im tried edit your script with small adjustment to actived TFO and bbr in one script, (only ubuntu 18.04 or higher).
everything script work, but when ShowConnectionInfo i am got spaces withingss url.

https://github.com/cbeuw/Cloak/commit/0c00094a8b2f3dcff2ee7417ccc5bf96a61ed6af

Shadowsocks service fails to start because its unable to acces db, i tried giving it r&w access but still....

ck-server.go:254: Configuration file error: Attempting to open database: open /etc/shadowsocks-libev/userinfo.db: permission denied

It seems the script does not have the function to change the RedirAddr? Can you add this feature?

First of all, @HirbodBehnam thank you for this amazing script ;)

I have two ubuntu servers ( Server 1and Server 2), And I want to tunnel Server 1 through server 2 with cloak plugin
The goal is to connect to S2 ( 192.168.0.5 ) through S1 (192.168.1.1) : client > S1 > S2

How should I config the rules?

@HirbodBehnam
Hey chief! Just tried your script, works like a charm, thanks. I am personally waiting for multi-user support. :)

After script finished, it provides with ss:// link, so we can import server to the client.
On Android it is OK but on Windows when I am importing the server, in Plugin options of CK plugin in UID and Public Key fields there are unneeded spaces between characters. Because of that, client unable to connect to the server.

Thanks Hirbod for your brilliant script :)
I have a problem on Ubuntu 18.04 LTS. I setup a Server with Shadowsocks & Cloak using your script. Everything works fine with Windows & Android clients. But, unfortunately, I could not use the client in Ubuntu 18.04 as you described in Readme.md file. I double or triple checked the entire workflow. Everything seems good but I do not have access to internet through the client.
The log of our listening server on the client is as below:

sn@sn-pc:~/apps/cloak$ ss-local -s xxx.xxx.xxx.xxx -p 443 -l 1080 -k "xxxxxxxxxx" -m chacha20-ietf-poly1305 --plugin ./ck-client-linux-amd64-2.1.2 --plugin-opts ./ckclient.json
 2019-12-21 01:52:06 INFO: plugin "./ck-client-linux-amd64-2.1.2" enabled
 2019-12-21 01:52:06 INFO: initializing ciphers... chacha20-ietf-poly1305
 2019-12-21 01:52:06 INFO: listening at 127.0.0.1:1080
INFO[0000] Listening on TCP 127.0.0.1:52745 for shadowsocks client 
INFO[0003] Attemtping to start a new session            
DEBU[0003] All underlying connections established       
INFO[0003] Session 3683454610 established               
DEBU[0033] attempting to actively close session 3683454610 
DEBU[0033] a connection for session 3683454610 has closed: read tcp 192.168.100.18:57834->xxx.xxx.xxx.xxx:443: use of closed network connection 
DEBU[0033] a connection for session 3683454610 has closed: read tcp 192.168.100.18:57826->xxx.xxx.xxx.xxx:443: use of closed network connection 
DEBU[0033] a connection for session 3683454610 has closed: read tcp 192.168.100.18:57832->xxx.xxx.xxx.xxx:443: use of closed network connection 
DEBU[0033] a connection for session 3683454610 has closed: read tcp 192.168.100.18:57830->xxx.xxx.xxx.xxx:443: use of closed network connection 
DEBU[0033] session 3683454610 closed gracefully         
INFO[0068] Attemtping to start a new session            
DEBU[0068] All underlying connections established       
INFO[0068] Session 1997913006 established 

My ckclient.json file is like-this:

{
	"Transport": "direct",
	"ProxyMethod": "shadowsocks",
        "EncryptionMethod":"plain",
        "UID":"MY-UID",
        "PublicKey":"MY-PUBLIC-KEY",
        "ServerName":"www.bing.com",
        "NumConn":4,
        "BrowserSig":"chrome",
        "StreamTimeout": 300
}

I checked the shadowsocks server on my client. It seems that is in a proper status:

sn@sn-pc:~$ systemctl status shadowsocks-libev
● shadowsocks-libev.service - Shadowsocks-libev Default Server Service
   Loaded: loaded (/lib/systemd/system/shadowsocks-libev.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-12-21 02:14:58 +0330; 1min 7s ago
     Docs: man:shadowsocks-libev(8)
 Main PID: 9722 (ss-server)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/shadowsocks-libev.service
           └─9722 /usr/bin/ss-server -c /etc/shadowsocks-libev/config.json -u

Dec 21 02:14:58 sn-pc systemd[1]: Started Shadowsocks-libev Default Server Service.

