/shadowsocksr-native

从容翻越党国敏感日 ShadowsocksR (SSR) native implementation for all platforms, GFW terminator

Primary LanguageCGNU General Public License v3.0GPL-3.0

shadowsocksr-native

ShadowsocksR-native

Join the chat at https://gitter.im/ShadowsocksR-Live/

新特性: GFW 终结者 SSRoT

写给高危翻墙人士

帮助开发者改善 SSRoT

New feature: GFW terminator SSRoT English tutorial

Index

Intro

ShadowsocksR-native is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. It's derived from Shadowsocks-libev.

It is a port of ShadowsocksR created by @breakwa11, which is maintained by @ssrlive.

Current version: 0.4 | Changelog

Features

ShadowsocksR-native is written in pure C and only depends on libuv , mbedTLS , libsodium and json-c.

In normal usage, the memory footprint is about 600KB and the CPU utilization is no more than 5% on a low-end router (Buffalo WHR-G300N V2 with a 400MHz MIPS CPU, 32MB memory and 4MB flash).

For a full list of feature comparison between different versions of shadowsocks, refer to the Wiki page.

Encrypto method

none table
rc4 rc4-md5-6 rc4-md5
aes-128-cfb aes-192-cfb aes-256-cfb
aes-128-ctr aes-192-ctr aes-256-ctr
camellia-128-cfb camellia-192-cfb camellia-256-cfb
bf-cfb cast5-cfb des-cfb idea-cfb rc2-cfb seed-cfb
salsa20 chacha20 chacha20-ietf

Protocols & obfuscators

Protocols obfuscators
origin plain
auth_sha1_v4 http_simple
auth_aes128_sha1 http_post
auth_aes128_md5 http_mix
auth_chain_a tls1.2_ticket_auth
auth_chain_b tls1.2_ticket_fastauth
auth_chain_c/d/e/f

progress of data flow

+-----------------------------------------------------------------------------+
|                +--------------------------------------------------------+   |
|                |               +------------------------------------+   |   |
|                |               |            +-------------------+   |   |   |
|  obfuscator    |   encryptor   |  protocol  |     user data     |   |   |   |
|   |            |       |       |      |     +-------------------+   |   |   |
|   |            |       |       +------+-----------------------------+   |   |
|   |            +-------+--------------+---------------------------------+   |
+---+--------------------+--------------+-------------------------------------+
    |                    |              |                                            
    +-- server_encode    +-- encrypt    +-- server_pre_encrypt       <<<=== user data
    |                    |              |                                            
    +-- server_decode    +-- decrypt    +-- server_post_decrypt      ===>>> user data

Build

Distribution-specific guide


Debian & Ubuntu

For Unix-like systems, especially Debian-based systems, e.g. Ubuntu, Debian or Linux Mint, you can build the binary like this:

# Debian / Ubuntu
# sudo su                       # using root account
sudo apt-get update -y
sudo apt-get upgrade -y
sudo apt-get install --no-install-recommends build-essential autoconf libtool asciidoc xmlto -y
sudo apt-get install git gcc g++ gdb cmake automake -y
sudo apt-get -f install -y

# cd /                          # switch to root directory
git clone https://github.com/ShadowsocksR-Live/shadowsocksr-native.git
mv shadowsocksr-native ssr-n  # rename shadowsocksr-native to ssr-n
cd ssr-n                      # enter ssr-n directory. 
git submodule update --init
git submodule foreach -q 'git checkout $(git config -f $toplevel/.gitmodules submodule.$name.branch || echo master)'

# build ShadowsocksR-native
mkdir build && cd build
cmake .. && make
# make install
# /bin/cp -rfa src/ssr-* /usr/bin

The target binaries are ssr-n/build/src/ssr-server, ssr-n/build/src/ssr-client and ssr-n/build/src/ssr-local.

CentOS

CentOS 7 only. we don't support CentOS 6.x, it's too old.

