• Stars
    star
    153
  • Rank 243,368 (Top 5 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 6 years ago
  • Updated about 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A shadowsocks implementation in golang with Multi-connection Acceleration

go-shadowsocks-magic

A shadowsocks implementation in golang with Multi-connection Acceleration.

The code is based on https://github.com/shadowsocks/go-shadowsocks2

==================================================

UPDATE 2019-10: Deprecated. Rabbit TCP is recommended.

2019-10 更新: 不建议使用。请使用Rabbit TCP

==================================================

中文版戳这!

Features

  • SOCKS5 proxy with UDP Associate
  • Support for Netfilter TCP redirect (IPv6 should work but not tested)
  • UDP tunneling (e.g. relay DNS packets)
  • TCP tunneling (e.g. benchmark with iperf3)
  • Multi-connection Acceleration

Multi-connection Acceleration Protocol

In the original shadowsocks protocal, the data is transmitted in the following way:

client <---> ss-local <--[encrypted]--> ss-remote <---> target

The shadowsocks is used to access blocked servers. In most common applications, the bottleneck of the bandwidth is the way outside their countries: ss-local<--->ss-remote. Is it the best way to communicate in one connection?

With a proper protocol, the ss-local and ss-remote can communicate in multi TCP connections, which will be faster when transferring a large amount of data, especially for those slow VPS.

The following protocol by ihciah is one of them. The implementation in other language is welcome.

  1. Establish the connection to shadowsocks server first.

  2. Send address. Here I add 2 bits for "Magic": magic-main(0b01000) and magic-child(0b10000).

    After sending the address with magic-main, the server will reply a 16-byte dataKey.

  3. Up till now we have 1 connection. Through the connection, data will be sent back in format [BlockID(uint32)][BlockSize(uint32)][Data([BlckSize]byte)].

  4. Of course, it's not acceleration with only 1 connection. With the dataKey we can construct an "address" in format [Type([1]byte)][dataKey([16]byte)], the type must be marked as magic-child.

    Now create a new connection and send the 17-byte "address", then the data will be transmitted to the client.

  5. Once the main connection(the first one) is disconnected, all the other connections will die. However, it's not a problem if the magic-child connections interrupted.

Install

Pre-built binaries for common platforms are available at https://github.com/ihciah/go-shadowsocks-magic/releases

Install from source

go get -u -v github.com/ihciah/go-shadowsocks-magic

Basic Usage

Server

Start a server listening on port 8488 using RC4-MD5 cipher with password your-password.

shadowsocks-magic -s 'ss://RC4-MD5:your-password@:8488' -verbose

When deploy, you can close verbose.

Client

Start a client connecting to the above server. The client listens on port 1080 for incoming SOCKS5 connections, and tunnels both UDP and TCP on port 8053 and port 8054 to 8.8.8.8:53 and 8.8.4.4:53 respectively.

shadowsocks-magic -c 'ss://RC4-MD5:your-password@[server_address]:8488' \
    -verbose -socks :1080 -u -udptun :8053=8.8.8.8:53,:8054=8.8.4.4:53 \
                             -tcptun :8053=8.8.8.8:53,:8054=8.8.4.4:53

Replace [server_address] with the server's public address.

Advanced Usage

Netfilter TCP redirect (Linux only)

The client offers -redir and -redir6 (for IPv6) options to handle TCP connections redirected by Netfilter on Linux. The feature works similar to ss-redir from shadowsocks-libev.

Start a client listening on port 1082 for redirected TCP connections and port 1083 for redirected TCP IPv6 connections.

shadowsocks-magic -c 'ss://RC4-MD5:your-password@[server_address]:8488' -redir :1082 -redir6 :1083

TCP tunneling

The client offers -tcptun [local_addr]:[local_port]=[remote_addr]:[remote_port] option to tunnel TCP. For example it can be used to proxy iperf3 for benchmarking.

Start iperf3 on the same machine with the server.

iperf3 -s

By default iperf3 listens on port 5201.

