How to Set Up Your Own PAC Server

Updated purchase tutorial on August 30, 2017: Vutrl now supports Alipay payments, with a minimum top-up of $10, which is about 70 RMB.


The tutorial is very simple and consists of four steps:

Step 1: Purchase a VPS server

Step 2: One-click deployment of the VPS server

Step 3: One-click acceleration for the VPS server
(Google BBR acceleration or Ruisu acceleration; if you do not have high speed requirements, this step can be skipped)

Step 4: Actual testing


Step 1: Purchase a VPS server

You need to choose an overseas VPS server. The first choice is the internationally well-known vultr, which offers good speed, stability, and great value for money.

vultr registration address: http://www.vultr.com/?ref=7048874 (15 server locations worldwide are available, using the KVM framework. A Japan server is recommended for low latency and fast speed.)

Although the interface is in English, browsers now have webpage translation features. Just right-click with the mouse and select translate webpage to translate it into Chinese.

Register and activate your account by email, and after topping up you can purchase a server. Top-up methods are PayPal or Alipay (As of August 30, 2017, Vutrl supports Alipay payments, with a minimum top-up of $10, about 70 RMB). To use PayPal, a credit card is sufficient. PayPal registration address: https://www.paypal.com (PayPal is an internationally well-known third-party payment service provider, similar to Alipay in China. Simply register an account and link a credit card to purchase overseas goods.)

Server configuration for $2.50/month: single-core, 512MB RAM, 20GB SSD storage
100Mbps bandwidth, 500GB traffic/month

Server configuration for $5/month: single-core, 1GB RAM, 25GB SSD storage, 100Mbps bandwidth
1000GB traffic/month

Server configuration for $10/month: single-core, 2GB RAM, 40GB SSD storage, 100Mbps bandwidth
2000GB traffic/month

As shown below:

When purchasing a vps server, give priority to these server locations: Japan, Singapore (preferred for China Mobile and China Unicom networks); Japan, Los Angeles, Silicon Valley (preferred for China Telecom networks). Choose the CentOS
6.X64-bit system (recommended)
. After completing the purchase, find and write down the system password, as it will be needed when deploying the server. As shown below:

Because vultr actually bills by the hour, if the server you deploy does not perform ideally after testing, you can delete it and redeploy another server in a different region very conveniently.


Step 2: Deploy the VPS server

After purchasing the server, you need to deploy it. Since what you bought is a virtual product and it is located overseas, we need a software tool called Xshell for remote deployment. Xshell download address:

Babelniao cloud storage download Extraction password: 38693

Download from MEGA Cloud Drive (open with a VPN)

Baidu Software Center


Deployment tutorial:

Download and install the xshell software, then open it

Select File, then New

Enter any name you like, then fill in your server IP

When connecting to a foreign IP, that is, the server, the software will prompt you in turn to enter the username and password. The default username for Linux systems is root, and the password is the one for the CentOS system you received after purchasing the server. 

After the connection is successful, you will see what is shown in the image above. After that, you can enter the code to deploy it as PAC.

There are two deployment code options: one is a PAC script with username and password authentication, and the other is a PAC script without username and password authentication. Choose according to your needs.

The PAC script code with username and password authentication is as follows:

———————————————————Code separator————————————————

setenforce 0

ulimit -n 800000

echo “* soft nofile 800000” >>
/etc/security/limits.conf

echo “* hard nofile 800000” >>
/etc/security/limits.conf

echo “alias net-pf-10 off” >>
/etc/modprobe.d/dist.conf

echo “alias ipv6 off” >>
/etc/modprobe.d/dist.conf

killall sendmail

/etc/init.d/postfix stop

chkconfig –level 2345 postfix off

chkconfig –level 2345 sendmail off

yum -y install squid wget

wget https://raw.githubusercontent.com/Alvin9999/PAC/master/centos-squid.conf -O
/etc/squid/squid.conf

echo “root:W10fM8VWO04aM” >>
/etc/squid/passwd

mkdir -p /var/cache/squid

chmod -R 777 /var/cache/squid

squid -z

service squid restart

chkconfig –level 2345 squid on

iptables -t nat -F

iptables -t nat -X

iptables -t nat -P PREROUTING ACCEPT

iptables -t nat -P POSTROUTING ACCEPT

iptables -t nat -P OUTPUT ACCEPT

iptables -t mangle -F

iptables -t mangle -X

iptables -t mangle -P PREROUTING ACCEPT

iptables -t mangle -P INPUT ACCEPT

iptables -t mangle -P FORWARD ACCEPT

iptables -t mangle -P OUTPUT ACCEPT

iptables -t mangle -P POSTROUTING ACCEPT

iptables -F

iptables -X

iptables -P FORWARD ACCEPT

iptables -P INPUT ACCEPT

iptables -P OUTPUT ACCEPT

iptables -t raw -F

iptables -t raw -X

iptables -t raw -P PREROUTING ACCEPT

iptables -t raw -P OUTPUT ACCEPT

service iptables save

———————————————————Code Separator————————————————

The PAC script code without username and password authentication is as follows:

———————————————————Code Separator————————————————

setenforce 0

ulimit -n 800000

echo “* soft nofile 800000” >>
/etc/security/limits.conf

echo “* hard nofile 800000” >>
/etc/security/limits.conf

echo “alias net-pf-10 off” >>
/etc/modprobe.d/dist.conf

echo “alias ipv6 off” >>
/etc/modprobe.d/dist.conf

killall sendmail

/etc/init.d/postfix stop

chkconfig –level 2345 postfix off

chkconfig –level 2345 sendmail off

yum -y install squid wget

wget https://raw.githubusercontent.com/Alvin9999/PAC/master/no-password.conf -O
/etc/squid/squid.conf

mkdir -p /var/cache/squid

chmod -R 777 /var/cache/squid

squid -z

service squid restart

chkconfig –level 2345 squid on

iptables -t nat -F

iptables -t nat -X

iptables -t nat -P PREROUTING ACCEPT

iptables -t nat -P POSTROUTING ACCEPT

iptables -t nat -P OUTPUT ACCEPT

iptables -t mangle -F

iptables -t mangle -X

iptables -t mangle -P PREROUTING ACCEPT

iptables -t mangle -P INPUT ACCEPT

iptables -t mangle -P FORWARD ACCEPT

iptables -t mangle -P OUTPUT ACCEPT

iptables -t mangle -P POSTROUTING ACCEPT

iptables -F

iptables -X

iptables -P FORWARD ACCEPT

iptables -P INPUT ACCEPT

iptables -P OUTPUT ACCEPT

iptables -t raw -F

iptables -t raw -X

iptables -t raw -P PREROUTING ACCEPT

iptables -t raw -P OUTPUT ACCEPT

service iptables save

———————————————————Code Divider————————————————

Code note: If you are using Vultr’s lowest configuration, i.e. the $2.5/month server, and it does not work properly after these operations, then change the number 800000 in the first three lines of the code above to a slightly smaller number, and then redeploy.

Copy all of the code above; just right-click with your mouse. Then paste it into the command field of your shell software, and deployment will start automatically. If nothing happens, press the “Enter” key on your keyboard. The signs of successful deployment are shown below:

Pay attention to the two arrow-marked indicators in the image above.

After that, you can restart the server to make sure the deployment takes effect; sometimes a restart is not necessary. To restart, enter reboot in the command field.

Note: In the above commands, this command echo
“root:W10fM8VWO04aM” >> /etc/squid/passwd
sets the authentication account for the PAC proxy to the default account: root
Password: pac.itzmx.com. If you want to set a different account, you can use this online htppasswd generator tool: http://tool.oschina.net/htpasswd, and select the Crypt (All
Unix
Servers) encryption algorithm, as shown below:


Step 3: One-click acceleration for your VPS server

This acceleration tutorial covers Google BBR acceleration and the cracked Ruisu acceleration tutorial. Only one of the two can be installed successfully, and both only support VPS servers using the KVM framework. Vultr servers all use the KVM framework. If the server you purchased is not from Vultr, then you need to find out whether your VPS server uses the KVM framework. This is very important.