Do you have any idea to fix this?

Hi, I just installed this using the script command provided with all default options, and everything is working allright. I was checking the config files in /etc/cloak and noticed that in both "ckadminclient.json" and "shadowsocks.json" , the "EncryptionMethod" is set to "plain". So is the encryption off by default or did I do something wrong? if there is anyway to increase the security please advise. thank you

I have installed ss-cloak2 successfully, but upon further testing I can see UDP is not supported by checking it through this website https://networktest.twilio.com/

Is there any setting on the android client to solve this?

I've been installed script on my server successfully and received ss:// connection too. In my Android device I've been installed shadowsocks official app with cloak plugin too. But i receive an error when I click connect button :
libss-local exits too fast (exit code 255)
What should I do?

what your recommended setting for every user with BW 40Mbps UP/DOWN? and can used for one devices

I had a previous version of Cloak2 installed and working. I ran your script to update the install. Since there was no option to install or update, I chose to uninstall. After rebooting the server, I ran your script again and chose the install option. It fails to install ShadowSocks (shadowsocks-libev-3.2.0-2.el7. FAILED).

I ran your script a second time and chose the uninstall option and rebooted the server. I manually installed Shadowsocks before running your script. I ran your script again and chose the install option. It uninstalled Shadowsocks and failed to re-install it!

How do I get my server working again?

what is the effect of NumConn=4?
is increasing it lead to better performance?
or the server becomes saturated?
what is the optimal range or number?

Is cloak being blocked?
I created some servers and cloaked them up with a script. They were working flawlessly with minimal speed/latency change.
But suddenly, they are not connecting. Client sending data but not receiving any!
Is there a way to fix this issue now that we are in extreme conditions in Iran while it's actively blocking VPN protocols?
Do you have any script installer for vmess or trojan ?

I want to use shadowsocks without Ck plugin, I mean i want a simple Shadowsocks server installer. I've been searched whole github for a working script and found nothing.

I use Shadowsocks-4.1.7.1 on windows 10, configured according to this instructions:

Windows
At first install shadowsocks windows. Then download cloak for windows from here. If you are using a 32-bit system, download ck-client-windows-386-X.exe if your system is 64-bit use ck-client-windows-amd64-X.exe. Then use the QR Code or ss:// link to import the server.

The program will give you an error that shadowsocks cannot find ck-client or something like this. Click OK and go to Edit Servers. Then write the absolute path to ck-client file in Plugin Program.

please see the screenshot: http://prntscr.com/p6qroa
but no connection.
What am I doing wrong?

curl -o Cloak-Installer.sh -L https://git.io/fj5mh && bash Cloak-Installer.sh
this link cloak version low，please update .
thinks.

time="2022-11-06T05:46:16+03:30" level=info msg="Starting standalone mode"
time="2022-11-06T05:46:16+03:30" level=info msg="Listening on TCP 127.0.0.1:1984 for openvpn client"
time="2022-11-06T05:46:21+03:30" level=info msg="Attempting to start a new session"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: cipher: message authentication failed"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: cipher: message authentication failed"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: cipher: message authentication failed"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: EOF"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: EOF"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: EOF"
time="2022-11-06T05:46:21+03:30" level=error msg="Failed to prepare connection to remote: EOF"

Is there a solution to this problem? Shadowsocks with cloak works well and without problems.

Hi,

i have been using Nginx + Shadowsocks over v2ray behind ArvanCloud CDN to make it work from Iran.
is it possible to make this work by putting it behind CDN ?
Do i need a bridge server located in iran as well to make this work ? how easily is this method detected in iran ?

