clash for linux

it is really a hard work. without internet i can do nothing. 感谢EdwardChristmas的博客, 本文基本是对他的模仿借鉴，仅供学习参考 now i will list steps to redo what i've done for all the afternoon and night

0. prepare

一臺能連接github的電腦/能運行命令行的linux發行版, 最好是debian系, 本記錄適用於Ubuntu 22.04.2 LTS, 不保證其他版本適用(wsl2可行)

1. make new folder and cd to it(now im in /usr/local/bin)

   mkdir clash-dashboard
   cd clash-dashboard

2. Download:

in other os: download:clash from:https://github.com/Dreamacro/clash/releases:clash-linux-amd64-v1.16.0.gz(other vision is ok) download: yacd(dashboard):https://github.com/haishanh/yacd/releases:yacd.tar.xz download: yaml: 把机场给的config.yaml给下载下来

    wget https://github.com/Dreamacro/clash/releases/download/v1.11.12/clash-linux-amd64-v1.16.0.gz
    wget https://github.com/haishanh/yacd/releases/download/v0.3.8/yacd.tar.xz
    wget "<机场给你的订阅链接>" -O config.yaml

3. extract:

    gzip -d clash-linux-amd64-v1.16.0.gz
    tar -xJvf yacd.tar.xz

4. rename:

    #重命名方便后续操作
    mv clash-linux-amd64-v1.16.0 clash
    mv public dashboard
    #获取权限
    sudo chmod +x clash

5. change yaml:表头应如是

port: 7890
socks-port: 7891
allow-lan: true
mode: Rule
log-level: info
secert: 123456 // 若需要clash web要密码访问可以在这块配置密码, 若不需要直接注释掉/不加以补充即可
external-ui: dashboard // 增加这一行
external-controller: 0.0.0.0:9090

check：确保你一直在在刚才执行了一系列操作的文件夹里，那么此时CLI后缀应如是：*/clash-dashboard$

6. 運行程序:

    ./clash -d .
    ------------Expect_Output------------
INFO[0000] Start initial compatible provider Proxies
INFO[0000] Start initial compatible provider Spotify
INFO[0000] Start initial compatible provider Microsoft
INFO[0000] Start initial compatible provider GlobalTV
INFO[0000] Start initial compatible provider Apple
INFO[0000] RESTful API listening at: [::]:9090
INFO[0000] HTTP proxy listening at: [::]:7890
INFO[0000] SOCKS proxy listening at: [::]:7891

check: 此时在浏览器输入localhost:9090/ui应该能看到与clash for windows类似的界面

7. 在setting-network-network proxy-mannal中設置: HTTP PROXY:127.0.0.1 7890 HTTPS PROXY:127.0.0.1 7890 FTP Proxy: Socks Host:127.0.0.1 7891 Ignore Hosts:localhost

check: 此時我的主機瀏覽器已經可以連接國際互聯網, localhost:9090/ui已經可見網絡波動, 運行./clash -d . 的CLI有>網絡代理連接刷新類似

更新: 可以使用例如 curl -I https://www.youtube.com/ 的命令來查看與國際互聯網的連接情況, 瀏覽器還需要切換應用有些麻煩

INFO[2198] [TCP] 127.0.0.1:44044 --> client.wns.windows.com:443 match DomainSuffix(windows.com) using Ⓜ️  微软服务[DIRECT]
INFO[2260] [TCP] 127.0.0.1:33184 --> vscode-sync.trafficmanager.net:443 match DomainSuffix(trafficmanager.net) using Ⓜ️  微软服务[DIRECT]
INFO[2275] [TCP] 127.0.0.1:36828 --> client.wns.windows.com:443 match DomainSuffix(windows.com) using Ⓜ️  微软服务[DIRECT]
INFO[2346] [TCP] 127.0.0.1:45772 --> www.google.cn:443 match DomainKeyword(google) using 🔰 节点选择[K05>香港]
INFO[2352] [TCP] 127.0.0.1:50542 --> client.wns.windows.com:443 match DomainSuffix(windows.com) using Ⓜ️  微软服务[DIRECT]
INFO[2379] [TCP] 127.0.0.1:39186 --> www.google.cn:443 match DomainKeyword(google) using 🔰 节点选择[K05>香港]

8. 自動開啓全局代理和提供快捷開關:

sudo vim ~/.bashrc

(now you are in ~/.bashrc) G(to the bottom) (yank these code to the ~/.bashrc)

