KCPTun 一种基于UDP协议的TCP加速方案
Posted 黑客组
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了KCPTun 一种基于UDP协议的TCP加速方案相关的知识,希望对你有一定的参考价值。
前言
服务器端搭建
服务器采用centos7系统
案例
我使用kcp 888端口为ssh 22端口加速
创建kcptun目录
mkdir /kcpcd /kcp
下载kcptun
wget https://github.com/xtaci/kcptun/releases/download/v20171021/kcptun-linux-amd64-20171021.tar.gz
tar xfvz kcptun-linux-amd64-20171021.tar.gz
防火墙开放端口 注意:kcp是UDP端口
[root@baidu kcp]# firewall-cmd --zone=public --permanent --add-port=888/udpsuccess
[root@baidu kcp]# firewall-cmd --reloadAsuccess
[root@baidu kcp]# firewall-cmd --zone=public --list-allpublic (active)
target: default
icmp-block-inversion: no
interfaces: venet0
sources:
services: ssh dhcpv6-client
ports: 22/tcp 80/tcp 443/tcp 888/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
简单测试
./server_linux_amd64 -t 127.0.0.1:22 -l :888 --key mima --crypt aes-128 --mode fast2
编写启动脚本
touch /etc/init.d/kcptun
chmod +x /etc/init.d/kcptun
vi /etc/init.d/kcptun
内容如下
#!/bin/bashBASE=$(basename $0)# modify these in /etc/sysconfig/$BASE (/etc/sysconfig/kcptun)KCPTUN=/kcp/server_linux_amd64
KCPTUN_PIDFILE=/var/run/$BASE.pid
KCPTUN_LOGFILE=/var/log/$BASE.log
KCPTUN_LOCKFILE=/var/lock/subsys/$BASEKCPTUN_OPTS="-t 127.0.0.1:22 -l :888 --key mima --crypt aes-128 --mode fast2"KCPTUN_DESC="KCPTUN"# Source function library.. /etc/rc.d/init.d/functionsif [ -f /etc/sysconfig/$BASE ]; then
. /etc/sysconfig/$BASEfi# Check kcptun server is presentif [ ! -x $KCPTUN ]; then
echo "$KCPTUN not present or not executable!"
exit 1fiRETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}start() { if [ -f ${KCPTUN_LOCKFILE} ]; then
if [ -s ${KCPTUN_PIDFILE} ]; then
echo "$BASE might be still running, stop it first!"
killproc -p ${KCPTUN_PIDFILE} -d ${STOP_TIMEOUT} $KCPTUN
else
echo "$BASE was not shut down correctly!"
fi
rm -f ${KCPTUN_PIDFILE} ${KCPTUN_LOCKFILE}
sleep 2 fi
echo -n $"Starting $BASE: "
$KCPTUN --log ${KCPTUN_LOGFILE} $KCPTUN_OPTS &
RETVAL=$? if [ "$RETVAL" = "0" ]; then
success
sleep 2
ps -A o pid,cmd | grep "$KCPTUN --log ${KCPTUN_LOGFILE} $KCPTUN_OPTS" | awk '{print $1}' | head -n 1 > ${KCPTUN_PIDFILE}
else
failure fi
echo
[ $RETVAL = 0 ] && touch ${KCPTUN_LOCKFILE}
return $RETVAL}stop() { echo -n $"Stopping $BASE: "
killproc -p ${KCPTUN_PIDFILE} -d ${STOP_TIMEOUT} $KCPTUN
RETVAL=$? echo
[ $RETVAL = 0 ] && rm -f ${KCPTUN_PIDFILE} ${KCPTUN_LOCKFILE}
return $RETVAL}case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${KCPTUN_PIDFILE} $KCPTUN
RETVAL=$?
;;
restart)
stop
start
;;
*) echo $"Usage: $BASE { start | stop | restart | status }"
RETVAL=2
;;esacexit $RETVAL
启动管理
systemctl daemon-reload
systemctl start kcptun
systemctl status kcptun
systemctl enable kcptun
客户端
下载客户端主程序
https://github.com/xtaci/kcptun/releases
下载客户端GUI
https://github.com/dfdragon/kcptun_gclient/releases/
将gui和主程序放在同一目录,运行gui
使用管理员运行
添加 - 程序开机自启 - 启动后最小化
kcptun客户端 - 本地监听端口 - kcp服务器地址 - 端口 -通讯密钥 - 加密方式
传输模式 - 模式选择
启动
测试结果
ssh之前连接服务器22端口,现在只需要连接127.0.0.1的3300端口即可。
连接前
连接后
ssh均有3倍左右提升
而在网页加速下提升为10倍左右
以上是关于KCPTun 一种基于UDP协议的TCP加速方案的主要内容,如果未能解决你的问题,请参考以下文章