Open vt-alt opened 6 months ago
I can’t get your point. Could you elaborate it more in detail?
Idea is that ssserver
would not terminate connections on its own but to forward them to some other socks server (such as Warp in my example).
Or from another point of view it's to allow to configure tunnel
mode on the ssserver
(while now it's only for sslocal
).
Or from another point of view it's to allow to configure
tunnel
mode on thessserver
(while now it's only forsslocal
).
Of course. ssserver
is designed as a remote server of shadowsocks, so it is only for working with sslocal
.
Idea is that
ssserver
would not terminate connections on its own but to forward them to some other socks server (such as Warp in my example).
ssserver
is running in a remote server. It's outbound is to connect target remote servers. Why were targets are connected via a socks5 server?
In my example browser connects with socks5 to a local shadowsocks-windows, but shadowsocks-windows does not allow to configure tunnel
protocol. So idea is to allow remote ssserver (which local shadowsocks connects to) to also allow configuring tunnel or chaining mode.
(ps. This may also be useful for general proxy chaining, like terminating all ssserver connections to Tor which runs on the same remote server as ssserver.)
If I understand it correctly: your ssserver
was hidden from sslocal
with a socks5 proxy.
Client -> sslocal -----(socks5)-----> ssserver -> Target
So the key issue in this topology is that sslocal
must connect to ssserver
with socks5 proxy protocol.
It should be Ok to add Proxy support in the ServerConfig
, for example:
{
"servers": [
{
"server": "1.2.3.4",
"server_port": 8999,
"proxy": "socks5://2.3.4.5:1080"
}
]
}
For now, you can achieve this goal with other tools, like proxychains.
I don't know if there are any replacements in Windows Platform.
My scheme is
browser using socks5 -> local shadowsocks-windows (sslocal) ------> remote ssserver
I want to add additional proxy at the ssserver node, such as CF Warp (which supports socks5). But I cannot configure shadowsocks-windows
because it's config UI is very basic and it's overrides gui-config.json
thus there is no way I can add "protocol": "tunnel"
to it.
Yes perhaps I can try to run one ssserver
instance under proxychains
. Thanks.
I am figuring how to make such route . Because many resources are blocked from the VPS ips. for example, now I can not post twitter with my vultr server :(
vps server node
| --------------------------------- |
sslocal ---> | ssserver ---> warp socks5 proxy | ---> warp gateway ---> target resource
| --------------------------------- |
BTW, To use proxychains (on Debian 11) with systemd service: it turned out that systemd services are not very compatible with LD_PRELOAD
they using to wrap connections. So it's ended up using this line (which equals to LD_PRELOAD=libproxychains.so.4
) — ExecStart=/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 --preload /usr/lib/x86_64-linux-gnu/libproxychains.so.4 /usr/bin/ss-server -c /etc/shadowsocks/warp.json
.
Some sites detect Warp as a kind of public proxy too.
Please allow to chain shadowsocks server to another socks proxy.
For example user wants to connect to a cloudflare Warp gateway (which is in socks5 proxy mode) but to have his side using shadowsocks (on windows). Currently shadowsocks-windows do not allow to configure
tunnel
protocol. This prevents such scheme.So it would allow to use usual shadowsocks windows client (as a socks proxy) that connects as normal to a remote ssserver but that ssserver redirects (not decoded socks5 traffic) to a local warp-server socks5 port.