{"id":13416670,"url":"https://github.com/ginuerzh/gost","last_synced_at":"2025-05-12T22:33:51.728Z","repository":{"id":29047985,"uuid":"32575637","full_name":"ginuerzh/gost","owner":"ginuerzh","description":"GO Simple Tunnel - a simple tunnel written in golang","archived":false,"fork":false,"pushed_at":"2024-12-31T13:08:51.000Z","size":22801,"stargazers_count":16700,"open_issues_count":283,"forks_count":2544,"subscribers_count":320,"default_branch":"master","last_synced_at":"2025-05-05T17:21:29.017Z","etag":null,"topics":["dns","go","golang","http2","kcp","obfs4","quic","shadowsocks","sni","socks5","ssh","tls","tunnel","tuntap","udp"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ginuerzh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-03-20T09:45:08.000Z","updated_at":"2025-05-05T07:02:25.000Z","dependencies_parsed_at":"2023-02-18T15:45:51.617Z","dependency_job_id":"b292c91a-1383-45ae-95b7-1f52cfd97513","html_url":"https://github.com/ginuerzh/gost","commit_stats":{"total_commits":608,"total_committers":52,"mean_commits":"11.692307692307692","dds":0.5476973684210527,"last_synced_commit":"48c79709422fce4b967923ade15238b584477edd"},"previous_names":[],"tags_count":52,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ginuerzh%2Fgost","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ginuerzh%2Fgost/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ginuerzh%2Fgost/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ginuerzh%2Fgost/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ginuerzh","download_url":"https://codeload.github.com/ginuerzh/gost/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253138880,"owners_count":21860247,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","go","golang","http2","kcp","obfs4","quic","shadowsocks","sni","socks5","ssh","tls","tunnel","tuntap","udp"],"created_at":"2024-07-30T22:00:19.071Z","updated_at":"2025-05-12T22:33:51.689Z","avatar_url":"https://github.com/ginuerzh.png","language":"Go","funding_links":[],"categories":["Popular","Real network","Go","Misc","HarmonyOS","\u003ca id=\"1a9934198e37d6d06b881705b863afc8\"\u003e\u003c/a\u003e通信\u0026\u0026代理\u0026\u0026反向代理\u0026\u0026隧道","Server","Go (531)","\u003ca id=\"01e6651181d405ecdcd92a452989e7e0\"\u003e\u003c/a\u003e工具","网络服务","shadowsocks","Libraries","开发工具\u0026框架","Categories","Repositories"],"sub_categories":["Windows Manager","\u003ca id=\"56acb7c49c828d4715dce57410d490d1\"\u003e\u003c/a\u003e未分类-Proxy","Gost","\u003ca id=\"9d6789f22a280f5bb6491d1353b02384\"\u003e\u003c/a\u003e隧道\u0026\u0026穿透","网络服务_其他","Go","Network