Top Related Projects
A Rust port of shadowsocks
A platform for building proxies to bypass network restrictions.
An unidentifiable mechanism that helps you bypass GFW.
A Quantum-Safe Secure Tunnel based on QPP, KCP, FEC, and N:M multiplexing.
GO Simple Tunnel - a simple tunnel written in golang
Quick Overview
Shadowsocks-go is a lightweight tunnel proxy designed to help users bypass network restrictions and firewalls. It's a Go implementation of the Shadowsocks protocol, providing a fast and efficient way to create secure connections for internet traffic.
Pros
- Written in Go, offering high performance and concurrent processing capabilities
- Cross-platform compatibility, running on various operating systems
- Simple and lightweight, with minimal resource requirements
- Supports multiple encryption methods for enhanced security
Cons
- Limited feature set compared to some other Shadowsocks implementations
- Less active development and updates compared to more popular versions
- May require additional configuration for advanced use cases
- Documentation could be more comprehensive for new users
Code Examples
- Creating a Shadowsocks server:
package main
import (
"github.com/shadowsocks/shadowsocks-go/shadowsocks"
)
func main() {
config := &shadowsocks.Config{
Server: "0.0.0.0",
ServerPort: 8388,
Password: "your-password",
Method: "aes-256-cfb",
}
shadowsocks.RunServer(config)
}
- Creating a Shadowsocks client:
package main
import (
"github.com/shadowsocks/shadowsocks-go/shadowsocks"
)
func main() {
client, err := shadowsocks.NewClient("server-address:8388", "your-password", "aes-256-cfb")
if err != nil {
panic(err)
}
defer client.Close()
// Use client to create connections
conn, err := client.Dial("tcp", "example.com:80")
if err != nil {
panic(err)
}
defer conn.Close()
// Use conn for communication
}
- Setting up a local SOCKS5 proxy:
package main
import (
"github.com/shadowsocks/shadowsocks-go/shadowsocks"
)
func main() {
config := &shadowsocks.Config{
Server: "server-address",
ServerPort: 8388,
LocalPort: 1080,
Password: "your-password",
Method: "aes-256-cfb",
}
shadowsocks.RunClient(config)
}
Getting Started
To use shadowsocks-go, follow these steps:
- Install Go on your system if not already installed.
- Install shadowsocks-go:
go get github.com/shadowsocks/shadowsocks-go - Create a configuration file (e.g.,
config.json):{ "server": "0.0.0.0", "server_port": 8388, "local_port": 1080, "password": "your-password", "method": "aes-256-cfb", "timeout": 300 } - Run the Shadowsocks server:
shadowsocks-server -c config.json - Run the Shadowsocks client:
shadowsocks-local -c config.json
Now you can configure your applications to use the local SOCKS5 proxy at 127.0.0.1:1080.
Competitor Comparisons
A Rust port of shadowsocks
Pros of shadowsocks-rust
- Higher performance and lower resource usage due to Rust's efficiency
- Better memory safety and fewer potential security vulnerabilities
- More active development and frequent updates
Cons of shadowsocks-rust
- Steeper learning curve for developers not familiar with Rust
- Smaller ecosystem and fewer third-party plugins compared to Go
Code Comparison
shadowsocks-rust:
use shadowsocks::{
config::ServerConfig,
crypto::CipherKind,
run_server,
};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let server_config = ServerConfig::new("127.0.0.1:8388", "password", CipherKind::AES_256_GCM);
run_server(server_config).await?;
Ok(())
}
shadowsocks-go:
package main
import (
"github.com/shadowsocks/shadowsocks-go/shadowsocks"
)
func main() {
config := &shadowsocks.Config{
Server: "127.0.0.1:8388",
Password: "password",
Method: "aes-256-gcm",
}
shadowsocks.RunServer(config)
}
The code comparison shows that both implementations have similar structure and simplicity. However, shadowsocks-rust leverages Rust's async/await syntax and stronger type system, while shadowsocks-go uses a more straightforward approach typical of Go programs.
A platform for building proxies to bypass network restrictions.