Thanks

Hi
I'm receiving some kind of an error on shadowsocks plugin output. Can you help me to solve this?

time="2022-11-15T11:10:56-08:00" level=info msg="Listening on TCP 127.0.0.1:52148 for shadowsocks client"
time="2022-11-15T11:10:56-08:00" level=info msg="Attempting to start a new session"
time="2022-11-15T11:10:56-08:00" level=error msg="Failed to prepare connection to remote: short buffer"
time="2022-11-15T11:10:56-08:00" level=error msg="Failed to prepare connection to remote: short buffer"
time="2022-11-15T11:10:56-08:00" level=error msg="Failed to prepare connection to remote: short buffer"
time="2022-11-15T11:10:56-08:00" level=error msg="Failed to prepare connection to remote: short buffer"

Hi,

Making WhatsApp call is not possible over Shadowsocks-Cloak-Installer.
It stuck on ringning.

Hi there,
I used your script on a vps outside without a problem. Installed fine without a problem and was able to connect easy on my windows. So I setup a windows server vm from a-r-v-a-ncloud a-si-atech but it stopped working after 2-3 hours. I'm able to ping the ss server from windows vm and it shows connected but no data transfer.
It seems Iran DPI detects it.

during installation script completely reset firewalld open ports
so, for example, ssh login to server become impossible
or any other service that runs on specific port becomes inaccessible

Hi.
In cloak's android connection sometime after i connect to my server (and usually when i reach ~200MB data transfer) connection freezes and I should reconnect shadowsocks to fix the connection problem. In windows connection i don't experienced this problem yet. Also i don't set any limitations to my account in server.

how should I remove a rule?
the script does not do it
if I enter a UUID it starts installation script from start and after some question, it prompts that can't do anything and exit
if I enter a number it prompts done and nothing will happen to config files
also if I try to add rules it prompts some unknown output and erase server.conf file and exit
I should note that the installer script has done the process fine and add manual rules correctly but after installation, I can't add or remove anything
also I see that shadowsocks profile use plain encryption, how I can change it? when I change it it does not affect the server even after service restart or reboot, the JSON file showing, for example, aes-gcm but the server uses plain and when I add a new user it shows me plain on configurations
where it loads the configurations?

Hi, I installed with the shadowsocks cloak 1 script and couldn't connect.
Does it still work in Iran?

systemctl status shadowsocks-server -l
● shadowsocks-server.service - Shadowsocks-libev Server Service
Loaded: loaded (/etc/systemd/system/shadowsocks-server.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-11-12 14:36:50 UTC; 33s ago
Docs: man:shadowsocks-libev(8)
Main PID: 3052 (ss-server)
Tasks: 7 (limit: 1110)
Memory: 1.4M
CPU: 8ms
CGroup: /system.slice/shadowsocks-server.service
├─3052 /usr/bin/ss-server
└─3053 ck-server

Nov 12 14:36:50 @##@hostname systemd[1]: Started Shadowsocks-libev Server Service.
Nov 12 14:36:50 @##@hostname ss-server[3052]: 2022-11-12 14:36:50 INFO: plugin "ck-server" enabled
Nov 12 14:36:50 @##@hostname ss-server[3052]: 2022-11-12 14:36:50 INFO: initializing ciphers... chacha20-ietf-poly1305
Nov 12 14:36:50 @##@hostname ss-server[3052]: 2022-11-12 14:36:50 INFO: using nameserver: 1.1.1.1
Nov 12 14:36:50 @##@hostname ss-server[3052]: 2022-11-12 14:36:50 INFO: tcp server listening at 127.0.0.1:48715
Nov 12 14:36:50 @##@hostname ss-server[3052]: 2022-11-12 14:36:50 INFO: running from root user
Nov 12 14:36:50 @##@hostname ss-server[3053]: 2022/11/12 14:36:50 ck-server.go:265: Listening on 0.0.0.0:443

hi, i read that Cloak has a Transport method using CDN, does that mean we could use Cloudflare together - SS+Cloak+CDN?

