Merge f45bc99d92
into 6fb09ea8af
This commit is contained in:
commit
bccbf17afb
3 changed files with 22 additions and 3 deletions
|
@ -41,6 +41,7 @@ Explanation of the fields:
|
||||||
password a password used to encrypt transfer
|
password a password used to encrypt transfer
|
||||||
timeout in seconds
|
timeout in seconds
|
||||||
method encryption method, "bf-cfb", "aes-256-cfb", "des-cfb", "rc4", etc. Default is table, which is not secure. "aes-256-cfb" is recommended
|
method encryption method, "bf-cfb", "aes-256-cfb", "des-cfb", "rc4", etc. Default is table, which is not secure. "aes-256-cfb" is recommended
|
||||||
|
allow_local true if you need to proxy localhost or localnet (e.g. 192.168.1.2).
|
||||||
|
|
||||||
`cd` into the directory of `config.json`. Run `ssserver` on your server. To run it in the background, run
|
`cd` into the directory of `config.json`. Run `ssserver` on your server. To run it in the background, run
|
||||||
`nohup ssserver > log &`.
|
`nohup ssserver > log &`.
|
||||||
|
|
|
@ -48,6 +48,7 @@ Explanation of the fields:
|
||||||
password a password used to encrypt transfer
|
password a password used to encrypt transfer
|
||||||
timeout in seconds
|
timeout in seconds
|
||||||
method encryption method, "bf-cfb", "aes-256-cfb", "des-cfb", "rc4", etc. Default is table
|
method encryption method, "bf-cfb", "aes-256-cfb", "des-cfb", "rc4", etc. Default is table
|
||||||
|
allow_local true if you need to proxy localhost or localnet (e.g. 192.168.1.2).
|
||||||
|
|
||||||
``cd`` into the directory of ``config.json``. Run ``ssserver`` on your
|
``cd`` into the directory of ``config.json``. Run ``ssserver`` on your
|
||||||
server. To run it in the background, run ``nohup ssserver > log &``.
|
server. To run it in the background, run ``nohup ssserver > log &``.
|
||||||
|
|
|
@ -120,12 +120,19 @@ class Socks5Server(SocketServer.StreamRequestHandler):
|
||||||
# Connection refused
|
# Connection refused
|
||||||
logging.warn(e)
|
logging.warn(e)
|
||||||
return
|
return
|
||||||
|
addr = remote.getpeername()[0]
|
||||||
|
if not ALLOW_LOCAL:
|
||||||
|
for ip in LOCAL_ADDR:
|
||||||
|
if addr.startswith(ip):
|
||||||
|
logging.warn('%s is denied.' % addr)
|
||||||
|
return
|
||||||
|
|
||||||
self.handle_tcp(sock, remote)
|
self.handle_tcp(sock, remote)
|
||||||
except socket.error, e:
|
except socket.error, e:
|
||||||
logging.warn(e)
|
logging.warn(e)
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
global SERVER, PORT, KEY, METHOD, IPv6
|
global SERVER, PORT, KEY, METHOD, IPv6, ALLOW_LOCAL, LOCAL_ADDR
|
||||||
|
|
||||||
logging.basicConfig(level=logging.DEBUG,
|
logging.basicConfig(level=logging.DEBUG,
|
||||||
format='%(asctime)s %(levelname)-8s %(message)s',
|
format='%(asctime)s %(levelname)-8s %(message)s',
|
||||||
|
@ -142,9 +149,14 @@ def main():
|
||||||
KEY = None
|
KEY = None
|
||||||
METHOD = None
|
METHOD = None
|
||||||
IPv6 = False
|
IPv6 = False
|
||||||
|
ALLOW_LOCAL = False
|
||||||
|
LOCAL_ADDR = ('127.', '10.', '169.254.', '172.16', '172.17', '172.18',
|
||||||
|
'172.19.', '172.20.', '172.21.', '172.22.', '172.23.',
|
||||||
|
'172.24.', '172.25.', '172.26.', '172.27.', '172.28.',
|
||||||
|
'172.29.', '172.30.', '172.31.', '192.168.', '::1')
|
||||||
|
|
||||||
config_path = utils.find_config()
|
config_path = utils.find_config()
|
||||||
optlist, args = getopt.getopt(sys.argv[1:], 's:p:k:m:c:6')
|
optlist, args = getopt.getopt(sys.argv[1:], 's:p:k:m:c:6:l')
|
||||||
for key, value in optlist:
|
for key, value in optlist:
|
||||||
if key == '-c':
|
if key == '-c':
|
||||||
config_path = value
|
config_path = value
|
||||||
|
@ -156,7 +168,7 @@ def main():
|
||||||
else:
|
else:
|
||||||
config = {}
|
config = {}
|
||||||
|
|
||||||
optlist, args = getopt.getopt(sys.argv[1:], 's:p:k:m:c:6')
|
optlist, args = getopt.getopt(sys.argv[1:], 's:p:k:m:c:6:l')
|
||||||
for key, value in optlist:
|
for key, value in optlist:
|
||||||
if key == '-p':
|
if key == '-p':
|
||||||
config['server_port'] = int(value)
|
config['server_port'] = int(value)
|
||||||
|
@ -168,11 +180,16 @@ def main():
|
||||||
config['method'] = value
|
config['method'] = value
|
||||||
elif key == '-6':
|
elif key == '-6':
|
||||||
IPv6 = True
|
IPv6 = True
|
||||||
|
elif key == '-l':
|
||||||
|
ALLOW_LOCAL = True
|
||||||
|
|
||||||
SERVER = config['server']
|
SERVER = config['server']
|
||||||
PORT = config['server_port']
|
PORT = config['server_port']
|
||||||
KEY = config['password']
|
KEY = config['password']
|
||||||
METHOD = config.get('method', None)
|
METHOD = config.get('method', None)
|
||||||
|
if 'allow_local' in config:
|
||||||
|
if config['allow_config']:
|
||||||
|
ALLOW_LOCAL = True
|
||||||
|
|
||||||
if not KEY and not config_path:
|
if not KEY and not config_path:
|
||||||
sys.exit('config not specified, please read https://github.com/clowwindy/shadowsocks')
|
sys.exit('config not specified, please read https://github.com/clowwindy/shadowsocks')
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue