imgk / shadow Goto Github PK

A rule-based transparent proxy for Windows, Linux, macOS

License: GNU General Public License v3.0

Go 99.71% HTML 0.29%

transparent-proxy windivert shadowsocks wintun trojan socks5 http tun2socks tun2shadowsocks gvisor

shadow's Introduction

Shadow

A transparent proxy client for Windows, Linux and macOS, which now supports shadowsocks, trojan, socks5, http and wireguard, as well as all methods supported by v2ray.

How to build

Build with Go 1.16.

Replace $(proto) with names of proxies which you want to use. Currently shadow supports socks, shadowsocks, trojan, http, wireguard or v2ray.

# linux darwin windows,wintun
go get -v -ldflags="-s -w" -trimpath -tags="$(proto)" github.com/imgk/shadow

# windows,windivert
go get -v -ldflags="-s -w" -trimpath -tags="divert $(proto)" github.com/imgk/shadow

How to use it

->  ~ go/bin/shadow -h
Usage of go/bin/shadow:
  -c string
        config file (default "config.json")
  -t duration
        timeout (default 3m0s)
  -v    enable verbose mode

Windows

For WinTun, download WinTun and put wintun.dll in C:\Windows\System32.

For WinDivert, download WinDivert 2.2 and put WinDivert.dll and WinDivert64.sys in C:\Windows\System32.

GUI

Use shadow with simple GUI shadow-windows.

CLI

Run shadow.exe with administrator privilege.

go/bin/shadow.exe -c C:/Users/example/shadow/config.json -v

Linux and OpenWrt Router

Set system DNS server. Please add DNS server to ip_cidr_rules.proxy for diverting all DNS queries to shadow.

sudo go/bin/shadow -c /etc/shadow.json -v

If you are using OpenWrt, you need to configure firewall.

# set tun name in the config.json
export TunName=utun

# configure firewall for OpenWrt
iptables -I FORWARD -o $TunName -j ACCEPT
iptables -t nat -I POSTROUTING -o $TunName -j MASQUERADE

macOS

Set system DNS server. Please add DNS server to ip_cidr_rules.proxy for diverting all DNS queries to shadow.

sudo go/bin/shadow -c /etc/shadow.json -v

Documentation

Please read doc/README.md

TODO

Set interface IPv6 address and IPv6 routes

shadow's People

Contributors

Stargazers

Watchers

shadow's Issues

建议单独新建一个fakedns server

监听53端口的那种
现在是劫持方式?

有很多解析 in-addr.arpa. 的记录
希望可以block掉不要发出去

1.6 is good, but 1.7 gives an error.

I have a suggestion.

I want to socks5 relay to each process id.
(like www.proxifier.com)

Thanks.

`internel/iana` import error on Windows 10 (64bit)

internel/iana import error on Windows 10 (64bit)

> go get -v -ldflags="-s -w" -trimpath github.com/imgk/shadow/executive/shadow
packages\build\go\src\github.com\imgk\shadow\device\windivert\device.go:14:2: code in directory build\go\src\github.com\imgk\shadow\device\windivert\internal\iana expects import "golang.org/x/net/internal/iana"

I want to know how to fix it.

protocol error: not a supported scheme: http

I'm trying this app under Windows 10 with http(s) proxy
and have error
protocol error: not a supported scheme: http

this is my config
{
"server": {
"protocol": "http",
"url": "http://x.x.x.x:3128"
},
"name_server": ["https://1.1.1.1:443/dns-query"],
"ip_cidr_rules": {
"proxy": [
"198.18.0.0/16"
]
},
"geo_ip_rules": {
"file": "Country.mmdb",
"proxy": [],
"bypass": [],
"final": "proxy"
}
}

also i took this from your docs and it makes error trying unmarshal string into struct
"name_server": "https://1.1.1.1:443/dns-query"
looks like right is
"name_server": ["https://1.1.1.1:443/dns-query"]

How do you control the pure IP address?

How do you control the pure IPv4 address at config.json ?

How do I reload config.json?

Thanks...

Today's version gets an error.

DNS Leak

For some reason main DNS is leaking! Also, do we even need dns query for socks? If I'm not wrong, socks can work directly with host names?!

