概述
因为需要科学上网,解决代码在外网无法下载的问题。
步骤
一、下载clash
clash下载地址:https://github.com/Dreamacro/clash/releases
选择匹配的版本进行下载,此次环境为Linux环境。
将下载的包上传至Linux系统,或者直接使用wget下载链接下载至系统
|
1 |
[root@localhost ~]# wget https://github.com/Dreamacro/clash/releases/download/v1.17.0/clash-linux-amd64-v1.17.0.gz |
二、安装clash
|
1 2 3 4 5 6 7 |
[root@localhost ~]# gzip -d clash-linux-amd64-v1.1 [root@localhost ~]# mv clash-linux-amd64-v1.17.0 clash7.0.gz [root@localhost ~]# mkdir -p /usr/local/clash [root@localhost ~]# mv clash /usr/local/clash/ [root@localhost ~]# ln -s /usr/local/clash/clash /usr/local/bin/clash [root@localhost ~]# clash -v Clash v1.17.0 linux amd64 with go1.20.5 Fri Jun 30 13:06:20 UTC 223 |
三、下载Country.mmdb地理数据库文件
下载地址:https://github.com/Dreamacro/maxmind-geoip/releases/
下载完毕后,上传至/usr/local/clash目录下,也可以使用wget直接下载。
|
1 2 3 |
root@localhost clash]# wget https://github.com/Dreamacro/maxmind-geoip/releases/download/20230612/Country.mmdb [root@localhost clash]# ls clash Country.mmdb |
四、配置订阅文件
|
1 2 3 |
[root@localhost clash]# wget -O config.yaml 订阅url [root@localhost clash]# ls clash config.yaml Country.mmdb |
编辑订阅文件(vi config.yaml),允许局域网设备连接(可选)
五、让 Systemd 接管 clash
关闭selinux,将/etc/sysconfig/selinux中的SELINUX更改为disabled
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
[root@localhost clash]# getenforce Enforcing [root@localhost clash]# setenforce 0 [root@localhost clash]# getenforce Permissive [root@localhost clash]# vi /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. # See also: # https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-selinux/#getting-started-with-selinux-selinux-states-and-modes # # NOTE: In earlier Fedora kernel builds, SELINUX=disabled would also # fully disable SELinux during boot. If you need a system with SELinux # fully disabled instead of SELinux running with no policy loaded, you # need to pass selinux=0 to the kernel command line. You can use grubby # to persistently set the bootloader to boot with selinux=0: # # grubby --update-kernel ALL --args selinux=0 # # To revert back to SELinux enabled: # # grubby --update-kernel ALL --remove-args selinux # SELINUX=disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted |
添加clash服务
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
[root@localhost clash]# vi /etc/systemd/system/clash.service cat /etc/systemd/system/clash.service [Unit] Description=Clash - A rule-based tunnel in Go Documentation=https://github.com/Dreamacro/clash/wiki [Service] OOMScoreAdjust=-1000 ExecStart=/usr/local/clash/clash -d /usr/local/clash/ Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target [root@localhost clash]# systemctl daemon-reload [root@localhost clash]# systemctl restart clash [root@localhost clash]# systemctl status clash ● clash.service - Clash - A rule-based tunnel in Go Loaded: loaded (/etc/systemd/system/clash.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2023-07-07 22:47:30 CST; 2s ago Docs: https://github.com/Dreamacro/clash/wiki Main PID: 2451 (clash) Tasks: 9 (limit: 100416) Memory: 13.0M CPU: 150ms CGroup: /system.slice/clash.service └─2451 /usr/local/clash/clash -d /usr/local/clash/ 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="Start initial compatible pro> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="RESTful API listening at: [:> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="HTTP proxy listening at: [::> 7月 07 22:47:30 localhost.localdomain clash[2451]: time="2023-07-07T22:47:30+08:00" level=info msg="SOCKS proxy listening at: [:> |
查看端口是否正常开放
|
1 |
[root@localhost clash]# ss -tnlp | grep 7890 LISTEN 0 4096 *:7890 *:* users:(("clash",pid=2451,fd=19)) |
六、通过网页管理clash
编辑配置文件中的external-controller可以设置端口号,该端口号需要防火墙放行,secret可以设置管理密钥。
访问网页管理
http://clash.razord.top/#/settings
七、设置Linux系统使用代理
如果clash本地系统使用,则地址使用127.0.0.1,如果局域网机器使用则需要使用安装clash软件的IP地址,并且需要开放代理端口,此案例使用本地地址。
编辑home目录下的.bashrc文件,在文件最尾端增加以下内容,重新连接即可。
|
1 2 |
export http_proxy=http://127.0.0.1:7890 export https_proxy=http://127.0.0.1:7890 |
2023年7月7日23:08:57
