起因
经常有自动化脚本,在本地可以使用,但是一旦在服务器上跑,就是403/400被just a moment。
所以需要一个干净的ip来跑脚本。
落地鸡搭建socks
这里我部署了nginx与v2ray.nginx来做端口转发.
tree:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
.
├── app
│ ├── docker-compose.yml
│ ├── nginx
│ │ ├── conf
│ │ │ └── nginx.conf
│ │ └── logs
│ │ ├── access.log
│ │ └── error.log
│ └── v2ray
│ ├── config
│ │ └── config.json
│ └── logs
│ ├── access.log
│ └── error.log
|
落地鸡docker-compose.yml:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
services:
nginx:
image: nginx:latest
container_name: nginx
restart: always
volumes:
- ./nginx/logs:/var/log/nginx
- ./nginx/conf/nginx.conf:/etc/nginx/nginx.conf
environment:
TZ: Asia/Shanghai
ports:
- "80:80"
- "443:443"
- "10888:10888"
networks:
- app_my_network
v2ray:
depends_on:
- nginx
image: v2ray/official
restart: always
container_name: v2ray
ports:
- "127.0.0.1:23456:23456"
volumes:
- ./v2ray/config/config.json:/etc/v2ray/config.json
- ./v2ray/logs/access.log:/var/log/v2ray/access.log
- ./v2ray/logs/error.log:/var/log/v2ray/error.log
environment:
TZ: Asia/Shanghai
networks:
- app_my_network
networks:
app_my_network:
driver: bridge
|
落地鸡nginx配置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
worker_processes 1;
events {
worker_connections 1024;
}
stream {
upstream v2ray_socks {
server v2ray:23456;
}
server {
listen 10888;
proxy_pass v2ray_socks;
allow *.*.*.*; # 替换为你允许访问的 IP
allow *.*.*.*; # 替换为你允许访问的 IP
deny all;
}
}
|
在docker-compose脚本所在目录下docker-compose up -d即可
启动完成之后,docker-compose ps -a看是否有启动失败的服务。
到这里落地机就配置完成了,因为中转机在US落地鸡也在US,所以直接配置socks协议即可。
中转鸡
中转机器docker-compose可以是一模一样的配置,但是我这里搭了别的服务,就不贴出来了,主要是入口协议可以是使用你们喜欢的,
这里我用的是vmess
中转鸡V2ray
这里我用入口协议用的是vmess,各凭喜好。
这里在中抓机做部分分流,如果匹配了
"geosite:netflix","geosite:reddit","chatgpt.com"这些域名的话,会将转发给落地鸡。
这里搬瓦工或者dmit部分解锁不了移动端ChatGpt的可以试下将chatgpt.com转发给解锁鸡。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
{
"log": {
"loglevel": "warning",
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log"
},
"inbounds": [
{
"port": 1080,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "2d00094b-ee4b-4a7d-b5c5-3e6268aae0dc",
"alterId": 32
}
]
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/2d00094b-ee4b-4a7d-b5c5-3e6268aae0dc"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
},
{
"tag": "release",
"protocol": "socks",
"settings": {
"servers": [
{
"address": "*.*.*.*",//这里是落地鸡的ip或者是域名,
"port": 10888 //nginx的端口,流量交给nginx,nginx会做转发,设置好ip,socks无需做验证。
}
]
}
}
],
"routing": {
"rules": [
{
"type": "field",
"outboundTag": "release",
"domain": [
"geosite:netflix",
"geosite:reddit",
"chatgpt.com"
]
}
]
}
}
|
中转鸡nginx.conf配置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
worker_processes auto;
events {
worker_connections 1024;
}
http {
client_max_body_size 5m;
server {
listen 80;
server_name xx.xx.com; //域名
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name blog.mowang.org;
ssl_certificate /etc/nginx/cert/fullchain.cer;
ssl_certificate_key /etc/nginx/cert/*.xxx.com.key; //泛域名证书
ssl_session_timeout 1d;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
location /2d00094b-ee4b-4a7d-b5c5-3e6268aae0dc {
if ($http_upgrade != "websocket") {
return 404;
}
proxy_pass http://v2ray:23456;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
|
中转的配置是这样,没问题的话docker-compose up -d启动,
这里附上我的流媒体测试,是不解锁的reddit的。
打开reddit可以看到没有被经典you've been blocked by network security.就说明成功了。
开爬
socks代理使用:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
import undetected_chromedriver as uc
from selenium.webdriver.chrome.options import Options
chrome_options = Options()
chrome_options.add_argument("--headless")
chrome_options.add_argument("--no-sandbox")
chrome_options.add_argument("--disable-gpu")
chrome_options.add_argument("--disable-dev-shm-usage")
chrome_options.add_argument("window-size=1920x1080")
chrome_options.add_argument("--start-maximized")
chrome_options.add_argument("--disable-blink-features=AutomationControlled")
chrome_options.add_argument("--proxy-server=socks5://落地鸡ip/域名:落地鸡nginx端口")
driver = uc.Chrome(options=chrome_options)
|
这样基本就有干净的ip去做自动化,并且还能做解锁Netflix等等其他服务。
LDD 收录于 技术