心灵小站

## check if module could be loaded
sudo modprobe -v -n xt_TPROXY

## load module
 sudo modprobe -v xt_TPROXY



# ROUTE RULES
ip route add local default dev lo table 100
ip rule add fwmark 1 lookup 100

# CREATE TABLE
iptables -t mangle -N V2RAY

# RETURN LOCAL AND LANS
iptables -t mangle -A V2RAY -d 0.0.0.0/8 -j RETURN
iptables -t mangle -A V2RAY -d 10.0.0.0/8 -j RETURN
iptables -t mangle -A V2RAY -d 127.0.0.0/8 -j RETURN
iptables -t mangle -A V2RAY -d 169.254.0.0/16 -j RETURN
iptables -t mangle -A V2RAY -d 172.16.0.0/12 -j RETURN
iptables -t mangle -A V2RAY -d 192.168.0.0/16 -j RETURN
iptables -t mangle -A V2RAY -d 224.0.0.0/4 -j RETURN
iptables -t mangle -A V2RAY -d 240.0.0.0/4 -j RETURN

# FORWARD ALL
iptables -t mangle -A V2RAY -p tcp -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
iptables -t mangle -A V2RAY -p udp -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01

# REDIRECT
iptables -t mangle -A PREROUTING -j V2RAY

{
"tag": "transparent",
"port": 12345,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": false,
"destOverride": [
"http",
"tls"
]
},
"streamSettings": {
"sockopt": {
"tproxy": "tproxy"
}
}
},

iptables -t nat -F
iptables -t nat -N REDSOCKS

iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-port=12345

iptables -t nat -A PREROUTING -j REDSOCKS

redsocks {
/* `local_ip' defaults to 127.0.0.1 for security reasons,
* use 0.0.0.0 if you want to listen on every interface.
* `local_*' are used as port to redirect to.
*/
local_ip = 0.0.0.0;
local_port = 12345;

// `ip' and `port' are IP and tcp-port of proxy-server
// You can also use hostname instead of IP, only one (random)
// address of multihomed host will be used.
ip = 127.0.0.1;
port = 1080;

// known types: socks4, socks5, http-connect, http-relay
type = socks5;

// login = "foobar";
// password = "baz";
}

我的世界观 The World As I SeeIt

阿尔伯特·爱因斯坦 Albert Einstein

我们这些总有一死的人的命运多么奇特！How strangeis the lot of us mortals!

 我们每个人在这个世界上都只作一个短暂的逗留；目的何在，却无从知道，尽管有时自以为对此若有所感。Each of us ishere for a brief sojourn; for what purpose be knows not, though he sometimesthinks he senses it.

但是，不必深思，只要从日常生活就可以明白：人是为别人而生存的──首先是为那样一些人，我们的幸福全部依赖于他们的喜悦和健康；其次是为许多我们所不认识的人，他们的命运通过同情的纽带同我们密切结合在一起。But withoutdeeper reflection one knows from daily life that one exists for otherpeople-first of all for those upon whose smiles and well-being our ownhappiness is wholly dependent, and then for the many, unknown to us, to whosedestinies we are bound by the ties of sympathy.

我每天上百次的提醒自己：我的精神生活和物质生活都是以别人（包括生者和死者）的劳动为基础的，我必须尽力以同样的分量来报偿我所领受了的和至今还在领受着的东西。A hundredtimes every day I remind myself that my inner and outer life are based on thelabors of other men,living and dead, and that I must exert myself in order togive in the same measure as I have received and am still receiving.

我强烈地向往着俭朴的生活。并且时常发觉自己占用了同胞的过多劳动而难以忍受。I am stronglydrawn to a frugal life and am often oppressively aware that I am engrossing anundue amount of the labor of my fellow-men.

我认为阶级的区分是不合理的，它最后所凭借的是以暴力为根据。I regardclass distinctions as unjustified and, in the last resort, based onforce.

我也相信，简单淳朴的生活，无论在身体上还是在精神上，对每个人都是有益的。

Ialso believe that a simple and unassuming life is good for everybody,physically and mentally.

我完全不相信人类会有那种在哲学意义上的自由。I do not atall believe in human freedom in the philosophical sense.

每一个人的行为不仅受着外界的强制，而且要适应内在的必然。Everybodyacts not only under external compulsion but also in accordance with innernecessity.

