7 git add *
8 git status
9 git commit -m "fore update"
10 git push -f origin master
wget https://github.com/xiahaijiao/go-shadowsocks2/raw/master/file/docker.zip
wget https://github.com/xiahaijiao/go-shadowsocks2/raw/master/file/find_n_p_random.zip
docker exec -it sagemath8.4 bash
- https://github.com/shadowsocks/shadowsocks-android
- https://github.com/shadowsocks
- https://github.com/shadowsocks/ShadowsocksX-NG
yum install -y golang
yum install -y yum-utils wget telnet net-tools zip
yum install -y gcc gcc-c++ make cmake git boost-devel libarchive libX11
make
go-shadowsocks2 -s 'ss://AEAD_CHACHA20_POLY1305:your-password@:8488' -verbose
./shadowsocks2-linux -s 'ss://AEAD_CHACHA20_POLY1305:123456@:10086' -verbose
arm
./shadowsocks2-linux-arm64 -s 'ss://AEAD_CHACHA20_POLY1305:123456@:10086' -verbose
centos
firewall-cmd --add-port=10086/tcp --permanent
firewall-cmd --reload
firewall-cmd --zone=public --list-ports
ubuntu
ufw allow 10086/tcp
ufw show added
cat << EOF > /usr/lib/systemd/system/shadowsocks2.service
[Unit]
Description=shadowsocks2
Documentation=https://prometheus.io/
After=network.target
[Service]
Type=simple
User=root
Group=root
ExecStart=/opt/socket/shadowsocks2 \
-s 'ss://AEAD_CHACHA20_POLY1305:123456@:10086' -verbose
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable shadowsocks2.service
#启动
systemctl start shadowsocks2.service
#停止
systemctl stop shadowsocks2.service
#重启
systemctl restart shadowsocks2.service
journalctl -u shadowsocks2
A fresh implementation of Shadowsocks in Go.
GoDoc at https://godoc.org/github.com/shadowsocks/go-shadowsocks2/
- SOCKS5 proxy with UDP Associate
- Support for Netfilter TCP redirect on Linux (IPv6 should work but not tested)
- Support for Packet Filter TCP redirect on MacOS/Darwin (IPv4 only)
- UDP tunneling (e.g. relay DNS packets)
- TCP tunneling (e.g. benchmark with iperf3)
- SIP003 plugins
- Replay attack mitigation
Pre-built binaries for common platforms are available at https://github.com/shadowsocks/go-shadowsocks2/releases
Install from source
go install -u github.com/shadowsocks/go-shadowsocks2@latest
Start a server listening on port 8488 using AEAD_CHACHA20_POLY1305
AEAD cipher with password your-password
.
go-shadowsocks2 -s 'ss://AEAD_CHACHA20_POLY1305:your-password@:8488' -verbose
Start a client connecting to the above server. The client listens on port 1080 for incoming SOCKS5 connections, and tunnels both UDP and TCP on port 8053 and port 8054 to 8.8.8.8:53 and 8.8.4.4:53 respectively.
go-shadowsocks2 -c 'ss://AEAD_CHACHA20_POLY1305:your-password@[server_address]:8488' \
-verbose -socks :1080 -u -udptun :8053=8.8.8.8:53,:8054=8.8.4.4:53 \
-tcptun :8053=8.8.8.8:53,:8054=8.8.4.4:53
Replace [server_address]
with the server's public address.
The client offers -redir
and -redir6
(for IPv6) options to handle TCP connections
redirected by Netfilter on Linux. The feature works similar to ss-redir
from shadowsocks-libev
.
Start a client listening on port 1082 for redirected TCP connections and port 1083 for redirected TCP IPv6 connections.
go-shadowsocks2 -c 'ss://AEAD_CHACHA20_POLY1305:your-password@[server_address]:8488' -redir :1082 -redir6 :1083
The client offers -tcptun [local_addr]:[local_port]=[remote_addr]:[remote_port]
option to tunnel TCP.
For example it can be used to proxy iperf3 for benchmarking.
Start iperf3 on the same machine with the server.
iperf3 -s
By default iperf3 listens on port 5201.
Start a client on the same machine with the server. The client listens on port 1090 for incoming connections and tunnels to localhost:5201 where iperf3 is listening.
go-shadowsocks2 -c 'ss://AEAD_CHACHA20_POLY1305:your-password@[server_address]:8488' -tcptun :1090=localhost:5201
Start iperf3 client to connect to the tunneld port instead
iperf3 -c localhost -p 1090
Both client and server support SIP003 plugins.
Use -plugin
and -plugin-opts
parameters to enable.
Client:
go-shadowsocks2 -c 'ss://AEAD_CHACHA20_POLY1305:your-password@[server_address]:8488' \
-verbose -socks :1080 -u -plugin v2ray
Server:
go-shadowsocks2 -s 'ss://AEAD_CHACHA20_POLY1305:your-password@:8488' -verbose \
-plugin v2ray -plugin-opts "server"
Note:
It will look for the plugin in the current directory first, then $PATH
.
UDP connections will not be affected by SIP003.
By default a Bloom filter is deployed to defend against replay attacks. Use the following environment variables to fine-tune the mechanism:
SHADOWSOCKS_SF_CAPACITY
: Number of recent connections to track. Default1e6
(one million). Setting it to 0 disables the feature.SHADOWSOCKS_SF_FPR
: False positive rate of the Bloom filter. Default1e-6
(0.0001%). This should be enough for most cases.SHADOWSOCKS_SF_SLOT
: The Bloom filter is divided into a number (default10
) of slots. When the Bloom filter is full, the oldest slot will be cleared for recycling. In general you should not change this number unless you understand what you are doing.
SHADOWSOCKS_SF_CAPACITY=1e6 SHADOWSOCKS_SF_FPR=1e-6 SHADOWSOCKS_SF_SLOT=10 go-shadowsocks2 ...
The code base strives to
- be idiomatic Go and well organized;
- use fewer external dependences as reasonably possible;
- only include proven modern ciphers;