Removed according to regulations.
shadowsocks / go-shadowsocks2 Goto Github PK
View Code? Open in Web Editor NEWThis project forked from riobard/go-shadowsocks2
Modern Shadowsocks in Go
License: Apache License 2.0
This project forked from riobard/go-shadowsocks2
Modern Shadowsocks in Go
License: Apache License 2.0
Removed according to regulations.
I found that the io.Copy(left, right) can be blocked. So the tcp connection will not be released. Have you found that?@riobard
Hi,
thanks a lot for this outstanding implementation.
The only way I can connect to my Shadowsocks-libev server is using this command:
-c ss://AEAD_CHACHA20_POLY1305:PASSWORD@XXX:SERVER_PORT -verbose -socks :LOCAL_PORT
after adding this line:
-udptun :8053=8.8.8.8:53,:8054=8.8.4.4: -tcptun :8053=8.8.8.8:53,:8054=8.8.4.4:53
I can no longer open pages.
What does this line do? and where do I have to enter the two ports 8053 and 8054?
And another problem is I have DNS Leak, some websites, like Facebook, and Twitter return another IP, (not the actual IP - hence DNS Leak).
VPS (OpenVZ): CentOS 7 running Shadowsocks-libev
Client: Windows 10
Connecting using CMD.
Thanks a lot.
you want to export one such interface
type ObfuPlugin func (conn net.Conn) (obfsConn net.Conn, err error)
操作系统:Windows 10
Firefox版本: 54.0.1 (64-bit)
启动命令:go-shadowsocks2 -c ss://AES-256-CFB:your-password@[server_address]:[server_port] -verbose -socks :1080
错误信息:failed to get target address: SOCKS error: 7
备注
Chrome使用go-shadowsocks2没有问题
Firefox使用shadowsocks-windows也没有问题
感觉这个是个硬需求。感觉挺多都是合租的,应该都希望可以控制下
不知道有人遇到没, 放局域网不行, 放公网也不行
Running go get -u -v github.com/shadowsocks/go-shadowsocks2
returns;
user@na01:~# go get -u -v github.com/shadowsocks/go-shadowsocks2
github.com/shadowsocks/go-shadowsocks2 (download)
github.com/Yawning/chacha20 (download)
Fetching https://golang.org/x/crypto/chacha20poly1305?go-get=1
Parsing meta tags from https://golang.org/x/crypto/chacha20poly1305?go-get=1 (status code 200)
get "golang.org/x/crypto/chacha20poly1305": found meta tag main.metaImport{Prefix:"golang.org/x/crypto", VCS:"git", RepoRoot:"https://go.googlesource.com/crypto"} at https://golang.org/x/crypto/chacha20poly1305?go-get=1
get "golang.org/x/crypto/chacha20poly1305": verifying non-authoritative meta tag
Fetching https://golang.org/x/crypto?go-get=1
Parsing meta tags from https://golang.org/x/crypto?go-get=1 (status code 200)
golang.org/x/crypto (download)
Fetching https://golang.org/x/crypto/hkdf?go-get=1
Parsing meta tags from https://golang.org/x/crypto/hkdf?go-get=1 (status code 200)
get "golang.org/x/crypto/hkdf": found meta tag main.metaImport{Prefix:"golang.org/x/crypto", VCS:"git", RepoRoot:"https://go.googlesource.com/crypto"} at https://golang.org/x/crypto/hkdf?go-get=1
get "golang.org/x/crypto/hkdf": verifying non-authoritative meta tag
Fetching https://golang.org/x/crypto?go-get=1
Parsing meta tags from https://golang.org/x/crypto?go-get=1 (status code 200)
golang.org/x/crypto/chacha20poly1305/internal/chacha20
golang.org/x/crypto/poly1305
# golang.org/x/crypto/poly1305
go/src/golang.org/x/crypto/poly1305/sum_amd64.s:8 6a: No such file or directory: textflag.h
golang.org/x/crypto/hkdf
github.com/Yawning/chacha20
# github.com/Yawning/chacha20
go/src/github.com/Yawning/chacha20/chacha20_amd64.s:936 redeclaration of rounds_loop4_begin
go/src/github.com/Yawning/chacha20/chacha20_amd64.s:1077 redeclaration of rounds_loop2_begin
github.com/shadowsocks/go-shadowsocks2/socks
All seems well, but there is no runable binary in my $GOPATH
.