叔本华说：“人虽然能够做他所想做的，但不能要他所想要的。”

Schopenhauer'ssaying, "A man can do what he wants,but not want what he wants,"

这句格言从我青年时代起就给了我真正的启示；在我自己和别人的生活面临困难的时候，它总是使我们得到安慰，并且是宽容的持续不断的源泉。has been avery real inspiration to me since my youth; it has been a continual consolationin the face of life's hardships, my own and others', and an unfailingwell-spring of tolerance.

这种体会可以宽大为怀地减轻那种容易使人气馁的责任感，也可以防止我们过于严肃地对待自己和别人；它导致一种特别给幽默以应有地位的人生观。Thisrealization mercifully mitigates the easily paralyzing sense of responsibilityand prevents us from taking ourselves and other people all too seriously; it isconducive to a view of life which, in particular, gives humor its due.

要追究一个人自己或一切生物生存的意义或目的，从客观的观点看来，我总觉得是愚蠢可笑的。Toinquire after the meaning or object of one's own existence or that of allcreatures has always seemed to me absurd from an objective point of view.

可是每个人都有一些理想，这些理想决定着他的努力和判断的方向。And yeteverybody has certain ideals which determine the direction of his endeavors andhis judgments.

就在这个意义上，我从来不把安逸和享乐看作生活目的本身──我把这种伦理基础叫做猪栏的理想。In this sense I have never looked upon easeand happiness as ends in themselves-this ethical basis I call the ideal of apigsty.

照亮我的道路，是善、美和真。The idealswhich have lighted my way, and time after time have given me new courage toface life cheerfully, have been Kindness, Beauty, and Truth.

要是没有志同道合者之间的亲切感情，要不是全神贯注于客观世界──那个在艺术和科学工作领域里永远达不到的对象，那么在我看来，生活就会是空虚的。Without thesense of kinship with men of like mind, without the occupation with theobjective world,the eternally unattainable in the field of art and scientificendeavors, life would have seemed to me empty.

 我总觉得，人们所努力追求的庸俗目标──财产、虚荣、奢侈的生活──都是可鄙的。

Thetrite objects of human efforts-possessions,outward success, luxury-have alwaysseemed to me contemptible.

我有强烈的社会正义感和社会责任感，但我又明显地缺乏与别人和社会直接接触的要求，这两者总是形成古怪的对照。

Mypassionate sense of social justice and social responsibility has alwayscontrasted oddly with my pronounced lack of need for direct contact with otherhuman beings and human communities.

我实在是一个“孤独的旅客”，我未曾全心全意地属于我的国家、我的家庭、我的朋友，甚至我最为接近的亲人；在所有这些关系面前，我总是感觉到一定距离而且需要保持孤独──而这种感受正与年俱增。I am truly a "lone traveler" andhave never belonged to my country, my home, my friend, or even my immediatefamily, with my whole heart; in the face of all these ties, I have never lost asense of distance and a need for solitude-feelings which increase with theyears.

人们会清楚地发觉，同别人的相互了解和协调一致是有限度的，但这不值得惋惜。One becomessharply aware, but without regret,of the limits of mutual understanding andconsonance with other people.

无疑，这样的人在某种程度上会失去他的天真无邪和无忧无虑的心境；但另一方面，他却能够在很大程度上不为别人的意见、习惯和判断所左右，并且能够避免那种把他的内心平衡建立在这样一些不可靠的基础之上的诱惑。

Nodoubt, such a person loses some of his innocence and unconcern; on the otherhand, he is largely independent, of the opinions, habits, and judgments of hisfellows and avoids the temptation to build his inner equilibrium upon suchinsecure foundations.

我的政治理想是民主政体。My political ideal isdemocracy.

让每一个人都作为个人而受到尊重，而不让任何人成为被崇拜的偶像。Let every manbe respected as an individual and no man idolized.

我自己一直受到同代人的过分的赞扬和尊敬，这不是由于我自己的过错，也不是由于我自己的功劳，而实在是一种命运的嘲弄。It is anirony of fate that I myself have been the recipient of excessive admiration andreverence from my fellow-being, through no fault, and no merit, of myown.

其原因大概在于人们有一种愿望，想理解我以自已微薄的绵力，通过不断的斗争所获得的少数几个观念，而这种愿望有很多人却未能实现。The cause ofthis may well be the desire, unattainable for many, to understand the few ideasto which I have with my feeble powers attained through ceaselessstruggle.

