-
Notifications
You must be signed in to change notification settings - Fork 2
/
snell.sh
152 lines (137 loc) · 4.39 KB
/
snell.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
#!/bin/bash
IP=$(wget -qO- ipv4.icanhazip.com)
#Preparation
clear
cd;
apt-get update;
#Remove unused Module
apt-get -y --purge remove samba*;
apt-get -y --purge remove apache2*;
apt-get -y --purge remove sendmail*;
apt-get -y --purge remove bind9*;
#install toolkit
apt-get install libpcre3 libpcre3-dev zlib1g-dev dbus zip unzip wget net-tools curl nano sed screen gnupg gnupg1 bc apt-transport-https build-essential dirmngr dnsutils sudo at htop iptables syslog-ng bsdmainutils cron lsof iptables iptables-persistent -y
#Set Timezone GMT+7
timedatectl set-timezone Asia/Jakarta;
apt install neofetch -y
#profile
echo -e 'profile' >> /root/.profile
wget -O /usr/bin/profile "https://raw.githubusercontent.com/elsangithub/SC_Snell/main/profile.sh";
chmod +x /usr/bin/profile
apt install neofetch -y;
#Install Fail2Ban
apt-get -y install fail2ban;
service fail2ban restart;
#Login mode to Shells
echo "/bin/false" >> /etc/shells;
echo "/usr/sbin/nologin" >> /etc/shells;
#Install VNSTAT WebView
apt -y install vnstat;
/etc/init.d/vnstat restart;
apt -y install libsqlite3-dev;
wget https://github.com/elsangithub/SC_Snell/blob/main/Vinstat/vnstat-2.6.tar.gz;
tar zxvf vnstat-2.6.tar.gz;
cd vnstat-2.6;
./configure --prefix=/usr --sysconfdir=/etc && make && make install;
cd;
chown vnstat:vnstat /var/lib/vnstat -R;
systemctl enable vnstat;
/etc/init.d/vnstat restart;
rm -f /root/vnstat-2.6.tar.gz;
rm -rf /root/vnstat-2.6;
#Install Speedtest
curl -s https://raw.githubusercontent.com/elsangithub/SC_Snell/main/speedtest/install.deb.sh | sudo bash
sudo apt-get install speedtest -y
#install hysteria
apt install curl socat xz-utils wget apt-transport-https gnupg gnupg2 gnupg1 dnsutils lsb-release -y
apt install socat cron bash-completion ntpdate -y
ntpdate pool.ntp.org
apt -y install chrony
timedatectl set-ntp true
systemctl enable chronyd && systemctl restart chronyd
systemctl enable chrony && systemctl restart chrony
timedatectl set-timezone Asia/Jakarta
chronyc sourcestats -v
chronyc tracking -v
date
wget https://github.com/elsangithub/SC_Snell/blob/main/Snell/snell-server-v3.0.1-linux-amd64.zip && unzip snell-server-v3.0.1-linux-amd64.zip && mv snell-server /usr/local/bin/
rm -f snell-server-v3.0.1-linux-amd64.zip
cat > /etc/systemd/system/snell.service <<-END
[Unit]
Description=Snell Proxy Service
After=network.target
[Service]
Type=simple
LimitNOFILE=infinity
ExecStart=/usr/local/bin/snell-server -c /etc/snell-server.conf
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=snell-server
[Install]
WantedBy=multi-user.target
END
psk=$(openssl rand -base64 32)
cat >/etc/snell-server.conf <<EOF
[snell-server]
listen = 0.0.0.0:443
psk = $psk
ipv6 = false
obfs = tls
EOF
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -m state --state NEW -m udp -p udp --dport 443 -j ACCEPT
iptables-save > /etc/iptables.up.rules
iptables-restore -t < /etc/iptables.up.rules
netfilter-persistent save
netfilter-persistent reload
systemctl daemon-reload
systemctl enable snell
systemctl start snell
#install bbr
echo 'fs.file-max = 500000
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 4096
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_mem = 25600 51200 102400
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.core.rmem_max=26214400
net.core.rmem_default=26214400
net.ipv4.tcp_mtu_probing = 1
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr' >> /etc/sysctl.conf
sysctl --system;
#change limit
echo '* soft nofile 500000' >> /etc/security/limits.conf
echo '* hard nofile 500000' >> /etc/security/limits.conf
ulimit -n 500000
#finish
apt autoremove -y
apt clean
neofetch
echo -e ""
echo -e "===================================="
echo -e "SNELL SERVER BERHASIL DI INSTALL"
echo -e "DETAIL AKUN ANDA"
echo -e ""
echo -e "Host: $IP"
echo -e "Port: 443"
echo -e "PSK: $psk"
echo -e "Obfs Mode: TLS"
echo -e "===================================="
echo -e "JIKA ANDA INGIN MENGGANTI MODE OBFS/PORT/PSK"
echo -e "EDIT CONF FILE NYA DI /etc/snell-server.conf"
echo -e "LALU RESTART SERVICE NYA"
systemctl status snell
rm -rf /root/snell.sh