厌倦了滚动浏览相同的帖子?当您创建帐户后,您将始终回到您离开的地方。注册帐户,不仅可以享受无广告的清爽界面!
您需要 登录 才可以下载或查看,没有账号?注册
×
项目地址 https://github.com/nanci0406/dnsmasq_sniproxy_install 在此仅补充一点细节
首先把claw称为被解锁机,解锁比较好的落地机称为解锁机(确保两台机器53(tcp udp都要以防万一) 80 443 端口互通)假设解锁机ip为2.2.2.2
1.解锁机上部署sniproxy
执行命令wget --no-check-certificate -O dnsmasq_sniproxy.sh https://raw.githubusercontent.com/nanci0406/dnsmasq_sniproxy_install/master/dnsmasq_sniproxy.sh && bash dnsmasq_sniproxy.sh -fs
这步注意被解锁机的80 443 无端口占用
执行完以后 使用以下命令查看root@sg:~# systemctl status sniproxy
● sniproxy.service - Sniproxy
Loaded: loaded (/etc/systemd/system/sniproxy.service; enabled; preset: enabled)
Active: active (running) since Tue 2024-10-15 18:01:12 CST; 41min ago
Process: 233185 ExecStart=/usr/sbin/sniproxy -c /etc/sniproxy.conf (code=exited, status=0/SUCCESS)
Main PID: 233186 (sniproxy)
Tasks: 2 (limit: 495)
Memory: 1.1M
CPU: 69ms
CGroup: /system.slice/sniproxy.service
├─233186 /usr/sbin/sniproxy -c /etc/sniproxy.conf
└─233189 /usr/sbin/sniproxy -c /etc/sniproxy.conf
Oct 15 18:01:12 sg systemd[1]: Starting sniproxy.service - Sniproxy...
Oct 15 18:01:12 sg systemd[1]: Started sniproxy.service - Sniproxy.
如果安装完没自己启动 执行命令
配置文件如下(大佬已经在项目上做好了,只解锁chatgpt的话不用管)systemctl start sniproxy
systemctl enable sniproxy
root@sg:~# cat /etc/sniproxy.conf
user daemon
pidfile /var/tmp/sniproxy.pid
error_log {
syslog daemon
priority notice
}
resolver {
nameserver 8.8.8.8
nameserver 8.8.4.4 # local dns should be better
mode ipv4_only
}
listener 0.0.0.0:80 {
proto http
access_log {
filename /var/log/sniproxy/http_access.log
priority notice
}
}
listener 0.0.0.0:443 {
proto tls
access_log {
filename /var/log/sniproxy/https_access.log
priority notice
}
}
table {
.*ai\.com$ *
.*chatgpt\.com$ *
.*chat\.openai\.com$ *
.*oaistatic\.com$ *
.*oaiusercontent\.com$ *
.*openai\.com$ *
.*openaicomproductionae4b\.blob\.core\.windows\.net$ *
.*openaicom-api-bdcpf8c6d2e9atf6\.z01\.azurefd\.net$ *
.*openai\.com\.cdn\.cloudflare\.net$ *
.*openaiapi-site\.azureedge\.net$ *
.*openaicom\.imgix\.net$ *
}
2.被解锁机也就是claw安装dnsmasq 需要53端口无占用wget --no-check-certificate -O dnsmasq_sniproxy.sh https://raw.githubusercontent.com/nanci0406/dnsmasq_sniproxy_install/master/dnsmasq_sniproxy.sh && bash dnsmasq_sniproxy.sh -id
执行命令后会弹出提示 请输入sniproxy的ip地址 你就写解锁机的ip就可以 (这步很重要,中午就是因为这个导致死活无法成功,debian12可以成功 centos 9 libnetfilter_conntrack 这个包死活安装不上 换源都不行 一气之下dd了debian12)
同样执行命令查看dnsmasq情况root@localhost:~# systemctl status dnsmasq
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; preset: enabled)
Active: active (running) since Tue 2024-10-15 17:51:17 CST; 1h 1min ago
Main PID: 5478 (dnsmasq)
Tasks: 1 (limit: 2242)
Memory: 796.0K
CPU: 76ms
CGroup: /system.slice/dnsmasq.service
└─5478 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,20326,8,2,e>
Oct 15 17:51:17 localhost systemd[1]: Starting dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server...
Oct 15 17:51:17 localhost dnsmasq[5478]: started, version 2.90 cachesize 2048
Oct 15 17:51:17 localhost dnsmasq[5478]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset no-nftset auth cryptohash DNS>
Oct 15 17:51:17 localhost dnsmasq[5478]: using nameserver 8.8.8.8#53
Oct 15 17:51:17 localhost dnsmasq[5478]: using nameserver 1.1.1.1#53
Oct 15 17:51:17 localhost dnsmasq[5478]: using nameserver 208.67.222.222#53
Oct 15 17:51:17 localhost dnsmasq[5478]: using nameserver 4.2.2.1#53
Oct 15 17:51:17 localhost dnsmasq[5478]: read /etc/hosts - 6 names
Oct 15 17:51:17 localhost systemd[1]: Started dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server.
如果没启动就手动启动以下,加一下开机自启systemctl start dnsmasq
systemctl enable dnsmasq
查看dnsmasq的配置 /后面就是你解锁机的ip 比如2.2.2.2(会自动换成你的sniproxy的ip所在地址,没有就手动加一下再重启dnsmasq)root@localhost:~# cat /etc/dnsmasq.d/custom_netflix.conf
domain-needed
bogus-priv
no-resolv
no-poll
all-servers
server=8.8.8.8
server=1.1.1.1
server=208.67.222.222
server=4.2.2.1
cache-size=2048
local-ttl=60
interface=*
address=/ai.com/2.2.2.2
address=/chatgpt.com/2.2.2.2
address=/chat.openai.com/2.2.2.2
address=/oaistatic.com/2.2.2.2
address=/oaiusercontent.com/2.2.2.2
address=/openai.com/2.2.2.2
address=/openaicomproductionae4b.blob.core.windows.net/2.2.2.2
address=/openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net/2.2.2.2
address=/openai.com.cdn.cloudflare.net/2.2.2.2
address=/openaiapi-site.azureedge.net/2.2.2.2
address=/openaicom.imgix.net/2.2.2.2
可以将以下域名写入你的hosts 文件中 类似如下root@localhost:~# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
2.2.2.2 ai.com
2.2.2.2 openai.com
2.2.2.2 chat.openai.com.cdn.cloudflare.net
2.2.2.2 openaiapi-site.azureedge.net
2.2.2.2 openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net
2.2.2.2 openaicomproductionae4b.blob.core.windows.net
2.2.2.2 production-openaicom-storage.azureedge.net
2.2.2.2 o33249.ingest.sentry.io
2.2.2.2 chatgpt.com
再次执行systemctl restart dnsmasq
就可以开始奔放了
ps 解锁机的80 443 53 无论tcp udp都要设置白名单(就是claw的ip) 也就是常说的过白 夫人 你也不想你的解锁机被人刷光流量吧
其他的解锁 照着葫芦画葫芦 需要在 /etc/dnsmasq.d/custom_netflix.conf 和 /etc/sniproxy.conf /etc/host中同步增加需要dns代理的域名(可以去geosite 查询 应该是这个东西,然后让傻蛋chatgpt给你写正则)并且重启这两个服务
再次感谢大佬们的项目和指导,有啥问题欢迎指正,知错就改 |