tunnels"],"readme":"GO Simple Tunnel\n======\n\n### GO语言实现的安全隧道\n\n[![GoDoc](https://godoc.org/github.com/ginuerzh/gost?status.svg)](https://godoc.org/github.com/ginuerzh/gost)\n[![Go Report Card](https://goreportcard.com/badge/github.com/ginuerzh/gost)](https://goreportcard.com/report/github.com/ginuerzh/gost)\n[![codecov](https://codecov.io/gh/ginuerzh/gost/branch/master/graphs/badge.svg)](https://codecov.io/gh/ginuerzh/gost/branch/master)\n[![GitHub release](https://img.shields.io/github/release/ginuerzh/gost.svg)](https://github.com/ginuerzh/gost/releases/latest)\n[![Docker](https://img.shields.io/docker/pulls/ginuerzh/gost.svg)](https://hub.docker.com/r/ginuerzh/gost/)\n[![gost](https://snapcraft.io/gost/badge.svg)](https://snapcraft.io/gost)\n \n[English README](README_en.md)\n\n特性\n------\n\n* 多端口监听\n* 可设置转发代理，支持多级转发(代理链)\n* 支持标准HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5代理协议\n* Web代理支持[探测防御](https://v2.gost.run/probe_resist/)\n* [支持多种隧道类型](https://v2.gost.run/configuration/)\n* [SOCKS5代理支持TLS协商加密](https://v2.gost.run/socks/)\n* [Tunnel UDP over TCP](https://v2.gost.run/socks/)\n* [TCP/UDP透明代理](https://v2.gost.run/redirect/)\n* [本地/远程TCP/UDP端口转发](https://v2.gost.run/port-forwarding/)\n* [支持Shadowsocks(TCP/UDP)协议](https://v2.gost.run/ss/)\n* [支持SNI代理](https://v2.gost.run/sni/)\n* [权限控制](https://v2.gost.run/permission/)\n* [负载均衡](https://v2.gost.run/load-balancing/)\n* [路由控制](https://v2.gost.run/bypass/)\n* DNS[解析](https://v2.gost.run/resolver/)和[代理](https://v2.gost.run/dns/)\n* [TUN/TAP设备](https://v2.gost.run/tuntap/)\n\nWiki站点: [v2.gost.run](https://v2.gost.run)\n\nTelegram讨论群: \u003chttps://t.me/gogost\u003e\n\nGoogle讨论组: \u003chttps://groups.google.com/d/forum/go-gost\u003e\n\nGOST v3 \u003chttps://gost.run\u003e\n\n安装\n------\n\n#### 二进制文件\n\n\u003chttps://github.com/ginuerzh/gost/releases\u003e\n\n#### 源码编译\n\n```bash\ngit clone https://github.com/ginuerzh/gost.git\ncd gost/cmd/gost\ngo build\n```\n\n#### Docker\n\n```bash\ndocker run --rm ginuerzh/gost -V\n```\n\n#### Homebrew\n\n```bash\nbrew install gost\n```\n\n#### Ubuntu商店\n\n\n```bash\nsudo snap install core\nsudo snap install gost\n```\n\n快速上手\n------\n\n#### 不设置转发代理\n\n\u003cimg src=\"https://ginuerzh.github.io/images/gost_01.png\" /\u003e\n\n* 作为标准HTTP/SOCKS5代理\n\n```bash\ngost -L=:8080\n```\n\n* 设置代理认证信息\n\n```bash\ngost -L=admin:123456@localhost:8080\n```\n\n* 多端口监听\n\n```bash\ngost -L=http2://:443 -L=socks5://:1080 -L=ss://aes-128-cfb:123456@:8338\n```\n\n#### 设置转发代理\n\n\u003cimg src=\"https://ginuerzh.github.io/images/gost_02.png\" /\u003e\n\n```bash\ngost -L=:8080 -F=192.168.1.1:8081\n```\n\n* 转发代理认证\n\n```bash\ngost -L=:8080 -F=http://admin:123456@192.168.1.1:8081\n```\n\n#### 设置多级转发代理(代理链)\n\n\u003cimg src=\"https://ginuerzh.github.io/images/gost_03.png\" /\u003e\n\n```bash\ngost -L=:8080 -F=quic://192.168.1.1:6121 -F=socks5+wss://192.168.1.2:1080 -F=http2://192.168.1.3:443 ... -F=a.b.c.d:NNNN\n```\n\ngost按照-F设置的顺序通过代理链将请求最终转发给a.b.c.d:NNNN处理，每一个转发代理可以是任意HTTP/HTTPS/HTTP2/SOCKS4/SOCKS5/Shadowsocks类型代理。\n\n#### 本地端口转发(TCP)\n\n```bash\ngost -L=tcp://:2222/192.168.1.1:22 [-F=...]\n```\n\n将本地TCP端口2222上的数据(通过代理链)转发到192.168.1.1:22上。当代理链末端(最后一个-F参数)为SSH转发通道类型时，gost会直接使用SSH的本地端口转发功能:\n\n```bash\ngost -L=tcp://:2222/192.168.1.1:22 -F forward+ssh://:2222\n```\n\n#### 本地端口转发(UDP)\n\n```bash\ngost -L=udp://:5353/192.168.1.1:53?ttl=60 [-F=...]\n```\n\n将本地UDP端口5353上的数据(通过代理链)转发到192.168.1.1:53上。\n每条转发通道都有超时时间，当超过此时间，且在此时间段内无任何数据交互，则此通道将关闭。可以通过`ttl`参数来设置超时时间，默认值为60秒。\n\n**注:** 转发UDP数据时，如果有代理链，则代理链的末端(最后一个-F参数)必须是gost SOCKS5类型代理，gost会使用UDP over TCP方式进行转发。\n\n#### 远程端口转发(TCP)\n\n```bash\ngost -L=rtcp://:2222/192.168.1.1:22 [-F=... -F=socks5://172.24.10.1:1080]\n```\n将172.24.10.1:2222上的数据(通过代理链)转发到192.168.1.1:22上。当代理链末端(最后一个-F参数)为SSH转发通道类型时，gost会直接使用SSH的远程端口转发功能:\n\n```bash\ngost -L=rtcp://:2222/192.168.1.1:22 -F forward+ssh://:2222\n```\n\n#### 远程端口转发(UDP)\n\n```bash\ngost -L=rudp://:5353/192.168.1.1:53?ttl=60 [-F=... -F=socks5://172.24.10.1:1080]\n```\n将172.24.10.1:5353上的数据(通过代理链)转发到192.168.1.1:53上。\n每条转发通道都有超时时间，当超过此时间，且在此时间段内无任何数据交互，则此通道将关闭。可以通过`ttl`参数来设置超时时间，默认值为60秒。\n\n**注:** 转发UDP数据时，如果有代理链，则代理链的末端(最后一个-F参数)必须是GOST SOCKS5类型代理，gost会使用UDP-over-TCP方式进行转发。\n\n#### HTTP2\n\ngost的HTTP2支持两种模式：\n* 作为标准的HTTP2代理，并向下兼容HTTPS代理。\n* 作为通道传输其他协议。\n\n##### 代理模式\n服务端:\n```bash\ngost -L=http2://:443\n```\n客户端:\n```bash\ngost -L=:8080 -F=http2://server_ip:443\n```\n\n##### 通道模式\n服务端:\n```bash\ngost -L=h2://:443\n```\n客户端:\n```bash\ngost -L=:8080 -F=h2://server_ip:443\n```\n\n#### QUIC\ngost对QUIC的支持是基于[quic-go](https://github.com/quic-go/quic-go)库。\n\n服务端:\n```bash\ngost -L=quic://:6121\n```\n\n客户端:\n```bash\ngost -L=:8080 -F=quic://server_ip:6121\n```\n\n**注：** QUIC模式只能作为代理链的第一个节点。\n\n#### KCP\ngost对KCP的支持是基于[kcp-go](https://github.com/xtaci/kcp-go)和[kcptun](https://github.com/xtaci/kcptun)库。\n\n服务端:\n```bash\ngost -L=kcp://:8388\n```\n\n客户端:\n```bash\ngost -L=:8080 -F=kcp://server_ip:8388\n```\n\ngost会自动加载当前工作目录中的kcp.json(如果存在)配置文件，或者可以手动通过参数指定配置文件路径：\n```bash\ngost -L=kcp://:8388?c=/path/to/conf/file\n```\n\n**注：** KCP模式只能作为代理链的第一个节点。\n\n#### SSH\n\ngost的SSH支持两种模式：\n* 作为转发通道，配合本地/远程TCP端口转发使用。