Config:

{
	"server": {
		"protocol": "socks",
		"url": "socks://127.0.0.1:1080"
	},
	"name_server": "https://8.8.8.8:443/dns-query",
	"tun_name": "Tunnel",
	"tun_addr": ["192.168.8.101/24"],
	"ip_cidr_rules": {
        "proxy": [
        	"198.18.0.0/16",
        	"8.8.8.8/32"
        ]
    },
    "domain_rules": {
        "proxy": ["**.*"],
        "direct": [],
        "blocked": []
    }
}

1.8 32bit compile is ok but run error.

v2ray的url如何填写？

    "protocol": "v2ray",

Please update the go.mod

Hi,

wintun.dll has been updated to 0.14

Please update the go.mod

After updating to 0.14, shadowsocks cannot connect.

Thanks...

How do I send all UDP packets to the proxy server?

I have a question.

How do I send all UDP packets to the proxy server?

Thanks...

UDP proxy has no effect on ENV:Windivert

The udp proxy has no effect, you can use this tool to test it. When the shadow-windivert mode has taken effect, the udp request of the program will not be intercepted.

Support multiple servers to processes with the same name?

I'm thinking about how to establish individual sockets connections to processes with the same name. For example,

hello.exe (PID: 1) -> Socks A
hello.exe (PID: 10) -> Socks B
hello.exe (PID: 100) -> Socks C
bye.exe (PID: 2) -> Socks D
bye.exe (PID: 20) -> Socks E

How can I approach this problem?

Unable to load WinTun for Windows 7 unsign error

according official wintun https://www.wintun.net/ info,dll has already signed.

Wintun is distributed as a simple ZIP archive containing signed DLLs for AMD64, X86, ARM64, and ARM32, along with the wintun.h header file for applications. Note that the below signed DLLs are the only supported way of distributing Wintun. The prebuilt signed DLLs are released under a more permissive license than GPL 2.0, included in the ZIP archive.

But i got this:

Unable to load WinTun for Windows 7 x86

ENV:
win7 x86

Load dll failed ?

https://github.com/WireGuard/wireguard-go/blob/310ae107c346178c2d985792665dcd071ebc044b/tun/wintun/dll_fromfile_windows.go#L40

C:\shadow>shadow.exe -c e.json -v
panic: Error loading wintun.dll DLL: Unable to load library: The parameter is in
correct.

goroutine 1 [running]:
golang.zx2c4.com/wireguard/tun/wintun.(*lazyProc).Addr(...)
        golang.zx2c4.com/[email protected]/tun/wintun
/dll_windows.go:56
golang.zx2c4.com/wireguard/tun/wintun.(*Pool).OpenAdapter(0x120b4000, 0x120912f0
, 0xa, 0x8afaa5, 0xbacfec, 0x120973c0)
        golang.zx2c4.com/[email protected]/tun/wintun
/wintun_windows.go:89 +0x180
golang.zx2c4.com/wireguard/tun.CreateTUNWithRequestedGUID(0x120912f0, 0xa, 0x120
91620, 0x7fc, 0x40c15c, 0x8, 0xa26780, 0x1208c3c0)
        golang.zx2c4.com/[email protected]/tun/tun_wi
ndows.go:75 +0x37
github.com/imgk/shadow/pkg/tun.CreateTUN(0x120912f0, 0xa, 0x7fc, 0xbacde4, 0x120
8a810, 0x1208a808)
        github.com/imgk/shadow/pkg/tun/tun_windows.go:63 +0x5f
github.com/imgk/shadow/pkg/tun.NewDeviceWithMTU(...)
        github.com/imgk/shadow/pkg/tun/tun.go:28
github.com/imgk/shadow/app.(*App).RunWithDevice(0x1208c360, 0x0, 0x0, 0x0)
        github.com/imgk/shadow/app/tun.go:63 +0xa38
github.com/imgk/shadow/app.(*App).Run(...)
        github.com/imgk/shadow/app/tun.go:117
main.main()
        github.com/imgk/shadow/main.go:65 +0x278

An error occurred in today's version.

dns: buffer size too small....error

deps version is ok!

