Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/9seconds/docker-shadow

Container with Shadowsocks/KCPTun
https://github.com/9seconds/docker-shadow

Last synced: about 1 year ago
JSON representation

Container with Shadowsocks/KCPTun

Awesome Lists containing this project

README 

          
# docker-shadow



Container with Shadowsocks/KCPTun.



Installation

------------



First option is to pull from Docker registry:



```console

$ docker pull nineseconds/docker-shadow

```



Another option is to build an image:



```console

$ git clone https://github.com/9seconds/docker-shadow.git

$ docker build --pull -t shadow ./docker-shadow

```



Run

---



Here is the help:



```console

usage: shadowsocks [-h] [-p SERVER_PORT] [-k PASSWORD] [-n NAMESERVER]

                   [-e {aes-128-gcm,aes-192-gcm,aes-256-gcm,rc4-md5,aes-128-cfb,aes-192-cfb,aes-256-cfb,aes-128-ctr,aes-192-ctr,aes-256-ctr,bf-cfb,camellia-128-cfb,camellia-192-cfb,camellia-256-cfb,chacha20-ietf-poly1305,salsa20,chacha20,chacha20-ietf}]

                   ip {obfs,kcptun,show} ...



Run shadowsocks/kcptun with supervisord.



positional arguments:

  ip                    IP address of ShadowSocks server (required for QR

                        code)

  {obfs,kcptun,show}

    obfs                OBFS plugin settings.

    kcptun              KCPTun plugin settings.

    show                Show connection settings.



optional arguments:

  -h, --help            show this help message and exit

  -p SERVER_PORT, --server-port SERVER_PORT

                        Port to listen on. (default: 443)

  -k PASSWORD, --password PASSWORD

                        Password to use. Default is autogenerated. (default:

                        None)

  -n NAMESERVER, --nameserver NAMESERVER

                        Nameserver to use. (default: 1.1.1.1)

  -e {aes-128-gcm,aes-192-gcm,aes-256-gcm,rc4-md5,aes-128-cfb,aes-192-cfb,aes-256-cfb,aes-128-ctr,aes-192-ctr,aes-256-ctr,bf-cfb,camellia-128-cfb,camellia-192-cfb,camellia-256-cfb,chacha20-ietf-poly1305,salsa20,chacha20,chacha20-ietf}, --encryption_mode {aes-128-gcm,aes-192-gcm,aes-256-gcm,rc4-md5,aes-128-cfb,aes-192-cfb,aes-256-cfb,aes-128-ctr,aes-192-ctr,aes-256-ctr,bf-cfb,camellia-128-cfb,camellia-192-cfb,camellia-256-cfb,chacha20-ietf-poly1305,salsa20,chacha20,chacha20-ietf}

                        Cipher to use. (default: chacha20-ietf-poly1305)

```



If you want to have OBFS:



```console

usage: shadowsocks ip obfs [-h] [-t HOST] {tls,http}



positional arguments:

  {tls,http}            Which mode is to use for obfuscating.



optional arguments:

  -h, --help            show this help message and exit

  -t HOST, --host HOST  Hostname for obfuscating. Default is autogenerated.

                        (default: None)

```



If you want to have KCPTun:



```console

usage: shadowsocks ip obfs [-h] [-t HOST] {tls,http}



positional arguments:

  {tls,http}            Which mode is to use for obfuscating.



optional arguments:

  -h, --help            show this help message and exit

  -t HOST, --host HOST  Hostname for obfuscating. Default is autogenerated.

                        (default: None)

kcptun

usage: shadowsocks ip kcptun [-h] [-p PORT] [-r {normal,fast,fast2,fast3}]

                             [-t MTU] [-s SNDWND] [-w RCVWND] [-a DATASHARD]

                             [-d PARITYSHARD] [-q DSCP] [-z] [-y KEY]



optional arguments:

  -h, --help            show this help message and exit

  -p PORT, --port PORT  Default port to listen on (default: 444)

  -r {normal,fast,fast2,fast3}, --profile {normal,fast,fast2,fast3}

                        Profile to use with KCPTun. (default: fast2)

  -t MTU, --mtu MTU     MTU for packets. (default: 1350)

  -s SNDWND, --sndwnd SNDWND

                        Send window in packets. (default: 128)

  -w RCVWND, --rcvwnd RCVWND

                        Receive window in packets. (default: 512)

  -a DATASHARD, --datashard DATASHARD

                        Reed-Solomon erasure coding - datashard (default: 10)

  -d PARITYSHARD, --parityshard PARITYSHARD

                        Reed-Solomon erasure coding - parityshard (default: 3)

  -q DSCP, --dscp DSCP  DSCP(6 bits) (default: 0)

  -z, --compression     Enable compression (default: False)

  -y KEY, --key KEY     Key to work with KCPTun. Default is random generated.

                        (default: None)

```



To run Shadowsocks, just do following:



```console

$ docker run --rm=true -it --name shadow -p 6500:444/udp -p 6443:443/tcp -p 6443:443/udp shadow -p 6443  obfs tls

```



Where `` is IP address of your machine. 443 port of container (both UDP and TCP) is for Shadowsocks, 444 - for KCPTun.



After you run you container, you need a way on how to get a link for your application. To get that, use following command:



```console

$ docker exec -it shadow sh -c 'show'

```



This will show SS SIP002 URL and a link to QR code



Caveats

-------



* OBFS mode works fine with DNS propagation

* KCPTun works without DNS propagation (because KCP does not work well with UDP at this moment)