黑科技,垃圾vps科学上网救星(hysteria2)
# 前言
目前主流的协议有 reality ,tuic 和 hyteria 。 reality 使用 TCP协议,比较稳定,不容易被运营商QOS,推荐线路好的vps使用,如果你买的是比较垃圾的vps, 比如买 RN ,CC ,用hyteria能改善你网络速度,在网络拥堵的时候,它不会降低发包速率,继续快速发数据包, 这就是它能在拥堵环境下能够提高速率的原因,有点暴力,所以运营商会对这类数据QOS,阻止你发包,所以使用这个协议一定要控制速率,不能配置速度太快。hyteria2是在hyteria的基础上做了重大重构,优化发包策略,性能更好。
# 安装
- 使用官方的一键安装脚本
#一键安装Hysteria2
bash <(curl -fsSL https://get.hy2.sh/)
1
2
2
- 配置文件,配置你的域名,密码
cat << EOF > /etc/hysteria/config.yaml
listen: :443 #监听端口
#使用CA证书
acme:
domains:
- a.com #你的域名,需要先解析到服务器ip
email: test@sharklasers.com
auth:
type: password
password: 123456 #设置认证密码
masquerade:
type: proxy
proxy:
url: https://bing.com #伪装网址
rewriteHost: true
EOF
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
- 启动服务
#启动Hysteria2
systemctl start hysteria-server.service
# 查看结果 ,server up and running 表示启动成功了
journalctl -u hysteria-server.service
Oct 18 08:19:34 vm82404.cloudsilk.io hysteria[922]: 2023-10-18T08:19:34Z INFO acme_client successfully downloaded available certificate chains {"count": 2, "first_url": "https://acme-v02.api.letsencrypt.org/acme/cert/0470db1c528fadf3126755f8a98033fa6a65"}
Oct 18 08:19:34 vm82404.cloudsilk.io hysteria[922]: 2023-10-18T08:19:34Z INFO obtain certificate obtained successfully {"identifier": "silk.williamgroup.top"}
Oct 18 08:19:34 vm82404.cloudsilk.io hysteria[922]: 2023-10-18T08:19:34Z INFO obtain releasing lock {"identifier": "silk.williamgroup.top"}
Oct 18 08:19:34 vm82404.cloudsilk.io hysteria[922]: 2023-10-18T08:19:34Z INFO server up and running
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
- 客户端配置(clash)
mixed-port: 7890
unified-delay: false
geodata-mode: true
tcp-concurrent: false
find-process-mode: strict
global-client-fingerprint: chrome
allow-lan: true
mode: rule
log-level: info
ipv6: true
external-controller: 127.0.0.1:9090
geox-url:
geoip: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geoip.dat"
geosite: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/geosite.dat"
mmdb: "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@release/country.mmdb"
profile:
store-selected: true
store-fake-ip: true
sniffer:
enable: false
sniff:
TLS:
ports: [443]
HTTP:
ports: [80]
override-destination: true
tun:
enable: true
stack: system
dns-hijack:
- 'any:53'
auto-route: true
auto-detect-interface: true
dns:
enable: true
listen: 0.0.0.0:1053
ipv6: true
enhanced-mode: fake-ip
fake-ip-range: 28.0.0.1/8
fake-ip-filter:
- '*'
- '+.lan'
default-nameserver:
- 223.5.5.5
nameserver:
- 'tls://8.8.4.4#DNS_Proxy'
- 'tls://1.0.0.1#DNS_Proxy'
proxy-server-nameserver:
- https://dns.alidns.com/dns-query#h3=true
nameserver-policy:
"geosite:cn,private":
- 223.5.5.5
- 114.114.114.114
- https://dns.alidns.com/dns-query#h3=true
proxies:
- name: "hysteria2"
type: hysteria2
server: a.com #你的域名,需要先解析到服务器ip
port: 8443
# up和down均不写或为0则使用BBR流控
up: "30 Mbps" # 若不写单位,默认为 Mbps
down: "50 Mbps" # 若不写单位,默认为 Mbps
password: 123456
sni: a.com
proxy-groups:
- name: "PROXY"
type: select
proxies:
- hysteria2
rule-providers:
reject:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/reject.txt"
path: ./ruleset/reject.yaml
interval: 86400
icloud:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/icloud.txt"
path: ./ruleset/icloud.yaml
interval: 86400
apple:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/apple.txt"
path: ./ruleset/apple.yaml
interval: 86400
google:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/google.txt"
path: ./ruleset/google.yaml
interval: 86400
proxy:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/proxy.txt"
path: ./ruleset/proxy.yaml
interval: 86400
direct:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/direct.txt"
path: ./ruleset/direct.yaml
interval: 86400
private:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/private.txt"
path: ./ruleset/private.yaml
interval: 86400
gfw:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/gfw.txt"
path: ./ruleset/gfw.yaml
interval: 86400
greatfire:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/greatfire.txt"
path: ./ruleset/greatfire.yaml
interval: 86400
tld-not-cn:
type: http
behavior: domain
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/tld-not-cn.txt"
path: ./ruleset/tld-not-cn.yaml
interval: 86400
telegramcidr:
type: http
behavior: ipcidr
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/telegramcidr.txt"
path: ./ruleset/telegramcidr.yaml
interval: 86400
cncidr:
type: http
behavior: ipcidr
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/cncidr.txt"
path: ./ruleset/cncidr.yaml
interval: 86400
lancidr:
type: http
behavior: ipcidr
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/lancidr.txt"
path: ./ruleset/lancidr.yaml
interval: 86400
applications:
type: http
behavior: classical
url: "https://ghproxy.com/https://raw.githubusercontent.com/Loyalsoldier/clash-rules/release/applications.txt"
path: ./ruleset/applications.yaml
interval: 86400
rules:
- RULE-SET,applications,DIRECT
- DOMAIN,clash.razord.top,DIRECT
- DOMAIN,yacd.haishan.me,DIRECT
- DOMAIN,services.googleapis.cn,PROXY
- RULE-SET,private,DIRECT
- RULE-SET,reject,REJECT
- RULE-SET,icloud,DIRECT
- RULE-SET,apple,DIRECT
- RULE-SET,google,DIRECT
- RULE-SET,proxy,PROXY
- RULE-SET,direct,DIRECT
- RULE-SET,lancidr,DIRECT
- RULE-SET,cncidr,DIRECT
- RULE-SET,telegramcidr,PROXY
- GEOIP,LAN,DIRECT
- GEOIP,CN,DIRECT
- MATCH,PROXY
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
相关系统命令
#启动Hysteria2
systemctl start hysteria-server.service
#重启Hysteria2
systemctl restart hysteria-server.service
#查看Hysteria2状态
systemctl status hysteria-server.service
#停止Hysteria2
systemctl stop hysteria-server.service
#设置开机自启
systemctl enable hysteria-server.service
#查看日志
journalctl -u hysteria-server.service
1
2
3
4
5
6
7
8
9
10
11
12
2
3
4
5
6
7
8
9
10
11
12
上次更新: 2024/02/21, 11:34:46