Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add step-by-step summary of instructions for Windows client users #8

Merged
merged 3 commits into from Mar 10, 2018
Merged

Add step-by-step summary of instructions for Windows client users #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f1a5ab5
Add screenshots for Windows client users
Mar 10, 2018
615a664
Summary of Instructions for Windows Client Users
Mar 10, 2018
bd5ac56
Edit and correct README additions
Mar 10, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,19 @@ The `random` field should be unique in each `ClientHello`. To check its uniquene
If you want to run a functional web server on your proxy machine, you need it to have a domain and a valid certificate. As for the domain, you can either register one at some cost, or use a DDNS service like noip for free. The certificate can be obtained from [Let's Encrypt](https://letsencrypt.org/) for free.

Or you can set the `WebServerAddr` field in the server config file as an external IP, and set the `ServerName` field in the client config file as the domain name of that ip. Because of the [Server Name Indication](https://en.wikipedia.org/wiki/Server_Name_Indication) extension in the `ClientHello` message, the firewall knows the domain name someone is trying to access. If the firewall sends a `ClientHello` message to our proxy server with an SNI we used, the destination IP specified in `WebServerAddr` will receive this `ClientHello` message and the web server on that machine will check the SNI entry against its configuration. If they don't match, the web server will refuse to connect and show an error message, which could expose the fact that our proxy machine is not running a normal TLS web server. If you match the external IP with its domain name (e.g. `204.79.197.200` to `www.bing.com`), our proxy server will become, effectively to the observer, a server owned by that domain.

## Summary of Instructions for Windows Client Users

1. Download and unzip the latest release of the [Shadowsocks Windows client](https://github.com/shadowsocks/shadowsocks-windows/releases/).

2. Download the latest release of the [GoQuiet Client for Windows exe](https://github.com/cbeuw/GoQuiet/releases/), and place it in same the folder as your Shadowsocks exe.

3. Create a file `gqclient.json` whose content match those on the server.

![Example of gqclient.json file](goquiet-screenshot-02.png)

4. Start Shadowsocks, and fill in parameters matching your Shadowsocks server, your GoQuiet client plugin exe, and your GoQuiet plugin `config.json` file.

![Example of Shadowsocks configuration on client](goquiet-screenshot-01.png)

5. Set up Firefox or Chrome to send their traffic to your Shadowsocks prox, which is now listening on IP address 127.0.0.1 port 1080.
Binary file added goquiet-screenshot-01.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added goquiet-screenshot-02.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.