A Docker image for Shadowsocks over GoQuiet
A shadowsocks plugin that obfuscates the traffic as normal HTTPS traffic and disguises the proxy server as a normal webserver.
The fundamental idea of obfuscating shadowsocks traffic as TLS traffic is not original. simple-obfs and ShadowsocksR's
tls1.2_ticket_auth
mode have shown this to be effective. This plugin has made improvements so that the goal of this plugin is to make indiscriminate blocking of HTTPS servers (or even IP ranges) with high traffic the only effective way of stopping people from using shadowsocks.
Beyond the benefit of bypassing the firewall, it can also cheat traffic restrictions imposed by ISP. See here.
Source: https://github.com/cbeuw/GoQuiet/
GoQuiet works in two modes:
- Running as a shadowsocks plugin
- Standalone
docker run -d --restart=always \
-e "SS_PORT=443" \
-e "SS_PASSWORD=shadowsocks_123456" \
-e "SS_METHOD=chacha20-ietf-poly1305" \
-e "SS_TIMEOUT=600" \
-e "GQ_WEBSERVER_ADDRESS=1.1.1.1:443" \
-e "GQ_KEY=exampleconftest" \
-e "GQ_FAST_OPEN=false" \
-p 443:443 -p 443:443/udp --name goquiet-node-1 alibo/goquiet-shadowsocks-docker:server
docker run -d --restart=always \
-e "GQ_WEBSERVER_ADDRESS=1.1.1.1:443" \
-e "GQ_KEY=exampleconftest" \
-e "GQ_FAST_OPEN=false" \
-e "GQ_SS_HOST=<shadowsocks-ip>" \
-e "GQ_SS_PORT=8388" \
-e "GQ_HOST=0.0.0.0" \
-e "GQ_PORT=443" \
-p 443:443 -p 443:443/udp --name goquiet-node-2 alibo/goquiet-shadowsocks-docker:server-standalone
You need a running instance of shadowsocks to redirect the traffic. You may want to use image imhang/shadowsocks-docker:
docker run -d --restart=always \
-e "SS_PORT=8388" \
-e "SS_PASSWORD=shadowsocks_123456" \
-e "SS_METHOD=chacha20-ietf-poly1305" \
-e "SS_TIMEOUT=600" \
-p 8388:8388 -p 8388:8388/udp --name shadowsocks-node-1 imhang/shadowsocks-docker
docker run -d --restart=always \
-e "GQ_SERVER_NAME=www.bing.com" \
-e "GQ_KEY=exampleconftest" \
-e "GQ_FAST_OPEN=false" \
-e "GQ_BROWSER=chrome" \
-e "GQ_TICKET_TIME_HINT=3600" \
-e "SS_SERVER_ADDRESS=<server-ip>" \
-e "SS_SERVER_PORT=443" \
-e "SS_LOCAL_ADDRESS=0.0.0.0" \
-e "SS_LOCAL_PORT=1080" \
-e "SS_PASSWORD=shadowsocks_123456" \
-e "SS_METHOD=chacha20-ietf-poly1305" \
-e "SS_TIMEOUT=600" \
-p 1080:1080 --name goquiet-client-plugin-node-1 alibo/goquiet-shadowsocks-docker:client
Note: It doesn't work! Apparently he has removed my commit in this PR! cbeuw/GoQuiet#34
docker run -d --restart=always \
-e "GQ_SERVER_NAME=www.bing.com" \
-e "GQ_KEY=exampleconftest" \
-e "GQ_FAST_OPEN=false" \
-e "GQ_BROWSER=chrome" \
-e "GQ_TICKET_TIME_HINT=3600" \
-e "GQ_LOCAL_PORT=1984" \
-e "GQ_SERVER_ADDRESS=127.0.0.1" \
-e "GQ_SERVER_PORT=443" \
-p 1984:1984 --name goquiet-client-standalone-node-1 alibo/goquiet-shadowsocks-docker:client-standalone
- Download the client from here
- See: https://github.com/cbeuw/GoQuiet/wiki/Instructions-for-Windows-Client-Users
- Download the client from here
- See: https://github.com/cbeuw/GoQuiet#usage
- Download GoQuiet plugin for Shadowsocks Android Client:
https://github.com/cbeuw/GoQuiet-android/releases
MIT