Zolemba za Shadowsocks
Navigation
Shadowsocks Configuration Format
Konzani Fayilo
Shadowsocks imatenga masinthidwe amtundu wa JSON:
{
"seva":"my_server_ip",
"server_port":8388,
"local_port": 1080,
"password": "barfoo!",
"njira": "chacha20-ietf-poly1305"
}
Mtundu wa JSON
- seva: dzina lanu la alendo kapena seva IP (IPv4/IPv6).
- seva_port: nambala ya doko la seva.
- local_port: doko lamba.
- chinsinsi: mawu achinsinsi omwe amagwiritsidwa ntchito kubisala kusamutsa.
- njira: encryption njira.
Encryption Njira
Timakonza ma seva athu ndikupangira kuti mugwiritse ntchito chacha20-ietf-poly1305 AEAD cipher chifukwa ndi njira yamphamvu kwambiri yolembera.
Ngati mukukonzekera seva yanu ya shadowsocks, mutha kusankha kuchokera ku "chacha20-ietf-poly1305" kapena "aes-256-gcm".
URI & QR kodi
Ma Shadowsocks a Android / IOS amatenganso masinthidwe a BASE64 osungidwa a URI:
ss://BASE64-ENCODED-STRING-WITHOUT-PADDING#TAG
URI yomveka iyenera kukhala: ss://njira:password@hostname:port
URI yomwe ili pamwambapa siyitsatira RFC3986. Mawu achinsinsi pankhaniyi akuyenera kukhala mawu osavuta, osakhala ndi maperesenti.
Chitsanzo: Tikugwiritsa ntchito seva pa 192.168.100.1:8888 ntchito bf-cfb encryption njira ndi achinsinsi kuyesa/!@#:.
Kenako, ndi URI yomveka ss://bf-cfb:test/!@#:@192.168.100.1:8888, titha kupanga BASE64 encoded URI:
> console.log("ss://" + btoa("bf-cfb:test/!@#:@192.168.100.1:8888"))
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg
Kuti muthandizire kukonza ndi kuzindikira ma URI awa, mutha kuwonjezera tag pambuyo pa chingwe chojambulidwa cha BASE64:
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg#example-server
Kuyankhula
Shadowsocks amagwiritsa ntchito ma adilesi omwe amapezeka mumtundu wa adilesi ya SOCKS5:
[mtundu wa 1-byte][kulandila kutalika kosinthika][2-byte port]
Nayi mitundu yamaadiresi yofotokozedwa:
- 0x01 : host ndi 4-byte IPv4 adilesi.
- 0x03 : host ndi chingwe chachitali chosiyana, kuyambira ndi kutalika kwa 1-byte, kutsatiridwa ndi dzina lachidziwitso la max 255-byte.
- 0x04 : host ndi 16-byte IPv6 adilesi.
Nambala ya doko ndi 2-byte yayikulu-endian yosasainidwa.
TCP
Makasitomala a ss-local amayamba kulumikizana ndi ss-remote potumiza deta yobisika kuyambira ndi adilesi yomwe mukufuna kutsatiridwa ndi data yolipira. Kubisa kudzakhala kosiyana kutengera cipher yomwe yagwiritsidwa ntchito.
[adiresi yomwe mukufuna [payload]
Ss-remote imalandira zidziwitso zobisika, kenako imachotsa ndikuyika adilesi yomwe mukufuna. Kenako imapanga kulumikizana kwatsopano kwa TCP ku chandamale ndikutumiza deta yolipira kwa icho. ss-remote imalandira yankho kuchokera kwa chandamale kenako ndikuyika deta ndikuyitumiza ku ss-local mpaka itachotsedwa.
Pazifukwa zosokoneza, zapafupi ndi zakutali ziyenera kutumiza data yogwirana chanza yokhala ndi zolipira zina mu paketi yoyamba.
UDP
ss-local imatumiza paketi ya data yosungidwa yomwe ili ndi adilesi yomwe mukufuna ndikulipira ku ss-remote.
[adiresi yomwe mukufuna [payload]
Paketi yosungidwa ikalandiridwa, ss-remote decrypts ndikuyika adilesi yomwe mukufuna. Kenako imatumiza paketi yatsopano ya data yokhala ndi zolipira ku chandamale. ss-remote imalandira mapaketi a data kuchokera ku chandamale ndikukonzekeretsa adilesi yomwe mukufuna kulandila mu paketi iliyonse. Makope obisika amatumizidwa ku ss-local.
[adiresi yomwe mukufuna [payload]
Izi zitha kuwiritsidwa kukhala ss-remote kumasulira adilesi ya netiweki ya ss-local.