Skip to content

paulzql/shadowsocks-ex

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

69 Commits

config

config

 
 

lib

lib

 
 

test

test

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

mix.exs

mix.exs

 
 

mix.lock

mix.lock

 
 

Repository files navigation

Shadowsocks-ex

shadowsocks-ex is a elixir port of shadowsocks

A fast tunnel proxy that helps you bypass firewalls.

Features:

  • TCP support
  • UDP support (only server)
  • Client support (socks5 and http proxy)
  • Server support
  • OTA support
  • Mulit user support
  • Transparent Proxy Client support
  • Anti protocol detection
  • IP blacklist support
  • Simple obfs support

Encryption methods

  • rc4-md5
  • aes-128-cfb
  • aes-192-cfb
  • aes-256-cfb
  • aes-128-ctr
  • aes-192-ctr
  • aes-256-ctr
  • aes-128-gcm
  • aes-192-gcm
  • aes-256-gcm

Installation

The package can be installed by adding shadowsocks to your list of dependencies in mix.exs:

def deps do
  [{:shadowsocks, "~> 0.5"}]
end

Documentation

The online docs can be found at https://hexdocs.pm/shadowsocks.

Usage

start a listener

Shadowsocks.start(args)

the args is a keyword list, fields:

  • type required atom - the connection type, :client or :server or custom module name

    There are currently four built-in type:

    1. Shadowsocks.Conn.Client - general client, alias is :client
    2. Shadowsocks.Conn.Server - general server, alias is :server
    3. Shadowsocks.Conn.TransparentClient - transparent client, use iptables forward to this port instead socks5 client
    4. Shadowsocks.Conn.ObfsServer - simple http obfs server (Compatible with raw protocol, It means that can both accept http obfs client and original shadowsocks client. see: https://github.com/shadowsocks/simple-obfs)

  • port required integer - listen port

  • ip optional tuple - listen ip, example: {127,0,0,1}

  • method optional string - encode method, default: "rc4-md5"

  • password required string - encode password

  • ota optional bool - is force open one time auth, default: false

  • server optional tuple - required if type is :client, example: {"la.ss.org", 8388}

  • udp optional bool - enable udp relay (only support server side)

stop a listener

Shadowsocks.stop(port)

stop listener by listen port, always return :ok

update listener args

Shadowsocks.update(port, args)

the args is a keyword list, see Shadowsocks.start/1 method

IP blacklist

block ip

# block ipv4 address (also will add a ipv6 rule when ipv4 rule added)
Shadowsocks.BlackList.add({127,0,0,1})
# block ipv6 address
Shadowsocks.BlackList.add({0,0,0,0,0,0,0,1})

unblock ip

Shadowsocks.BlackList.del({127,0,0,1})

clear blacklist

# clear all rules
Shadowsocks.BlackList.clear(:all)
# clear static rules
Shadowsocks.BlackList.clear(:static)
# clear dynamic rules
Shadowsocks.BlackList.clear(:dynamic)

list blacklist

Shadowsocks.BlackList.list()

Configuration

startup listeners example:

config :shadowsocks, :listeners,
  [
    [
      type: :server,
      method: "aes-192-cfb",
      password: "pass",
      port: 8888,
      ota: true,
      ip: {127, 0, 0, 1}
    ],
    [
      type: Shadowsocks.Conn.Http302,
      method: "rc4-md5",
      password: "pass",
      port: 8889,
      ota: false,
      ip: {0, 0, 0, 0},
      redirect_url: "https://google.com"
    ],
    [
      type: :client,
      method: "aes-192-cfb",
      password: "pass",
      server: {"localhost", 8888},
      port: 1080,
      ota: true,
      ip: {127, 0, 0, 1}
    ],
  ]

compile time configs

config :shadowsocks, :report,
    port_min_flow: 5 * 1024 * 1024, # report flow when cached flow exceed :port_min_flow
    port_min_time: 60 * 1000,       # report flow when cached flow after :port_min_time
    conn_min_flow: 5 * 1024 * 1024  # send flow to listener when cached flow exceed :conn_min_flow

config :shadowsocks, :protocol,
  recv_timeout: 180000,             # timeout for receive header
  anti_max_time: 10000,             # anti max delay time (ms), random sleep time before close connection
  anti_max_bytes: 500,              # anti max reply bytes, random bytes send to client
  anti_detect: true                 # on / off anti protocol detection
config :shadowsocks,:skip_localhost, true # skip local lookback address(remote address), prevent attacks

runtime configs

# dynamic block attack ip
config :shadowsocks, :dynamic_blocklist,
  enable: true,
  attack_times: 30, # block ip when attack times more than attack_times in attack_time
  collect_duration: 3600 * 1000, # collect attack times every collect_duration
  block_expire: 7 * 3600 * 1000 # how long to block ip

Connection Events

Event name: Shadowsocks.Event

events:

{:port, :open, port}                       # when start listener on port
{:conn, :open, {port, pid, addr}}  # when received connection request
{:conn, :close, {port, pid, reason, flow}} # when connection process exited
{:conn, :connect, {port, pid, {ret, addr, port}}} # connect to remote addr result
{:port, :flow, {port, down, up}}           # flow report on the port
{:bad_request, port, addr} # bad client connection detected (`port` is listener port, `addr` is client addr)
{:dynamic_blocked, addr} # the addr was blocked by dynamic block rules

About

elixir port of shadowsocks

Topics

erlang elixir proxy shadowsocks

Resources

Readme

License

View license
Activity

Stars

44 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases 11

v0.5.2 Latest
Dec 28, 2018
+ 10 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages