richard
/
shadowsocks-libev
mirror of https://github.com/shadowsocks/shadowsocks-libev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
708 Commits
8 Branches
85 Tags
14 MiB
Tree: f5d0db0cb8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f5d0db0cb8'
${ noResults }
shadowsocks-libev/README.md

325 lines
9.6 KiB
Raw Normal View History

add readme
12 years ago
update README
12 years ago
add readme
12 years ago
update README
11 years ago
fix typo
10 years ago
update readme
11 years ago
update README
11 years ago
update URLs
10 years ago
update README
11 years ago
Add @linusyang as a major maintainer
11 years ago
update README
11 years ago
bump version
9 years ago
Update README.md
9 years ago
add readme
12 years ago
update README
11 years ago
add readme
12 years ago
update readme
11 years ago
update README
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
update README
11 years ago
Update README.md
10 years ago
update README
11 years ago
update README
11 years ago
update README
12 years ago
add readme
12 years ago
Add some notes about PolarSSL in README.md
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add some notes about PolarSSL in README.md
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Update the Debian/Ubuntu installation section
11 years ago
Mod: update building from source for debian in README.md
10 years ago
fix #221
9 years ago
Update README.md Fix a typo for Debian/Ubuntu sources list file name
10 years ago
Update the Debian/Ubuntu installation section
11 years ago
completely rename as shadowsocks-libev. it's not conflicted with shadowsocks-python now. users can install both python and libev ports of shaowsocks now. but they should migrate their old configuration file from /etc/shadowsocks/config.json to /etc/shadowsocks-libev/config.json
10 years ago
Mod: update building from source for debian in README.md
10 years ago
Update the Debian/Ubuntu installation section
11 years ago
Mod: update building from source for debian in README.md
10 years ago
Update README.md add unsigned flag by default, for the people who do not have secret key.
10 years ago
Mod: update building from source for debian in README.md
10 years ago
completely rename as shadowsocks-libev. it's not conflicted with shadowsocks-python now. users can install both python and libev ports of shaowsocks now. but they should migrate their old configuration file from /etc/shadowsocks/config.json to /etc/shadowsocks-libev/config.json
10 years ago
Mod: update building from source for debian in README.md
10 years ago
Update the Debian/Ubuntu installation section
11 years ago
completely rename as shadowsocks-libev. it's not conflicted with shadowsocks-python now. users can install both python and libev ports of shaowsocks now. but they should migrate their old configuration file from /etc/shadowsocks/config.json to /etc/shadowsocks-libev/config.json
10 years ago
Update the Debian/Ubuntu installation section
11 years ago
completely rename as shadowsocks-libev. it's not conflicted with shadowsocks-python now. users can install both python and libev ports of shaowsocks now. but they should migrate their old configuration file from /etc/shadowsocks/config.json to /etc/shadowsocks-libev/config.json
10 years ago
Update the Debian/Ubuntu installation section
11 years ago
RHEL/CentOS is supported by Fedora Copr now.
10 years ago
no more fedora 19 updates now. Fedora 19 is officially end of life.
10 years ago
RHEL/CentOS is supported by Fedora Copr now.
10 years ago
add fedora repo to readme
10 years ago
RHEL/CentOS is supported by Fedora Copr now.
10 years ago
add fedora repo to readme
10 years ago
update README, fix #19
11 years ago
update README
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
add readme
12 years ago
update README
12 years ago
update README
11 years ago
update README
12 years ago
update README
11 years ago
update README
11 years ago
update README
11 years ago
update README
11 years ago
Update FreeBSD section of README.md I have updated the freebsd port to include a default config.json file, which will be installed into /usr/local/etc/shadowsocks-libev by default. To enable shadowsocks-libev on freebsd, it's as simple as adding the shadowsocks_libev_enable variable to /etc/rc.conf
11 years ago
update README
11 years ago
Update FreeBSD section of README.md I have updated the freebsd port to include a default config.json file, which will be installed into /usr/local/etc/shadowsocks-libev by default. To enable shadowsocks-libev on freebsd, it's as simple as adding the shadowsocks_libev_enable variable to /etc/rc.conf
11 years ago
update README
11 years ago
update README
11 years ago
update README
11 years ago
update README
11 years ago
update README
11 years ago
update URLs
10 years ago
update README
11 years ago
update README
11 years ago
update README
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
update README
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
update README
11 years ago
Add initial support for native win32 platform Should be built against MinGW, and please note that only ss-local is ported due to lack win32 support of libasyncns. And libev doesn't support IOCP but only supports select
11 years ago
Fix MinGW PolarSSL build and update readme
11 years ago
update README
11 years ago
update README
12 years ago
update README
10 years ago
update documents
10 years ago
update README.md
9 years ago
fix #271
9 years ago
update README.md
9 years ago
bump version
9 years ago
update README.md
9 years ago
add readme
12 years ago
update usage
11 years ago
update README
12 years ago
Update README.md
11 years ago
update README
11 years ago
Update README.md
11 years ago
update README
11 years ago
update
11 years ago
update README
11 years ago
Update README.md
10 years ago
update README
11 years ago
  1. shadowsocks-libev
  2. =================
  4. Intro
  5. -----
  7. [Shadowsocks-libev](http://shadowsocks.org) is a lightweight secured socks5
  8. proxy for embedded devices and low end boxes.
  10. It is a port of [shadowsocks](https://github.com/shadowsocks/shadowsocks)
  11. created by [@clowwindy](https://github.com/clowwindy) maintained by
  12. [@madeye](https://github.com/madeye) and [@linusyang](https://github.com/linusyang).
  14. Current version: 2.1.4 | [Changelog](Changes)
  16. Travis CI: [![Travis CI](https://travis-ci.org/shadowsocks/shadowsocks-libev.png?branch=master)](https://travis-ci.org/shadowsocks/shadowsocks-libev) | Jenkins Matrix: [![Jenkins](https://jenkins.shadowvpn.org/buildStatus/icon?job=Shadowsocks-libev)](https://jenkins.shadowvpn.org/job/Shadowsocks-libev/)
  18. Features
  19. --------
  21. Shadowsocks-libev is writen in pure C and only depends on
  22. [libev](http://software.schmorp.de/pkg/libev.html) and
  23. [openssl](http://www.openssl.org/) or [polarssl](https://polarssl.org/).
  25. In normal usage, the memory footprint is about 600KB and the CPU utilization is
  26. no more than 5% on a low-end router (Buffalo WHR-G300N V2 with a 400MHz MIPS CPU,
  27. 32MB memory and 4MB flash).
  29. Installation
  30. ------------
  32. #### Notes about PolarSSL
  34. * Default crypto library is OpenSSL. To build against PolarSSL,
  35. specify `--with-crypto-library=polarssl` and `--with-polarssl=/path/to/polarssl`
  36. when running `./configure`.
  37. * PolarSSL __1.2.5 or newer__ is required. Currently, PolarSSL does __NOT__ support
  38. CAST5-CFB, DES-CFB, IDEA-CFB, RC2-CFB and SEED-CFB.
  39. * RC4 is only support by PolarSSL __1.3.0 or above__.
  41. ### Debian & Ubuntu
  43. #### Install from repository
  45. Add GPG public key
  47. ```bash
  48. wget -O- http://shadowsocks.org/debian/1D27208A.gpg | sudo apt-key add -
  49. ```
  51. Add either of the following lines to your /etc/apt/sources.list
  53. ```
  54. # Debian Wheezy, Ubuntu 12.04 or any distribution with libssl > 1.0.1
  55. deb http://shadowsocks.org/debian wheezy main
  57. # Debian Squeeze, Ubuntu 11.04, or any distribution with libssl > 0.9.8, but < 1.0.0
  58. deb http://shadowsocks.org/debian squeeze main
  59. ```
  61. Then,
  63. ``` bash
  64. sudo apt-get update
  65. sudo apt-get install shadowsocks-libev
  66. ```
  68. #### Build package from source
  70. ``` bash
  71. cd shadowsocks-libev
  72. sudo apt-get install build-essential autoconf libtool libssl-dev gawk debhelper
  73. dpkg-buildpackage -us -uc
  74. cd ..