我完全明白，一个组织要实现它的目的，就必须有一个人去思考，去指挥、并且全面担负起责任来。

Iam quite aware that it is necessary for the achievement of the objective of anorganization that one man should do the thinking and directing and generallybear the responsibility.

但是被领导的人不应当受到强迫，他们必须能够选择自己的领袖。But the ledmust not be coerced, they must be able to choose their leader.

在我看来，强迫的专制制度很快就会腐化堕落。An autocraticsystem of coercion, in my opinion, soon degenerates.

因为暴力所招引来的总是一些品德低劣的人，而且我相信，天才的暴君总是由无赖来继承的，这是一条千古不易的规律。For forcealways attracts men of low morality, and I believe it to be an invariable rulethat tyrants of genius are succeeded by scoundrels,

就是由于这个缘故，我总强烈地反对今天在意大利和俄国所见到的那种制度。For thisreason I have always been passionately opposed to systems such as we see inItaly and Russia today.

像欧洲今天所存在的情况，已使得民主形式受到怀疑，这不能归咎于民主原则本身，而是由于政府的不稳定和选举制度中与个人无关的特征。The thingthat has brought discredit upon the form of democracy as it exists in Europetoday is not to be laid to the door of the democratic principle as such, but tothe lack of stability of governments and to the impersonal character of theelectoral system.

我相信美国在这方面已经找到了正确的道路。I believethat in this respect the United States of America have found the rightway.

他们选出了一个任期足够长的总统，他有充分的权力来真正履行他的职责。

Theyhave a President powers really to exercise his responsibility.

另一方面，在德国政治制度中，为我所看重的是它为救济患病或贫困的人作出了可贵的广泛的规定。What I value,on the other hand, in the German political system is the more extensiveprovision that it makes for the individual in case of illness or need.

在人生的丰富多彩的表演中，我觉得真正可贵的，不是政治上的国家，而是有创造性的、有感情的个人，是人格；只有个人才能创造出高尚的和卓越的东西，而群众本身在思想上总是迟钝的，在感觉上也总是迟钝的。The reallyvaluable thing in the pageant of human life seems to me not the politicalstate, but the creative, sentient individual, the personality; it alone createsthe noble and the sublime, while the herd as such remains dull in thought anddull in feeling.

讲到这里，我想起了群众生活中最坏的一种表现，那就是使我厌恶的军事制度。This topic bringsme to that worst outcrop of herd life, the military system,which I abhor.

一个人能够洋洋得意的随着军乐队在四列纵队里行进，单凭这一点就足以使我对他鄙夷不屑。That a mancan take pleasure in marching in fours to the strains of a band is enough tomake me despise him.

他所以长了一个大脑，只是出于误会；光是骨髓就可满足他的全部需要了。

Hehas only been given his big brain by mistake; unprotected spinal marrow was allhe needed.

文明的这种罪恶的渊薮，应当尽快加以消灭。Thisplaguespot of civilization ought to be abolished with all possible speed.

任人支配的英雄主义、冷酷无情的暴行，以及在爱国主义名义下的一切可恶的胡闹，所有这些都使我深恶痛绝！Heroism oncommand, senseless violence, and all the loathsome nonsense that goes by thename of patriotism - how passionately I hate them!

在我看来，战争是多么卑鄙、下流！How vile anddespicable seems war to me!

我宁愿被千刀万剐，也不愿参与这种可憎的勾当。I wouldrather be hacked in pieces than take part in such an abominable business.

尽管如此，我对人类的评价还是十分高的，我相信，要是人民的健康感情没有遭到那些通过学校和报纸而起作用的商业利益和政治利益的蓄意败坏，那么战争这个妖魔早就该绝迹了。

Myopinion of the human race is high enough that I believe this bogey would havedisappeared long ago, had the sound sense of the peoples not beensystematically corrupted by commercial and political interests acting throughthe schools and the Press.

我们所能有的最美好的经验是奥秘的经验。The mostbeautiful experience we can have is the mysterious.

它是坚守在真正艺术和真正科学发源地上的基本感情。It is thefundamental emotion which stands at the cradle of true art and true science.

谁要体验不到它，谁要是不再有好奇心，也不再有惊讶的感觉，谁就无异于行尸走肉，他的眼睛便是模糊不清的。

Whoeverdoes not know it and can no longer wonder, no longer marvel, is as good asdead, and his eyes are dimmed.