i hv setup Cloak V2 and all is running fine, so i try to add CDN to it by doing the below, but it would not work-
*setup CF with my domainname point to the vps and flexsible SSL
*add 'Transport' in front of the exsiting config - 'Transport=CDN;UID=4Oz...........' and change Servername to my domainame

do we need to change anything on the server side? server is running Ubuntu 20.04 LTS and client is SS 4.1.1 with ck-client 64bit 2.2.2

Here is the error on the client side:

2020-08-25 21:28:26.2521|DEBUG|Shadowsocks.Controller.TCPHandler|connect to api.github.com:443
2020-08-25 21:28:26.2621|DEBUG|Shadowsocks.Controller.TCPHandler|connect to www.google.com:443
2020-08-25 21:28:26.5041|DEBUG|Shadowsocks.Controller.TCPHandler|connect to www.google.com:443
2020-08-25 21:28:26.5831|DEBUG|Shadowsocks.Controller.TCPHandler|Socket connected to ss server: orca.gq:443
2020-08-25 21:28:26.5831|DEBUG|Shadowsocks.Controller.TCPHandler|Socket connected to ss server: orca.gq:443
2020-08-25 21:28:26.8021|DEBUG|Shadowsocks.Controller.TCPHandler|connect to www.google.com:443
2020-08-25 21:28:26.8241|DEBUG|Shadowsocks.Controller.TCPHandler|connect to s2.googleusercontent.com:443
2020-08-25 21:28:26.8371|INFO|Shadowsocks.Controller.ShadowsocksController|Started SIP003 plugin for orca.gq:443 on 127.0.0.1:61099 - PID: 6760
2020-08-25 21:28:26.9751|DEBUG|Shadowsocks.Controller.TCPHandler|connect to www.google.com:443
2020-08-25 21:28:26.9751|DEBUG|Shadowsocks.Controller.TCPHandler|connect to api.github.com:443
2020-08-25 21:28:27.0712|DEBUG|Shadowsocks.Controller.TCPHandler|connect to s2.googleusercontent.com:443
2020-08-25 21:28:27.0712|DEBUG|Shadowsocks.Controller.TCPHandler|Socket connected to ss server: orca.gq:443
2020-08-25 21:28:27.1632|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it
at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult)
at Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult)
at Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar)
2020-08-25 21:28:27.1632|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it
at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult)
at Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult)
at Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar)
2020-08-25 21:28:27.2542|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it
at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult)
at Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult)
at Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar)
2020-08-25 21:28:27.3532|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it
at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult)

Thank you,

@HirbodBehnam can you help me solve this please? im using debian 9

(ss-server)
● shadowsocks-libev.service - Shadowsocks-libev Default Server Service
Loaded: loaded (/lib/systemd/system/shadowsocks-libev.service; enabled; vendo Active: failed (Result: exit-code) since Thu 2019-11-28 19:19:27 PST; 7s ago
Docs: man:shadowsocks-libev(8)
Process: 3640 ExecStart=/usr/bin/ss-server -c $CONFFILE $DAEMON_ARGS (code=exi Main PID: 3640 (code=exited, status=255)

Nov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 systemd[1]: Started Shadowsocks-libevNov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 ss-server[3640]: 2019-11-28 19:19:27Nov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 ss-server[3640]: 2019-11-28 19:19:27Nov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 ss-server[3640]: 2019-11-28 19:19:27Nov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 ss-server[3640]: 2019-11-28 19:19:27Nov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 ss-server[3640]: Permission denied
Nov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 systemd[1]: shadowsocks-libev.serviceNov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 systemd[1]: shadowsocks-libev.serviceNov 28 19:19:27 debian-s-4vcpu-8gb-sgp1-01 systemd[1]: shadowsocks-libev.servicelines 1-16/16 (END)