Before build ssr-Native, we must install cmake 3.x first. following this

# CentOS / Fedora / RHEL
sudo su
yum install wget git gcc gcc-c++ gdb autoconf automake libtool make asciidoc xmlto -y
curl https://cmake.org/files/v3.14/cmake-3.14.0-Linux-x86_64.sh -o a.sh
sh a.sh --prefix=/usr/ --exclude-subdir && rm -rf a.sh
cd /
git clone https://github.com/ShadowsocksR-Live/shadowsocksr-native.git
mv shadowsocksr-native ssr-n
cd ssr-n
git submodule update --init
git submodule foreach -q 'git checkout $(git config -f $toplevel/.gitmodules submodule.$name.branch || echo master)'

cmake . && make
# make install
# /bin/cp -rfa src/ssr-* /usr/bin

The target binaries are ssr-n/src/ssr-server, ssr-n/src/ssr-client and ssr-n/src/ssr-local.

macOS

For macOS, we must download/install/run Xcode first.

Then use Homebrew to install or build.

Install Homebrew and tools:

ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
brew install git cmake automake libtool
brew upgrade git cmake automake libtool

Now get source code and build it.

git clone https://github.com/ShadowsocksR-Live/shadowsocksr-native.git
mv shadowsocksr-native ssr-n
cd ssr-n
git submodule update --init
git submodule foreach -q 'git checkout $(git config -f $toplevel/.gitmodules submodule.$name.branch || echo master)'

cmake . && make

The target binaries are ssr-n/src/ssr-server, ssr-n/src/ssr-client and ssr-n/src/ssr-local.

Windows

For Windows, chekout the project using the following commands then open win32/ssr-native.sln with Visual Studio 2010. Enjoy it!

git clone https://github.com/ShadowsocksR-Live/shadowsocksr-native.git 
git submodule update --init
git submodule foreach -q 'git checkout $(git config -f $toplevel/.gitmodules submodule.$name.branch || echo master)'

Usage

For a detailed and complete list of all supported arguments, you may refer to the man pages of the applications, respectively.

    ssr-[client|local|server]

       [-c <config_file>]         The path to config file

       [-d]                       Run in background as a daemon.

       [-h]                       Show this help message.

Sample configure file

config.json

{
    "password": "password",
    "method": "aes-128-ctr",
    "protocol": "auth_aes128_md5",
    "protocol_param": "",
    "obfs": "tls1.2_ticket_auth",
    "obfs_param": "",

    "udp": true,
    "idle_timeout": 300,
    "connect_timeout": 6,
    "udp_timeout": 6,

    "server_settings": {
        "listen_address": "0.0.0.0",
        "listen_port": 12475
    },

    "client_settings": {
        "server": "12.34.56.78",
        "server_port": 12475,
        "listen_address": "0.0.0.0",
        "listen_port": 1080
    },

    "over_tls_settings": {
        "enable": false,
        "server_domain": "goodsitesample.com",
        "path": "/udg151df/",
        "root_cert_file": ""
    }
}

cmake

In the CentOS 7, the cmake version is too old to work with ShadowsocksR-Native. So we must install it by ourselves.

sudo su
cd /
curl https://cmake.org/files/v3.14/cmake-3.14.5-Linux-x86_64.sh -o a.sh
sh a.sh  --prefix=/usr/ --exclude-subdir
rm -rf a.sh
cmake --version

And the cmake --version command will output message likes:

cmake version 3.14.5
CMake suite maintained and supported by Kitware (kitware.com/cmake).

Deploy server

Supporting CentOS 7 / Debian / Ubuntu with the following commands

sudo su
wget --no-check-certificate https://raw.githubusercontent.com/ShadowsocksR-Live/shadowsocksr-native/master/install/ssrn-install.sh
chmod +x ssrn-install.sh
./ssrn-install.sh 2>&1 | tee ssr-n.log

After installation, we can view the status with

systemctl status ssr-native.service

And we can view or edit the configuration with cat or vi in root privilege

cat /etc/ssr-native/config.json

After we changed the server configuration, we must restart the service to make the changes take effect.

systemctl restart ssr-native.service

To stop the server, please run

systemctl stop ssr-native.service

To uninstall the server, use the following command

./ssrn-install.sh uninstall