Shadowsocks
Shadowsocks is a secure split proxy based on SOCKS5. Surfboard supports the standard Shadowsocks protocol along with common extensions like simple-obfs.
Protocol Standard
- https://github.com/shadowsocks/shadowsocks-org/wiki/Protocol
- https://github.com/shadowsocks/simple-obfs
Example
# A standard Shadowsocks proxy configuration with HTTP obfuscation
ProxySS = ss, 1.2.3.4, 8000, encrypt-method=chacha20-ietf-poly1305, password=abcd1234, udp-relay=false, obfs=http, obfs-host=www.example.com, obfs-uri=/
# A Shadowsocks 2022 proxy configuration with a base64-encoded password
ProxySS2022 = ss, 1.2.3.4, 8000, encrypt-method=2022-blake3-aes-256-gcm, password=YmFzZTY0LWVuY29kZWQtcGFzc3dvcmQtMzItYnl0ZXM=
Format
{proxy name} = {protocol}, {server}, {port}, {encrypt method}, {password}, {udp-relay}, {obfs}, {obfs host}, {obfs uri}
Parameters
| Name | Value | Mandatory | Note |
|---|---|---|---|
| proxy name | - | true | |
| protocol | ss shadowsocks custom | true | |
| server | - | true | Supports domain and IP formats. |
| port | 0-65535 | true | |
| encrypt method | 2022-blake3-aes-128-gcm 2022-blake3-aes-256-gcm aes-128-gcm aes-192-gcm aes-256-gcm chacha20-ietf-poly1305 xchacha20-ietf-poly1305 rc4 rc4-md5 aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr bf-cfb camellia-128-cfb camellia-192-cfb camellia-256-cfb salsa20 chacha20 chacha20-ietf | true | For Shadowsocks 2022 methods (2022-blake3-aes-128-gcm and 2022-blake3-aes-256-gcm), the password field must be a base64-encoded string of the correct length:- 2022-blake3-aes-128-gcm: 16 bytes (24 characters in base64) - 2022-blake3-aes-256-gcm: 32 bytes (44 characters in base64) |
| password | - | true | For 2022 methods, this must be a base64-encoded string. |
| udp-relay | true false | false | Default value: false. |
| obfs | tls http | false | |
| obfs host | - | Default value: cloudfront.net. Only applicable when obfs is specified. | |
| obfs uri | - | Default value: /. Only applicable when obfs is http. |