Start a client on the same machine with the server. The client listens on port 1090 for incoming connections and tunnels to localhost:5201 where iperf3 is listening.

shadowsocks-magic -c 'ss://RC4-MD5:your-password@[server_address]:8488' -tcptun :1090=localhost:5201

Start iperf3 client to connect to the tunneld port instead

iperf3 -c localhost -p 1090

Design Principles

The code base strives to

  • be idiomatic Go and well organized;
  • use fewer external dependences as reasonably possible;
  • only include proven modern ciphers;

Known Issues

More Repositories

1

shadow-tls

A proxy to expose real tls handshake to the firewall
Rust
2,224
star
2

clean-dns-bpf

基于 Rust + eBPF 丢弃 GFW DNS 污染包
Rust
1,106
star
3

rabbit-tcp

A multi-connection TCP forwarder/accelerator
Go
495
star
4

deep-fashion-retrieval

Simple image retrival on deep-fashion dataset with pytorch - A course project
Python
230
star
5

miaomiaoji-tool

A python tool to control MiaoMiaoJi / Paperang / 喵喵机
Python
154
star
6

rust2go

Call Golang from Rust
Rust
147
star
7

tg_channel_bot

Fetch and push to telegram channel/user/group !
Go
99
star
8

inner-shadowsocks

Shadowsocks -> socks5 on server. (Created for providing socks5 proxy for Telegram)
Go
90
star
9

small-map

An inline SIMD accelerated hashmap designed for small amount of data.
Rust
71
star
10

mini-rust-runtime

Rust
49
star
11

google-in-docker

A google reverse proxy in docker
46
star
12

telearia2

Rust
42
star
13

socks5-forwarder

Rust
42
star
14

NAS-tools

Some configure files and scripts for NAS
Shell
40
star
15

CNN_forward

CNN(Convolutional neural network) forward code which requires little dependency(Opencv, TBB-optional) and is easy to run on Windows(using caffe's model)
C++
34
star
16

shadowsocks-with-socks-auth

Shadowsocks with socks auth
Python
33
star
17

ddns-worker

Rust
32
star
18

cloudflare-kv-proxy

Cloudflare Worker KV Proxy
Rust
29
star
19

certain-map

A typed map which can make sure item exist.
Rust
29
star
20

GFHelper

Girl Frontline Helper
Go
25
star
21

rabbit-plugin

A rabbit-tcp plugin for shadowsocks
Go
25
star
22

AndroidSMSRelay

Script to forward and send android(with root) sms using adb
Python
22
star
23

subtitle

A cli tool to download subtitles.
Python
19
star
24

OneEncrypt

A Simple and Naive Encryptor for OneDrive(已投奔OSX,弃坑了!)
C
12
star
25

singleflight-async

Rust
11
star
26

service-async

A Service like tower in async style
Rust
10
star
27

thrift-parser

Rust Thrift Parser
Rust
9
star
28

aria2-rs

Yet Another Aria2 JSON-RPC Client.
Rust
8
star
29

xbox-nginx

xbox 国内加速代理
HTML
8
star
30

simple-ddns

A Simple Dynamic DNS Server for Personal Usage
Python
8
star
31

auto-const-array

Declare a const array without specify its length
Rust
8
star
32

simple-qq-bot

A simple QQ bot (Test account: 2404865065)
Python
7
star
33

HamsterRunning

Automatically log hamsters' running data and send to weibo
Python
7
star
34

trojan-caddy-docker-compose

Dockerfile
7
star
35

wol-homekit

WakeOnLAN with HomeKit
Rust
6
star
36

stinc

Shadowsocks + tinc + chnroute in docker
Shell
5
star
37

urlshorter

网址缩短 附带便笺条功能(On SAE)
CSS
5
star
38

cookieinjector

Wireshark cookie injector for tampermonkey
JavaScript
5
star
39

byte-style-encoder

Rust
4
star
40

static-blog-image-downloader

Rust
4
star
41

douban-api-proxy

豆瓣电影搜索API代理
JavaScript
4
star
42

must-done

An experimental Future that is guaranteed to be done
Rust
3
star
43

classifier-mt

Caffe classifier with multi-thread
C++
2
star
44

oj

做过的oj题目 顺手发上来
C++
2
star
45

bounded-pool

Rust
2
star
46

dorm_tools

寝室自用小工具
Python
1
star
47

XV6-OS

XV6 in OS_class
C
1
star
48

fdcard-captcha

复旦一卡通网站验证码识别(简易SVM
Python
1
star
49

pj

sww的PJ!
C#
1
star
50

MiniJava

MiniJava前端 编译原理Project
HTML
1
star
51

nas-bot

自用Telegram Bot
Go
1
star
52

FudanPTAutoDownloader

A script for auto download torrents of PT@Platform
Python
1
star
53

docker-ocserv

Shell
1
star
54

xk-database

某科学的张江大学选课系统-汪卫的数据库PJ
CSS
1
star