Go Version: go version go1.3.3 linux/amd64
Because i am in a corporation network, i run shadowsocks with HTTP_PROXY=192.168.1.100:80 go-shadowsocks2 -verbose -socks :1081 -c server:port -cipher aes-256-cfb -password xxxxxx
, but the system proxy HTTP_PROXY=192.168.1.100:80
not work. Hope shadowsocks can support system proxy.
因为 net.Listener 没法 SetDeadline,而且应该加上这个 Deadline 配置参数。
Please write something in the readme.
Thanks.
go官方自带了几种完善的压缩算法,所以在数据relay的时候对数据进行压缩/解压是否有意义?等效于降低线路丢包率?
which cipher will add to shadowsocks2 ?
shadowsocks2接下来准备兼容哪些加密算法
Currently the project seems to have most of its functions unexported, so it's quite difficult to use it as a library (embed into another project).
Are there any plans on this?
项目内用到了几个golang.org的包。
因为众所周知的原因,国内访问不了。
这就会陷入死循环,来弄shadowsocks就是为了翻墙,然而要弄shadowsocks就需要先翻墙才能拉下来相应的包……
幸好golang官方在github上做了mirror。建议采用mirror方式。
比如,用 github.com/golang/crypto 代替 golang.org/x/crypto,这样的话只要github还活着就不会遇见类似的问题。
看到很多 Shadowsocks 的实现,但基本架构没有变。
仍然是中心化的,一个服务端,一个或多个客户端。
要么就实现了负载均衡,服务端有多个 ss server,对外一个访问地址。
但这仍是中心化的。
这存在一些弊端:
最近在看 Bitcoin(区块链) 的架构,受到一些启发,在想是否能够实现一套具备下面特征的 ss 网络。
我想,这样的 ss 可以称作 Next-generation Shadowsocks 吧。
个人认知有限,轻喷!
continue riobard#1
Is that possible to give some instructions/guides on how to setup iptable rules for Netfilter TCP redirect?
I plan to make a router based on debian. (there are many online tutorials/docs about how to do this). I would like to know how to setup iptable rules to use go-shadowsocks2 on this debian router. similar to openwrt version shadowsocks-libev: Route non-china IPs (IPs not in ignore.list) through go-shadowsocks2. I am new to iptables and wondering if it's possible to get some instructions. Thank you very much.
Hi! Please add ability run SOCK and HTTP proxy at the same time.
According to the document about AEAD in shadowsocks.org. HKDF_SHA1 is strong enough even if the in put key is weak.
But I get the code in ss-go2 that hashing and expanding the input key to requested key length first, then get the hashed key do the HKDF_SHA1
again to get the subkey for AEAD.
Why do this? And I can't see the document request for re-hashing & expanding for the key.
Only once HKDF operation is leaking safty?
Thx dude, waiting for reply.
Is there any plan to support Xchacha20?
The cache2go is a good choice for caching dns-results.
fino@cts-154:~$ go get -u -v github.com/shadowsocks/go-shadowsocks2
github.com/shadowsocks/go-shadowsocks2 (download)
Fetching https://golang.org/x/crypto/chacha20poly1305?go-get=1
https fetch failed: Get https://golang.org/x/crypto/chacha20poly1305?go-get=1: dial tcp 216.239.37.1:443: i/o timeout
package golang.org/x/crypto/chacha20poly1305: unrecognized import path "golang.org/x/crypto/chacha20poly1305" (https fetch: Get https://golang.org/x/crypto/chacha20poly1305?go-get=1: dial tcp 216.239.37.1:443: i/o timeout)
Fetching https://golang.org/x/crypto/hkdf?go-get=1
https fetch failed: Get https://golang.org/x/crypto/hkdf?go-get=1: dial tcp 216.239.37.1:443: i/o timeout
package golang.org/x/crypto/hkdf: unrecognized import path "golang.org/x/crypto/hkdf" (https fetch: Get https://golang.org/x/crypto/hkdf?go-get=1: dial tcp 216.239.37.1:443: i/o timeout)
github.com/Yawning/chacha20 (download)
################################################################################
it seems golang.org/x/crypto is not there,
my PC is ubuntu 14.04, go version is 1.8.3, 1 month ago when I just installed go-shadowsocks2 on my server and it works fine. any one meet the same issue?