WIN7 SP1 can not work

Hello

This program will get the following error on a 32-bit system:

windiver error: open interface handle error: The indicates an invalid packet filter string, layer, priority, or flags

The specific code that causes this reason is github.com/imgk/divert-go divert_dll.go, method open , code winDivertOpen.Call, The parameter is false, WINDIVERT_LAYER_NETWORK, 0, 0, Is there a solution?

Trojan部分内核用的Trojan-go吗

关于shadow的托管流量的原理问题

本文小白一枚，我对shadow如何托管系统的流量有点疑问
看到了https://github.com/imgk/shadow/issues/21，大概了解了原理，我还有一个问题想问一下：

【原理阐述】
#21 (comment)
您在上面说道：从 Tun/WinTun读取 IP 数据包，Tun/WinTun 的数据包获取通过修改路由表实现。WinDivert 则通过写了一个 PacketFilter 按 IP、进程名或 IP 地理位置信息将指定的数据包拦截并发送到网络栈。

【问题】
WinDivert是windows下用的。linux和mac是如何实现按 IP、进程名或 IP 地理位置信息将指定的数据包拦截并发送到gVisor网络栈上的呢？

在哪里下载 geosite.dat Country.mmdb

原理请教

首先感谢您的优秀的项目
其次我想问一下，您的这个项目是不是可以和clash结合一下，因为clash已经做的非常强大了，只要把您的接管主机流量的部分移植到clash上，是不是功能就更加的完善了

Shadow not proxing

Hello, Im trying to use this software but its not working as expected.
I built it using: go1.17 windows/amd64
##update: tried with go1.16 and seems nothing changed##
With the following cmd:
go get -v -ldflags="-s -w" -trimpath -tags="divert http" github.com/imgk/shadow

I tried to access both amazon.com and facebook.com that I put inside "blocked" and I can access them normally.
Also by trying to access any ip finder website it just output my my normal ip not the one of the proxy

This is the config file for testing that Ive used:

{
  "server": {
    "protocol": "http",
    "url": "http://x.x.x.x:yyyy"
  },
  "name_server": [ "https://1.1.1.1:443/dns-query" ],
  "windivert_filter_string": "outbound and tcp and tcp.DstPort == 443",
  "domain_rules": {
    "proxy": [
     "**.*"
    ],
    "direct": [
      "**.youtube.com",
      "*.twitter.com",
       "*.myip.com"

    ],
    "blocked": [
	"**.amazon.*",
	"www.facebook.com"
    ]
  }
}

UDP(53) error...

windivert ,geo not works

I want only CN bypass ,others proxy. But it seems to be "GLOBAL PROXY" mode.
test ip138.com , ipip.net

Already put Country.mmdb to the same dir of shadow.exe

{
  "server": {
    "protocol": "trojan",
    "url": "trojan://[email protected]:36022#xxxxxxx.com"
  },
  "name_server": "https://1.1.1.1:443/dns-query",
  "tun_name": "mytun",
  "tun_addr": [
    "192.168.0.11/24"
  ],
  "geo_ip_rules": {
    "file": "Country.mmdb",
    "proxy": [],
    "bypass": ["CN"],
    "final": "proxy"
  },
  "ip_cidr_rules": {
    "proxy": [
      "198.18.0.0/16",
      "8.8.8.8/32"
    ]
  }
}

Golang runtime error with WinDivert on Windows

环境:

go version go1.16.2 windows/amd64
windows 10 64位

wintun好像没什么毛病,但是这个windivert 会崩溃

下面是输出日志:

