离谱，真就离谱。
之前博客是放在香港的，因为不用备案。
结果半年前开始，博客被限制，说是有和vpn已经翻墙相关的文章，要我清理，否则要关停我的服务器……
尼玛，我要问候你十八辈祖宗！这里我就不点名是阿里云了……
昨晚花了点时间把博客迁移到美西的服务器上来了。
太恶心了，写篇记录下这些恶心的嘴脸！

今天先手动装一波SS-libev，外加配置下中转，正好自己不是很了解这些，做个记录~
准备两台机器，这里我们就称两台机器名为“被中转服务器”和“中转服务器”，系统选择CentOS7X64。
我们先在“被中转服务器”上安装SS-libev。
这次是装国内机器，不能翻墙于是就先到这里 https://github.com/shadowsocks/shadowsocks-libev/releases/
把安装包 shadowsocks-libev-3.3.5.tar.gz 下载到本地然后上传到被中转机器root目录下。

cd /root
yum install epel-release -y
yum install gcc gettext autoconf libtool automake make pcre-devel asciidoc xmlto c-ares-devel libev-devel libsodium-devel mbedtls-devel -y
tar xf shadowsocks-libev-3.3.5.tar.gz
cd shadowsocks-libev-3.3.5
./configure
make
make install

2、通过加载配置文件来运行：
我们可以先在root目录下生成一个ssconfig.json：

cd /root
vi ssconfig.json

在这个文件内填入如下配置信息：

{
    "server":["0.0.0.0"],
    "server_port":21313,
    "local_address":"127.0.0.1",
    "local_port":1080,
    "password":"lala.im-TEST",
    "timeout":600,
    "method":"chacha20-ietf-poly1305"
}

注：server_port即SS连接端口，password即SS连接密码，method即SS加密方式，同理使用客户端连接这台服务器填写这台机器的公网IP即可。

填写完毕后，退出并保存，接着使用如下命令启动服务端：

nohup ss-server -c /root/ssconfig.json -u > /dev/null 2>&1 &

结束进程：

kill -9 $(ps aux | grep "ss-server" | sed '/grep/d' | awk '{print $2}')

假设你测试连接不成功，一般都是防火墙的问题，首先查看防火墙的状态：

systemctl status firewalld

不想麻烦的话，可以直接将这台“被中转服务器”的防火墙关闭：

systemctl stop firewalld

如果不想关闭的话，可以添加相应的规则来放行我们的SS端口，这里我以21313端口为例：

firewall-cmd --permanent --zone=public --add-port=21313/tcp
firewall-cmd --permanent --zone=public --add-port=21313/udp
firewall-cmd --reload

这样操作后，再次尝试连接，应该就可以了，如果还是还是不行，那只能说你的人品有问题。。。
至此，“被中转服务器”的SS服务端就搭建好了，如果你不需要中转服务的话，那么你现在就可以用这台机器开始科学上网了。如果你需要中转服务，请接着往下阅读。

我们现在登录“中转服务器”来配置相应的防火墙规则。
请注意，本文所使用的系统是CentOS7，7系统默认是不启用iptables的，7是默认启用新版firewall防火墙的。所以我文章这里的规则是适用于firewall的，不适用iptables，如果你的系统是CentOS6请不要模仿本文操作。。。
另外“中转服务器”不需要安装任何额外的东西，连SS服务端都不需要安装，你只需要保证这台机器启动了firewall即可，启动命令：

systemctl start firewalld

接着开启CentOS7的ipv4转发功能：

echo 1 > /proc/sys/net/ipv4/ip_forward

这里假设，我们拿“中转服务器”的52888端口做转发，“被中转服务器”的SS服务端口是21313，那么可以使用如下规则：

firewall-cmd --permanent --add-port=52888/tcp
firewall-cmd --permanent --add-port=52888/udp
firewall-cmd --permanent --add-masquerade
firewall-cmd --permanent --add-forward-port=port=52888:proto=tcp:toport=21313:toaddr=被中转服务器的公网IP
firewall-cmd --permanent --add-forward-port=port=52888:proto=udp:toport=21313:toaddr=被中转服务器的公网IP
firewall-cmd --reload

注：你的SS端口号和服务器的公网IP以及这台用来做转发的端口号，都可以根据你的实际需要来修改。

这样配置好了后，我们就可以使用SS客户端来进行连接测试了，SS客户端配置信息的填写，你只需要更改两个地方：
1、将“被中转服务器”的公网IP改成现在这台“中转服务器”的公网IP。

2、将“被中转服务器”的SS端口号改成现在这台“中转服务器”的转发端口号。
其他配置，比如：连接密码、加密方式等等都不需要做更改，保存原先的即可。
至此，整个过程就大功告成了~

本文所使用的项目地址https://github.com/oznu/docker-cloudflare-ddns

安装 docker

yum install -y yum-utils device-mapper-persistent-data lvm2 && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo && yum install docker-ce && systemctl start docker && systemctl enable docker && docker version

快速设置：

docker run -d \
  -e EMAIL=hello@example.com \
  -e API_KEY=xxxxxxx \
  -e ZONE=example.com \
  -e SUBDOMAIN=subdomain \
  --restart=always oznu/cloudflare-ddns

步骤概述：

1、搜寻PPPoE相关软件，本人使用的是rp-pppoe

　　yum search pppoe

2、使用yum安装rp-pppoe

　　yum install rp-pppoe -y

3、开始配置PPPoE连接

　　pppoe-setup

4、输入ISP提供的账户

5、输入以太网卡代号，默认是eth0（注：CentOS 7已不是默认eth0，自行使用ifconfig命令即可找到）

6、配置：若长时间连线，连线会被自动中断（我不干，选no）

7、配置主DNS服务器

8、配置次DNS服务器

9、两次输入账户密码以确认

10、配置普通账户是否有网络连接权限

11、配置防火墙（没有特殊需求选0就OK）

12、配置是否开机自动拨号连接

13、确认刚填写的配置信息

14、连接网络尽情享受吧！

相关命令@ 连接网络：/sbin/ifup ppp0，断开连接：/sbin/ifdown ppp0，查看网络状态：/sbin/pppoe-status

....................................... 这是华丽丽的分割线 .......................................
获取以太网卡代号

复制代码
1 [dsp@dsp Desktop]$ ifconfig
2 enp9s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 # 有线网卡
3 ether 20:1b:06:3d:22:05 txqueuelen 1000 (Ethernet)
4 RX packets 0 bytes 0 (0.0 B)
5 RX errors 0 dropped 2297 overruns 0 frame 0
6 TX packets 0 bytes 0 (0.0 B)
7 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
8 device interrupt 18
9
10 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
11 inet 127.0.0.1 netmask 255.0.0.0
12 inet6 ::1 prefixlen 128 scopeid 0x10
13 loop txqueuelen 0 (Local Loopback)
14 RX packets 2 bytes 110 (110.0 B)
15 RX errors 0 dropped 0 overruns 0 frame 0
16 TX packets 2 bytes 110 (110.0 B)
17 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
18
19 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
20 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
21 ether 52:54:00:36:45:23 txqueuelen 0 (Ethernet)
22 RX packets 0 bytes 0 (0.0 B)
23 RX errors 0 dropped 0 overruns 0 frame 0
24 TX packets 0 bytes 0 (0.0 B)
25 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
26
27 wlp8s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 # 无线网卡
28 inet 192.168.0.151 netmask 255.255.255.0 broadcast 192.168.0.255
29 inet6 fe80::4ad2:24ff:fee8:f962 prefixlen 64 scopeid 0x20
30 ether 48:d2:24:e8:f9:62 txqueuelen 1000 (Ethernet)
31 RX packets 20017 bytes 16100210 (15.3 MiB)
32 RX errors 0 dropped 0 overruns 0 frame 0
33 TX packets 18263 bytes 2641746 (2.5 MiB)
34 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
复制代码
配置rp-pppoe客户端