  75. sudo dpkg -i shadowsocks-libev*.deb
  76. ```
  78. #### Configure and start the service
  80. ```
  81. # Edit the configuration
  82. sudo vim /etc/shadowsocks-libev/config.json
  84. # Start the service
  85. sudo /etc/init.d/shadowsocks-libev start
  86. ```
  88. ### Fedora & RHEL
  90. Supported distributions include
  91. - Fedora 20, 21, rawhide
  92. - RHEL 6, 7 and derivatives (including CentOS, Scientific Linux)
  94. #### Install from repository
  96. Enable repo via `dnf`:
  98. ```
  99. su -c 'dnf copr enable librehat/shadowsocks'
  100. ```
  102. Or download yum repo on [Fedora Copr](https://copr.fedoraproject.org/coprs/librehat/shadowsocks/) and put it inside `/etc/yum.repos.d/`. The release `Epel` is for RHEL and its derivatives.
  104. Then, install `shadowsocks-libev` via `dnf`:
  106. ```bash
  107. su -c 'dnf update'
  108. su -c 'dnf install shadowsocks-libev'
  109. ```
  111. or `yum`:
  113. ```bash
  114. su -c 'yum update'
  115. su -c 'yum install shadowsocks-libev'
  116. ```
  118. ### Linux
  120. For Unix-like systems, especially Debian-based systems,
  121. e.g. Ubuntu, Debian or Linux Mint, you can build the binary like this:
  123. ```bash
  124. sudo apt-get install build-essential autoconf libtool libssl-dev
  125. ./configure && make
  126. sudo make install
  127. ```
  129. ### FreeBSD
  131. ```bash
  132. su
  133. cd /usr/ports/net/shadowsocks-libev
  134. make install
  135. ```
  137. Edit your config.json file. By default, it's located in /usr/local/etc/shadowsocks-libev
  139. To enable shadowsocks-libev, add the following rc variable to your /etc/rc.conf file.
  141. ```
  142. shadowsocks_libev_enable="YES"
