Shadowsocks takardun shaida
navigation
Tsarin Kanfigareshan Shadowsocks
Sanya Fayil
Shadowsocks yana ɗaukar tsarin tsarin JSON:
{
"server":"my_server_ip",
"tashar tashar jiragen ruwa": 8388,
"tashar tashar gida": 1080,
“Password”: “barfoo!”,
"Hanya":"chacha20-ietf-poly1305"
}
Tsarin JSON
- uwar garken: sunan mai masauki ko uwar garken IP (IPv4/IPv6).
- server_port: lambar tashar tashar uwar garke.
- local_port: lambar tashar tashar gida.
- kalmar sirri: kalmar sirri da ake amfani da shi don ɓoye canja wuri.
- Hanyar: hanyar ɓoyewa.
Hanyar ɓoyewa
Muna saita sabar mu kuma muna ba da shawarar ku yi amfani da chacha20-ietf-poly1305 AEAD cipher saboda ita ce hanya mafi ƙarfi ta ɓoyewa.
Idan saita uwar garken shadowsocks na ku, zaku iya zaɓar daga ko dai "chacha20-ietf-poly1305" ko "aes-256-gcm".
URI & QR Code
Shadowsocks don Android / IOS kuma yana ɗaukar tsarin tsarin URI na BASE64:
ss://BASE64-ENCODED-STRING-BA TARE DA-PADDING#TAG
URI bayyananne yakamata ya kasance: ss: // hanya: kalmar sirri @ sunan mai masauki: tashar jiragen ruwa
URI na sama baya bin RFC3986. Kalmar kalmar sirri a wannan yanayin yakamata ta zama rubutu a sarari, ba rufaffen kashi-kashi ba.
Misali: Muna amfani da sabar a 192.168.100.1:8888 ta yin amfani da bf-cf Hanyar ɓoyewa da kalmar sirri gwada/!@#:.
Sa'an nan, tare da bayyana URI ss://bf-cfb:test/!@#:@192.168.100.1:8888, za mu iya samar da BASE64 mai ɓoye URI:
> console.log
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg
Don taimakawa tsarawa da gano waɗannan URIs, zaku iya ƙara alama bayan kirtani na BASE64:
ss://YmYtY2ZiOnRlc3QvIUAjOkAxOTIuMTY4LjEwMC4xOjg4ODg#example-server
Yin jawabi
Shadowsocks yana amfani da adiresoshin da aka samo a cikin tsarin adireshin SOCKS5:
[nau'in-byte] [nau'in-byte] [mai canzawa mai tsayi] [1-byte tashar jiragen ruwa]
Ga nau'ikan adireshi da aka ayyana:
- 0x01: Mai watsa shiri shine adireshin IPv4-byte 4.
- 0x03: Mai watsa shiri shine kirtani mai tsayi mai canzawa, yana farawa da tsayin 1-byte, sannan babban sunan yanki na 255-byte.
- 0x04: Mai watsa shiri shine adireshin IPv16-byte 6.
Lambar tashar jiragen ruwa babban lamba 2-byte babban intiger ne mara sa hannu.
TCP
Abokin ss-local yana ƙaddamar da haɗi zuwa ss-remote ta hanyar aika rufaffiyar bayanan farawa tare da adireshin da aka yi niyya tare da bayanan biyan kuɗi. Sirri zai bambanta dangane da sifar da aka yi amfani da ita.
[adireshin manufa] [mai biya]
ss-remote yana karɓar bayanan da aka rufaffen, sa'an nan kuma ya ɓoye kuma ya rarraba adireshin da aka yi niyya. Sannan yana ƙirƙirar sabon haɗin TCP zuwa manufa kuma ya tura bayanan da aka biya zuwa gare shi. ss-remote yana karɓar amsa daga maƙasudin sannan ya ɓoye bayanan sannan a tura shi zuwa ss-local har sai an cire haɗin.
Don dalilai na ɓoyewa, gida da na nesa yakamata su aika bayanan musafaha tare da wasu kaya a cikin fakitin farko.
UDP
ss-local yana aika fakitin bayanan da aka rufaffen da ke dauke da adireshin manufa da kaya zuwa ss-remote.
[adireshin manufa] [mai biya]
Da zarar an karɓi fakitin da aka rufaffen, ss-remote yana ɓoyewa kuma ya rarraba adireshin da aka yi niyya. Sannan yana aika sabon fakitin bayanai tare da nauyin biyan kuɗi zuwa manufa. ss-remote yana karɓar fakitin bayanai daga maƙasudin kuma yana tsara adireshin manufa zuwa nauyin biyan kuɗi a cikin kowane fakiti. Ana mayar da kwafin da aka ɓoye zuwa ss-local.
[adireshin manufa] [mai biya]
Ana iya tafasa wannan tsari zuwa ss-remote yin fassarar adireshin cibiyar sadarwa don ss-local.
