shadowsocks/README.md
2014-05-02 14:06:13 +08:00

3.4 KiB

shadowsocks

Current version: 1.4.0 Build Status

shadowsocks is a lightweight tunnel proxy which can help you get through firewalls.

Both TCP CONNECT and UDP ASSOCIATE are implemented.

中文说明

Usage

First, make sure you have Python 2.6 or 2.7.

$ python --version
Python 2.6.8

Install Shadowsocks.

pip install shadowsocks

Create a file named config.json, with the following content.

{
    "server":"my_server_ip",
    "server_port":8388,
    "local_port":1080,
    "password":"barfoo!",
    "timeout":600,
    "method":"table"
}

Explanation of the fields:

server          your server IP (IPv4/IPv6), notice that your server will listen to this IP
server_port     server port
local_port      local port
password        a password used to encrypt transfer
timeout         in seconds
method          encryption method, "bf-cfb", "aes-256-cfb", "des-cfb", "rc4", etc. Default is table, which is not secure. "aes-256-cfb" is recommended
fast_open       use TCP_FASTOPEN, true/false

cd into the directory of config.json. Run ssserver on your server. To run it in the background, run nohup ssserver > log &.

On your client machine, run sslocal.

Change the proxy settings in your browser to

protocol: socks5
hostname: 127.0.0.1
port:     your local_port

Notice: If you want to use encryption methods other than "table", please install M2Crypto (See Encryption Section).

It's recommended to use shadowsocks with AutoProxy or Proxy SwitchySharp.

Command line args

You can use args to override settings from config.json.

sslocal -s server_name -p server_port -l local_port -k password -m bf-cfb
ssserver -p server_port -k password -m bf-cfb
ssserver -c /etc/shadowsocks/config.json

Encryption

Default encryption method table, which is not secure, is not recommended. Please use "aes-256-cfb" or "bf-cfb". "rc4" is not secure, either, please don't use it.

List of all encryption methods:

  • aes-128-cfb
  • aes-192-cfb
  • aes-256-cfb
  • bf-cfb
  • camellia-128-cfb
  • camellia-192-cfb
  • camellia-256-cfb
  • cast5-cfb
  • des-cfb
  • idea-cfb
  • rc2-cfb
  • rc4
  • seed-cfb
  • table

If you want to use encryption method other than "table", please install M2Crypto.

Ubuntu:

apt-get install python-m2crypto

Others:

apt-get install openssl-dev swig
pip install M2Crypto

Please notice that some encryption methods are not available on some environments.

Performance

You may want to install gevent for better performance.

$ sudo apt-get install python-gevent

Or:

$ sudo apt-get install libevent-dev python-pip
$ sudo pip install gevent

If both of your server and client are deployed on Linux 3.7+, you can turn on fast_open for lower latency.

echo 3 > /proc/sys/net/ipv4/tcp_fastopen

License

MIT

Bugs and Issues

Please visit issue tracker

Mailing list: http://groups.google.com/group/shadowsocks

Also see troubleshooting