下载安装
下载OpenGFW,上传到服务器,赋予权限
chmod +x OpenGFW 配置文件
新建配置文件(config.yaml),参考官方文档
io:
queueSize: 1024
queueNum: 100
table: opengfw
connMarkAccept: 1001
connMarkDrop: 1002
rcvBuf: 4194304
sndBuf: 4194304
local: false
rst: false
workers:
count: 4
queueSize: 64
tcpMaxBufferedPagesTotal: 65536
tcpMaxBufferedPagesPerConn: 16
tcpTimeout: 10m
udpMaxStreams: 4096
# 指定的 geoip/geosite 档案路径
# 如果未设置,将自动从 https://github.com/Loyalsoldier/v2ray-rules-dat 下载
# ruleset:
# geoip: geoip.dat
# geosite: geosite.dat
replay:
realtime: false新建规则文件(rules.yaml),参考官方文档
示例配置:屏蔽ss,vmess来自大陆的链接,屏蔽trojan,屏蔽Socks,屏蔽Ping0娱乐库
- name: block shadowsocks and vmess
action: block
log: true
expr: fet != nil && fet.yes && geoip(string(ip.src), "cn")
- name: block trojan
action: block
log: true
expr: trojan != nil && trojan.yes
- name: block socks
action: block
log: true
expr: socks != nil && socks.yes
- name: block ping0 http
action: block
expr: string(http?.req?.headers?.host) endsWith "ping0.cc"
- name: block ping0 https
action: block
expr: string(tls?.req?.sni) endsWith "ping0.cc"
- name: block ping0 quic
action: block
expr: string(quic?.req?.sni) endsWith "ping0.cc"运行测试
./OpenGFW -c config.yaml rules.yaml 自启动(Debian)
/etc/systemd/system创建文件opengfw.service
[Unit]
Description=OpenGFW Service
[Service]
Type=simple
User=root
WorkingDirectory=/etc/opengfw
ExecStart=/etc/opengfw/OpenGFW -c config.yaml rules.yaml
Restart=on-failure
RestartSec=10
LimitNOFILE=65536
[Install]
WantedBy=multi-user.targetsudo systemctl daemon-reloadsudo systemctl enable opengfw.service
sudo systemctl start opengfw.service sudo systemctl status opengfw.service
Comments NOTHING