新增hysteria部分

2023-09-13 10:53:42 +08:00
parent f02d26b32e
commit 5bc64ffead
4 changed files with 18 additions and 25 deletions
--- a/Hysteria/hysteria证书申请.sh
+++ b/Hysteria/hysteria证书申请.sh
@@ -16,7 +16,9 @@ acme.sh --install-cert -d ${DOMAIN_NAME} --ecc \
 --reloadcmd     "systemctl restart nginx --force"


-openssl x509 -noout -fingerprint -sha256 -in /root/.acme.sh/super-idol.107421.xyz_ecc/super-idol.107421.xyz.cer
+openssl x509 -noout -fingerprint -sha256 -in /root/.acme.sh/super-idol.107421.xyz_ecc/fullchain.cer

 cp /root/.acme.sh/super-idol.107421.xyz_ecc/super-idol.107421.xyz.cer /etc/hysteria/super-idol.107421.xyz.cert
 cp /root/.acme.sh/super-idol.107421.xyz_ecc/super-idol.107421.xyz.key /etc/hysteria/super-idol.107421.xyz.key
+
+cp /root/.acme.sh/super-idol.107421.xyz_ecc/fullchain.cer /etc/hysteria/super-idol.107421.xyz.cert
--- a/Hysteria/客户端配置.yaml
+++ b/Hysteria/客户端配置.yaml
@@ -8,19 +8,14 @@ tls:
  pinSHA256: 71:82:78:59:3B:9B:33:50:9C:02:A7:C3:DF:9B:77:6B:81:E2:B7:C8:56:B0:25:4F:D2:0E:B8:FB:E0:46:3D:4A

 quic:
-  initStreamReceiveWindow: 16777216
-  maxStreamReceiveWindow: 16777216
-  initConnReceiveWindow: 33554432
-  maxConnReceiveWindow: 33554432
-  maxIdleTimeout: 10s
-  maxIncomingStreams: 128
+  initStreamReceiveWindow: 8388608
+  maxStreamReceiveWindow: 8388608
+  initConnReceiveWindow: 20971520
+  maxConnReceiveWindow: 20971520
+  maxIdleTimeout: 30s
+  keepAlivePeriod: 10s
  disablePathMTUDiscovery: false

-obfs:
-  type: salamander
-  salamander:
-    password: fuck_ufw
-
 fastOpen: false

 socks5:
@@ -28,4 +23,4 @@ socks5:

 transport:
  udp:
-    hopInterval: 10s
+    hopInterval: 20s
--- a/Hysteria/服务端配置.yaml
+++ b/Hysteria/服务端配置.yaml
@@ -5,19 +5,15 @@ tls:
  key: /etc/hysteria/super-idol.107421.xyz.key

 quic:
-  initStreamReceiveWindow: 16777216
-  maxStreamReceiveWindow: 16777216
-  initConnReceiveWindow: 33554432
-  maxConnReceiveWindow: 33554432
-  maxIdleTimeout: 10s
+  initStreamReceiveWindow: 8388608
+  maxStreamReceiveWindow: 8388608
+  initConnReceiveWindow: 20971520
+  maxConnReceiveWindow: 20971520
+  maxIdleTimeout: 30s
+  keepAlivePeriod: 10s
  maxIncomingStreams: 128
  disablePathMTUDiscovery: false

-obfs:
-  type: salamander
-  salamander:
-    password: fuck_ufw
-
 auth:
  type: password
  password: V2ryStr0ngP@ss
--- a/Hysteria/需要配合iptables使用.txt
+++ b/Hysteria/需要配合iptables使用.txt
@@ -1,8 +1,8 @@
 Hysteria 服务端并不能同时监听多个端口，因此不能在服务器端使用上面的格式作为监听地址。建议配合 iptables 的 DNAT 将端口转发到服务器的监听端口。

 # IPv4
-iptables -t nat -A PREROUTING -i ens3 -p udp --dport 19100:19300 -j DNAT --to-destination :19100
-iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 19100:19300 -j DNAT --to-destination :19100
+iptables -t nat -A PREROUTING -i ens3 -p udp --dport 29100:30000 -j DNAT --to-destination :29100
+iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 29100:30000 -j DNAT --to-destination :29100
 # IPv6
 ip6tables -t nat -A PREROUTING -i ens3 -p udp --dport 19100:19300 -j DNAT --to-destination :19100