BR fino
go-shadowsocks2 currently supports Netfilter TCP redirect, it would be terrific if it can support UDP redirect.
shadowsocks-libev already has it supported, and it only works on Linux kernels with TPROXY enabled. But TPROXY has one big shortcoming: it can only be used in PREROUTING chain of mangle table. This means that TPROXY can only redirect UDP packets sent from other machines, for example you can use TPROXY on a LAN gateway to forward all LAN UDP packets to SS server.
For iptables configuration example, please check https://github.com/shadowsocks/shadowsocks-libev#advanced-usage
Hi
I could not install and got these:
# github.com/shadowsocks/go-shadowsocks2
./tcp_linux.go:58: undefined: syscall.SYS_GETSOCKOPT
./tcp_linux.go:76: undefined: syscall.SYS_GETSOCKOPT
OS is debian and go version 1.7.4
go-shadowsocks2 -s ss://aes-128-gcm:your-password@:8488 -verbose >>ss.log
这样是不能记录日志的,该怎么处理才能记录日志到ss.log?
另外
go-shadowsocks2 -s :8488 -cipher aes-256-cfb -key LlUmH_yMgh4YNhvayBQrs6aQHBThNpWjz1yHz0U-ePA= -verbose
服务端这么使用的情况下,客户端没密码?怎么使用?
I wanna to implement the kcpserver and kcplocal to use the kcp protocal more easily by using kcp-go.I wonder if I can add this feature to the project? :D
In windows, I find this go2 is the only client that support AEAD. Is it also support simple-obfs ?
In the shadowsocks/shadowsocks-libev#1248 @madeye suggest me to use go-shadowsocks2 in windows instead of ss-libev, And I use go get -u -v github.com/shadowsocks/go-shadowsocks2 to install it in my mingw64. So now.. How can I build It into a static exe file? Because I found that It going wrrong if I move the "go-shadowsocks2.exe" to another path. so I think it is using some other link files?
func (m *natmap) Add(peer net.Addr, dst, src net.PacketConn, srcIncluded bool) {
m.Set(peer.String(), src)go func() {
timedCopy(dst, peer, src, m.timeout, srcIncluded)
if pc := m.Del(peer.String()); pc != nil {
pc.Close()
}
}()
}
Every udp packet need a goroutine.
May 21 00:43:30 vultr.guest go-shadowsocks2[14381]: 2017/05/21 00:43:30 failed to get target address: cipher: message authentication failed
May 21 00:43:31 vultr.guest go-shadowsocks2[14381]: 2017/05/21 00:43:31 failed to get target address: EOF
Windows 10 1607, x64 anniversary update.
Go installed today 1.8.1
Git installed today
go-shadowsocks2 from today
I just changed my server IP and password, and copy paste the command indicated in readme, i.e. using default cipher:
go-shadowsocks2 -c ss://AEAD_CHACHA20_POLY1305:[email protected]:8xxx -verbose -socks :1080 -udptun :8053=8.8.8.8:53,:8054=8.8.4.4:53 -tcptun :8053=8.8.8.8:53,:8054=8.8.4.4:53
Gives me error: cipher not supported
github.com/shadowsocks/go-shadowsocks2/socks.Addr.String(0x188d9680, 0x2, 0x103, 0x2, 0x103)
minor
Ver: c2e7710
Server
go-shadowsocks2 -s ss://AEAD_CHACHA20_POLY1305:TEST@:8088 -verbose
Client
go-shadowsocks2 -c ss://AEAD_CHACHA20_POLY1305:TEST@[SERVER]:8088 -verbose -u -socks :2000
Test
curl --socks5-hostname 127.0.0.1:2000 ip.gs
Error
curl: curl: (7) Failed to receive SOCKS5 connect request ack.
server: failed to get target address: SOCKS error: 7
// Handshake fast-tracks SOCKS initialization to get target address to connect.
