wget https://go.dev/dl/go1.22.2.linux-amd64.tar.gz
tar -zxvf go1.22.2.linux-amd64.tar.gz -C /usr/local/

cp /etc/profile /etc/profile.bak
echo export GOROOT=/usr/local/go >> /etc/profile
echo export PATH=/usr/local/go/bin:$PATH >> /etc/profile
source /etc/profile
go version

go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive

如果第二条指令执行出错,可以尝试执行go env -w GO111MODULE=on 再重试,还不行的话请自行搜索升级go版本方法

acme.sh申请证书

转换密码

{
  order forward_proxy before file_server
}
:443, na.daehub.com {
  tls /etc/letsencrypt/live/daehub.com/fullchain.pem /etc/letsencrypt/live/daehub.com/privkey.pem
  forward_proxy {
    basic_auth user password
    hide_ip
    hide_via
    probe_resistance
  }
  file_server {
    root /usr/share/nginx/html
  }
}
caddy fmt --overwrite Caddyfile
caddy adapt Caddyfile > config.json

config.json

{
 "apps": {
   "http": {
     "servers": {
       "srv0": {
         "listen": [
           ":57418"
         ],
         "routes": [
           {
             "handle": [
               {
                 "auth_credentials": [
                                        "ZFhObGNqcHdZWE56"
                  ],
                 "handler": "forward_proxy",
                 "hide_ip": true,
                 "hide_via": true,
                 "probe_resistance": {}
               }
             ]
           },
           {
             "handle": [
               {
                 "handler": "reverse_proxy",
                 "headers": {
                   "request": {
                     "set": {
                       "Host": [
                         "{http.reverse_proxy.upstream.hostport}"
                       ],
                       "X-Forwarded-Host": [
                         "{http.request.host}"
                       ]
                     }
                   }
                 },
                 "transport": {
                   "protocol": "http",
                   "tls": {}
                 },
                 "upstreams": [
                   {
                     "dial": "www.cloudreve.org:443"
                   }
                 ]
               }
             ]
           }
         ],
         "tls_connection_policies": [
           {
             "match": {
               "sni": [
                 "1199.eu.org"
               ]
             },
             "certificate_selection": {
               "any_tag": [
                 "cert0"
               ]
             }
           }
         ],
         "automatic_https": {
           "disable": true
         }
       }
     }
   },
   "tls": {
     "certificates": {
       "load_files": [
         {
           "certificate": "/root/.acme.sh/1199.eu.org/fullchain.cer",
           "key": "/root/.acme.sh/1199.eu.org/1199.eu.org.key",
           "tags": [
             "cert0"
           ]
         }
       ]
     }
   }
 }
}

ln -s /root/caddy /usr/bin/caddy

/etc/systemd/system/naive.service

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=root
Group=root
ExecStart=/usr/bin/caddy run --environ --config /root/config.json
ExecReload=/usr/bin/caddy reload --config /root/config.json
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

systemctl enable naive.service
systemctl start naive.service

如果懒,也可以一键脚本

wget -N https://gitlab.com/rwkgyg/naiveproxy-yg/raw/main/naiveproxy.sh && bash naiveproxy.sh

BIOS引导

  1. Grub2系统安装将/boot/gurb/i386-pc/boot.img(512byte),安装到MBR第一扇区512字节MBR引导区(不管MBR/GPT),并修改硬编码指向core.img位置.

  2. Grub2系统安装将/boot/grub/i386-pc/core.img(大概26K)动态安装到:

    • MBR分区就安装到MBR引导第一扇区~第一分区之间(一般第一分区前保留的2048空间)
    • GPT分区就安装到第一分区之间~32LBA(一般第一分区前保留的2048空间) 或者 存放在<BIOS引导分区>(flags: gdisk/EF02 parted/bios_grub)

core解压diskboot.img与grub的kernel.img

UEFI引导

只支持EFI分区, 一般默认挂载在/boot/efi目录
UEFI主板会自动查找EFI分区的shimx64.efi加载grubx64.efi->/boot/efi/EFI/ubutnu/grub.cfg

search.fs_uuid 4687307a-311d-4fef-a2bf-07fd44f2c30b root hd0,msdos6 
set prefix=($root)'/boot/grub'
configfile $prefix/grub.cfg

GRUB引导

  • 安装和更新从/etc/default/grub读取引导配置和/etc/grub.d/下脚本为配置,由update-grub生成(grub-mkconfig -o /boot/grub/grub.cfg)

最终grub读取/boot/grub/grub.cfg配置文件指定参数来加载引导内核文件vmlinuxz和虚拟文件系统initramfs从而启动

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Terminal Server/Wds/rdpwd/Tds/tcp]
"PortNumber"=dword:0000e089

[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Terminal Server/WinStations/RDP-Tcp]
"PortNumber"=dword:0000e089

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp" /v PortNumber /t reg_dword /d 57481 /f

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t reg_dword /d 57481 /f

net stop TermService

net start TermService

  1. 1
  2. 2
  3. 3
  4. 4