Pros of v2ray-core
- More versatile with support for multiple protocols and transport layers
- Advanced features like traffic obfuscation and routing capabilities
- Active development and regular updates
Cons of v2ray-core
- Higher complexity and steeper learning curve
- Potentially higher resource usage due to additional features
- May be overkill for users seeking simple proxy functionality
Code Comparison
v2ray-core (Go):
type ServerConfig struct {
Address *Address
Port uint16
User []*User
Network []net.Network
}
shadowsocks-go (Go):
type Config struct {
Server interface{}
ServerPort int
LocalPort int
Password string
Method string
Timeout int
}
v2ray-core offers a more complex configuration structure, allowing for multiple users and network types, while shadowsocks-go provides a simpler configuration focused on basic proxy settings. This reflects the difference in complexity and feature sets between the two projects.
v2ray-core is a more comprehensive solution with advanced features, making it suitable for users who need flexibility and powerful traffic management. shadowsocks-go, on the other hand, is simpler and easier to set up, making it a good choice for users who prioritize ease of use and basic proxy functionality.
An unidentifiable mechanism that helps you bypass GFW.
Pros of Trojan
- Designed to be more resistant to deep packet inspection (DPI) and active probing
- Uses TLS encryption, making traffic appear similar to HTTPS
- Supports multiple users with different passwords on a single server
Cons of Trojan
- Requires a valid domain name and SSL certificate for proper operation
- May have slightly higher latency due to TLS overhead
- Less widespread adoption compared to Shadowsocks
Code Comparison
Trojan (C++):
void Session::start() {
auto self = shared_from_this();
in_socket.async_wait(tcp::socket::wait_read, [this, self](const boost::system::error_code &ec) {
if (ec) {
destroy();
return;
}
in_async_read();
});
}
Shadowsocks-go (Go):
func (c *Conn) Write(b []byte) (n int, err error) {
if c.enc == nil {
iv := make([]byte, c.info.ivLen)
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return 0, err
}
c.enc = c.info.newEncrypter(iv)
n, err = c.Conn.Write(iv)
}
return
}
The code snippets show different approaches to handling connections and encryption in each project, reflecting their respective languages and design philosophies.
A Quantum-Safe Secure Tunnel based on QPP, KCP, FEC, and N:M multiplexing.
Pros of kcptun
- Utilizes KCP protocol for improved network performance, especially in high-latency or lossy environments
- Offers more advanced features like FEC (Forward Error Correction) and congestion control
- Provides better throughput and lower latency compared to traditional TCP-based solutions
Cons of kcptun
- Higher CPU and memory usage due to the complexity of the KCP protocol
- May require more configuration and fine-tuning to achieve optimal performance
- Less widespread adoption compared to Shadowsocks, potentially leading to fewer community resources
Code Comparison
kcptun (client-side configuration):
kcpconn, err := kcp.DialWithOptions(remoteAddr, block, dataShards, parityShards)
if err != nil {
log.Fatal(err)
}
Shadowsocks-go (client-side configuration):
cipher, err := ss.NewCipher(config.Method, config.Password)
if err != nil {
log.Fatal("Error creating cipher:", err)
}
Both projects are written in Go and serve as network proxy tools. kcptun focuses on optimizing network performance using the KCP protocol, while Shadowsocks-go primarily aims to provide a secure and simple proxy solution. kcptun may offer better performance in certain network conditions but at the cost of increased complexity and resource usage.
GO Simple Tunnel - a simple tunnel written in golang
Pros of gost
- More comprehensive feature set, supporting multiple protocols beyond just Shadowsocks
- Active development with frequent updates and new features
- Flexible configuration options for various use cases
Cons of gost
- Potentially more complex to set up and configure due to its extensive features
- May have a larger resource footprint compared to the more focused Shadowsocks-go
Code Comparison
Shadowsocks-go (main server setup):
cipher, err := ss.NewCipher(config.Method, config.Password)
if err != nil {
log.Fatal("Error creating cipher:", err)
}
go run(port, cipher.Copy())
gost (main server setup):
chain := gost.NewChain(
gost.Node{Protocol: "socks5", Transport: "tcp"},
)
s, err := gost.NewServer(chain)
if err != nil {
log.Fatal(err)
}
s.Serve()
Summary
gost offers a more feature-rich and versatile solution for proxy and tunneling needs, supporting multiple protocols and providing extensive configuration options. However, this comes at the cost of increased complexity and potentially higher resource usage. Shadowsocks-go, on the other hand, focuses specifically on the Shadowsocks protocol, offering a simpler and more lightweight solution for those who only need Shadowsocks functionality.
