Solemnly declare: This article is only for the study of technical exchange, not for commercial and illegal purposes. If there is any dispute, I have nothing to do with it. In long long ago, we know that udp53 has passed the Web certification to free internet access. Only a server plus domestic bandwidth is fast enough to spend more than 100 per month. It's better to spend nine yuan and nine on campus network. Today we see water groups. This can be done by some predecessors. Here is the result of my Baidu plus practice.
I. Introduction of principles
Before connecting to a hotspot that requires Web authentication, we have acquired an intranet IP. At this point, if we visit a HTTP website, the gateway will hijack and tamper with the HTTP response message, and 302 redirection gives us a web authentication interface (so HTTPS's website is impossible to jump to web authentication page). Detailed principle can be Poke here
We see that gateways (or switches) all release DHCP and DNS messages by default, that is, UDP53 and UDP 67. Some gateways do not even check packets, which means that any form of data packets can be passed smoothly.
That being the case, we can create a server in the public network and take this as a way to get it.
Free Admission Internet access can also prevent internet auditing. Once again, the "free" of the delete line is actually spent on the server. The main breakthrough of our free internet access is UDP 53. Of course, according to a friend's practice, UDP 67 can bypass Web certification, or even those hot spots that UDP 53 can't bypass. Of course, TCP 53 is OK, after all, DNS also has TCP.
Port selectable 536768
Two. Environmental testing
Win port detection tool
If you can figure it out Continue
If not, the 53 port below is replaced by 6768. If the three is not enough, then give up.
Three. Pagoda SS plug-in installation
Prerequisites: installation Pagoda Linux panel No matter what the system's pagoda panels will do, we recommend the latest version of the pagoda.
After installing the pagoda, log on to the terminal to execute the following command installation:
- Git clone https:
- CD btpanel-ss
- Bash install.sh install
This is a very long time.
OK, go directly to the pagoda Linux panel, open the software list page, go to the last page of the list to see the newly installed shadowsocks plug-in.
Then enable it.
Remember that port check can also use netstat -antu.
Five. Matters needing attention
If all packets are allowed to pass through UDP 53, the speed depends mainly on the outgoing bandwidth of your server and the speed of the hotspot itself.
The server is in the field, so Taobao Alipay and so on need the verification code and so on. In the future, if the complaint is to be remembered, choose the landing area on the server's location.
3. safety issues
Some hot spots are open and password protected, so you can easily engage in middle man attacks - even root's Android phones can do it. And it can prevent middlemen from attacking (the certificate in the configuration file has server). At the same time, I use AES-128-CBC encryption to make network audit easy.
Thank you list
This article is composed of Ji Chang Xin Creation, article address: Https://blog.isoyu.com/archives/bt-ss-udp53.html
Use Knowledge sharing signature 4 The international license agreement is licensed. In addition to the reprint / provenance, all originals or translations of this site must be signed before retransmission. The final edit time is April, 19, 2019 at 11:07 PM.