Realm 转发隧道的建立

Realm 是一个高效的转发工具,支持链式转发建立隧道,以下为部署realm+wss过程。

Realm 是一个高效的转发工具,支持链式转发建立隧道。以下为部署realm+wss过程,经测试可以正常运行。

项目地址:Github

部署过程:

1、下载解压

当前最新版本为 v2.4.5

wget https://github.com/zhboner/realm/releases/download/v2.4.5/realm-x86_64-unknown-linux-gnu.tar.gz
tar xvf realm-x86_64-unknown-linux-gnu.tar.gz
2、赋权
mv realm /usr/bin/
cd /usr/bin
chmod +x realm
3、创建配置文件及其存储路径
mkdir /usr/local/etc/realm
vim config.toml

以入口机监听 32443 端口与 2.2.2.2:32443 建立wss隧道并转发 1.1.1.1:443 为例:

入口端配置

[log]
level = "warn"

[dns]
mode = "ipv4_only" #仅转发ipv4
protocol = "tcp_and_udp"
min_ttl = 0
max_ttl = 60
cache_size = 10

[network]
use_udp = true
zero_copy = true
fast_open = true
tcp_timeout = 300
udp_timeout = 30
send_proxy = false #是否发送代理头
send_proxy_version = 
accept_proxy = false
accept_proxy_timeout = 5

[[endpoints]]
listen = "0.0.0.0:32443"
remote = "2.2.2.2:32443"
listen_transport = "ws;host=8tsdajkhc.com;path=/sieancssrx;tls;sni=casjbcjabsdjh.tk;insecure" # 出口与入口的host、sni、servername需保持一致
remote_transport = ""

2.2.2.2 出口端配置

[log]
level = "warn"

[dns]
mode = "ipv4_only" #仅转发ipv4,如需双栈则改为 ipv4_and_ipv6
protocol = "tcp_and_udp"
min_ttl = 0
max_ttl = 60
cache_size = 10

[network]
use_udp = true
zero_copy = true
fast_open = true
tcp_timeout = 300
udp_timeout = 30
send_proxy = false #是否发送代理头
send_proxy_version = 
accept_proxy = false
accept_proxy_timeout = 5

[[endpoints]]
listen = "0.0.0.0:32443"
remote = "1.1.1.1:443"
listen_transport = "" 
remote_transport = "ws;host=8tsdajkhc.com;path=/sieancssrx;tls;servername=casjbcjabsdjh.tk" # 出口与入口的host、sni/servername需保持一致

4、创建服务文件

/etc/systemd/system 下创建 realm.service 文件

cd /etc/systemd/system
vim realm.service

realm.service 文件内容

[Unit]
Description=realm
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Type=simple
User=root
Group=root
LimitAS=infinity
LimitCORE=infinity
LimitNOFILE=102400
LimitNPROC=102400
ExecStart=/usr/bin/realm -c /usr/local/etc/realm/config.toml
ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill $MAINPID
Restart=on-failure
RestartSec=5s
DynamicUser=true

[Install]
WantedBy=multi-user.target

设置自启动及启动、停止realm

systemctl enable realm
systemctl status realm
systemctl start realm
systemctl stop realm

实时输出错误日志

journalctl -u realm -f
标签

留下评论

您的邮箱地址不会被公开。 必填项已用 * 标注

相关文章