"Ua hoʻoili au i kēia haunaele,
hoʻomaka me ka Zello hilahila ʻole; LinkedIn
a hoʻopau me "nā mea ʻē aʻe" ma ke kahua Telegram
i koʻu honua.A laila hiccup,
Ua hoʻohui ka luna me ka wikiwiki a me ka leo nui:
akā e hoʻonohonoho au i nā mea (ma ʻaneʻi ma IT)"
(...).
Durov, rightly manaoio ia mea authoritarian moku'āina e makau ia ia, he cypherpunk, a me Roskomnadzor a me na pale gula me ko lakou DPI kānana 'aʻole loa hoʻopilikia iā ia.
(ʻenehana politika)
ʻOi aku ka maʻalahi o kaʻu kulekele ʻenehana, hiki iaʻu ke wehewehe ma aneʻi i koʻu mau manaʻo e pili ana i ka pale ʻole ʻana ma Runet, akā ke manaʻoʻiʻo nei au ua manaʻo nā kamaʻāina holomua o Modern Russian a me nā mea hoʻohana Habr i ka hana ʻole o ke aupuni o kēia manawa i ko lākou ʻili ponoʻī, no laila e kaupalena wau iaʻu iho. hoʻokahi huaʻōlelo: ʻo kā mākou kulekele ʻenehana "Digital Resistance". "ka hāʻawi ʻana i nā ʻohana a me nā hoaaloha me kahi ala kamaʻilio paʻa."
Ke hoʻohana nei ʻo MTProto proxy Telegram
- ʻO ka pae ʻenehana o ka paʻakikī he "maʻalahi", inā, no ka laʻana, hahai ʻoe i kēia pepa hoʻopunipuni.
- ʻO ka pae hilinaʻi "ma luna o ka awelika": hana paʻa ke kiʻi docker, ʻaʻole pono e hoʻomaka hou i kēlā me kēia lā, e like me ka mea i kākau ai nā mea hoʻomohala i kā lākou palapala Telegram official, akā aia paha ka pahu i kekahi mau nāwaliwali.
- ʻO ke kiʻekiʻe o ke kū'ē / hopohopo - 10 nā lālā ISIS i ulana i kā lākou mau kipi "hoʻohana ʻohana", ʻaʻole i hele mai ka pāpā mai ka RKN i hoʻokahi manawa i nā manawa āpau (mai ka pūnāwai).
- ʻO ka pae hilinaʻi ʻo ia ka "public baby distrust", he pilikia ma ka ʻaoʻao o ka mea kūʻai aku (ke kānalua nei kekahi mau hoaaloha i kaʻu MtprotoProxy).
- Nā pae Testosterone - "ʻaʻole i kiʻekiʻe."
- Koina kālā - "0₽".
- ʻO ka uku kālā - "ʻaʻole ia e hilinaʻi i ke kamaʻāina Durov." Hoʻolaha - ka hiki ke hoʻokau i ka hoʻolaha.
E hoʻokiʻekiʻe mākou i kā mākou TelegramProxy ma nā mana "noa / pilikino" o Amazon-ec2: t2.micro. Ua hoʻohana au kaʻa.
ʻAe, ua kau ʻia kāu kikowaena manuahi, e hele i ka pūnaewele official a hoʻoiho i ka pahu docker.
ʻAʻole pono e ʻimi i kekahi kiʻi, faila, a i ʻole ke pihi kilokilo - "ʻaʻole lākou ma laila", hana ʻia nā mea kilokilo a pau i ka CLI:
$ docker pull telegrammessenger/proxy #образ скачан.Akā ma mua o "kēlā", e hoʻokomo i ka docker no CLI:
sudo apt-get install docker.io dockerEia hou, i ka palapala mana o MtprotoProxyTelegram, hāʻawi ʻia mākou e hana i kekahi mea e like me kēia, hana mākou:
$ sudo su && docker run -d -p443:443 --name=mtproto-proxy --restart=always -v proxy-config:/data telegrammessenger/proxy:latest #запускаем наш контейнер «mtproto-proxy».
Ma hope o kēia kauoha, e hōʻike ʻia kahi kaula HEX i ka hopena hope, akā ʻaʻole mākou makemake iā ia.
Kākau mākou ma CLI:
$ docker logs mtproto-proxyA loaʻa iā mākou ka ʻikepili i koi ʻia:
Ma ka puka o keia log, ua hoikeia mai ia makou (smeared):
A) kā mākou kikowaena ip (external server ip);
B) a me kahi huna huna - kahi kaula i HEX.
