Imibhalo ye-Shadowsocks
Navigation
Ifomethi yokucushwa kwe-Shadowsocks
Lungiselela Ifayela
Ama-Shadowsocks athatha ukucushwa kwefomethi ye-JSON:
{
"server":"my_server_ip",
"server_port":8388,
“imbobo_yasendaweni”:1080,
"iphasiwedi":"barfoo!",
“indlela”:”chacha20-ietf-poly1305″
}
Ifomethi ye-JSON
- iseva : igama lakho lomethuleli noma i-IP yeseva (IPv4/IPv6).
- imbobo_yeseva: inombolo yembobo yeseva.
- local_port: inombolo yembobo yendawo.
- iphasiwedi: iphasiwedi esetshenziselwa ukubethela ukudlulisa.
- indlela: indlela yokubhala.
Indlela Yokubethela
Silungiselela amaseva ethu futhi sincoma ukuthi usebenzise i-chacha20-ietf-poly1305 AEAD cipher ngoba iyindlela enamandla yokubhala ngemfihlo.
Uma ulungiselela iseva yakho ye-shadowsocks, ungakhetha kusukela ku-"chacha20-ietf-poly1305" noma "aes-256-gcm".
Ikhodi ye-URI ne-QR
Ama-Shadowsocks e-Android / IOS nawo athatha ifomethi ye-BASE64 efakwe ikhodi ye-URI:
ss://BASE64-ENCODED-STRING-WITHOUT-PADDING#TAG
I-URI engenalutho kufanele ibe: ss://method:password@hostname:port
I-URI engenhla ayilandeli i-RFC3986. Igama eliyimfihlo kuleli cala kufanele libe umbhalo ongenalutho, hhayi ukubhalwa ngekhodi ngamaphesenti.
Isibonelo: Sisebenzisa iseva kokuthi 192.168.100.1:8888 usebenzisa bf-cfb indlela yokubhala nephasiwedi isivivinyo/!@#:.
Bese, nge-URI engenalutho ss://bf-cfb:test/!@#:@192.168.100.1:8888, singakwazi ukukhiqiza i-URI efakwe ikhodi ye-BASE64:
> console.log(“ss://” + btoa(“bf-cfb:test/!@#:@192.168.100.1:8888”) )
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg
Ukusiza ukuhlela nokukhomba lawa ma-URI, ungangeza umaka ngemva kweyunithi yezinhlamvu ebhalwe ngekhodi ye-BASE64:
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg#example-server
Ukukhuluma
Ama-Shadowsocks asebenzisa amakheli atholakala ngefomethi yekheli le-SOCKS5:
[uhlobo lwebhayithi elingu-1][umsingathi wobude obuguquguqukayo][2-byte port]
Nazi izinhlobo zamakheli ezichaziwe:
- 0x01 : umsingathi yikheli le-IPv4 lamabhayithi angu-4.
- 0x03 : umsingathi uyiyunithi yezinhlamvu yobude obuguquguqukayo, eqala ngobude bebhayithi elingu-1, elandelwa igama lesizinda esingu-255-byte max.
- 0x04 : umsingathi yikheli le-IPv16 lamabhayithi angu-6.
Inombolo yembobo iyinombolo enkulu engasayiniwe engu-2-byte.
I-TCP
Iklayenti le-ss-local liqala ukuxhumana ne-ss-remote ngokuthumela idatha ebethelwe iqala ngekheli eliqondiwe lilandelwa idatha yomthwalo okhokhelwayo. Ukubethela kuzohluka ngokuya nge-cipher esetshenzisiwe.
[ikheli okuqondisiwe][payload]
I-ss-remote ithola idatha ebethelwe, bese isusa ukubethela futhi ihlukanise ikheli eliqondiwe. Bese idala uxhumo olusha lwe-TCP kokuhlosiwe bese idlulisela idatha yomthwalo okhokhelwayo kuyo. I-ss-remote ithola impendulo esuka kokuqondisiwe bese ibethela idatha bese iyidlulisela emuva ku-ss-local ize inqanyulwe.
Ngezinjongo ze-obfuscation, indawo nesilawuli kude kufanele kuthumele idatha yokuxhawulana nomthwalo othile ephaketheni lokuqala.
UDP
I-ss-local ithumela iphakethe ledatha elibethelwe eliqukethe ikheli eliqondiwe kanye nomthwalo okhokhelwayo ku-ss-remote.
[ikheli okuqondisiwe][payload]
Uma iphakethe elibethelwe selitholiwe, i-ss-remote isusa ukubethela futhi ihlukanise ikheli eliqondiwe. Ibese ithumela iphakethe ledatha elisha elinomthwalo okhokhelwayo kulokho okuqondiwe. I-ss-remote ithola amaphakethe edatha kusukela kokuqondisiwe futhi ilungiselela ikheli eliqondiwe ekulayisheni okukhokhelwayo kuphakethe ngalinye. Amakhophi abethelwe abuyiselwa ku-ss-local.
[ikheli okuqondisiwe][payload]
Le nqubo ingabiliswa ibe yi-ss-remote yenza ukuhumusha kwekheli lenethiwekhi ku-ss-local.