Following the steps in Step 2, reconnect to the server IP. After logging in successfully, paste the following code into the command field:

[Google BBR Acceleration Tutorial]

yum -y install wget

wget –no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh

chmod +x bbr.sh

./bbr.sh

Copy and paste all of the code above. If nothing happens, press Enter, then wait patiently. Finally, restart the VPS server. This method starts automatically on boot, so you only need to deploy it once.

As shown below:

When the screen above appears, press Enter

Finally, enter y to restart the server, or manually enter the command reboot

[ServerSpeeder Acceleration Tutorial]

wget -N –no-check-certificate https://raw.githubusercontent.com/91yun/serverspeeder/master/serverspeeder-all.sh &&
bash serverspeeder-all.sh

Copy and paste all of the code above. This method starts automatically on boot, so you only need to deploy it once. However, some kernels are not suitable, and during deployment you will need to manually choose a recommended one. When the following text appears during deployment:

If it indicates that there is no completely matching kernel, just choose any kernel, enter the number as prompted, and press Enter.

The sign that ServerSpeeder has been installed successfully is as follows:

If the word “running” appears, that’s it!


Step 4: Actual Test

Using the PAC version of Google Chrome that I shared as an example:

Click the proxy extension button on the right side of the browser address bar in sequence, then open Options

First select “New profile” on the right, then in the pop-up dialog box, enter a name (anything is fine). For the profile type, choose the first option, Proxy Server. Then click Create.

Set the proxy protocol to http, enter your VPS server IP for the server, and choose port 25 for the proxy port.
Then enter the username and password. Finally, click the green Apply option on the right to make the settings take effect. With this configuration, it will be a global proxy, meaning all websites will go through the overseas proxy.

Then select your PAC address and test whether you can access blocked sites and how fast the connection is. In this whole tutorial, Step 2 is crucial. Usually after Step 2 is completed, you can first do a real test before enabling acceleration to see whether the deployment was successful.


Tutorial for Creating a PAC Auto-Proxy Address (Optional):

The tutorial above is enough for accessing blocked sites, but some people want to create a PAC auto-proxy address, meaning domestic websites do not use the proxy, while only foreign websites that require circumvention do. That is why this tutorial exists. For this tutorial, you need to register an account on the https://github.com website and create a project. If this GitHub website is blocked in the future, then this method will also become invalid accordingly, just a heads-up.

For example, I created a project called “PAC” and created a file under this project, named “pac001”

Then the corresponding PAC proxy address is: https://raw.githubusercontent.com/Alvin9999/PAC/master/pac001

After creating the file, open the proxy address above in your browser, copy all of its contents into the file, replace the original “your VPS server IP” with your actual VPS server IP, and then submit and save it.

This completes the PAC address. For the specific PAC address format, you can refer to https://raw.githubusercontent.com/Alvin9999/PAC/master/pac001 . Replace Alvin9999 with your GitHub username, PAC with the project name you created, and pac001 with the filename you created under your project.

For example: https://raw.githubusercontent.com/张三/项目名/master/文件名 (you can open the address you created in a browser; if it opens normally and you can see the content, the address is correct. If you can’t see the content, it means something was written incorrectly, so check it carefully.)

After creating the address, use the SwitchyOmega extension in Google Chrome to create a profile, and then you can use the PAC proxy address.

After creating it, paste your own address into it, then click Update Profile Now.

Finally, select your own PAC address to automatically browse the web through the proxy.


Acknowledgments: 小樱 91yun 秋水逸冰

Leave a Comment

Your email address will not be published. Required fields are marked *

中文 EN
🚀

RedGate VPN

免费节点太挤太慢?
升级高速稳定专线

立即体验 →

告别卡顿

RedGate VPN
全球高速节点

免费下载 →
Scroll to Top