Ma mua o ka hoʻopaʻa inoa ʻana i kā mākou MtproProxy, pono ʻoe e hoʻonohonoho i ka pā ahi nui ma luna o nā iptables (no ka mea pehea ʻoe e hoʻihoʻi hou ai i ke kaʻa i kēia VPC, e hewa ia, no ka mea, aia ka pā ahi nui ma Amazon-EC2 ma ka ʻaoʻao pūnaewele a ʻoi aku ka nui o ka mea ma mua. iptables ).
Hele mākou i " Amazon-EC2" i ka Pūʻulu Palekana a wehe i ke awa komo 443 (logical masking i ka manawa mua loa).
Lawe mākou i kā mākou "ip a huna" ʻikepili mai ka log a hele i ka Telegram messenger, e ʻimi i ka mana MTProxy Admin Bot (@MTProxybot) a hoʻopaʻa inoa i kā mākou MtproProxy: holo i ke kauoha [/ newproxy] a komo i [our_ip:443], a a laila kā mākou [mea huna /HEX].
Inā hewa ʻoe i ke komo ʻana i ka ʻikepili, e huhū ka bot a hoʻouna iā ʻoe i ...
Inā hoʻopiha ʻoe i nā laina ʻelua me ka hala ʻole, e loaʻa iā ʻoe ka ʻae a me kahi loulou hana i kāu MtprotoProxyTelegram o kēia manawa, hiki iā ʻoe ke kaʻana like me kekahi.
Eia kekahi, ma o kēia bot, hiki iā ʻoe ke hoʻohui i kāu kaila kākoʻo (akā ʻaʻole ke kamaʻilio), kahi āu e kau ai i kou manaʻo i nā mea hoʻohana i pili i kāu kikowaena, a i ʻole hiki iā ʻoe ke "spam" a ʻaʻole hoʻopilikia i kāu mau mea kūʻai aku me ka ʻole. e hōʻike ana i ke kahawai ma ka papa inoa ʻelele i hoʻopaʻa ʻia.
He mau huaʻōlelo hou aʻe e pili ana i ka bot, kahi e hiki ai iā ʻoe ke noi i nā helu helu, akā "he donut". ʻIke ʻia, loaʻa nā "helu helu" inā loaʻa iā ʻoe "he lehulehu o nā mea hoʻoili manuahi" ma hope ou Makhachkala.
Ka mālama ʻana
ʻEhia mau mea hoʻohana hiki iā mākou ke hoʻohui i kā mākou kikowaena? A ʻoiai, ʻo wai / he aha ma laila? He aha? A ehia?
Nānā mākou i ka mea i laila e like me ka palapala kūhelu ... ʻAe, eia, e hana like me kēia:
$ curl http://localhost:2398/stats или вот так $ docker exec mtproto-proxy curl http://localhost:2398/stats # и нам выдадут статистику прямо в CLI."Mālama i kāu ʻeke" E like me nā kauoha i manaʻo ʻia, e loaʻa mau iā mākou kahi hewa like:
«curl: (7) ʻAʻole hiki ke hoʻopili i ka port localhost 2398: hōʻole ʻia ka pilina»
E hana ana kā mākou proxy. Akā! ʻO Bagel, ʻaʻole nā helu i loaʻa iā mākou.
Hiki iā ʻoe ke hana i nā mea no nā maka ʻulaʻula: nānā
$ netstat -an | grep 2398 и...I ka wā mua, ua manaʻo wau he jamb hou kēia ma hope o nā mea hoʻomohala Telegram (a ke manaʻo nei au pēlā), a laila ua loaʻa iaʻu kahi hopena maikaʻi no ka manawa pōkole: poli i ka Docker Container me kahi faila.
Ma hope mai, ua loaʻa koʻu maka i kahi infa:
e pili ana i nā hula moku'āina o Roskomnadzor e pili ana i "statistics".
“Ua ālai mākou i kekahi o nā proxies lehulehu ma kā mākou mau kikowaena me ka hoʻohana ʻana i nā ʻikepili o ka papahana firehol. Mālama kēia papahana i nā papa inoa me nā proxies lehulehu a hana i nā ʻikepili me lākou.
Mai ia manawa (ʻo ia hoʻi, kokoke i ʻelua lā i hala), ʻaʻole i kāohi ʻia kahi IP IP o kā mākou mea koho Lūkini.
3. Ke haʻi aku nei mākou iā ʻoe pehea e hana ai i kahi koho i aneane hiki ʻole ke hōʻeha iā Roskomnadzor a kaʻana like i kahi palapala no ka pale ʻana i nā proxies lehulehu.