func Handshake(rw io.ReadWriter) (Addr, error) {
// Read RFC 1928 section 4 for request and reply structure and sizes
buf := make([]byte, MaxReqLen)
_, err := rw.Read(buf) // SOCKS version and auth methods
if err != nil {
return nil, err
}
_, err = rw.Write([]byte{5, 0}) // SOCKS v5, no auth required
if err != nil {
return nil, err
}
n, err := rw.Read(buf) // SOCKS request: VER, CMD, RSV, Addr
if err != nil {
return nil, err
}
buf = buf[:n]
if buf[1] != CmdConnect {
return nil, ErrCommandNotSupported
}
_, err = rw.Write([]byte{5, 0, 0, 1, 0, 0, 0, 0, 0, 0}) // SOCKS v5, reply succeeded
return buf[3:], err // skip VER, CMD, RSV fields
}
上面SOCKS5握手的代码是不是太简单了,Read的时候没有判断是不是已经读到了想要的数据量,比如可以用io.ReadFull。
谢谢
I'd like to contribute to this repo but don't know where to start.
Features are freezed? TODO list in README doesn't have any new features.
would you please support shadowsocks-libev 's udp relay?
能不能像go版一样提供二进制预编译好的服务器版啊,很有用啊。
I'm actually addressing an outstanding issue: #27 (Feature Request: HTTP proxy)
Based on my experience with Android, https://play.google.com/store/apps/details?id=com.github.shadowsocks covers every need on a per app basis. So there is no need for HTTP proxy Android platform.
On Windows and Linux systems, there is the excellent privoxy. It can server as a HTTP proxy and connect upstream to go-shadowsocks2. In fact, some windows shadowsocks client come with privoxy bundled to alleviate the need for HTTP proxy. Anyone who is smart enough to know how good go-shadowsocks2 is should also be smart enough to configure and use privoxy, right?
Personally, I'd like to see go-shadowsocks2 maintain its edge in providing cutting-edge shadowsocks feature, such as support for latest cryptos. I am very happy to say that I very impressed by the fact that when I uploaded the some 2MB go-shadowsocks2.exe to a nano server, it just worked as a server (in addition to being a client) and supported AEAD_CHACHA20_POLY1305.
My appreciations to the developer(s)!
Currently go-shadowsocks2
uses an ss://
URL as the way to import config, which is simplistic in desktop cases while not in server cases. Config file support enables us to write a universal systemd (or equivalents on other platforms) service that is good for distribution.
when I copy left buffer manually at first, it is woking.
func relay(left, right net.Conn) (int64, int64, error) {
type res struct {
N int64
Err error
}
ch := make(chan res)
buf := make([]byte, 1024)
for {
nread, _ := left.Read(buf)
if nread > 0 {
right.Write(buf[0:nread])
}
if nread != 1024 {
break
}
}
go func() {
n, err := io.Copy(right, left)
right.SetDeadline(time.Now()) // wake up the other goroutine blocking on right
left.SetDeadline(time.Now()) // wake up the other goroutine blocking on left
ch <- res{n, err}
}()
n, err := io.Copy(left, right)
right.SetDeadline(time.Now()) // wake up the other goroutine blocking on right
left.SetDeadline(time.Now()) // wake up the other goroutine blocking on left
rs := <-ch
if err == nil {
err = rs.Err
}
return n, rs.N, err
}
Hello,
It seems there is no option to create a configuration file (e.g. Config.json) like there is for shadowsocks-libev. This would make it much easier to run instead of always typing the details each time you run shadowsocks2.
Best regards,
感觉命令和其他ss版本差距太大,具体怎么使用还是没看懂,为什么不推出配置文件夹在的方法?还有顺便问下TFO什么时候推出?
运行
go get -u -v github.com/shadowsocks/go-shadowsocks2
后,运行
go-shadowsocks2 -s ss://AEAD_CHACHA20_POLY1305:***@:*** -verbose
显示
-bash: go-shadowsocks2: command not found
请帮忙,谢谢!
nm := newNATmap(config.UDPTimeout)
There is no change to remove key-values from nm.
And the keys are only made from remote addresses. If there are two clients which send-receive udp packet from the same remote address, it will be a problem.
nm.Add(raddr, c, pc, false)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.