richard
/
shadowsocks-libev
mirror of https://github.com/shadowsocks/shadowsocks-libev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
155 Commits
8 Branches
85 Tags
14 MiB
Tree: 81b1184de3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '81b1184de3'
${ noResults }
shadowsocks-libev/README.md

148 lines
5.1 KiB
Raw Normal View History

add readme
12 years ago
update README
12 years ago
add readme
12 years ago
update README
11 years ago
update readme
11 years ago
update README
11 years ago
update readme
11 years ago
update README
11 years ago
update readme
11 years ago
update document
11 years ago
update readme
11 years ago
update document
11 years ago
add readme
12 years ago
update README
11 years ago
add readme
12 years ago
update readme
11 years ago
update README
11 years ago
update README
11 years ago
update README
12 years ago
add readme
12 years ago
update README
12 years ago
add readme
12 years ago
update README
12 years ago
Update README.md
11 years ago
add readme
12 years ago
update README
11 years ago
update README
12 years ago
update README
11 years ago
update README
12 years ago
update README
11 years ago
update readme
11 years ago
update usage
11 years ago
update readme
11 years ago
update README
11 years ago
update document
11 years ago
update README
11 years ago
add readme
12 years ago
update usage
11 years ago
update README
12 years ago
Update README.md
11 years ago
update README
11 years ago
update
11 years ago
update README
11 years ago
  1. shadowsocks-libev
  2. =================
  4. Intro
  5. -----
  7. [Shadowsocks-libev](http://shadowsocks.org) is a lightweight secured scoks5
  8. proxy for embedded devices and low end boxes.
  10. It is a port of [shadowsocks](https://github.com/clowwindy/shadowsocks)
  11. created by [@clowwindy](https://github.com/clowwindy) maintained by
  12. [@madeye](https://github.com/madeye).
  14. Current version: 1.3.1 [![Build Status](https://travis-ci.org/madeye/shadowsocks-libev.png?branch=master)](https://travis-ci.org/madeye/shadowsocks-libev)
  16. Changelog
  17. ---------
  19. shadowsocks 1.3.1 -- Tue, 04 Jun 2013 00:56:17 +0000
  21. * Support more cihpers: camellia, idea, rc2 and seed.
  23. shadowsocks 1.3 -- Thu, 16 May 2013 10:51:15 +0800
  25. * Able to bind connections to specific interface
  26. * Support more ciphers: aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb
  28. shadowsocks 1.2 -- Tue, 07 May 2013 14:10:33 +0800
  30. * Close timeouted TCP connections
  31. * Fix a high load issue
  33. shadowsocks 1.1 -- Wed, 10 Apr 2013 12:11:36 +0800
  35. * Fix a IPV6 resolve issue
  37. shadowsocks 1.0 -- Sat, 06 Apr 2013 16:59:15 +0800
  39. * Initial release
  41. Features
  42. --------
  44. Shadowsocks-libev is writen in pure C and only depends on
  45. [libev](http://software.schmorp.de/pkg/libev.html).
  47. When statically linked and packaged for OpenWRT, the total package size is 23KB.
  48. In normal usage, the memory consumption is about 600KB and the CPU utilization is
  49. no more than 5% on a low-end router (Buffalo WHR-G300N V2 with a 400MHz MIPS CPU,
  50. 32MB memory and 4MB flash).
  52. Installation
  53. ------------
  55. Build the binary like this:
  57. ```bash
  58. sudo apt-get install build-essential autoconf libtool libssl-dev
  59. ./configure && make
  60. sudo make install
  61. ```
  63. Usage
  64. -----
  66. ```
  67. usage:
  69. ss-local -s server_host -p server_port -l local_port -k password
  70. [-m encrypt_method] [-f pid_file] [-t timeout] [-c config_file]
  72. ss-redir -s server_host -p server_port -l local_port -k password
  73. [-m encrypt_method] [-f pid_file] [-t timeout] [-c config_file]
  75. ss-server -s server_host -p server_port -k password
  76. [-m encrypt_method] [-f pid_file] [-t timeout] [-c config_file]
  78. options:
  80. encrypt_method: table, rc4, aes-128-cfb, aes-192-cfb, aes-256-cfb,
  81. bf-cfb, cast5-cfb, des-cfb
  82. pid_file: valid path to the pid file
  83. timeout: socket timeout in senconds
  84. config_file: json format config file
  86. notes:
  88. ss-redir provides a transparent proxy function and only works on the
  89. Linux platform with iptables.
  91. ```
  93. ## Advanced usage
  95. The latest shadowsocks-libev has provided a transparent mode. You can configure your linux based box or router to proxy all tcp traffic transparently.
  97. # Create new chain
  98. root@Wrt:~# iptables -t nat -N SHADOWSOCKS
  100. # Ignore your shadowsocks server's addresses
  101. # It's very IMPORTANT, just be careful.
  102. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
  104. # Ignore LANs and any other addresses you'd like to bypass the proxy
  105. # See Wikipedia and RFC5735 for full list of reserved networks.
  106. # See ashi009/bestroutetb for a highly optimized CHN route list.
  107. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
  108. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
  109. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
  110. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
  111. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
  112. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
  113. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
  114. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
  116. # Anything else should be redirected to shadowsocks's local port
  117. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
  119. # Apply the rules
  120. root@Wrt:~# iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
  122. # Start the shadowsocks-redir
  123. root@Wrt:~# ss-redir -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
  125. ## Security Tips
  127. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend to
  128. set up your server's firewall rules to limit connections from each user.
  130. # Up to 32 connections are enough for normal usages
  131. iptables -A INPUT -p tcp --syn --dport ${SHADOWSOCKS_PORT} -m connlimit --connlimit-above 32 -j REJECT --reject-with tcp-reset
  133. ## License
  135. Copyright (C) 2013 Max Lv <max.c.lv@gmail.com>
  137. This program is free software: you can redistribute it and/or modify
  138. it under the terms of the GNU General Public License as published by
  139. the Free Software Foundation, either version 3 of the License, or
  140. (at your option) any later version.
  142. This program is distributed in the hope that it will be useful,
  143. but WITHOUT ANY WARRANTY; without even the implied warranty of
  144. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  145. GNU General Public License for more details.
  147. You should have received a copy of the GNU General Public License
  148. along with this program. If not, see <http://www.gnu.org/licenses/>.