  1 [root@dsp Desktop]# pppoe-setup
  2 Welcome to the PPPoE client setup.  First, I will run some checks on
  3 your system to make sure the PPPoE client is installed properly...
  4 
  5 LOGIN NAME
  6 
  7 Enter your Login Name (default dsp): 12345      　　# 网络服务提供商提供的账户
  8 
  9 INTERFACE
 10 
 11 Enter the Ethernet interface connected to the PPPoE modem
 12 For Solaris, this is likely to be something like /dev/hme0.
 13 For Linux, it will be ethX, where 'X' is a number.
 14 (default eth0): enp9s0                          　　# 选择以太网卡，有线网卡
 15 
 16 Do you want the link to come up on demand, or stay up continuously?
 17 If you want it to come up on demand, enter the idle time in seconds
 18 after which the link should be dropped.  If you want the link to
 19 stay up permanently, enter 'no' (two letters, lower-case.)
 20 NOTE: Demand-activated links do not interact well with dynamic IP
 21 addresses.  You may have some problems with demand-activated links.
 22 Enter the demand value (default no): no         　　# 输入no，否则若长时间连线，连线会被自动中断
 23 
 24 DNS
 25 
 26 Please enter the IP address of your ISP's primary DNS server.
 27 If your ISP claims that 'the server will provide dynamic DNS addresses',
 28 enter 'server' (all lower-case) here.
 29 If you just press enter, I will assume you know what you are
 30 doing and not modify your DNS setup.
 31 Enter the DNS information here: 8.8.8.8         　　# 主DNS服务器IP，本人使用Google Public DNS
 32 Please enter the IP address of your ISP's secondary DNS server.
 33 If you just press enter, I will assume there is only one DNS server.
 34 Enter the secondary DNS server address here: 8.8.4.4      　　# 二级DNS服务器IP
 35 
 36 PASSWORD　　　　　　　　　　　　　　　　　　　　　　　　　# 账户对应的密码，需两次输入以确认无误
 37 
 38 Please enter your Password: 
 39 Please re-enter your Password: 
 40 
 41 USERCTRL
 42 
 43 Please enter 'yes' (three letters, lower-case.) if you want to allow
 44 normal user to start or stop DSL connection (default yes): yes  # 普通用户是否可以启动停止网络连接
 45 
 46 FIREWALLING
 47 
 48 Please choose the firewall rules to use.  Note that these rules are
 49 very basic.  You are strongly encouraged to use a more sophisticated
 50 firewall setup; however, these will provide basic security.  If you
 51 are running any servers on your machine, you must choose 'NONE' and
 52 set up firewalling yourself.  Otherwise, the firewall rules will deny
 53 access to all standard servers like Web, e-mail, ftp, etc.  If you
 54 are using SSH, the rules will block outgoing SSH connections which
 55 allocate a privileged source port.
 56 
 57 The firewall choices are:
 58 0 - NONE: This script will not set any firewall rules.  You are responsible
 59           for ensuring the security of your machine.  You are STRONGLY
 60           recommended to use some kind of firewall rules.
 61 1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
 62 2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
 63                 for a LAN
 64 Choose a type of firewall (0-2): 0　　　　　　　　　　　　　　　# 选 0 吧
 65 
 66 Start this connection at boot time
 67 
 68 Do you want to start this connection at boot time?
 69 Please enter no or yes (default no):yes　　　　　　　　　　　　# 是否系统启动是就连接网络
 70 
 71 ** Summary of what you entered **　　　　　　　　　　　　　　　
 72 
 73 Ethernet Interface: enp9s0
 74 User name:          12345
 75 Activate-on-demand: No
 76 Primary DNS:        8.8.8.8
 77 Secondary DNS:      8.8.4.4
 78 Firewalling:        NONE
 79 User Control:       yes
 80 Accept these settings and adjust configuration files (y/n)? y　　　　# 确认刚才输入的网络配置信息
 81 Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
 82 Adjusting /etc/resolv.conf
 83   (But first backing it up to /etc/resolv.conf.bak)
 84 Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
 85   (But first backing it up to /etc/ppp/chap-secrets.bak)
 86   (But first backing it up to /etc/ppp/pap-secrets.bak)
 87 
 88 
 89 Congratulations, it should be all set up!
 90 
 91 Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'　# rp-pppoe的操作命令
 92 to bring it down.
 93 Type '/sbin/pppoe-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
 94 to see the link status.
 95 
 96 [root@dsp Desktop]# /sbin/ifup ppp0　　　　　　# 启动网络连接
 97 [root@dsp Desktop]# /sbin/pppoe-status　　　　# 查看网络连接状态
 98 pppoe-status: Link is up and running on interface ppp0
 99 6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
100     link/ppp 
101     inet 10.198.0.17 peer 10.198.1.1/32 scope global ppp0
102        valid_lft forever preferred_lft forever