就是这样奥秘的经验──虽然掺杂着恐惧──产生了宗教。It was the experience ofmystery - even if mixed with fear - that engendered religion.

我们认识到有某种为我们所不能洞察的东西存在，感觉到那种只能以其最原始的形式接近我们的心灵的最深奥的理性和最灿烂的美──正是这种认识和这种情感构成了真正的宗教感情；在这个意义上，而且也只是在这个意义上，我才是一个具有深挚的宗教感情的人。A knowledgeof the existence of something we cannot penetrate, our perceptions of theprofoundest reason and the most radiant beauty, which only in their mostprimitive forms are accessible to our minds - it is this knowledge and thisemotion that constitute true religiosity; in this sense, and in this alone, Iam a deeply religious man.

我无法想象存在这样一个上帝，它会对自己的创造物加以赏罚，会具有我们在自己身上所体验到的那种意志。I can notconceive of a God who rewards and punishes his creatures, or has a will of thekind that we experience in ourselves.

我不能也不愿去想象一个人在肉体死亡以后还会继续活着；让那些脆弱的灵魂，由于恐惧或者由于可笑的唯我论，去拿这种思想当宝贝吧！Neither can Inor would I want to conceive of an individual that survives his physical death;let feeble souls, from fear or absurd egoism, cherish such thoughts.

我自己只求满足于生命永恒的奥秘，满足于觉察现存世界的神奇结构，窥见它的一鳞半爪，并且以诚挚的努力去领悟在自然界中显示出来的那个理性的一部分，倘若真能如此，即使只领悟其极小的一部分，我也就心满意足了。

I am satisfied with the mystery of the eternity of life and withthe awareness and a glimpse of the marvelous structure of the existing world,together with the devoted striving to comprehend a portion, be it ever so tiny,of the Reason that manifests itself in nature

#修改V2ray客户端配置文件 inbounds 增加如下代码，其余部分保持不变
"inbounds": [{
"domainOverride": ["tls", "http"],
"listen": "0.0.0.0",
"port": 12345,
"protocol": "dokodemo-door",
"settings": {
"followRedirect": true
},
"streamSettings": {
"sockopt": {
"mark": 100,
"tcpFastOpen": true,
"tproxy": "tproxy"
}
}
}]

#V2ray设置透明代理

#设置iptable 送流量给V2ray的Dokodemo Door
#增加下面代码到/etc/rc.local
sleep 20
GW=`netstat -rn|grep '0.0.0.0'|awk '{print $2}'|head -1`
HOST_IP=$(ifconfig |grep broadcast |awk '{print $2}')
sudo ip rule add fwmark 0x01/0x01 table 100
sudo ip route add local 0.0.0.0/0 dev lo table 100
sudo iptables -t mangle -N V2RAY
sudo iptables -t mangle -I V2RAY -d 192.168.0.0/16 -j RETURN
sudo iptables -t mangle -I V2RAY -d $GW/32 -j RETURN

for line in $HOST_IP
do
#echo $line
sudo iptables -t mangle -I V2RAY -d $line/32 -j RETURN
done

sudo iptables -t mangle -I V2RAY -d 127.0.0.1/32 -j RETURN
sudo iptables -t mangle -A V2RAY -p udp -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
sudo iptables -t mangle -A V2RAY -p tcp -j TPROXY --on-port 12345 --tproxy-mark 0x01/0x01
sudo iptables -t mangle -A PREROUTING -j V2RAY

原生android 无法连接网络

修改 ntp server

一、给盒子开启调试模式

选择盒子系统设置里的版本号一直点确认就能开启调试模式

二、通过adb工具连接盒子

adb connect 192.168.0.121

端口可以不写会默认加上5555,连接成功会提示成功，但光标处还是系统路径。

adb shell settings get global ntp_server 
#查看现在的时间同步服务器
adb shell settings put global ntp_server ntp.aliyun.com  
#更新为阿里云的时间同步服务器

三、给盒子关闭调试模式

调试模式一般不要开

Secure SHell (SSH) 是一个通过网络登录其他计算机的程序，在远程服务器运行命令，和从一台机器移动文件到另一台。在不安全的网络中，它提供两台主机之间强大认证和安全加密的的通讯，被称为 SSH Port Forwarding (Tunneling)。通常情况下，它是使用为一个 Telnet 的加密版本。