  143. ```
  145. Start the shadowsocks server:
  147. ```bash
  148. service shadowsocks_libev start
  149. ```
  151. ### OpenWRT
  153. ```bash
  154. # At OpenWRT build root
  155. pushd package
  156. git clone https://github.com/shadowsocks/shadowsocks-libev.git
  157. popd
  159. # Enable shadowsocks-libev in network category
  160. make menuconfig
  162. # Optional
  163. make -j
  165. # Build the package
  166. make V=99 package/shadowsocks-libev/openwrt/compile
  167. ```
  169. ### Windows
  171. For Windows, use either MinGW (msys) or Cygwin to build.
  172. At the moment, only `ss-local` is supported to build against MinGW (msys).
  174. If you are using MinGW (msys), please download OpenSSL or PolarSSL source tarball
  175. to the home directory of msys, and build it like this (may take a few minutes):
  177. * OpenSSL
  179. ```bash
  180. tar zxf openssl-1.0.1e.tar.gz
  181. cd openssl-1.0.1e
  182. ./config --prefix="$HOME/prebuilt" --openssldir="$HOME/prebuilt/openssl"
  183. make && make install
  184. ```
  186. * PolarSSL
  188. ```bash
  189. tar zxf polarssl-1.3.2-gpl.tgz
  190. cd polarssl-1.3.2
  191. make lib WINDOWS=1
  192. make install DESTDIR="$HOME/prebuilt"
  193. ```
  195. Then, build the binary using the commands below, and all `.exe` files
  196. will be built at `$HOME/ss/bin`:
  198. * OpenSSL
  200. ```bash
  201. ./configure --prefix="$HOME/ss" --with-openssl="$HOME/prebuilt"
  202. make && make install
  203. ```
  205. * PolarSSL
  207. ```bash
  208. ./configure --prefix="$HOME/ss" --with-crypto-library=polarssl --with-polarssl=$HOME/prebuilt
  209. make && make install
  210. ```
  212. Usage
  213. -----
  215. ```
  216. ss-[local|redir|server|tunnel]
  218. -s <server_host> host name or ip address of your remote server
  220. -p <server_port> port number of your remote server
  222. -l <local_port> port number of your local server
  224. -k <password> password of your remote server
  226. [-m <encrypt_method>] encrypt method: table, rc4, rc4-md5,
  227. aes-128-cfb, aes-192-cfb, aes-256-cfb,
  228. bf-cfb, camellia-128-cfb, camellia-192-cfb,
  229. camellia-256-cfb, cast5-cfb, des-cfb, idea-cfb,
  230. rc2-cfb, seed-cfb, salsa20 and chacha20
  232. [-f <pid_file>] the file path to store pid
  234. [-t <timeout>] socket timeout in seconds
  236. [-c <config_file>] the path to config file
  238. [-i <interface>] network interface to bind,
  239. not available in redir mode
  241. [-b <local_address>] local address to bind,
  242. not available in server mode
  244. [-u] enable udprelay mode,
  245. not available in redir mode
  247. [-L <addr>:<port>] specify destination server address and port
  248. for local port forwarding,
  249. only available in tunnel mode
  251. [-d <addr>] setup name servers for internal DNS resolver,
  252. only available in server mode
  254. [--fast-open] enable TCP fast open,
  255. only available in local and server mode,
  256. with Linux kernel > 3.7.0
  258. [--acl <acl_file>] config file of ACL (Access Control List)
  259. only available in local and server mode
  261. [-v] verbose mode
  263. notes:
  265. ss-redir provides a transparent proxy function and only works on the
  266. Linux platform with iptables.
  268. ```
  270. ## Advanced usage
  272. The latest shadowsocks-libev has provided a *redir* mode. You can configure your linux based box or router to proxy all tcp traffic transparently.
  274. # Create new chain
  275. root@Wrt:~# iptables -t nat -N SHADOWSOCKS
  277. # Ignore your shadowsocks server's addresses
  278. # It's very IMPORTANT, just be careful.
  279. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 123.123.123.123 -j RETURN
  281. # Ignore LANs and any other addresses you'd like to bypass the proxy
  282. # See Wikipedia and RFC5735 for full list of reserved networks.
  283. # See ashi009/bestroutetb for a highly optimized CHN route list.
  284. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
  285. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
  286. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
  287. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
  288. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
  289. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
  290. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
  291. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
  293. # Anything else should be redirected to shadowsocks's local port
  294. root@Wrt:~# iptables -t nat -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 12345
  296. # Apply the rules
  297. root@Wrt:~# iptables -t nat -A OUTPUT -p tcp -j SHADOWSOCKS
  299. # Start the shadowsocks-redir
  300. root@Wrt:~# ss-redir -c /etc/config/shadowsocks.json -f /var/run/shadowsocks.pid
  302. ## Security Tips
  304. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend to
  305. set up your server's firewall rules to limit connections from each user.
  307. # Up to 32 connections are enough for normal usages
  308. iptables -A INPUT -p tcp --syn --dport ${SHADOWSOCKS_PORT} -m connlimit --connlimit-above 32 -j REJECT --reject-with tcp-reset
  310. ## License
  312. Copyright (C) 2014 Max Lv <max.c.lv@gmail.com>
  314. This program is free software: you can redistribute it and/or modify
  315. it under the terms of the GNU General Public License as published by
  316. the Free Software Foundation, either version 3 of the License, or
  317. (at your option) any later version.
  319. This program is distributed in the hope that it will be useful,
  320. but WITHOUT ANY WARRANTY; without even the implied warranty of
  321. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  322. GNU General Public License for more details.
  324. You should have received a copy of the GNU General Public License
  325. along with this program. If not, see <http://www.gnu.org/licenses/>.