(ck-server .json file)
{
"ProxyBook": {
"openvpn":["tcp","127.0.0.1:1984"] , "shadowsocks":["tcp","127.0.0.1:53809"$ },
"BypassUID": [
"", "" ], "BindAddr":[":62112"],
"RedirAddr": "204.79.197.200",
"PrivateKey": "",
"AdminUID": "",
"DatabasePath": "/home/public/userinfo.db", "StreamTimeout": 300
}

i already set permission to databasepath directory with this command:

chmod -R 777 /home/public

then i restart ck-server and it worked fine but whenever i start ss-server it says permission denied.

here my ss-libev conf:
{ "server":"127.0.0.1",
"server_port":53809,
"password":"", "timeout":60, "method":"chacha20-ietf-poly1305", "nameserver":"1.1.1.1", "plugin":"/etc/cloak", "plugin_opts":"/etc/cloak/ckserver.json"
}

hope you can help me out. thanks!

Any way to install new version of Shadowsocks(libev) with this script?

Thanks for the script, it works stably.
How to re-display the QR code of the created user on the server?

when I want to add new rule I have got these responses and unfortunately, ckserver.json completely erased

Please enter a number: 5
What do you want to do?

1. Add a rule
2. Delete a rule
   Choose by number: 1
   Where the traffic should be forwarded?(For example 127.0.0.1:6252) 127.0.0.1:49443
   What should this be called? Clients must use this name as "ProxyMethod" on their computers: cloakovpn
   jq: error: $k is not defined at , line 1:
   .ProxyBook += {$k}
   jq: 1 compile error
   Done

when selecting Show Connections for Shadowsocks Users it shows me empty first password and encryption after your server IP address
also when scan qr-code shadowsocks program prompt me that encryption method not exist replace chacha20-ietf-poly1305 because Cloak Encryption is plain

Currently, I can either add or remove users but cannot update the restrictions I set earlier. Is there any way to do it?

2rud

I would like to report someting.
when I add a user in script, and choosing "make a .json config file" for it, script will fill the EncryptionMethod to aes-128-gcm or what ever I choose. but the QR code and ss:// url will fill the EncryptionMethod to plain.
I understand that Shadowsocks is the app that should have the Encryption not the Cloak, but
Is there any chanse that using cloak with cipher filled in EncryptionMethod other than plain cause the traffic to look like a suspicious traffic?

when I want to connect to ovpn behind of cloak it prompts me in client

time="2020-07-22T05:52:35+04:30" level=error msg="Failed to prepare connection to remote: EOF"

on server it prompt

INFO[0058] failed to read anything after connection is established: read tcp YYY.YYY.YYY.YYY:8443->XXX.XXX.XXX.XXX:65289: i/o timeout remoteAddr="XXX.XXX.XXX.XXX:65289"

After I intall Shadowsocks and Cloak with this script, every Google app on my android phone can't be used. For example, the Youtube app can be open, but the net speed is too low to play videos.
While everything works fine on my computer.

Why?

When using the Cloak2-Installer.sh script for adding a new user to an existing deployment a new user is correctly generated with a new UUID.

Unfortunately when I try to directly create a new config for the newly created user, the new config is missing IP, password and the UID, making the QR code not usable.

I tried this on a Ubuntu Bionic deployment.

Using option 4 to show existing connections will generate a usable config.

Thanks for putting together this script! Really helped me understand how Cloak and Shadowsocks work together.

The proxy is working well on Android however I'm having an issue with my Linux client. When running the command to start ss-local and setting my proxy settings, I get the error pr_end_of_file_error and I'm unable to view any websites.

The output in the terminal while I'm trying to browse looks like this:

INFO[0000] Listening on TCP 127.0.0.1:54329 for shadowsocks client 
INFO[0004] Attemtping to start a new session            
DEBU[0004] All underlying connections established       
INFO[0004] Session 1385539750 established               
DEBU[0034] attempting to actively close session 1385539750 
DEBU[0034] a connection for session 1385539750 has closed: read tcp 192.168.0.178:50048->xxx.xxx.xxx.xxx:443: use of closed network connection 
DEBU[0034] session 1385539750 closed gracefully

I'm not sure how to fix it. Help, please. Thank you.

