Hysteria2 with Furious

Posted on Edited on

Furious edit server screen

Hysteria2 uses a custom version of the QUIC (Quick UDP Internet Connections) protocol to deliver unparalleled performance over unreliable or lossy networks. The protocol is designed to masquerade as standard HTTP/3 traffic, making it difficult to detect and block without widespread collateral damage. Hysteria2 is almost a complete rewrite of the original Hysteria, with a new protocol and new features. Version 2 documentation is at https://v2.hysteria.network. Hysteria2 is not compatible with the original Hysteria, so users must choose either version 1 or version 2 for both client and server.

Furious is a cross-platform GUI client that supports Xray-core and hysteria.

This post documents a procedure for using Hysteria2 on a Linux server and accessing it from a Furious client on Windows.

If you need support:

  • For Hysteria problems, see the Troubleshooting page, and if you still need support, go to the GitHub Issues page.
  • For Furious, see the wiki and the Issues page.

Hysteria2 server

The main installation instructions for Hysteria2 are at https://v2.hysteria.network/docs/getting-started/Installation. This demonstration uses material from https://github.com/chika0801/hysteria-install.

The server in this scenario has 1 GB of RAM and runs Ubuntu 22.04. It is assumed that you SSH into your server as root.

You will need a domain name and a DNS record pointing from your hostname to your server IP address. Our examples use vps3.example.com as the sample hostname.

When using standalone mode to apply for or renew a certificate, the script will listen on port tcp/80. If port tcp/80 is occupied, the script will fail. Therefore nothing else should be listening on port tcp/80.

As well as opening port tcp/80 in your firewall, you will also need to open port udp/443 for the Hysteria server. Note that Hysteria uses UDP.

Set up the ACME script ready to request a free SSL certificate and private key from Let’s Encrypt:

1
apt install -y socat
1
curl https://get.acme.sh | sh
1
alias acme.sh=~/.acme.sh/acme.sh
1
acme.sh --upgrade --auto-upgrade
1
acme.sh --set-default-ca --server letsencrypt

Request a free Elliptic Curve Cryptography certificate for your hostname in standalone mode. Change vps3.example.com to your real hostname in this command:

1
acme.sh --issue -d vps3.example.com --standalone --keylength ec-256

Install the SSL certificate and key to the /etc/ssl/private directory. Change vps3.example.com to your real hostname in this command:

1
acme.sh --install-cert -d vps3.example.com --ecc --fullchain-file /etc/ssl/private/fullchain.cer --key-file /etc/ssl/private/private.key

Force certificate renewal. Change vps3.example.com to your real hostname in this command:

1
acme.sh --renew -d vps3.example.com --force --ecc

Install the Hysteria program on your server:

1
curl -Lo /root/hysteria https://github.com/apernet/hysteria/releases/latest/download/hysteria-linux-amd64 && chmod +x /root/hysteria && mv -f /root/hysteria /usr/local/bin

Check the installation of Hysteria2 has worked:

1
hysteria version

Download the configuration template:

1
curl -Lo /root/hysteria_config.yaml https://raw.githubusercontent.com/chika0801/hysteria-install/main/config_server.yaml

Edit the configuration file. If you prefer the vi editor:

1
vi ~/hysteria_config.yaml

If you prefer the nano editor:

1
nano ~/hysteria_config.yaml

Change at least the TLS locations and the password. Here is an example. For explanations see the Hysteria2 documentation.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
listen: :443

tls:
  cert: /etc/ssl/private/fullchain.cer
  key: /etc/ssl/private/private.key

auth:
  type: password
  password: Eckhu7AQitevDe8K

resolver:
  type: https
  https:
    addr: 1.1.1.1:443
    timeout: 10s

acl:
  inline:
    - reject(geoip:cn)

Save the file.

Download the systemd service file:

1
curl -Lo /etc/systemd/system/hysteria.service https://raw.githubusercontent.com/chika0801/hysteria-install/main/hysteria.service && systemctl daemon-reload

Start the service:

1
systemctl enable hysteria
1
systemctl start hysteria

Check that Hysteria is active (running) on the server:

1
systemctl status hysteria

If necessary, check the log:

1
journalctl -u hysteria

Check that Hysteria is listening on port udp/443:

1
ss -tulpn

Exit your SSH session with the server:

1
exit

Furious client

Now go to work on the PC that will be your client.

Prepare a JSON client configuration that matches your server. For example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
{
    "server": "vps3.example.com:443",
    "auth": "Eckhu7AQitevDe8K",
    "tls": {
        "sni": "vps3.example.com"
    },
    "bandwidth": {
        "up": "10 mbps",
        "down": "20 mbps"
    },
    "socks5": {
        "listen": "127.0.0.1:10808"
    },
    "http": {
        "listen": "127.0.0.1:10809"
    }
}

Copy the client JSON configuration to your PC clipboard.

Open a browser, and go to the Furious releases page on GitHub.

Download the latest version for Windows, e.g. Furious-0.2.6-windows-x86_64.zip.

Extract the archive.

Launch the application Furious.exe.

If Windows Defender SmartScreen appears, click Run anyway.

Right-click the Furious icon in the Windows system tray to bring up the context menu.

Select Import > Import JSON Configuration from Clipboard.

You should see a message, Import JSON confuguration success.

Right-click the Furious icon in the Windows system tray again to once more bring up the context menu.

Select Connect.

Now you can either proxy an individual browser, or set the Windows system proxy, to use the SOCKS5 proxy server on localhost port 10808 (in our example).