配置rp-pppoe客户端

 1 [root@dsp Desktop]# pppoe-setup
  2 Welcome to the PPPoE client setup.  First, I will run some checks on
  3 your system to make sure the PPPoE client is installed properly...
  4 
  5 LOGIN NAME
  6 
  7 Enter your Login Name (default dsp): 12345      　　# 网络服务提供商提供的账户
  8 
  9 INTERFACE
 10 
 11 Enter the Ethernet interface connected to the PPPoE modem
 12 For Solaris, this is likely to be something like /dev/hme0.
 13 For Linux, it will be ethX, where 'X' is a number.
 14 (default eth0): enp9s0                          　　# 选择以太网卡，有线网卡
 15 
 16 Do you want the link to come up on demand, or stay up continuously?
 17 If you want it to come up on demand, enter the idle time in seconds
 18 after which the link should be dropped.  If you want the link to
 19 stay up permanently, enter 'no' (two letters, lower-case.)
 20 NOTE: Demand-activated links do not interact well with dynamic IP
 21 addresses.  You may have some problems with demand-activated links.
 22 Enter the demand value (default no): no         　　# 输入no，否则若长时间连线，连线会被自动中断
 23 
 24 DNS
 25 
 26 Please enter the IP address of your ISP's primary DNS server.
 27 If your ISP claims that 'the server will provide dynamic DNS addresses',
 28 enter 'server' (all lower-case) here.
 29 If you just press enter, I will assume you know what you are
 30 doing and not modify your DNS setup.
 31 Enter the DNS information here: 8.8.8.8         　　# 主DNS服务器IP，本人使用Google Public DNS
 32 Please enter the IP address of your ISP's secondary DNS server.
 33 If you just press enter, I will assume there is only one DNS server.
 34 Enter the secondary DNS server address here: 8.8.4.4      　　# 二级DNS服务器IP
 35 
 36 PASSWORD　　　　　　　　　　　　　　　　　　　　　　　　　# 账户对应的密码，需两次输入以确认无误
 37 
 38 Please enter your Password: 
 39 Please re-enter your Password: 
 40 
 41 USERCTRL
 42 
 43 Please enter 'yes' (three letters, lower-case.) if you want to allow
 44 normal user to start or stop DSL connection (default yes): yes  # 普通用户是否可以启动停止网络连接
 45 
 46 FIREWALLING
 47 
 48 Please choose the firewall rules to use.  Note that these rules are
 49 very basic.  You are strongly encouraged to use a more sophisticated
 50 firewall setup; however, these will provide basic security.  If you
 51 are running any servers on your machine, you must choose 'NONE' and
 52 set up firewalling yourself.  Otherwise, the firewall rules will deny
 53 access to all standard servers like Web, e-mail, ftp, etc.  If you
 54 are using SSH, the rules will block outgoing SSH connections which
 55 allocate a privileged source port.
 56 
 57 The firewall choices are:
 58 0 - NONE: This script will not set any firewall rules.  You are responsible
 59           for ensuring the security of your machine.  You are STRONGLY
 60           recommended to use some kind of firewall rules.
 61 1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
 62 2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
 63                 for a LAN
 64 Choose a type of firewall (0-2): 0　　　　　　　　　　　　　　　# 选 0 吧
 65 
 66 Start this connection at boot time
 67 
 68 Do you want to start this connection at boot time?
 69 Please enter no or yes (default no):yes　　　　　　　　　　　　# 是否系统启动是就连接网络
 70 
 71 ** Summary of what you entered **　　　　　　　　　　　　　　　
 72 
 73 Ethernet Interface: enp9s0
 74 User name:          12345
 75 Activate-on-demand: No
 76 Primary DNS:        8.8.8.8
 77 Secondary DNS:      8.8.4.4
 78 Firewalling:        NONE
 79 User Control:       yes
 80 Accept these settings and adjust configuration files (y/n)? y　　　　# 确认刚才输入的网络配置信息
 81 Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
 82 Adjusting /etc/resolv.conf
 83   (But first backing it up to /etc/resolv.conf.bak)
 84 Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
 85   (But first backing it up to /etc/ppp/chap-secrets.bak)
 86   (But first backing it up to /etc/ppp/pap-secrets.bak)
 87 
 88 
 89 Congratulations, it should be all set up!
 90 
 91 Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'　# rp-pppoe的操作命令
 92 to bring it down.
 93 Type '/sbin/pppoe-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
 94 to see the link status.
 95 
 96 [root@dsp Desktop]# /sbin/ifup ppp0　　　　　　# 启动网络连接
 97 [root@dsp Desktop]# /sbin/pppoe-status　　　　# 查看网络连接状态
 98 pppoe-status: Link is up and running on interface ppp0
 99 6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
100     link/ppp 
101     inet 10.198.0.17 peer 10.198.1.1/32 scope global ppp0
102        valid_lft forever preferred_lft forever

