v1.0.0 还没用够一个月,最近被封好多个端口,还是用回旧版吧,再被封的话也不折腾了,某些机场应该也快出 tuic 节点了,到时用机场更省事。下面是我搭建用到的命令,不熟悉网络和 linux,配置尽量最简化,不管其他参数有用没用了。
# 环境:已安装 rust 的乌龟壳 amd 服务器,oracle linux。
wget https://github.com/EAimTY/tuic/releases/download/0.8.5/tuic-server-0.8.5-x86_64-linux-gnu
sudo cp tuic-server-0.8.5-x86_64-linux-gnu /usr/local/bin/tuic-server-0.8.5
sudo chmod +x /usr/local/bin/tuic-server-0.8.5
/usr/local/bin/tuic-server-0.8.5 -v
git clone https://github.com/est31/rcgen.git
cd rcgen
cargo run
# 默认域名是 crabs.crabs,可以在 rcgen/src/main.rs 里修改
sudo vi /usr/local/etc/tuic-server-0.8.5.json
# +++
{
"port": 443,
"token": ["tuic2022"],
"certificate": "/home/opc/rcgen/certs/cert.pem",
"private_key": "/home/opc/rcgen/certs/key.pem",
"congestion_controller": "bbr",
"alpn": ["h3"]
}
# ---
sudo firewall-cmd --zone=public --add-port=443/tcp
sudo firewall-cmd --zone=public --add-port=443/udp
sudo vi /etc/systemd/system/tuic-server-0.8.5.service
# +++
[Unit]
Description=tuic server
[Service]
ExecStart=/usr/local/bin/tuic-server-0.8.5 --config /usr/local/etc/tuic-server-0.8.5.json
Restart=always
[Install]
WantedBy=multi-user.target
# ---
sudo systemctl start tuic-server-0.8.5
# 客户端配置:
# +++
{
"relay": {
"server": "crabs.crabs",
"port": 443,
"token": "tuic2022",
"ip": "你的服务器地址",
"certificates": ["C:/Users/home/app/tuic/cert.pem"],
"congestion_controller": "bbr",
"alpn": ["h3"]
},
"local": {
"port": 1080,
"ip": "127.0.0.1"
},
"log_level": "info"
}
# ---
NekoBox for Android 设置:
- 协议版本:
4
- 服务器:你的服务器地址
- 服务器端口:
443
- 密码:
tuic2022
- 应用层协议协商:
h3
- 证书(链):把服务器上的 rcgen/certs/cert.pem 粘贴进来
- “阻塞控制”:选
BBR
- “服务器名称指示”:
crabs.crabs