Convert 
designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Deprecated
Use https://github.com/shadowsocks/go-shadowsocks2 instead.
shadowsocks-go
Current version: 1.2.2 
shadowsocks-go is a lightweight tunnel proxy which can help you get through firewalls. It is a port of shadowsocks.
The protocol is compatible with the origin shadowsocks (if both have been upgraded to the latest version).
Note server_password option syntax changed in 0.6.2, the client now connects to servers in the order specified in the config.
Please develop on the latest develop branch if you want to send pull request.
Install
Download precompiled binarys from the release page. (All compiled with cgo disabled, except the mac version.)
You can also install from source (assume you have go installed):
# on server
go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-server
# on client
go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-local
It's recommended to disable cgo when compiling shadowsocks-go. This will prevent the go runtime from creating too many threads for dns lookup.
Usage
Both the server and client program will look for config.json in the current directory. You can use -c option to specify another configuration file.
Configuration file is in json format and has the same syntax with shadowsocks-nodejs. You can download the sample config.json, change the following values:
server your server ip or hostname
server_port server port
local_port local socks5 proxy port
method encryption method, null by default (table), the following methods are supported:
aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, rc4-md5-6, chacha20, salsa20, rc4, table
password a password used to encrypt transfer
timeout server option, in seconds
Run shadowsocks-server on your server. To run it in the background, run shadowsocks-server > log &.
On client, run shadowsocks-local. Change proxy settings of your browser to
SOCKS5 127.0.0.1:local_port
About encryption methods
AES is recommended for shadowsocks-go. Intel AES Instruction Set will be used if available and can make encryption/decryption very fast. To be more specific, aes-128-cfb is recommended as it is faster and secure enough.
rc4 and table encryption methods are deprecated because they are not secure.
One Time Auth
OTA function is deprecated because it is reported to have potential security risk.
Command line options
Command line options can override settings from configuration files. Use -h option to see all available options.
shadowsocks-local -s server_address -p server_port -k password
-m aes-128-cfb -c config.json
-b local_address -l local_port
shadowsocks-server -p server_port -k password
-m aes-128-cfb -c config.json
-t timeout
Use -d option to enable debug message.
Use multiple servers on client
server_password specify multiple server and password, server should be in the form of host:port
Here's a sample configuration client-multi-server.json. Given server_password, client program will ignore server_port, server and password options.
Servers are chosen in the order specified in the config. If a server can't be connected (connection failure), the client will try the next one. (Client will retry failed server with some probability to discover server recovery.)
Multiple users with different passwords on server
The server can support users with different passwords. Each user will be served by a unique port. Use the following options on the server for such setup:
port_password specify multiple ports and passwords to support multiple users
Here's a sample configuration server-multi-port.json. Given port_password, server program will ignore server_port and password options.
Update port password for a running server
Edit the config file used to start the server, then send SIGHUP to the server process.
Note to OpenVZ users
Use OpenVZ VM that supports vswap. Otherwise, the OS will incorrectly account much more memory than actually used. shadowsocks-go on OpenVZ VM with vswap takes about 3MB memory after startup. (Refer to this issue for more details.)
If vswap is not an option and memory usage is a problem for you, try shadowsocks-libev.
Top Related Projects
A Rust port of shadowsocks
A platform for building proxies to bypass network restrictions.
An unidentifiable mechanism that helps you bypass GFW.
A Quantum-Safe Secure Tunnel based on QPP, KCP, FEC, and N:M multiplexing.
GO Simple Tunnel - a simple tunnel written in golang
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot