercontent.com/alireza0/s-ui/$VERSION/install.sh) $VERSION
VERSION=1.2.2 && bash <(curl -Ls https://raw.githubusercontent.com/alireza0/s-ui/$VERSION/install.sh) $VERSION

image-20250802105250179

image-20250802105442370

2.Reality目标域名 

for d in th.bing.com intel.com statici.icloud.com www.bing.com www.xilinx.com www.sony.com b.6sc.co ts3.tc.mm.bing.net www.amd.com sisu.xboxlive.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in th.bing.com intel.com statici.icloud.com www.bing.com www.xilinx.com www.sony.com b.6sc.co ts3.tc.mm.bing.net www.amd.com sisu.xboxlive.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in c.6sc.co gray-wowt-prod.gtv-cdn.com s.go-mpulse.net apps.apple.com intelcorp.scene7.com sisu.xboxlive.com aws.com snap.licdn.com cua-chat-ui.tesla.com ce.mf.marsflag.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in c.6sc.co gray-wowt-prod.gtv-cdn.com s.go-mpulse.net apps.apple.com intelcorp.scene7.com sisu.xboxlive.com aws.com snap.licdn.com cua-chat-ui.tesla.com ce.mf.marsflag.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in aws.com polyfill-fastly.io assets-www.xbox.com res-1.cdn.office.net www.bing.com logx.optimizely.com services.digitaleast.mobi is1-ssl.mzstatic.com consent.trustarc.com electronics.sony.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in aws.com polyfill-fastly.io assets-www.xbox.com res-1.cdn.office.net www.bing.com logx.optimizely.com services.digitaleast.mobi is1-ssl.mzstatic.com consent.trustarc.com electronics.sony.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in statici.icloud.com cdn.userway.org j.6sc.co d2c.aws.amazon.com www.sony.com www.microsoft.com s.yimg.com d1.awsstatic.com s0.awsstatic.com statici.icloud.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in statici.icloud.com cdn.userway.org j.6sc.co d2c.aws.amazon.com www.sony.com www.microsoft.com s.yimg.com d1.awsstatic.com s0.awsstatic.com statici.icloud.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in cdnssl.clicktale.net a.b.cdn.console.awsstatic.com location-services-prd.tesla.com azure.microsoft.com vscjava.gallerycdn.vsassets.io s7mbrstream.scene7.com www.google-analytics.com www.redditstatic.com s.yimg.com sisu.xboxlive.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done
for d in cdnssl.clicktale.net a.b.cdn.console.awsstatic.com location-services-prd.tesla.com azure.microsoft.com vscjava.gallerycdn.vsassets.io s7mbrstream.scene7.com www.google-analytics.com www.redditstatic.com s.yimg.com sisu.xboxlive.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d </dev/null &>/dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done

image-20250802105736781

3.访问

通过隧道方式访问

bash
ssh -L 2095:127.0.0.1:2095 root@vps_ip
ssh -L 2095:127.0.0.1:2095 root@vps_ip

4. 配置

4.1 配置tls

配置reality

image-20250802110257741

配置tuic

image-20250802110432355

配置hy2

image-20250802111053645

4.2 配置入站管理

配置reality

image-20250802110536173

配置tuic

image-20250802110710706

配置hy2

image-20250802111242631

5. 配置用户管理

image-20250802110818768

客户端工具

clash mi

  • 下载地址,支持hy2协议

https://github.com/KaringX/karing

  • 使用

https://karing.app/app-manual/diversion-rule-edit

  • 其它工具

Windows/Mac(v2rayN):https://github.com/2dust/v2rayN/releases/tag/7.12.7

Android(NekoBox):https://github.com/MatsuriDayo/NekoBoxForAndroid/releases/tag/1.3.9

IOS/Mac(shadowrocket):https://apps.apple.com/app/shadowrocket/id932747118