- Hoʻohou i ka pahu MTProto proxy docker (a i ʻole daemon) i ka mana hou loa: helu ʻo RKN i nā mana kahiko ma ke awa helu helu, i hoʻopaʻa ʻia i 0.0.0.0 a ʻike ʻokoʻa iā ia iho no ka Pūnaewele holoʻokoʻa. ʻOi aku ka maikaʻi, e wehe i nā awa kūpono me ka hoʻohana ʻana i nā iptables, a pani i ke koena (e hoʻomanaʻo i ka hihia o kahi pahu docker, pono ʻoe e hoʻohana i ke kānāwai FORWARD).
— Ua aʻo ʻo Roskomnadzor pehea e hoʻolei ai i nā kaʻa i ka wā ma mua: ʻike lākou i nā kelepona i loko o HTTP a me SOCKS5 proxies, a ʻike pū lākou i ka mana kahiko o MTProto proxy obfuscation.
Ke komo nā mea kūʻai o kekahi mau mea hoʻolako i hoʻokomo ʻia i kēia mau dumps i Telegram ma o ia mau proxies, ʻike ka RKN i kēlā mau noi a pāpā koke i kēia mau proxies. Pela no ka MTProto proxy me ka obfuscation kahiko.
Pane: e hāʻawi huna wale me dd i ka hoʻomaka ʻana i nā mea kūʻai aku e pili ana i ka proxy (ʻaʻole pono e kuhikuhi i nā leka hou dd i nā hoʻonohonoho o ka mtproto proxy ponoʻī). ʻO kēia ka mea e hiki ai i kahi mana o ka obfuscation hiki ʻole i nā dumppiles ke ʻike.
ʻAʻohe HTTP a i ʻole SOCKS5 proxies.
- Hoʻoponopono, me ke kōkua o kēlā me kēia mea nona kahi kelepona telegram, ka mea i pāpā pinepine ʻia e ka RKN, hiki ke hoʻopau loa (a ʻaneʻane paha) i ka pale ʻana (a i ka manawa like e hōʻoia i ka wahaheʻe ʻana o ka RKN).
He palapala e pāpā ana i nā proxies lehulehu a me kahi manual liʻiliʻi no ia.
→
He pro-Western kā mākou mea koho, ʻaʻole au i ʻike i nā pilikia / blockages i ka wā puna a me nā lā kauwela, ʻaʻole ia i huki i kahi hana hoʻomohala, no laila ʻaʻole au i nalowale i ka wikiwiki a ʻaʻole i hoʻohui i ka dd* prefix i ke ki.
ʻO ka manual "loaʻa i nā helu / nānā" e like me nā ʻōlelo aʻoaʻo o MtprotoProxyTelegram ʻaʻole hana / kahiko, pono ʻoe e hoʻoponopono i ke kiʻi docker.
Hoʻoponopono mākou.
Ke holo nei ka ipu:
$ docker stop mtproto-proxy #останавливаем наш запущенный docker-контейнер и запускаем новый образ с пропущенным флагом статистики
$ docker run --net=host --name=mtproto-proxy2 -d -p443:443 -v proxy-config:/data -e SECRET=ваш_предыдущий_секрет_hex telegrammessenger/proxy:latest
E nānā kākou i nā helu helu:
$ curl http://localhost:2398/stats
curl: (7) ʻAʻole hiki ke hoʻopili i ka 0.0.0.0 awa 2398: hōʻole ʻia ka pilina
ʻAʻole loaʻa nā helu helu.!..
E ʻike i ka ID o ka pahu docker:
$ docker ps
NĀ INOA NĀ AWA KĀNUI I KĀNUI IA KĀNĀ KĀWAI
f423c209cfdc telegrammessenger/proxy: hou loa "/bin/sh -c '/bin/ba…" Ma kahi o hoʻokahi hola aku nei Piʻi Ma kahi minuke 0.0.0.0:443->443/tcp mtproto-proxy2
Hele mākou me kā mākou palapala hoʻolimalima i loko o ka pahu docker:
$ sudo docker exec -it f423c209cfdc /bin/bash
$ apt-get update
$ apt-get install nano
$ nano -$ run.sh
A ma ka laina hope loa o ka palapala "run.sh", e hoʻohui i ka hae nalo:
«--http-stats»
"exec /usr/local/bin/mtproto-proxy -p 2398 -H 443 -M"$WORKERS" -C 60000 --aes-pwd /etc/telegram/hello-explorers-pehea-oe-hana -u kumu $CONFIG --ʻae-skip-d h --nat-info "$INTERNAL_IP:$IP" $SECRET_CMD $TAG_CMD"
E hoʻohui i "--http-stats", pono e hana kekahi mea e like me kēia:
«exec /usr/local/bin/mtproto-proxy -p 2398 --http-stats -H 443 -M "$WORKERS" -C 60000 --aes-pwd /etc/telegram/hello-explorers-how-are-you-doing -u root $CONFIG --allow-skip-d h --nat-info "$INTERNAL_IP:$IP" $SECRET_CMD $TAG_CMD»
Ctrl+o/Ctrl+x/Ctrl+d (mālama/puka i ka nano/puka pahu).
