Running a Snowflake on Debian 11

fareast_mzh2025-02-06 16:42

Running a Snowflake

1. Install golang

bash 复制代码 
wget https://go.dev/dl/go1.21.4.linux-amd64.tar.gz
sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.21.4.linux-amd64.tar.gz
echo 'export PATH=$PATH:/usr/local/go/bin' >> ~/.bashrc
source ~/.bashrc
go version
bash 复制代码 
ed2k://|file|go1.21.4.linux-amd64.tar.gz|66615271|E68373CE54C547E2D9BEF41297231176|/
  1. Install Snowflake
bash 复制代码 
git clone https://git.torproject.org/pluggable-transports/snowflake.git
git branch -a
git checkout remotes/origin/renovate/github.com-aws-aws-sdk-go-v2-config-1.x
cd snowflake/proxy
go build
  1. Run

./proxy --verbose

You should see output indicating that the pr0xy is running and communicating with the broker.

  1. create a systemd service.

sudo vim /etc/systemd/system/snowflake-proxy.service

bash 复制代码 
[Unit]
Description=Snowflake Network
After=network.target

[Service]
ExecStart=/home/linuxuser/snowflake/proxy/proxy
Restart=always
User=linuxuser
WorkingDirectory=/home/linuxuser/snowflake/proxy

[Install]
WantedBy=multi-user.target

sudo systemctl daemon-reload

sudo systemctl enable snowflake-proxy

sudo systemctl start snowflake-proxy

sudo systemctl status snowflake-proxy

  1. Set firewall
bash 复制代码 
sudo ufw allow 3478/udp
sudo ufw allow 443/udp
sudo ufw allow 10000:60000/udp
sudo ufw reload
bash 复制代码 
sudo iptables -I INPUT 7 -p udp --dport 10000:65535 -j ACCEPT
sudo iptables -I OUTPUT 10 -p udp --sport 10000:65535-j ACCEPT
sudo /sbin/iptables -L OUTPUT -v --line-numbers
sudo /sbin/iptables -L INPUT -v --line-numbers
sudo apt-get install netfilter-persistent
sudo netfilter-persistent save
# sudo iptables-save | sudo tee /etc/iptables/rules.v4
  1. Verify

journalctl -u snowflake-proxy -f

curl -4 ifconfig.me

webrtc test page

sudo iftop -i enp1s0 -P

  1. Troubleshooting
  • Verify the process is running (ps aux | grep proxy)
  • Check logs for errors (journalctl -u snowflake-proxy)
  • Run it manually for debugging (./proxy -verbose)
  • Confirm UDP port binding (ss -lunp | grep proxy)
  • Allow UDP traffic through firewall
  • Try running it with -relay to see the assigned port

$ netstat -tulnp

an entry looked like:

udp 0 0 0.0.0.0:41730 0.0.0.0:* 50767/proxy

"Config Bridge" -> "snowflake" -> "Provide a Bridge I know"

snowflake x.x.x.x:41730

x.x.x.x is your VPS IP address

$ sudo iftop -i enp1s0 -P # Adjust "enp1s0" based on your network interface

sudo iptables -t nat -L PREROUTING --line-numbers -v -n

sudo iptables -A OUTPUT -p udp --sport 34672 -j ACCEPT

sudo iptables -A INPUT -p udp --dport 34672 -j ACCEPT

sudo iptables -A OUTPUT -p tcp --sport 34662 -j ACCEPT

sudo iptables -A INPUT -p tcp --dport 34662 -j ACCEPT

sudo /sbin/iptables -L OUTPUT -v --line-numbers

sudo /sbin/iptables -L INPUT -v --line-numbers

sudo apt-get install netfilter-persistent

sudo netfilter-persistent save

相关推荐
YCY^v^2 小时前
centos 7 开启80,443端口,怎么弄?
linux·运维·centos
北南京海2 小时前
[Linux]进程地址空间
linux·运维·服务器
yzx9910133 小时前
服务器生成图片
运维·服务器
db_murphy4 小时前
Oracle数据块8KB、OS默认认块管理4KB,是否需调整大小为一致?
linux
liulilittle5 小时前
C++ TAP(基于任务的异步编程模式)
服务器·开发语言·网络·c++·分布式·任务·tap
mCell7 小时前
从删库到跑路?这50个Linux命令能保你职业生涯
linux·windows·macos
杰克逊的日记7 小时前
GPU运维常见问题处理
linux·运维·gpu
caolib7 小时前
无需云服务器的内网穿透方案 -- cloudflare tunnel
运维·服务器·内网穿透·tunnel·cloudflared
誰能久伴不乏8 小时前
Linux系统调用概述与实现:深入浅出的解析
linux·运维·服务器
程序员学习随笔8 小时前
Linux进程深度解析(2):fork/exec写时拷贝性能优化与exit资源回收机制(进程创建和销毁)
linux·运维·服务器
热门推荐
01Qwen3-Coder 快速上手教程 | Qwen Code + Claude Code02vue数据变化但页面不变03全球最强模型Grok4,国内已可免费使用!(附教程)04KGG转MP3工具|非KGM文件|解密音频05sqli-labs 靶场 less-8、9、10 第八关到第十关详解:布尔注入,时间注入06扣子开源本地部署教程 丨Coze智能体小白喂饭级指南07干翻 Typora!MilkUp:完全免费的桌面端 Markdown 编辑器!08【2025.7.18】更新vscode后所有.vue文件template标签后报红的临时解决办法,Vue - Official 插件3.0.2导致09ChatGPT Agent 完全使用指南:2025年7月最新功能详解10Claude Code用不了?来试下Qwen3-Coder加持的Qwen Code吧