richard
/
shadowsocks-libev
mirror of https://github.com/shadowsocks/shadowsocks-libev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
143 Commits
8 Branches
85 Tags
14 MiB
Tree: 4e97042b88
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4e97042b88'
${ noResults }
shadowsocks-libev/README.md

144 lines
4.9 KiB
Raw Normal View History

add readme
12 years ago
update README
12 years ago
add readme
12 years ago
update README
11 years ago
update readme
11 years ago
update README
11 years ago
update readme
11 years ago
update README
11 years ago
update document
11 years ago
add readme
12 years ago
update README
11 years ago
add readme
12 years ago
update readme
11 years ago
update README
11 years ago
update README
11 years ago
update README
12 years ago
add readme
12 years ago
update README
12 years ago
add readme
12 years ago
update README
12 years ago
update usage
11 years ago
add readme
12 years ago
update README
11 years ago
update README
12 years ago
update README
11 years ago
update README
12 years ago
update README
11 years ago
update readme
11 years ago
update usage
11 years ago
update readme
11 years ago
update README
11 years ago
update document
11 years ago
update README
11 years ago
add readme
12 years ago
update usage
11 years ago
update README
12 years ago
Update README.md
11 years ago
update README
11 years ago
update
11 years ago
update README
11 years ago
  1. shadowsocks-libev
  2. =================
  4. Intro
  5. -----
  7. [Shadowsocks-libev](http://shadowsocks.org) is a lightweight secured scoks5
  8. proxy for embedded devices and low end boxes.
  10. It is a port of [shadowsocks](https://github.com/clowwindy/shadowsocks)
  11. created by [@clowwindy](https://github.com/clowwindy) maintained by
  12. [@madeye](https://github.com/madeye).
  14. Current version: 1.3 [![Build Status](https://travis-ci.org/madeye/shadowsocks-libev.png?branch=master)](https://travis-ci.org/madeye/shadowsocks-libev)
  16. Changelog
  17. ---------
  19. shadowsocks 1.3 -- Thu, 16 May 2013 10:51:15 +0800
  21. * Able to bind connections to specific interface
  22. * Support more ciphers: aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb
  24. shadowsocks 1.2 -- Tue, 07 May 2013 14:10:33 +0800
  26. * Close timeouted TCP connections
  27. * Fix a high load issue
  29. shadowsocks 1.1 -- Wed, 10 Apr 2013 12:11:36 +0800
  31. * Fix a IPV6 resolve issue
  33. shadowsocks 1.0 -- Sat, 06 Apr 2013 16:59:15 +0800
  35. * Initial release
  37. Features
  38. --------
  40. Shadowsocks-libev is writen in pure C and only depends on
  41. [libev](http://software.schmorp.de/pkg/libev.html).
  43. When statically linked and packaged for OpenWRT, the total package size is 23KB.
  44. In normal usage, the memory consumption is about 600KB and the CPU utilization is
  45. no more than 5% on a low-end router (Buffalo WHR-G300N V2 with a 400MHz MIPS CPU,
  46. 32MB memory and 4MB flash).
  48. Installation
  49. ------------
  51. Build the binary like this:
  53. ```bash
  54. sudo apt-get install build-essential autoconf libtool
  55. ./configure && make
  56. sudo make install
  57. ```
  59. Usage
  60. -----
  62. ```
  63. usage:
  65. ss-local -s server_host -p server_port -l local_port -k password
  66. [-m encrypt_method] [-f pid_file] [-t timeout] [-c config_file]
  68. ss-redir -s server_host -p server_port -l local_port -k password
  69. [-m encrypt_method] [-f pid_file] [-t timeout] [-c config_file]
  71. ss-server -s server_host -p server_port -k password
  72. [-m encrypt_method] [-f pid_file] [-t timeout] [-c config_file]
  74. options:
  76. encrypt_method: table, rc4, aes-128-cfb, aes-192-cfb, aes-256-cfb,
  77. bf-cfb, cast5-cfb, des-cfb
  78. pid_file: valid path to the pid file
  79. timeout: socket timeout in senconds
  80. config_file: json format config file
  82. notes:
  84. ss-redir provides a transparent proxy function and only works on the
  85. Linux platform with iptables.
  87. ```
  89. ## Advanced usage
  91. The latest shadowsocks-libev has provided a transparent mode. You can configure your linux based box or router to proxy all tcp traffic transparently.
  93. # Create new chain
  94. root@Wrt:~# iptables -t nat -N SHADOWSOCKS
  96. # Ignore your shadowsocks server's addresses
  97. # It's very IMPORTANT, just be careful.
  98. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
  100. # Ignore LANs and any other addresses you'd like to bypass the proxy
  101. # See Wikipedia and RFC5735 for full list of reserved networks.
  102. # See ashi009/bestroutetb for a highly optimized CHN route list.
  103. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
  104. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
  105. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
  106. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
  107. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
  108. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
  109. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
  110. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
  112. # Anything else should be redirected to shadowsocks's local port
  113. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
  115. # Apply the rules
  116. root@Wrt:~# iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
  118. # Start the shadowsocks-redir
  119. root@Wrt:~# ss-redir -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
  121. ## Security Tips
  123. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend to
  124. set up your server's firewall rules to limit connections from each user.
  126. # Up to 32 connections are enough for normal usages
  127. iptables -A INPUT -p tcp --syn --dport ${SHADOWSOCKS_PORT} -m connlimit --connlimit-above 32 -j REJECT --reject-with tcp-reset
  129. ## License
  131. Copyright (C) 2013 Max Lv <max.c.lv@gmail.com>
  133. This program is free software: you can redistribute it and/or modify
  134. it under the terms of the GNU General Public License as published by
  135. the Free Software Foundation, either version 3 of the License, or
  136. (at your option) any later version.
  138. This program is distributed in the hope that it will be useful,
  139. but WITHOUT ANY WARRANTY; without even the implied warranty of
  140. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  141. GNU General Public License for more details.
  143. You should have received a copy of the GNU General Public License
  144. along with this program. If not, see <http://www.gnu.org/licenses/>.