From Cloak 2.5.0, there is a new encryption method aes-128-gcm.
I just opened this issue to regularly remind myself that I have to add this into script :D
I'm pretty busy these days and I forget everything...

خود شدوساکس خالی هم در ایران کار می‌کنه، استفاده از کلوک چه مزیتی داره؟

As an entry for checking the script with iOS:

Installing Cloak 2 Plugin works with Shadowrocket app without any problem. Tests were done with multiple configuration scenarios.

Installing Shadowsocks With Cloak 1 Plugin does not work with Shadowrocket in iOS. I have not delved deep in your script to see the differences yet, but would like to announce the preliminary result of my test for iOS.

Install with this script on Vultr server, it works well.
But if I reboot the server, it will not work.

Hi there ... I'm triing to set Shadowsucks plus Cloak on a OpenWRT but the final Result is Failure. I guess it's about the ck-client file.
Please help me throught the procedure to implement shadowsocks on OpenWRT.
Right now I'm triying on OpenWRT 22 on a VM Machine and tried 386, amd64 and arm64 ...
Let me know if you can help me with it.

After installation I re-run the script to generate new QR codes, but the script just creates new user IDs. How can I generate new ss:// links or QR codes?
Thanks a million for this script.

I'm getting the following error:

INFO: connect to github.com:443
ERROR: Failed to prepare connection to remote: Reading TLS message: message size greater than buffer. message size: 7304

I'm running OpenWRT and using shadowsocks-libev with ck-client-linux-mips_softfloat-2.0.2 plugin.

Any idea how can I fix this problem?

I installed and configured the script, but when connecting to a proxy through the shadowsocks mobile client, the android gives an error: libslocal exits then fast (exit code: 70) . And in Windows it gives out they do not open sites.

Hi.
I run cloak2 script without any error. But can't connect to server.
Base of FAQ I tried to check shadowsocks-server is running, got this error:
Unit shadowsocks-server.service could not be found.

Packages in /lib/systemd/system/, there are several service files related to ss-libev:

shadowsocks-libev.service
[email protected]
[email protected]
[email protected]
[email protected]

In ReadMe:

Also script creates a service named shadowsocks-server. DO NOT USE shadowsocks-libev service.

Can you help where is the problem and how to solve this issue?

hi, hv tried to install SS with Cloak v.1 using your example here -

curl -o Shadowsocks-Cloak-Installer.sh -L https://git.io/fjECg && bash Shadowsocks-Cloak-Installer.sh

installation completes with no error. but couldn't make connection to the server. here is the error on the client side:
truncate... 2020-08-23 18:29:47.7409|INFO|Shadowsocks.Controller.ShadowsocksController|Started SIP003 plugin for 173.82.104.152:443 on 127.0.0.1:54398 - PID: 5212 2020-08-23 18:29:47.9550|DEBUG|Shadowsocks.Controller.TCPHandler|connect to s.yimg.com:443 2020-08-23 18:29:47.9760|INFO|Shadowsocks.Controller.ShadowsocksController|Started SIP003 plugin for 173.82.104.152:443 on 127.0.0.1:54403 - PID: 6460 2020-08-23 18:29:48.7980|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult) at Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult) at Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar) 2020-08-23 18:29:48.9780|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it ... truncate

dont know where is the server log, so couldn't attach here. one thing i notice is there no ipv4. the ck-server only listen on ipv6 and not on ipv4. i try to disable ipv6 with the code below, but still no ipv4. please advice. thank you.

root@v2ray:~# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:41157 0.0.0.0:* LISTEN 721/ss-server
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 687/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 746/sshd: /usr/sbin
tcp6 0 0 :::22 :::* LISTEN 746/sshd: /usr/sbin
tcp6 0 0 :::443 :::* LISTEN 723/ck-server
udp 0 0 127.0.0.53:53 0.0.0.0:* 687/systemd-resolve

/etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv4.ip_forward = 1

p/s - after installation, i just scan the qr code on the client side and change the plugin path and connect