Ubuntu 24.04上搭建Hysteria2翻墙教程.md
$ cat ubuntu 24.04上搭建hysteria2翻墙教程.md

VPS端配置:

sudo -i

bash <(curl -fsSL https://get.hy2.sh/)

openssl req -x509 -nodes -newkey ec:<(openssl ecparam -name prime256v1) -keyout /etc/hysteria/server.key -out /etc/hysteria/server.crt -subj “/CN=bing.com” -days 36500 && sudo chown hysteria /etc/hysteria/server.key && sudo chown hysteria /etc/hysteria/server.crt

nano /etc/hysteria/config.yaml

#把“password: ”后面的密码更改为自定的密码

listen: :443

tls:
  cert: /etc/hysteria/server.crt
  key: /etc/hysteria/server.key

auth:
  type: password
  password: CmZjPxNOyTs2V3WraD

masquerade:
  type: proxy
  proxy:
    url: https://bing.com/
    rewriteHost: true

quic:
  initStreamReceiveWindow: 8388608
  maxStreamReceiveWindow: 8388608
  initConnReceiveWindow: 20971520
  maxConnReceiveWindow: 20971520
  maxIdleTimeout: 30s
  maxIncomingStreams: 1024
  disablePathMTUDiscovery: false

bandwidth:
  up: 1 gbps
  down: 1 gbps

acl:
  inline:
    - reject(all, udp/443)

transport:
  udp:
    hopInterval: 10s

#删除原配置文件的全部内容,将上面修改好的代码完整复制,一次性粘贴到SSH窗口,然后按“Ctrl+O”,然后按“回车键”保存,再按“Ctrl+X”退出编辑

systemctl enable hysteria-server.service

systemctl start hysteria-server.service

systemctl status hysteria-server.service

ufw allow 40000:60000/udp

iptables -t nat -A PREROUTING -i eth0 -p udp –dport 40000:60000 -j DNAT –to-destination :443

ip6tables -t nat -A PREROUTING -i eth0 -p udp –dport 40000:60000 -j DNAT –to-destination :443

mkdir -p /etc/iptables

iptables-save > /etc/iptables/rules.v4

ip6tables-save > /etc/iptables/rules.v6

apt-get update

apt-get install iptables-persistent -y

#按“回车键”

#按“回车键”

iptables -t nat -L -n -v

ip6tables -t nat -L -n -v

Hysteria2常用命令:

启动Hysteria2:systemctl start hysteria-server.service

停止Hysteria2:systemctl stop hysteria-server.service

重启Hysteria2:systemctl restart hysteria-server.service

查看Hysteria2运行状态:systemctl status hysteria-server.service

查看配置文件:cat /etc/hysteria/config.yaml

修改配置文件:nano /etc/hysteria/config.yaml

Windows客户端配置:

#把以下代码中的“yourdomain.com”替换为你自己的域名或VPS的IP地址

#把以下代码中“auth: ”后面的密码更改为VPS端设置好的密码

#把以下代码中“down: ”后面的数值更改为你自家网络带宽,例如:你的网络带宽是500Mbps,就改为500。如果不清楚带宽,可以在不开代理的情况下访问“https://www.speedtest.net/zh-Hans”去测速,按测速结果的下载项值判断

#打开记事本新建一个文本文件,将以下修改好的代码复制过来,点击“文件”→“另存为”,保存类型选择“所有文件”,编码(E)选择“UTF-8”,文件名以“XXXX.yaml”的格式保存

server: yourdomain.com:40000-60000

auth: CmZjPxNOyTs2V3WraD

tls:
  sni: bing.com
  insecure: true

transport:
  type: udp
  udp:
    hopInterval: 10s

quic:
  initStreamReceiveWindow: 8388608
  maxStreamReceiveWindow: 8388608
  initConnReceiveWindow: 20971520
  maxConnReceiveWindow: 20971520
  maxIdleTimeout: 30s
  keepAlivePeriod: 10s
  disablePathMTUDiscovery: false

bandwidth:
  up: 50 mbps
  down: 100 mbps

fastOpen: true

socks5:
  listen: 127.0.0.1:40000

http:
  listen: 127.0.0.1:40001

#打开v2rayN客户端,双击任务栏通知区域里的“V”图标,点击“配置文件”→“添加自定义配置文件”→点击“浏览”,选择之前保存的“XXXX.yaml”文件,Core类型选择“hysteria2”,Socks端口输入以上代码中“socks5:”一项设定的端口号(例如:输入“40000”),输入一个自定的别名,然后单击“确定”即可使用