先DD个Debian10系统(不要直接运行,将密码2字改成root密码,以及将IP和网关和掩码改成vps的): ```shell bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 10 -v 64 -a -p 密码 --mirror 'http://mirrors.tencent.com/debian-archive/' ``` ------------ 修改/etc/ssh/sshd_config更换SSH端口为自定义: ```shell Port 25566 ``` 设置时区及时间: ```shell tzselect ``` 选择亚洲 Asia,然后选择北京或者香港 ```shell cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime ``` ```shell sudo apt-get install ntpdate ``` ```shell ntpdate cn.pool.ntp.org ``` ```shell hwclock --systohc ``` ------------ crontab -e 添加定时校准 ```shell 00 1 * * * /usr/sbin/ntpdate -u cn.pool.ntp.org > /dev/null 2>&1; /sbin/hwclock -w ``` ------------ 锁定DNS(这样就不会因自动获取DNS而变成奇怪DNS而被劫持): ```shell rm -rf /etc/resolv.conf ``` 再新建/etc/resolv.conf添加: ```shell nameserver 8.8.4.4 ``` ------------ 打开/etc/network/interfaces修改DNS ```shell dns-nameservers 8.8.4.4 ``` 锁定DNS配置文件: ```shell chattr +i /etc/resolv.conf ``` ```shell chattr +i /etc/network/interfaces ``` ------------ TCP加速 : 下载内核: ```shell wget https://depot.gggu.eu.org/bbrv3/linux-headers-6.4.0-bbrv3_6.4.0-g7542cc7c41c0-1_amd64.deb ``` ```shell wget https://depot.gggu.eu.org/bbrv3/linux-image-6.4.0-bbrv3_6.4.0-g7542cc7c41c0-1_amd64.deb ``` 安装内核: ```shell dpkg -i /root/linux-headers-6.4.0-bbrv3_6.4.0-g7542cc7c41c0-1_amd64.deb ``` ```shell dpkg -i /root/linux-image-6.4.0-bbrv3_6.4.0-g7542cc7c41c0-1_amd64.deb ``` ```shell update-grub ``` 查看系统中已安装的内核: ```shell dpkg -l|grep linux-image ``` 卸载除 linux-image-6.4.0-bbrv3 以外的所有内核: ```shell apt purge linux-image-4.9.0-13-amd64 ``` ```shell update-grub ``` ------------ 替换/etc/sysctl.conf: ```shell net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_notsent_lowat = 2048 net.ipv4.tcp_fastopen = 0x203 net.ipv4.tcp_ecn = 2 net.ipv4.tcp_mtu_probing = 0 net.ipv4.tcp_no_metrics_save = 0 net.ipv4.tcp_congestion_control = bbr net.core.default_qdisc = mq net.core.somaxconn = 256 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_early_demux = 0 net.ipv4.tcp_comp_sack_slack_ns = 500000 net.ipv4.tcp_low_latency = 1 ``` 应用: ```shell sysctl -p ``` ------------ (可选)关闭部分补丁释放10%性能占用仅适合非生产环境和老Intel CPU: ```shell sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="/GRUB_CMDLINE_LINUX_DEFAULT="noibrs noibpb nopti nospectre_v2 nospectre_v1 l1tf=off nospec_store_bypass_disable no_stf_barrier mds=off mitigations=off /g' /etc/default/grub ``` treesky 2023-01-25 上一篇: SmartPing-便捷的网络质量监控神器 下一篇: arm机器 脚本收集 评论已关闭
此网站>
评论已关闭