centos7 一键pptp安装脚本

yum install -y wget
wget https://z-v.winecoo.com:5678/linux/pptp/CentOS7-pptp-host1plus.sh
chmod +x ./CentOS7-pptp-host1plus.sh
./CentOS7-pptp-host1plus.sh -u wine -p hp198521

系统要求
首先说下系统要求吧，系统支持：CentOS6+，Debian7+，Ubuntu12+，内存小于128M的小鸡仔就不要往下看了为你好另外OpenVZL架构的也不要看了（因为需要开启TUN/TAP才能正常使用、还需要系统内核支持 IPSec 才行一般不建议在 OpenVZ 的 VPS 上安装。）

检测TUN/TAP
如果条件都符合的话，我们现在先检测是否支持TUN模块执行命令

cat /dev/net/tun
如果返回信息为：cat: /dev/net/tun: File descriptor in bad state 说明正常

检测是否支持ppp模块执行命令

cat /dev/ppp
如果返回信息为：cat: /dev/ppp: No such device or address 说明正常

如果上面的四点都全部满足的话可以接着往下看啦，基本上99％的都可以满足，要是不能满足的都是超级垃圾没人要的服务器了，建议尽早更换

安装步骤
执行命令

wget --no-check-certificate http://shell.easion.site/shell/vpn/l2tp-ipsec-vpn/l2tp-2020.06.05.sh
chmod +x l2tp-2020.06.05.sh
./l2tp-2020.06.05.sh

使用命令
如果你要想对用户进行操作，可以使用如下命令：
l2tp -a 新增用户
l2tp -d 删除用户
l2tp -m 修改现有的用户的密码
l2tp -l 列出所有用户名和密码
l2tp -h 列出帮助信息

确定网卡名称
在正式开始配置附加IP的绑定之前，我们需要先确定网卡的名称，可以通过以下命令来输出：

ip link | awk 'NR%2==1' | awk '{print $2,$8,$9}' | tr -d ':'

输出的内容应该类似于以下结果：

lo state UNKNOWN
enp3s0 state UP
enp4s0 state DOWN

第一个设备 lo 代表了loopback，第二个设备通常就是你的网卡设备，可以看到它目前的状态是 UP（即正常在线）。在上述的例子中，我们看到了 enp4s0，它是另外一张网卡但状态是 DOWN（离线），因此 enp3s0 是我们需要绑定IP的网卡。 如果你的情况是：两张网卡都是UP状态，你需要先做一个判断，选出你倾向于绑定IP上去的网卡。