PS D:\project\shadow> sudo .\shadow.exe -c .\v.json -v
shadow - a transparent proxy for Windows, Linux and macOS
shadow is running...
Infor: 2021/03/22 15:47:23 hijack 192.168.50.110:49306 <-UDP-> 192.168.50.1:53
Infor: 2021/03/22 15:47:23 hijack 192.168.50.110:61073 <-UDP-> 192.168.50.1:53
Infor: 2021/03/22 15:47:23 hijack 192.168.50.110:63128 <-UDP-> 192.168.50.1:53
Infor: 2021/03/22 15:47:23 queryd 192.168.50.110:49306 ask for vm.gtimg.cn.
Infor: 2021/03/22 15:47:23 queryd 192.168.50.110:61073 ask for btrace.video.qq.com.
Infor: 2021/03/22 15:47:23 queryd 192.168.50.110:63128 ask for v.qq.com.
runtime: setevent failed; errno=6
fatal error: runtime.semawakeup

runtime stack:
runtime.throw(0xb5b2ee, 0x12)
        runtime/panic.go:1117 +0x79
runtime.semawakeup.func1()
        runtime/os_windows.go:798 +0x85
runtime.semawakeup(0xc00005e400)
        runtime/os_windows.go:796 +0x51
runtime.notewakeup(0x105f9f8)
        runtime/lock_sema.go:161 +0x65
runtime.startTheWorldWithSema(0x388d01, 0x2083ffc6dcaa4)
        runtime/proc.go:1170 +0x1eb
runtime.gcMarkTermination.func3()
        runtime/mgc.go:1746 +0x2d
runtime.systemstack(0x0)
        runtime/asm_amd64.s:379 +0x6b
runtime.mstart()
        runtime/proc.go:1246

goroutine 86 [running]:
runtime.systemstack_switch()
        runtime/asm_amd64.s:339 fp=0xc0003e5d50 sp=0xc0003e5d48 pc=0x392680
runtime.gcMarkTermination(0x3ff178ed304294cd)
        runtime/mgc.go:1746 +0x40c fp=0xc0003e5f08 sp=0xc0003e5d50 pc=0x33e3ec
runtime.gcMarkDone()
        runtime/mgc.go:1623 +0x285 fp=0xc0003e5f60 sp=0xc0003e5f08 pc=0x33df25
runtime.gcBgMarkWorker()
        runtime/mgc.go:2045 +0x2e5 fp=0xc0003e5fe0 sp=0xc0003e5f60 pc=0x33f085
runtime.goexit()
        runtime/asm_amd64.s:1371 +0x1 fp=0xc0003e5fe8 sp=0xc0003e5fe0 pc=0x394521
created by runtime.gcBgMarkStartWorkers
        runtime/mgc.go:1835 +0x3e

goroutine 1 [chan receive]:
main.main()
        github.com/imgk/shadow/main.go:73 +0x4c8

goroutine 50 [select]:
github.com/imgk/shadow/pkg/divert.(*Device).loop(0xc000092040, 0x0, 0x0)
        github.com/imgk/shadow/pkg/divert/device.go:221 +0x1f1
created by github.com/imgk/shadow/pkg/divert.NewDevice
        github.com/imgk/shadow/pkg/divert/device.go:95 +0x97f

goroutine 52 [select]:
gvisor.dev/gvisor/pkg/sync.Gopark(...)
        gvisor.dev/[email protected]/pkg/sync/runtime_unsafe.go:41
gvisor.dev/gvisor/pkg/sleep.(*Sleeper).nextWaker(0xc000080890, 0xc000067f01, 0x3a317b)
        gvisor.dev/[email protected]/pkg/sleep/sleep_unsafe.go:181 +0x77
gvisor.dev/gvisor/pkg/sleep.(*Sleeper).Fetch(0xc000080890, 0xc000289501, 0x4, 0xb61199)
        gvisor.dev/[email protected]/pkg/sleep/sleep_unsafe.go:228 +0x3f
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*processor).start(0xc000080878, 0xc00039a10c)
        gvisor.dev/[email protected]/pkg/tcpip/transport/tcp/dispatcher.go:96 +0x20a
created by gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*dispatcher).init
        gvisor.dev/[email protected]/pkg/tcpip/transport/tcp/dispatcher.go:161 +0x170

关于shadow的原理问题

作者你好，由于我怕英文表意不准确，因此考虑直接用中文问你好了。

最近有空想学习一下shadow的源码，但是由于这网络技术栈方面经验欠缺，加上之前稍微看了下代码，不太明白的实现原理。

目前shadow用WinTun, WinDivert, gVisor几个不同的组件来分别实现透明代码，加上Fake IP mode，但是他们之间是怎么联动起来的不是太明白。

如果你有时间的话，可以大概跟我描绘一下整个blueprint和大概的一些细节吗？非常感谢 🤣

Since version 0.4.8, shadowsocks cannot be connected.