################## add code below ##################

# Proxy auto start
export https_proxy=http://127.0.0.1:7890
export http_proxy=http://127.0.0.1:7890
export all_proxy=socks5://127.0.0.1:7890
# Open proxy
proxyon() {
    export https_proxy=http://127.0.0.1:7890
    export http_proxy=http://127.0.0.1:7890
    export all_proxy=socks5://127.0.0.1:7890
    echo "HTTP/HTTPS Proxy on"
}
# Close proxy
proxyoff() {
    unset http_proxy
    unset https_proxy
    unset all_proxy
    echo "HTTP/HTTPS Proxy off"
}

now add ~./bashrc to the source so you can type "proxyoff" to turn off the proxy(on 7890) and "proxyon" to turn on it. Proxy now will auto start when you start your machine. In CLI:

source ~/.bashrc

check:enter proxyoff in you CLI:$proxyoff expect: HTTP/HTTPS Proxy off

9. 自動化開啓clash:

• bash腳本:

#!/usr/bin

cd /usr/local/bin/clash-dashboard
./clash -d .
echo "clash_on==1"

編好之後我放在home(~$), 每次開機敲一邊:"bash <script_name>.sh"

• system.service: 現在我可以補充service的內容了

cd /etc/systemd/system/
sudo vim clash.service

(now in clash.service)

[Unit]
Description=Clash for proxy

[Service]
PIDFile=/run/clash.pid
ExecStart=/usr/local/bin/clash-dashboard/clash -d /usr/local/bin/clash-dashboard/
WorkingDirectory=/root
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target

是否要給clash.service加上777權限呢? 不知道 但是我目前是把/usr/local/bin/clash-dashboard/裏面的所有文件都加了777權限, clash.service也一樣, 結果是可以運行的, 之後有機會再試驗吧 接下來

#自啓動
systemctl enable clash

至此自啓動設置完畢 check: 可以通過以下辦法檢驗服務的有效性:

1. 沒有啓動此服務, 瀏覽器不能上外網, 用curl -I https://www.youtube.com 可以查看代理狀況, 正常連接代碼應該是200.
2. 啓動systemctl start clash後可以上外網,9090端口有控制頁面
3. 問題排查可以從systemctl status clash開始,查看服務啓用狀態
4. 用網絡端口排查是找不到進程的:

 yibotian@Nicolette86132  /etc/systemd/system  netstat -tanlp | grep 7890
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 127.0.0.1:53184         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp        0      0 127.0.0.1:35498         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp        0      0 127.0.0.1:46050         127.0.0.1:7890          ESTABLISHED 3442/Code --standar
tcp        0      0 127.0.0.1:48032         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp        0      0 127.0.0.1:60664         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp       24      0 127.0.0.1:53210         127.0.0.1:7890          CLOSE_WAIT  2651/msedge --type=
tcp        0      0 127.0.0.1:53198         127.0.0.1:7890          ESTABLISHED 1595/ibus-engine-li
tcp        0      0 127.0.0.1:58652         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp        0      0 127.0.0.1:43838         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp       24      0 127.0.0.1:53218         127.0.0.1:7890          CLOSE_WAIT  2651/msedge --type=
tcp        0      0 127.0.0.1:48042         127.0.0.1:7890          ESTABLISHED 2651/msedge --type=
tcp6       0      0 :::7890                 :::*                    LISTEN      -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:46050         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:53198         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:53218         FIN_WAIT2   -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:47480         TIME_WAIT   -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:48032         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:43882         TIME_WAIT   -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:48042         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:53184         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:38520         TIME_WAIT   -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:60664         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:43838         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:58652         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:35498         ESTABLISHED -
tcp6       0      0 127.0.0.1:7890          127.0.0.1:53210         FIN_WAIT2   -

那麼連接狀況日誌可以在哪裏看呢? 使用 tail -f /var/log/syslog 查看吧. 因爲是系統服務, log被定向到這裏了

使用 env | grep proxy 查看命令行代理的設置效果: 預期輸出:

 yibotian@Nicolette86132  ~  env | grep proxy
https_proxy=http://127.0.0.1:7890
http_proxy=http://127.0.0.1:7890
all_proxy=socks5://127.0.0.1:7890

注意, 在切換shell之後(切換到zsh)要重新修改 ~/.<shell_name>rc 文件以自啓動命令行環境代理

在9090界面裏切換代理地區, 遠離中國及其統治地區即可. 比如說日本, bing就可以接入國際版, 就可以使用bingai. 香港和臺灣都不太行.