原创文章,转载请注明出处
https://qiedd.com/

0x00 简介

抓某站时遇到了被 IP 限流问题,但是某站没有对 v6 的限制,v6 only 的服务器很好买,而且便宜。

一开始使用 https://github.com/zu1k/http-proxy-ipv6-pool 发现高并发的场景下经常报错,因此找到了另一个方案 https://blog.yllhwa.com/2022/09/05/利用IPV6绕过B站的反爬/

结合两个方案的优点,可以在不绑定网卡下使用 v6,并且在高并发的情况下也不会报错,故此写下本 blog

0x01 IPv6

如果你本机没有 v6,可以去 he 申请一段 v6, 地址:https://tunnelbroker.net/

具体怎么申请不过多赘述,google 一下随便有

0x02 安装依赖

debian 从官方源安装 openresty 请看此 blog:https://blog.openresty.com/en/openresty-pre-built-for-debian-11/

# 安装 openresty
sudo apt-get -y install --no-install-recommends wget gnupg ca-certificates
wget -O - https://openresty.org/package/pubkey.gpg | sudo apt-key add -
codename=`grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release`
echo "deb http://openresty.org/package/debian $codename openresty" \
    | sudo tee /etc/apt/sources.list.d/openresty.list
sudo apt-get update
sudo apt-get -y install openresty

#安装 ndppd
apt install ndppd -y

# 内核,以及一些优化参数
vim /etc/sysctl.conf

fs.inotify.max_user_watches = 524288
net.ipv6.conf.all.proxy_ndp=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
net.ipv6.ip_nonlocal_bind=1
net.ipv4.ip_local_port_range=1024 64000
net.ipv6.route.max_size=409600
net.ipv4.tcp_max_syn_backlog=4096
net.ipv6.neigh.default.gc_thresh3=102400
kernel.threads-max=1200000
vm.max_map_count=6000000
kernel.pid_max=2000000

# 应用
sysctl -p

0x03 ndppd 配置

# 先添加一条路由
## 网卡需要对应的网卡,我这里是 eth0,其他系统可能是 ens0
## 如果你用的是 he,并且没有修改 he 给你的配置,这里的网卡是 he-ipv6,不用加 @ 后面的东西
## 如果你用的是 he,这里是 Routed IPv6 Prefixes, 而不是 Client IPv6 Address:
ip route add local 2001:1:1:1::/64 dev eth0

# 修改配置
vim /etc/ndppd

## 同样的,如果你这里是其他网卡,请修改 eth0
## 同样的,如果使用的是 he,这里是 Routed IPv6 Prefixes, 而不是 Client IPv6 Address:
route-ttl 30000
proxy eth0 {
    router no
    timeout 500
    ttl 30000
    rule 2001:1:1:1::/64 {
        static
    }
}

# ndppd, 启动!
systemctl enable ndppd
systemctl start nddpd

# 在你的 v6 网段下随便找个地址测试
## 返回 2001:1:1:1::1145 则是正常
curl --interface 2001:1:1:1::1145 ip.sb

0x04 openresty 配置

如果你的跟着我配置的,那么 openresty 的配置在如下目录 /usr/local/openresty/nginx/conf/

# 进入目录
cd /usr/local/openresty/nginx/conf/

# 配置 nginx.conf
## 需要删除现有的 server,添加其他一个应用的目录,我会把我的配置完整的展示出来
vim nginx.conf

# 创建一个目录
mkdir conf.d && cd conf.d

# 创建一个文件
## 需要改成自己的 bind_ip

vim bili-proxy

# openresty, 启动!
systemctl enable openresty
systemctl start openresty

# 测试
curl 127.0.0.1:33333/x/web-interface/zone
nginx.conf
#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    include       conf.d/*;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

bili-proxy

upstream bili_cdn_ipv6 {
    server [240e:97d:10:1402:0:1:1:38]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:10:1402:0:1:1:39]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:10:1402:0:1:1:40]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:10:1402:0:1:1:41]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:10:1402:0:1:1:42]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:2000:c0e::30]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:2000:c0e::31]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:2000:c0e::32]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:2000:c0e::33]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:97d:2000:c0e::34]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:978:90d:1000::70]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:978:90d:1000::74]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:978:90d:1000::76]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:978:90d:1000::77]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:978:90d:1000::78]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:f7:e01f:f1::27]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:f7:e01f:f1::28]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:f7:e01f:f1::29]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:f7:e01f:f1::30]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:f7:e01f:f1::31]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:cf:9000:2::99]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:cf:9000:2::9a]:443 max_fails=2 fail_timeout=10s weight=1;
    server [240e:cf:9000:2::9d]:443 max_fails=2 fail_timeout=10s weight=1;
}

server {
    listen       33333;
    server_name  localhost;
    access_log   off;

    location / {
        set_by_lua_block $bind_ip {
            return '2001:1:1:1' .. string.format(':%x', math.random(1, 65535)) .. string.format(':%x', math.random(1, 65535)) .. string.format(':%x', math.random(1, 65535)) .. string.format(':%x', math.random(1, 65535))
        }
        proxy_bind $bind_ip;
        proxy_pass https://bili_cdn_ipv6;
        proxy_set_header Host api.bilibili.com;
    }
}


server {
    listen       33334;
    server_name  localhost;
    access_log   off;

    location / {
        set_by_lua_block $bind_ip {
            return '2001:1:1:1' .. string.format(':%x', math.random(1, 65535)) .. string.format(':%x', math.random(1, 65535)) .. string.format(':%x', math.random(1, 65535)) .. string.format(':%x', math.random(1, 65535))
        }
        proxy_bind $bind_ip;
        proxy_pass https://bili_cdn_ipv6;
        proxy_set_header Host app.bilibili.com;
    }
}

0 条评论

发表回复

Avatar placeholder

您的电子邮箱地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据