Up to golang.zx2c4.com/wireguard/windows 0.4.7 it worked normally.

After that, shadowsocks will not connect.

Today's version(0.4.11) doesn't work either.

wintun tab driver is not created.

{
"server": {"protocol": "shadowsocks", "url": "shadowsocks://aes-256-gcm:pass@server_ip:port"},
"name_server": ["tls://8.8.8.8:853"],
"tun": {"tun_name": "tun1","tun_addr": ["10.0.0.1/30"]},
"ip_cidr_rules": {"proxy": ["0.0.0.0/1","128.0.0.0/1"]},
"app_rules": {"proxy": []},
"domain_rules": {"proxy": [],"direct": [],"blocked": []}
}

netstack\core\core.go:60:10: undefined: core.LWIPStack

Recently, I tried to build with an updated source and I saw the error below.
There was no problem with the previous revision.

$ go get -v -ldflags="-s -w" -trimpath github.com/imgk/shadow
go: downloading golang.zx2c4.com/wireguard v0.0.20200321-0.20200607075020-f28a6d244b51
go: downloading golang.zx2c4.com/wireguard/windows v0.1.1
go: downloading golang.org/x/text v0.3.3-0.20200513185708-81608d7e9c68
internal/unsafeheader
runtime/internal/atomic
internal/cpu
runtime/internal/sys
internal/race
sync/atomic
unicode
internal/bytealg
runtime/internal/math
unicode/utf8
math/bits
internal/syscall/windows/sysdll
unicode/utf16
internal/testlog
math
encoding
container/list
crypto/internal/subtle
runtime
crypto/subtle
vendor/golang.org/x/crypto/cryptobyte/asn1
internal/nettrace
vendor/golang.org/x/crypto/internal/subtle
golang.org/x/sys/internal/unsafeheader
golang.org/x/net/internal/iana
golang.org/x/crypto/internal/subtle
internal/reflectlite
sync
internal/singleflight
math/rand
errors
sort
internal/oserror
io
strconv
vendor/golang.org/x/net/dns/dnsmessage
syscall
bytes
reflect
strings
hash
hash/crc32
bufio
internal/syscall/windows
internal/syscall/windows/registry
crypto
internal/syscall/execenv
internal/fmtsort
time
encoding/binary
crypto/internal/randutil
crypto/hmac
crypto/rc4
encoding/base64
context
internal/poll
crypto/cipher
crypto/sha512
crypto/ed25519/internal/edwards25519
crypto/md5
os
crypto/aes
crypto/des
crypto/sha1
fmt
crypto/sha256
encoding/pem
vendor/golang.org/x/crypto/chacha20
net
flag
encoding/json
compress/flate
math/big
compress/gzip
encoding/hex
net/url
vendor/golang.org/x/crypto/poly1305
vendor/golang.org/x/crypto/curve25519
vendor/golang.org/x/crypto/hkdf
vendor/golang.org/x/crypto/chacha20poly1305
path/filepath
vendor/golang.org/x/text/transform
log
crypto/rand
crypto/elliptic
encoding/asn1
crypto/dsa
crypto/ed25519
crypto/rsa
io/ioutil
vendor/golang.org/x/text/unicode/bidi
vendor/golang.org/x/crypto/cryptobyte
crypto/x509/pkix
vendor/golang.org/x/text/unicode/norm
vendor/golang.org/x/text/secure/bidirule
crypto/ecdsa
net/textproto
vendor/golang.org/x/net/http2/hpack
crypto/x509
mime
vendor/golang.org/x/net/idna
mime/quotedprintable
net/http/internal
mime/multipart
vendor/golang.org/x/net/http/httpguts
vendor/golang.org/x/net/http/httpproxy
crypto/tls
path
regexp/syntax
github.com/imgk/shadow/common/iptree
golang.org/x/sys/windows
archive/zip
regexp
net/http/httptrace
golang.org/x/net/bpf
github.com/eycorsican/go-tun2socks/core
net/http
golang.org/x/net/internal/socket
golang.org/x/sys/windows/registry
go.uber.org/atomic
go.uber.org/multierr
golang.org/x/net/ipv4
golang.org/x/net/ipv6
go.uber.org/zap/buffer
go.uber.org/zap/internal/bufferpool
go.uber.org/zap/internal/color
go.uber.org/zap/internal/exit
encoding/base32
golang.org/x/crypto/ed25519
go.uber.org/zap/zapcore
html
github.com/miekg/dns
text/template/parse
github.com/gorilla/mux
github.com/imgk/shadow/common
text/template
go.uber.org/zap
github.com/imgk/shadow/device/windivert
github.com/imgk/shadow/protocol
github.com/imgk/shadow/netstack/core
html/template
text/tabwriter
internal/profile

