Comments (28)
In addition, if we implement a websocket SIP003 plugin, we can run shadowsocks behind Apache/Nginx, even a CDN. Both of these two approaches would work.
from simple-obfs.
I tried shadowsocks over WebSocket tunnel with CloudFlare Free CDN, using nginx as reverse proxy on a web server. It works, and largely improves download speed.
from simple-obfs.
Yes, it's possible. Actually we can reuse any of the following tunnels, fork them as a SIP003 plugin:
from simple-obfs.
BTW, simple-obfs is unable to work with apache/nginx, which is just a header obfuscation tool.
from simple-obfs.
What I meant is something like this but as a plug in: https://github.com/shadowsocks/shadowsocks-dotcloud
So that the server looks like a normal website and can tunnel shadowsocks traffic at the same time.
from simple-obfs.
Hmm actually we can add a configuration to server options:
failover=(IP or hostname)[:(port)]
Default port is 80 or 443 correspondingly. If an invalid request is received, obfs-server just simply forward raw request to failover server. Now if I want to make my website work, I can make it listen on (for example) 8080 and let obfs-server listen on 80 and set failover=localhost:8080.
Maybe we can also add an "obfs-path" option to both local and server?
from simple-obfs.
OK, so it works like HAProxy. I think it's doable and we can implement in obfs-server easily. It will forward any request not to obfs-host
or invalid request to Apache/Nginx.
obfs-path
may not work as SNI doesn't have information about the URL path.
from simple-obfs.
@madeye Then only for HTTP?
from simple-obfs.
@Mygod Not elegant, but acceptable. What about a pull request? 😄
from simple-obfs.
Let's take the forwarding approach since the web server can be written in a wide variety of languages...
from simple-obfs.
Actually that's just to prevent conflict (what if there's also a web socket server running at /
)... I'm okay without it. 🙃
from simple-obfs.
Please try ec9b0c1.
from simple-obfs.
Tested with HTTP. Works perfectly. Thanks!
from simple-obfs.
Wait. What about the obfs-host
checking at server side?
from simple-obfs.
Hmm on second thought it's not really important... (but nice to have)
from simple-obfs.
Wait. I just realized I accidentally configured obfs-server use tls while it should use http for 80. I did another test, it seems: (port 80)
Server mode | Failover (via browser) | Tunnel working |
---|---|---|
HTTP | ERR_EMPTY_RESPONSE | No |
TLS | Works | No |
TLS with failover disabled | obfs-server: Segmentation fault | No |
HTTP with failover disabled: Instant Segmentation fault.
from simple-obfs.
Please try d3c9b8c.
from simple-obfs.
Failover is working now but the connection is only working when failover is disabled.
from simple-obfs.
Fully working now! Thanks.
from simple-obfs.
Just tried connecting behind CloudFlare. Doesn't work. (woulda been amazing if it had worked)
I connected to a wrong domain name, I get log output like:
remote_recv_cb_recv: Bad address
remote recv: Bad address
Then I realized that I need to use correct domain name, then there was no traffic.
from simple-obfs.
Also according to CloudFlare, WebSockets should work: https://support.cloudflare.com/hc/en-us/articles/200169466-Can-I-use-CloudFlare-with-WebSockets-
from simple-obfs.
Unfortunately, it's expected. And that's why I suggest to implement other plugins in the first comment.
from simple-obfs.
Hmmm okay... I will try them some day when I feel like it.
from simple-obfs.
@Mygod nginx在8443端口配置好ssl 并且obfs的failover=127.0.0.1:8443
结果https://ip:8443 能正常访问 https://ip不能正常访问。请问这正常吗?
from simple-obfs.
@madeye I haven't tested TLS mode thoroughly so this may be a bug.
from simple-obfs.
@Mygod Yes, it's fixed via #47
from simple-obfs.
Okay! 😅
from simple-obfs.
@zeptoTantalum I am trying to run obs-server with failover to my nginx web server running on port 443. I am using the json config to configure my ss-libev-server (running on port 8530) with simple-obfs. My config looks like this:
{ "server":"xxx", "server_port":xxx, "local_port":1080, "password":"xxx", "timeout":600, "method":"chacha20-ietf-poly1305", "fast_open":true, "plugin":"obfs-server", "plugin_opts":"obfs=tls", "failover":"127.0.0.1:443" }
I would like to confirm if I am doing it right? Thanks
from simple-obfs.
Related Issues (20)
- 服务器端和客户端都启用了obfs,为什么通过联通后台看到部分混淆成功,部分失败?
- obfs能被探测了吗?端口被封之前出现了如下日志 HOT 1
- 能不能支持一下window on arm平台
- 提问:这个插件与SSR的混淆是否兼容
- 提问:Android端可以用这个插件吗(Can it be used on Android devices?) HOT 2
- genrpm.sh runs with errors HOT 1
- plugin service exit unexpectedly HOT 3
- unknown sofware exception 0x40000015 HOT 1
- assertion failed error
- Build failure with GCC 10
- usage method in armv7 ?
- freebsd how to do
- 一種新混淆方案
- configure failed with Ubuntu20.04 HOT 1
- where is the obfs-server protocol?
- simple-obfs和v2ray-plugin的区别
- /usr/bin/ss-server[21116]: getpeername: Transport endpoint is not connected
- Compile on Cygwin Error: configure: error: Couldn't find libev. Try installing libev-dev[el]. HOT 2
- package/utils/util-linux/download
- 为啥不更新了 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from simple-obfs.