E hoʻomaka hou i kā mākou pahu docker:
$ docker restart mtproto-proxy2ʻO nā mea a pau, i kēia manawa ma ke kauoha:
$ curl http://localhost:2398/stats #получаем объемную статистику
Nui nā "ʻōpala" i nā helu helu (1/3 o ia ma ka ʻaoʻao), e hana i kahi inoa inoa:
$ echo "alias telega='curl localhost:2398/stats | grep -e total_special -e load_average_total'" >> .bashrc && bashLoaʻa iā mākou ka mea i hoʻomaʻamaʻa ʻia ka pahu docker: ka helu o nā pilina a me ka ukana:
$ telega
Ke holo nei ka pahu Docker, ke wili nei ka helu.
Nā kumuwaiwai i lilo
E like me ʻoe ʻo Stuart Redman, waiho ʻoe i kahi hōʻailona ma kou panties. Ke waiho nei kahi kiʻi Docker holo i kahi kapuaʻi nui.
ʻAʻole kūpono ka wehewehe ʻana i nā pono a me nā pōʻino o nā kiʻi docker, kahi pahu docker kahi mīkini mini-virtual e hoʻopau i nā kumuwaiwai liʻiliʻi ma mua o ka mīkini "maoli", e like me VirtualBox, akā hana.
1) Hoʻokuʻu ʻia me nā helu kiʻi docker-kiʻi a ʻaʻole paha, ʻelua mea kūʻai aku frolic a ʻumi paha - hoʻohana ʻia nā kumuwaiwai ~ ma ke ala like: 75% o ka hana holoʻokoʻa CPU t2.micro.
2) Nānā mākou i ka nānā ʻana o ka server VPC:
Mai ka pakuhi hoʻohana waiwai ma ka VPC, ʻike mākou e hoʻopau mau ana ka pahu docker i ka ~ 7,5% o ka huina max. ʻO ka hana CPU a ma ka lā 28 o Mei ua kāpae ʻia e aʻu me ka manaʻo / no ka manawa (E hoʻomaopopo - Ke holo nei ʻo OpenVPN & pptp ma ka kikowaena).
No ke aha ʻo 10% ka hoʻohana mau ʻana i ka CPU ka palena no kēia kikowaena?
No ka mea, aia nā kapu mai Amazon EC2 a ua helu ʻia lākou i nā hōʻaiʻē:
1 CPU aie = 1 CPU e hana ana ma 100% hoʻouka no hoʻokahi minuke, a loaʻa iā mākou nā hōʻaiʻē 6 (ʻo ia hoʻi, ma nā piko, hiki ke hoʻohana ʻia ka 100% CPU i loko o 6 mau minuke, a laila e emi iho ka mana CPU). ʻO nā hui ʻē aʻe: no ka laʻana, 1 CPU hōʻaiʻē = 1 CPU e holo ana ma 50% hoʻouka no ʻelua mau minuke (ʻo ia hoʻi, hiki iā mākou ke hoʻohana i ka CPU ma 50% hoʻouka no 12 mau minuke), a i ʻole, no ka laʻana, he 10%- th CPU load i ka wā. ka manawa a pau, etc.
haʻina
- He ʻāpana mākou o ka "Digital Resistance". Hāʻawi i kā lākou "makua kāne a me nā makuahine" me kahi ala kamaʻilio hilinaʻi.
- Inā loaʻa iā ʻoe ka MtprotoProxyTelegram a me OpenVPN i kau ʻia ma ka kikowaena, akā ʻaʻole hou, ʻaʻohe lohi / pings / hāʻule, akā inā e hoʻāʻo mau ʻoe me kāu t2 / micro, a laila e kali i nā kīʻaha kamaʻilio.
- ʻO kaʻu ping ma waho he ~ 100-250ms, ʻaʻohe lohi i ke kamaʻilio leo.
- Nā koina kālā no kēia "kēia" (me nā kumuwaiwai VPC) = 0₽.
Paʻi hou i kāu ʻatikala.
UPD: Mahalo i kekahi mau habrausers no nā manaʻo kūpono, ʻoiaʻiʻo, hiki (ua kākoʻo ʻia nā helu?), Aia nā analogues ʻoi aku ka maikaʻi o ke kiʻi ʻo Mtproto proxy Telegram docker kiʻi.
Source: www.habr.com