github.com/imgk/shadow/netstack/core

netstack\core\core.go:60:10: undefined: core.LWIPStack
netstack\core\core.go:72:12: undefined: core.NewLWIPStack
netstack\core\core.go:75:2: undefined: core.RegisterOutputFn
netstack\core\core.go:91:4: not enough arguments to return
netstack\core\core.go:93:4: not enough arguments to return
netstack\core\core.go:99:4: not enough arguments to return
netstack\core\core.go:101:4: not enough arguments to return
runtime/trace
github.com/imgk/shadow/protocol/http
runtime/pprof
golang.org/x/crypto/chacha20
golang.org/x/crypto/poly1305
golang.org/x/crypto/hkdf
github.com/imgk/shadow/protocol/socks
net/http/pprof
golang.org/x/crypto/chacha20poly1305
github.com/gorilla/websocket
container/heap
github.com/imgk/shadow/protocol/shadowsocks/core
os/signal
github.com/xtaci/smux
github.com/imgk/shadow/protocol/shadowsocks
github.com/imgk/shadow/protocol/trojan

issue about shadow-wintun configuration

go build -v -ldflags="-s -w" -trimpath -tags="trojan" github.com/imgk/shadow pkg\embed\embed.go:3:8: package embed is not in GOROOT (c:\go\src\embed)
i didn't found embed

如何代理TCP

配置

{
    "server": {
        "protocol": "socks",
        "url": "socks://127.0.0.1:25966"
    },
    "name_server": "https://1.1.1.1:443/dns-query",
    "windivert_filter_string": "(outbound and tcp and tcp.DstPort == 443)or(outbound and udp and udp.DstPort == 53)",
    "domain_rules": {
        "proxy": [
            "**.google.com",
            "**.google.*",
            "**.google.*.*",
            "**.youtube.com",
            "*.twitter.com",
            "www.facebook.com",
            "bing.com",
            "**.amazon.*"
        ],
        "direct": [
            "**.baidu.*",
            "**.youku.*",
            "**.*"
        ],
        "blocked": [
            "ad.blocked.com"
        ]
    },
    "geo_ip_rules": {
        "file": "Country.mmdb",
        "proxy": [],
        "bypass": ["CN"],
        "final": ""
    }
}

