1.安装

wget http://downloads.sourceforge.net/ss5/ss5-3.8.9-8.src.rpm
yum install gcc.x86_64 rpm-build.x86_64 openldap-devel.x86_64 pam-devel.x86_64 openssl-devel.x86_64
wget http://li.nux.ro/download/nux/dextop/el7/x86_64//libgssglue-0.4-2.el7.nux.x86_64.rpm
yum install libgssglue-0.4-2.el7.nux.x86_64.rpm
rpmbuild --rebuild ss5-3.8.9-8.src.rpm
rpm -ivh /root/rpmbuild/RPMS/x86_64/ss5-3.8.9-8.x86_64.rpm

2.配置
配置文件/etc/opt/ss5/ss5.conf
不需要验证

auth    0.0.0.0/0               -               -
permit -	0.0.0.0/0	-	0.0.0.0/0	-	-	-	-

需要验证

auth    0.0.0.0/0               -               u
permit u	0.0.0.0/0	-	0.0.0.0/0	-	-	-	-

配置账号密码
/etc/opt/ss5/ss5.passwd，一行写一个用户名和密码，中间空格分开，比如:

username1 pwd1
username2 pwd2

开通权限，不然密码用不了

chmod 777 -R /etc/opt/ss5

3.配置ip列表
梳理ip

ip add|sort -n -k 8|grep 网卡名|grep -v 'BROADCAST'|awk -F '[/ ]+' '{print $3}' >/root/shell/ip_list.txt  

启动脚本

# cat /root/shell/nat-mangle.sh
#!/bin/bash
iptables -t mangle -F OUTPUT
for ((i=1, j=1101; i < 195 ; i++, j=j+1))
do
        iptables -t mangle -A OUTPUT -m owner --uid-owner $j -j MARK --set-mark $j
done

其中195是ip数

# cat /root/shell/snat.sh
#!/bin/bash
iptables -t nat -F POSTROUTING
for ((i=1, j=1101; i < 195 ; i++, j=j+1))
do
       ip=$(cat /root/shell/ip_list.txt|sed -n "${i}p")
       iptables -t nat -A POSTROUTING -m mark --mark $j -j SNAT --to ${ip}
done

#cat /root/shell/user.sh
#!/bin/bash 
for ((i=1, j=1101; i < 195 ; i++, j=j+1)) 
do 
        /usr/sbin/useradd socks$j -u $j -M -s /dev/null 
done

# cat /root/shell/ss5.sh
#!/bin/bash
killall -9 ss5
mkdir -p /var/run/ss5/
for ((i=1, j=1101; i < 195 ; i++, j=j+1))
do
       ip=$(cat /root/shell/ip_list.txt|sed -n "${i}p")
       /usr/sbin/ss5 -t -m -b ${ip}:6666 -u socks$j -p /var/run/ss5/socks${j}.pid
done

安装killall

yum install psmisc

默认端口1080,开防火墙

/usr/sbin/iptables -I INPUT -p tcp --dport 6666 -j ACCEPT