Currently Python and Go servers support multiple users.

You can use different passwords on different ports like this:

{
    "server": "0.0.0.0",
    "port_password": {
        "8381": "foobar1",
        "8382": "foobar2",
        "8383": "foobar3",
        "8384": "foobar4"
    },
    "timeout": 300,
    "method": "aes-256-cfb"
}

If you want to build a user management system, check the Manager API.

You can use a configuration file instead of command line arguments.

Create a config file /etc/shadowsocks.json. Example:

{
    "server":"my_server_ip",
    "server_port":8388,
    "local_address": "127.0.0.1",
    "local_port":1080,
    "password":"mypassword",
    "timeout":300,
    "method":"aes-256-cfb",
    "fast_open": false
}

Explanation of the fields:

To run in the foreground:

ssserver -c /etc/shadowsocks.json

To run in the background:

ssserver -c /etc/shadowsocks.json -d start
ssserver -c /etc/shadowsocks.json -d stop


cat > /etc/init.d/cron-sserver.sh < > /var/spool/cron/root.cron


If you see a lot of error: too many open files in your log, you should optimize your system. This tutorial applies to all shadowsocks servers (Python, libev, etc).

On Debian 7:

Create /etc/sysctl.d/local.conf with the following content:

# max open files
fs.file-max = 51200
# max read buffer
net.core.rmem_max = 67108864
# max write buffer
net.core.wmem_max = 67108864
# default read buffer
net.core.rmem_default = 65536
# default write buffer
net.core.wmem_default = 65536
# max processor input queue
net.core.netdev_max_backlog = 4096
# max backlog
net.core.somaxconn = 4096

# resist SYN flood attacks
net.ipv4.tcp_syncookies = 1
# reuse timewait sockets when safe
net.ipv4.tcp_tw_reuse = 1
# turn off fast timewait sockets recycling
net.ipv4.tcp_tw_recycle = 0
# short FIN timeout
net.ipv4.tcp_fin_timeout = 30
# short keepalive time
net.ipv4.tcp_keepalive_time = 1200
# outbound port range
net.ipv4.ip_local_port_range = 10000 65000
# max SYN backlog
net.ipv4.tcp_max_syn_backlog = 4096
# max timewait sockets held by system simultaneously
net.ipv4.tcp_max_tw_buckets = 5000
# turn on TCP Fast Open on both client and server side
net.ipv4.tcp_fastopen = 3
# TCP receive buffer
net.ipv4.tcp_rmem = 4096 87380 67108864
# TCP write buffer
net.ipv4.tcp_wmem = 4096 65536 67108864
# turn on path MTU discovery
net.ipv4.tcp_mtu_probing = 1

# for high-latency network
net.ipv4.tcp_congestion_control = hybla

# for low-latency network, use cubic instead
# net.ipv4.tcp_congestion_control = cubic

Then:

sysctl --system

Older system:

sysctl -p /etc/sysctl.d/local.conf

Warning: DO NOT ENABLE net.ipv4.tcp_tw_recycle!!! See this article.

If you use Supervisor, Make sure you have the following line in /etc/default/supervisor. Once you added that line, restart Supervisor (service stop supervisor && service start supervisor).

ulimit -n 51200

If you run shadowsocks in the background in other ways, make sure to add ulimit -n 51200 in your init script.

After optimizing, a busy Shadowsocks server that handles thousands of connections, takes about 30MB memory and 10% CPU. Notice that at the same time, Linux kernel usually uses >100MB RAM to hold buffer and cache for those connections. By using the sysctl config above, you are trading off RAM for speed. If you want to use less RAM, reduce the size of rmem and wmem.

Before & after:

一个可穿透防火墙的快速代理。

服务端

安装

Debian / Ubuntu:

apt-get install python-pip
pip install shadowsocks
CentOS:

yum install python-setuptools && easy_install pip
pip install shadowsocks
Windows:

参见 在 Windows 上安装服务端

使用

ssserver -p 443 -k password -m rc4-md5
如果要后台运行：

sudo ssserver -p 443 -k password -m rc4-md5 –user nobody -d start
如果要停止：

sudo ssserver -d stop
如果要检查日志：

sudo less /var/log/shadowsocks.log
用 -h 查看所有参数。你也可以使用 配置文件 进行配置。

服务器搭建

建议选择 Ubuntu 14.04 LTS 作为服务器以便使用 TCP Fast Open。除非有明确理由，不建议用对新手不友好的 CentOS。

为了更好的性能，VPS 尽量选择 XEN 或 KVM，不要使用 OpenVZ。推荐使用以下 VPS：

Digital Ocean 自带的内核无需自己编译模块即可使用 hybla 算法
Linode 功能强大，机房较多
客户端

Windows / OS X
Android / iOS
OpenWRT
在你本地的 PC 或手机上使用图形客户端。具体使用参见它们的使用说明。

文档

可以在 Wiki 里找到所有的文档。

演示站点:http://zblog.dh.vilivps.com/
后台帐号:admin
后台密码:admin333

PS:今天有个客户非要我给他测试下程序(zblog)是否和DH兼容,看了探针也不满意.没办法安装一次发现确实有问题报”http 418 unused”错误.
把安装文件的检查权限部分注释掉可以安装,但是进后台还是这个错误.经查询资料,原来:
**以下内容,回复可见**

我们开通主机一般分为3个独立的步骤。分别为用户、域名、数据库。

其中用户、数据库可以使用以前的帐号。只有域名需要新开，子域名和主域名的开通方式完全一致。

• 创建FTP用户
• 1. 关键字：users,Manage Users，Add a new user
  2. 
  3. 关键字：Username, Full Name, Password, Password Again
  4. 
• 创建数据库
• 1. 关键字：GOODIES，MySQL Databases，Create a new MySQL database
  2. 待填充
  3. 关键字：Create a new MySQL database，Database Name，Use Hostname，First User，Create a new user now，New Username，New Password，New Password Again，Database Comment
  4. 待填充
• 添加域名
• 1. 关键字：DOMAINS，Manage Domains，Add Hosting to a Domain / Sub-Domain
  3. 关键字：Domain to host，Run this domain under the user，Visual Confirmation
  5. 如果在上面一步未正确显示验证码，意味着代理有问题。 请参考教程（地址附后），添加一个mirror，然后修改为Full host。Dreamhost 为域名绑定不同的IP