\n* 作为通道传输其他协议。\n\n##### 转发模式\n服务端:\n```bash\ngost -L=forward+ssh://:2222\n```\n客户端:\n```bash\ngost -L=rtcp://:1222/:22 -F=forward+ssh://server_ip:2222\n```\n\n##### 通道模式\n服务端:\n```bash\ngost -L=ssh://:2222\n```\n客户端:\n```bash\ngost -L=:8080 -F=ssh://server_ip:2222?ping=60\n```\n\n可以通过`ping`参数设置心跳包发送周期，单位为秒。默认不发送心跳包。\n\n\n#### 透明代理\n基于iptables的透明代理。\n\n```bash\ngost -L=redirect://:12345 -F=http2://server_ip:443\n```\n\n#### obfs4\n此功能由[@isofew](https://github.com/isofew)贡献。\n\n服务端:\n```bash\ngost -L=obfs4://:443\n```\n\n当服务端运行后会在控制台打印出连接地址供客户端使用:\n```\nobfs4://:443/?cert=4UbQjIfjJEQHPOs8vs5sagrSXx1gfrDCGdVh2hpIPSKH0nklv1e4f29r7jb91VIrq4q5Jw\u0026iat-mode=0\n```\n\n客户端:\n```\ngost -L=:8888 -F='obfs4://server_ip:443?cert=4UbQjIfjJEQHPOs8vs5sagrSXx1gfrDCGdVh2hpIPSKH0nklv1e4f29r7jb91VIrq4q5Jw\u0026iat-mode=0'\n```\n\n加密机制\n------\n\n#### HTTP\n\n对于HTTP可以使用TLS加密整个通讯过程，即HTTPS代理：\n\n服务端:\n\n```bash\ngost -L=https://:443\n```\n客户端:\n\n```bash\ngost -L=:8080 -F=http+tls://server_ip:443\n```\n\n#### HTTP2\n\ngost的HTTP2代理模式仅支持使用TLS加密的HTTP2协议，不支持明文HTTP2传输。\n\ngost的HTTP2通道模式支持加密(h2)和明文(h2c)两种模式。\n\n#### SOCKS5\n\ngost支持标准SOCKS5协议的no-auth(0x00)和user/pass(0x02)方法，并在此基础上扩展了两个：tls(0x80)和tls-auth(0x82)，用于数据加密。\n\n服务端:\n\n```bash\ngost -L=socks5://:1080\n```\n\n客户端:\n\n```bash\ngost -L=:8080 -F=socks5://server_ip:1080\n```\n\n如果两端都是gost(如上)则数据传输会被加密(协商使用tls或tls-auth方法)，否则使用标准SOCKS5进行通讯(no-auth或user/pass方法)。\n\n#### Shadowsocks\ngost对shadowsocks的支持是基于[shadowsocks-go](https://github.com/shadowsocks/shadowsocks-go)库。\n\n服务端:\n\n```bash\ngost -L=ss://chacha20:123456@:8338\n```\n客户端:\n\n```bash\ngost -L=:8080 -F=ss://chacha20:123456@server_ip:8338\n```\n\n##### Shadowsocks UDP relay\n\n目前仅服务端支持UDP Relay。\n\n服务端:\n\n```bash\ngost -L=ssu://chacha20:123456@:8338\n```\n\n#### TLS\ngost内置了TLS证书，如果需要使用其他TLS证书，有两种方法：\n* 在gost运行目录放置cert.pem(公钥)和key.pem(私钥)两个文件即可，gost会自动加载运行目录下的cert.pem和key.pem文件。\n* 使用参数指定证书文件路径：\n```bash\ngost -L=\"http2://:443?cert=/path/to/my/cert/file\u0026key=/path/to/my/key/file\"\n```\n\n对于客户端可以通过`secure`参数开启服务器证书和域名校验:\n```bash\ngost -L=:8080 -F=\"http2://server_domain_name:443?secure=true\"\n```\n\n对于客户端可以指定CA证书进行[证书锁定](https://en.wikipedia.org/wiki/Transport_Layer_Security#Certificate_pinning)(Certificate Pinning):\n```bash\ngost -L=:8080 -F=\"http2://:443?ca=ca.pem\"\n```\n证书锁定功能由[@sheerun](https://github.com/sheerun)贡献\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fginuerzh%2Fgost","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fginuerzh%2Fgost","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fginuerzh%2Fgost/lists"}