diff --git a/Hysteria/hysteria证书申请.sh b/Hysteria/hysteria证书申请.sh index 2ecf7d9..993f3e3 100644 --- a/Hysteria/hysteria证书申请.sh +++ b/Hysteria/hysteria证书申请.sh @@ -16,7 +16,9 @@ acme.sh --install-cert -d ${DOMAIN_NAME} --ecc \ --reloadcmd "systemctl restart nginx --force" -openssl x509 -noout -fingerprint -sha256 -in /root/.acme.sh/super-idol.107421.xyz_ecc/super-idol.107421.xyz.cer +openssl x509 -noout -fingerprint -sha256 -in /root/.acme.sh/super-idol.107421.xyz_ecc/fullchain.cer cp /root/.acme.sh/super-idol.107421.xyz_ecc/super-idol.107421.xyz.cer /etc/hysteria/super-idol.107421.xyz.cert cp /root/.acme.sh/super-idol.107421.xyz_ecc/super-idol.107421.xyz.key /etc/hysteria/super-idol.107421.xyz.key + +cp /root/.acme.sh/super-idol.107421.xyz_ecc/fullchain.cer /etc/hysteria/super-idol.107421.xyz.cert \ No newline at end of file diff --git a/Hysteria/客户端配置.yaml b/Hysteria/客户端配置.yaml index 11af4e4..f544b50 100644 --- a/Hysteria/客户端配置.yaml +++ b/Hysteria/客户端配置.yaml @@ -8,19 +8,14 @@ tls: pinSHA256: 71:82:78:59:3B:9B:33:50:9C:02:A7:C3:DF:9B:77:6B:81:E2:B7:C8:56:B0:25:4F:D2:0E:B8:FB:E0:46:3D:4A quic: - initStreamReceiveWindow: 16777216 - maxStreamReceiveWindow: 16777216 - initConnReceiveWindow: 33554432 - maxConnReceiveWindow: 33554432 - maxIdleTimeout: 10s - maxIncomingStreams: 128 + initStreamReceiveWindow: 8388608 + maxStreamReceiveWindow: 8388608 + initConnReceiveWindow: 20971520 + maxConnReceiveWindow: 20971520 + maxIdleTimeout: 30s + keepAlivePeriod: 10s disablePathMTUDiscovery: false -obfs: - type: salamander - salamander: - password: fuck_ufw - fastOpen: false socks5: @@ -28,4 +23,4 @@ socks5: transport: udp: - hopInterval: 10s \ No newline at end of file + hopInterval: 20s \ No newline at end of file diff --git a/Hysteria/服务端配置.yaml b/Hysteria/服务端配置.yaml index 2bdbd5d..62b24c3 100644 --- a/Hysteria/服务端配置.yaml +++ b/Hysteria/服务端配置.yaml @@ -5,19 +5,15 @@ tls: key: /etc/hysteria/super-idol.107421.xyz.key quic: - initStreamReceiveWindow: 16777216 - maxStreamReceiveWindow: 16777216 - initConnReceiveWindow: 33554432 - maxConnReceiveWindow: 33554432 - maxIdleTimeout: 10s + initStreamReceiveWindow: 8388608 + maxStreamReceiveWindow: 8388608 + initConnReceiveWindow: 20971520 + maxConnReceiveWindow: 20971520 + maxIdleTimeout: 30s + keepAlivePeriod: 10s maxIncomingStreams: 128 disablePathMTUDiscovery: false -obfs: - type: salamander - salamander: - password: fuck_ufw - auth: type: password password: V2ryStr0ngP@ss diff --git a/Hysteria/需要配合iptables使用.txt b/Hysteria/需要配合iptables使用.txt index c189578..772b82c 100644 --- a/Hysteria/需要配合iptables使用.txt +++ b/Hysteria/需要配合iptables使用.txt @@ -1,8 +1,8 @@ Hysteria 服务端并不能同时监听多个端口,因此不能在服务器端使用上面的格式作为监听地址。建议配合 iptables 的 DNAT 将端口转发到服务器的监听端口。 # IPv4 -iptables -t nat -A PREROUTING -i ens3 -p udp --dport 19100:19300 -j DNAT --to-destination :19100 -iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 19100:19300 -j DNAT --to-destination :19100 +iptables -t nat -A PREROUTING -i ens3 -p udp --dport 29100:30000 -j DNAT --to-destination :29100 +iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 29100:30000 -j DNAT --to-destination :29100 # IPv6 ip6tables -t nat -A PREROUTING -i ens3 -p udp --dport 19100:19300 -j DNAT --to-destination :19100