在一个 Telnet 阶段作业，全部的通讯，包括用户名和密码，会用纯文本传输，让任何人都能监听你的阶段作业及窃取密码或其他信息。这种阶段作业也容易受到阶段作业劫持，一旦你验证，恶意用户就能接管这种阶段作业。SSH 的目的是防止这种漏洞，并允许你在不影响安全性的情况下访问远程服务器的 shell。

SSH 通道的好处

SSH 有一个极好功能叫做 SSH Port Forwarding，有时也被称为 SSH 通道，它允许你创建一个安全的阶段作业，然后通过它打开随心所欲的 TCP 连接。通道可以随时创建，几乎不需要任何努力及编程，这令到它们非常有吸引力。在无数不同的方式，SSH Port Forwarding 可以用于安全通信。

许多提供服务器讬管的讬管公司会封锁讬管公司网络以外访问服务器，以及只授予访问給本机（localhost）用户连接。

使用 SSH 的多个好处：

@当服务器端口被封锁时，连接到使用了防火墙的服务器。

@自动验证用户，没有发送纯文本的密码，以防止窃取密码。

@多个强大的认证方法，防止安全威胁如欺骗的身份。

@安全和快速的加密和压缩数据。

@安全文件传输。

为确保进来的连接请求是由你发出，SSH 能够使用密码，或公开及私钥对（也称为公钥）验证机制。

@密码验证。

@公钥验证。

注意：请确保在Linux 服务器的参数 -「AllowTcpForwarding」设置值为「yes」，否则，会禁用 SSH port forwarding。要查找路径：/etc/ssh/sshd_config。在默认情况下，SSH port forwarding 应该已启用。请仔细检查该值的设置。

** 即使服务器支持 SSH 通道，然而，如果 port forwarding 被禁用，Navicat 就无法通过 SSH 端口 22 连接。

1.

复制代码
复制代码
SSH: Port Forwarding
1.正向隧道-隧道监听本地port,为普通活动提供安全连接

2.反向隧道----隧道监听远程port，突破防火墙提供服务

3.socks代理
SSH -qTfnN -D port remotehost（用证书验证就直接主机名，没用的还要加上用户名密码）
-q Quiet mode. 安静模式，忽略一切对话和错误提示。
-T Disable pseudo-tty allocation. 不占用 shell 了。
-f Requests ssh to go to background just before command execution. 后台运行，并推荐加上 -n 参数。
-n Redirects stdin from /dev/null (actually, prevents reading from stdin). -f 推荐的，不加这条参数应该也行。
-N Do not execute a remote command. 不执行远程命令，专为端口转发度身打造。
复制代码
复制代码
2.

复制代码
复制代码
ssh实现转发, 只要用到以下两条命令:

不论是做跳板, 还是加密隧道, 还是加密其他的网络连接也都是这两条命令. 视具体情况而定, 有时只要用到其中一条, 有时两条都要用到.

命令解释:

1) -CfNg

C表示压缩数据传输
f表示后台用户验证,这个选项很有用,没有shell的不可登陆账号也能使用.
N表示不执行脚本或命令
g表示允许远程主机连接转发端口

2) -L 本地转发

本机(运行这条命令的主机)打开6300端口, 通过加密隧道映射到远程主机172.16.1.164的1521端口(使用远程主机oracle用户). 在本机上用netstat -an|grep 6300可看到. 简单说,本机的6300端口就是远程主机172.16.1.164的1521端口.

3) -R 远程转发

作用同上, 只是在远程主机172.16.1.164上打开1521端口, 来映射本机的6300端口.

4) 实用例子

有A,B,C 3台服务器, A,C有公网IP, B是某IDC的服务器无公网IP. A通过B连接C的80端口(A<=>B<=>C), 那么在B上执行如下命令即可:

服务器A和服务器C之间, 利用跳板服务器B建立了加密隧道. 在A上连接127.0.0.1:80, 就等同C上的80端口. 需要注意的是, 服务器B上的6300端口的数据没有加密, 可被监听, 例:

复制代码

新建一个ssh代理：

本机6000代理到远程22.

运行命令后可用看到有进程:

测试是否可用

如果不可用会报错，常见的错误有：

这个说明远程主机名单设置有问题。