日志

D:\git\shadow>shadow -c config.json -v
shadow - a transparent proxy for Windows, Linux and macOS
shadow is running...
Infor: 2021/03/22 01:45:19 hijack 192.168.6.163:58524 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:45:19 queryd 192.168.6.163:58524 ask for www.pianshen.com.
Infor: 2021/03/22 01:45:19 queryd 192.168.6.163:58524 ask for www.pianshen.com.
Infor: 2021/03/22 01:45:22 hijack 192.168.6.163:61148 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:45:22 queryd 192.168.6.163:61148 ask for nav.smartscreen.microsoft.com.
Infor: 2021/03/22 01:45:22 queryd 192.168.6.163:61148 ask for nav.smartscreen.microsoft.com.
Infor: 2021/03/22 01:45:29 hijack 192.168.6.163:57171 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:45:29 queryd 192.168.6.163:57171 ask for edge.activity.windows.com.
Infor: 2021/03/22 01:45:30 queryd 192.168.6.163:57171 ask for edge.activity.windows.com.
Infor: 2021/03/22 01:46:18 hijack 192.168.6.163:53573 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:18 queryd 192.168.6.163:53573 ask for s.amazon-adsystem.com.
Infor: 2021/03/22 01:46:18 queryd 192.168.6.163:53573 ask for s.amazon-adsystem.com.
Infor: 2021/03/22 01:46:19 hijack 192.168.6.163:64637 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:19 queryd 192.168.6.163:64637 ask for beacon.lynx.cognitivlabs.com.
Infor: 2021/03/22 01:46:19 queryd 192.168.6.163:64637 ask for beacon.lynx.cognitivlabs.com.
Infor: 2021/03/22 01:46:19 hijack 192.168.6.163:62707 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:19 queryd 192.168.6.163:62707 ask for pixel-us-east.rubiconproject.com.
Infor: 2021/03/22 01:46:19 queryd 192.168.6.163:62707 ask for pixel-us-east.rubiconproject.com.
Infor: 2021/03/22 01:46:20 hijack 192.168.6.163:64328 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:20 queryd 192.168.6.163:64328 ask for csync.smartadserver.com.
Infor: 2021/03/22 01:46:20 queryd 192.168.6.163:64328 ask for csync.smartadserver.com.
Infor: 2021/03/22 01:46:21 hijack 192.168.6.163:63862 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:21 queryd 192.168.6.163:63862 ask for eu-u.openx.net.
Infor: 2021/03/22 01:46:21 queryd 192.168.6.163:63862 ask for eu-u.openx.net.
Infor: 2021/03/22 01:46:22 hijack 192.168.6.163:63023 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:22 queryd 192.168.6.163:63023 ask for dsp.nrich.ai.
Infor: 2021/03/22 01:46:22 queryd 192.168.6.163:63023 ask for dsp.nrich.ai.
Infor: 2021/03/22 01:46:22 hijack 192.168.6.163:49296 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:22 queryd 192.168.6.163:49296 ask for nav.smartscreen.microsoft.com.
Infor: 2021/03/22 01:46:22 queryd 192.168.6.163:49296 ask for nav.smartscreen.microsoft.com.
Infor: 2021/03/22 01:46:23 hijack 192.168.6.163:62770 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:23 queryd 192.168.6.163:62770 ask for tpc.googlesyndication.com.
Infor: 2021/03/22 01:46:23 queryd 192.168.6.163:62770 ask for tpc.googlesyndication.com.
Infor: 2021/03/22 01:46:24 hijack 192.168.6.163:52547 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:24 queryd 192.168.6.163:52547 ask for cm.ctnsnet.com.
Infor: 2021/03/22 01:46:24 queryd 192.168.6.163:52547 ask for cm.ctnsnet.com.
Infor: 2021/03/22 01:46:33 hijack 192.168.6.163:54491 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:33 queryd 192.168.6.163:54491 ask for github.com.
Infor: 2021/03/22 01:46:33 queryd 192.168.6.163:54491 ask for github.com.
Infor: 2021/03/22 01:46:33 hijack 192.168.6.163:54548 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:46:33 queryd 192.168.6.163:54548 ask for nav.smartscreen.microsoft.com.
Infor: 2021/03/22 01:46:33 queryd 192.168.6.163:54548 ask for nav.smartscreen.microsoft.com.
Infor: 2021/03/22 01:47:10 hijack 192.168.6.163:63153 <-UDP-> 192.168.1.2:53
Infor: 2021/03/22 01:47:10 queryd 192.168.6.163:63153 ask for mail2gduteducn-my.sharepoint.com.
Infor: 2021/03/22 01:47:11 queryd 192.168.6.163:63153 ask for mail2gduteducn-my.sharepoint.com.

can't launch shadow

After compiling and adding config file, it shows an error:

PS C:\Users\<username>\go\bin> .\shadow.exe -v
2022/04/19 17:45:01 json: cannot unmarshal string into Go struct field Conf.name_server of type []string
panic: json: cannot unmarshal string into Go struct field Conf.name_server of type []string

goroutine 1 [running]:
log.Panic({0xc000117ef0, 0xb, 0xc0002823b0})
        log/log.go:354 +0x65
main.main()
        github.com/imgk/[email protected]/main.go:61 +0x22c

How to fix it?

resolver 能够支持多个上游dns服务器吗？

RT，目前只能配置一个

Perfect, but how is UDP forwarding?