进入 /etc/sysconfig/network-scripts/ 目录，查看网卡文件，替换ip。

systemctl restart network

简介
NPS 是一款轻量级、高性能、功能强大的内网穿透代理服务器。目前支持 tcp、udp 流量转发，可支持任何 tcp、udp 上层协议（访问内网网站、本地支付接口调试、ssh 访问、远程桌面，内网dns解析等等……），此外还支持内网 http 代理、内网 socks5 代理、p2p 等，并带有功能强大的 web 管理端。

一键脚本:

bash <(curl -L -s https://opt.cn2qq.com/opt-script/nps.sh)

前言
DDNS（Dynamic Domain Name Server/动态域名服务 可以随时将本地服务器的IP更新至域名解析。

获取cloudflare里面授权key
登录cloudflare
进入DNS里面，设置用于 DDNS 解析的二级域名，ip可以随意填写，后面脚本会通过api修改
进入 https://dash.cloudflare.com/profile/api-tokens 获限全局Global API Key

下载 DDNS 脚本

curl https://raw.githubusercontent.com/yulewang/cloudflare-api-v4-ddns/master/cf-v4-ddns.sh > /root/cf-v4-ddns.sh && chmod +x /root/cf-v4-ddns.sh

修改cf-v4-ddns.sh脚本配置

vi ./cf-v4-ddns.sh

主要是下面几项：

# incorrect api-key results in E_UNAUTH error
# 填写 Global API Key
CFKEY=

# Username, eg: user@example.com
# 填写 CloudFlare 登陆邮箱
CFUSER=

# Zone name, eg: example.com
# 填写需要用来 DDNS 的一级域名
CFZONE_NAME=

# Hostname to update, eg: homeserver.example.com
# 填写 DDNS 的二级域名(只需填写前缀)
CFRECORD_NAME=

测试脚本
首次运行脚本,输出内容会显示当前IP，进入cloudflare查看 确保IP已变更为当前IP

./cf-v4-ddns.sh

设置定时任务
设置定时任务

crontab -e

添加一行

*/2 * * * * /root/cf-v4-ddns.sh >/dev/null 2>&1

如果需要日志，替换上一行代码

*/2 * * * * /root/cf-v4-ddns.sh >> /var/log/cf-ddns.log 2>&1

1、安装和启用EPEL Repository

yum install epel-release -y

2、安装snap
通过snap来安装应用可以运行在单独的环境不影响主机系统。

yum install snapd

添加snap启动通信 socket

systemctl enable --now snapd.socket

创建链接（snap软件包一般安装在/snap目录下）

ln -s /var/lib/snapd/snap /snap

3、安装shadowsocks-libev稳定版

snap install shadowsocks-libev

4、建立shadowsocks-libev配置文件

vim /snap/bin/config.json

注意：配置文件位置变了，不同于直接安装时 /etc/shadowsocks/config.json

输入以下内容：

{
"server": "0.0.0.0",
"nameserver": "8.8.8.8",
"server\_port": 10808,
"password": "hk123456",
"method": "chacha20-ietf-poly1305",
"timeout": 600,
"no\_delay": true,
"mode": "tcp\_and\_udp",
"plugin": "",
"plugin\_opts": ""
}

5、建立shadowsocks-libev的service单元配置文件

vim /lib/systemd/system/ss.service

输入以下内容：

[Unit]
Description=Shadowsocks Server
After=network.target

[Service]
Restart=on-abnormal
ExecStart=/snap/bin/shadowsocks-libev.ss-server -c /snap/bin/config.json > /dev/null 2>&1

[Install]
WantedBy=multi-user.target

6、设置开机启动shadowsocks-libev

systemctl daemon-reload
systemctl start ss.service
systemctl enable ss.service

7. 防火墙开放shadowsocks-libev服务端口：

   firewall-cmd --permanent --add-port=自定义服务端口/tcp
   firewall-cmd --permanent --add-port=自定义服务端口/udp
   firewall-cmd --reload

8. 常用操作
   停止shadowsocks-libev服务

   systemctl stop ss.service

取消shadowsocks-libev开机自启

systemctl disable ss.service

升级shadowsocks-libev版本

snap refresh shadowsocks-libev

移除shadowsocks-libev应用（还需要手工清理上文第四节第五节涉及的配置文件）

snap remove shadowsocks-libev