https://github.com/cfal/shoes

A multi-protocol proxy server written in Rust (HTTP, HTTPS, SOCKS5, Vmess, Vless, Shadowsocks, Trojan, Snell)
https://github.com/cfal/shoes

anticensorship gfw network proxy proxy-client proxy-server quic rust shadowsocks snell snell-server socks5 tls trojan tunnel v2ray vless vmess vmess-ws-tls vpn

Last synced: about 1 month ago
JSON representation

A multi-protocol proxy server written in Rust (HTTP, HTTPS, SOCKS5, Vmess, Vless, Shadowsocks, Trojan, Snell)

• Host: GitHub
• URL: https://github.com/cfal/shoes
• Owner: cfal
• License: mit
• Created: 2022-01-29T20:47:08.000Z (over 2 years ago)
• Default Branch: master
• Last Pushed: 2024-02-22T06:35:30.000Z (3 months ago)
• Last Synced: 2024-03-30T09:01:47.242Z (2 months ago)
• Topics: anticensorship, gfw, network, proxy, proxy-client, proxy-server, quic, rust, shadowsocks, snell, snell-server, socks5, tls, trojan, tunnel, v2ray, vless, vmess, vmess-ws-tls, vpn
• Language: Rust
• Homepage:
• Size: 158 KB
• Stars: 156
• Watchers: 4
• Forks: 11
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Lists

• awesome-rust - shoes - protocol proxy server (Applications)

README

        
# shoes

shoes is a multi-protocol proxy server written in Rust.

## Supported protocols

- **HTTP/HTTPS** (TCP, QUIC)

- **SOCKS5** (TCP, QUIC)

- **Vmess** (TCP, QUIC, UDP-over-TCP)

  - AEAD and Legacy modes

  - Supported ciphers:

    - aes-128-gcm

    - chacha20-poly1305

- **Vless** (TCP, QUIC)

- **Snell** v3 (TCP, QUIC, UDP-over-TCP)

  - Supported ciphers:

    - aes-128-gcm

    - aes-256-gcm

    - chacha20-ietf-poly1305

- **Shadowsocks** (TCP, QUIC)

  - Supported ciphers:

    - aes-128-gcm

    - aes-256-gcm

    - chacha20-ietf-poly1305

    - 2022-blake3-aes-128-gcm

    - 2022-blake3-aes-256-gcm

    - 2022-blake3-chacha20-ietf-poly1305

- **Trojan** (TCP, QUIC)

  - Supported ciphers:

    - aes-128-gcm

    - aes-256-gcm

    - chacha20-ietf-poly1305

## Features

All supported protocols can be combined with the following features:

- **TLS support** with SNI based forwarding

- **Websocket obfs** (Shadowsocks SIP003)

- **Upstream proxy support**: route connections through other proxy servers

- **Forwarding rules (allowlists/blocklists)**: Block or redirect connections based on IP or hostname

- **Hot reloading**: Updated configs are automatically reloaded

- **Netmask and proxy groups**

## Examples

Here's an example of running a WSS vmess and shadowsocks server, with all requests routed through a SOCKS proxy:

```yaml

# Listen on all IPv4 interfaces, port 443 (HTTPS)

- address: 0.0.0.0:443

  transport: tcp

  # Use TLS as the first protocol layer

  protocol:

    type: tls

    # Set a default target, for any (or no) SNI

    default_target:

      cert: cert.pem

      key: key.pem

      # ..which goes to a websocket server

      protocol:

        type: ws

        # .. where we have different supported proxy protocols, based on HTTP request path and headers.

        targets:

          - matching_path: /vmess

            matching_headers:

              X-Secret-Key: "secret"

            protocol:

              type: vmess

              # allow any cipher, which means: none, aes-128-gcm, or chacha20-poly1305.

              cipher: any

              user_id: b0e80a62-8a51-47f0-91f1-f0f7faf8d9d4

          - matching_path: /shadowsocks

            protocol:

              type: shadowsocks

              cipher: 2022-blake3-aes-256-gcm

              password: Hax8btYlNao5qcaN/l/NUl9JgbwapfqG5QyAtH+aKPg=

  rules:

    # Allow clients to connect to all IPs

    - mask: 0.0.0.0/0

      action: allow

      # Forward all requests through a local SOCKS server.

      client_proxy:

        address: 127.0.0.1:5000

        protocol:

          type: socks

          username: socksuser

          password: secretpass

```

For other YAML config examples, see the [examples](./examples) directory.

## Installation

Precompiled binaries for x86_64 and Apple aarch64 are available on [Github Releases](https://github.com/cfal/shoes/releases).

Else, if you have a fairly recent Rust and cargo installation on your system, shoes can be installed with `cargo`.

```bash

cargo install shoes

```

## Usage

```

shoes [OPTIONS]  [YAML CONFIG PATH] [..]

OPTIONS:

    -t, --threads NUM

        Set the number of worker threads. This usually defaults to the number of CPUs.

    -d, --dry-run

        Parse the config and exit.

```

## Config format

Sorry, formal documentation for the YAML config format have not yet been written. You can refer to the [examples](./examples), or open an issue if you need help.

## Roadmap

- Proxy client chaining

- SOCKS and Shadowsocks UDP support

## Similar projects

- [shadowsocks-rust](https://github.com/shadowsocks/shadowsocks-rust): A Rust port of shadowsocks

- [v2ray-core](https://github.com/v2ray/v2ray-core): A full-featured proxy platform written in Go