Hi,

This is Perfect, but how is UDP forwarding?

Thanks...

The daemon dies for no reason.

use wintun,how to "global proxy"?

I tried set domain_rule.proxy ,but not works

{
    "domain_rules": {
        "proxy": [
            "**.*"
        ],
        "direct": [],
        "blocked": []
    }
}

What is the nameserver for?

Is it used for all requests, only for proxied requests, only for non-proxied requests, or called prior to determining proxy/direct? Is the nameserver itself proxied?

大佬你好

这个dns怎么用的http协议的呢。有没有公共的这种服务器

config.json文件的内容该怎么写？

能在此贴出一个示范的config.json文件的内容吗

要是支持 GEOIP 就完美了

规则可以简单些

Support CLI arguments, exclude routes, DNS and MTU for Windows

Hi, I'm working on a similar project fork (https://github.com/eycorsican/go-tun2socks). I implemented some features I missed, but the upstream project is based on LwIP stack, which I don't like.

I'd happy to switch to your project, but it doesn't support features listed below:

MTU set for Windows (wireguard doesn't set it by default)
Exclude routes (CLI arg + config)
It would be nice if you make config file to be optional and allow specifying parameters via CLI args as well

I prepared a package to support this stuff: https://github.com/kayrus/tuncfg
Let me know if you want to embed it into your project

Support geosite.dat and faster DomainMatcher implementation

geosite.dat
v2ray-rules-dat

XTLS/Xray-core#348

Help : Trojan Go url format

How to convert trojan go over websocket url format to shadow format like this

trojan-go://aaa-bbb-ccc-ddd@server:443/?sni=hostsni&type=ws&host=hostwebsocket&path=%2Fpathserver

thx

Block non-proxified traffic

How can I block non-proxified traffic? And is it even possible?

error in openwrt while routing

hello, I just build with the latest repo and works in windows but in Linux says

2021/05/22 17:34:08 add route entry error: ioctl: SIOCADDRT: invalid argument
panic: add route entry error: ioctl: SIOCADDRT: invalid argument

I am using RPI4b with OpenWRT 19.07 snapshot

没有编译成功吗?

user@macos ~ % go version
go version go1.16.15 darwin/amd64
user@macos ~ % go get -v -ldflags="-s -w" -trimpath -tags="socks" github.com/imgk/shadow
go/pkg/mod/github.com/imgk/[email protected]/pkg/tun/tun_darwin.go:14:2: //go:build comment without // +build comment
user@macos ~ % ls ~/go/bin
user@macos ~ % ls -l ~/go/bin
没有生成shadow?

There is one request to you.

Like TCP, UDP wants to be relayed to a proxy server.

If this one thing is added, this project will be perfect.

Please...

关于WinTun转发处理的疑问请教

你好，在Windows平台使用WinTun虚拟网卡接管流量，在过滤器处理阶段，需要走代理的流量写入协议栈，而如果是不需要走代理的流量，我看你又写回了WinTun，那么该流量会按照什么路径出去呢？

Some execute fine, others don't.

Some execute fine, others don't.
(It's a different computer, but I'm using the same Windows 10 64bit)

config.json

{
"Server": "ss://aes-256-gcm:[email protected]:8388",
"NameServer": "127.0.0.1:5300=https://cloudflare-dns.com/dns-query",
"IPCIDR": ["44.44.0.0/16"],
"Programs": ["msedge.exe"],
"Proxy": [],
"Direct": [],
"Blocked": []
}

imgk / shadow Goto Github PK

shadow's Introduction

Shadow

How to build

How to use it

Windows

GUI

CLI

Linux and OpenWrt Router

macOS

Documentation

TODO

shadow's People

Contributors

Stargazers

Watchers

Forkers

shadow's Issues

github.com/imgk/shadow/netstack/core

Recommend Projects

Recommend Topics

Recommend Org

Jobs