shadowsocks-go is a lightweight tunnel proxy which can help you get through firewalls. It is a port of shadowsocks.
The protocol is compatible with the origin shadowsocks (if both have been upgraded to the latest version).
Note server_password
option syntax changed in 0.6.2, the client now connects to servers in the order specified in the config.
Please develop on the latest develop branch if you want to send pull request.
Compiled client binaries can be download here. (All compiled with cgo disabled, except the mac version.)
You can also install from source (assume you have go installed):
# on server
go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-server
# on client
go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-local
It's recommended to disable cgo when compiling shadowsocks-go. This will prevent the go runtime from creating too many threads for dns lookup.
Both the server and client program will look for config.json
in the current directory. You can use -c
option to specify another configuration file.
Configuration file is in json format and has the same syntax with shadowsocks-nodejs. You can download the sample config.json
, change the following values:
server your server ip or hostname
server_port server port
local_port local socks5 proxy port
method encryption method, null by default (table), the following methods are supported:
aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, chacha20, salsa20, rc4, table
password a password used to encrypt transfer
timeout server option, in seconds
Run shadowsocks-server
on your server. To run it in the background, run shadowsocks-server > log &
.
On client, run shadowsocks-local
. Change proxy settings of your browser to
SOCKS5 127.0.0.1:local_port
AES is recommended for shadowsocks-go. Intel AES Instruction Set will be used if available and can make encryption/decryption very fast. To be more specific, aes-128-cfb
is recommended as it is faster and secure enough.
rc4 and table encryption methods are deprecated because they are not secure.