go-gost/gost
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update README.md

Browse Source
This commit is contained in:
ginuerzh 2022-03-18 21:20:27 +08:00
parent 7b5913123f
commit cb0d81f938
4 changed files with 150 additions and 260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
README.md
View File

@ -1,4 +1,50 @@
gost 3.0
======
# GO Simple Tunnel
WORK IN PROGRESS...
## GO语言实现的安全隧道
## 功能特性
- [x] 多端口监听
- [x] 支持转发链,并支持多级转发
- [x] 支持多种协议(HTTPHTTPSHTTP2SOCKS5WebsocketQUIC...)
- [x] 本地/远程TCP/UDP端口转发
- [x] DNS解析和代理
- [x] TUN/TAP设备
- [x] 负载均衡
- [x] 路由控制
- [x] 动态配置
- [x] Prometheus Metrics
- [x] Web API
- [ ] Web UI
## 下载安装
### 二进制文件
[https://github.com/go-gost/gost/releases](https://github.com/go-gost/gost/releases)
### 源码编译
```
git clone https://github.com/go-gost/gost.git
cd gost/cmd/gost
go build
```
### Docker
```
docker pull gogost/gost
```
### Shadowsocks Android插件
[xausky/ShadowsocksGostPlugin](https://github.com/xausky/ShadowsocksGostPlugin)
## 问题建议
提交Issue: [https://github.com/go-gost/gost/issues](https://github.com/go-gost/gost/issues)
Telegram讨论群: [https://t.me/gogost](https://t.me/gogost)
Google讨论组: [https://groups.google.com/d/forum/go-gost](https://groups.google.com/d/forum/go-gost)

4
go.mod
View File

@ -5,8 +5,8 @@ go 1.18
replace github.com/templexxx/cpu v0.0.7 => github.com/templexxx/cpu v0.0.10-0.20211111114238-98168dcec14a
require (
github.com/go-gost/core v0.0.0-20220317144108-bab2906aeb73
github.com/go-gost/x v0.0.0-20220317145457-0f1f7790c52a
github.com/go-gost/core v0.0.0-20220318131726-78089d88873f
github.com/go-gost/x v0.0.0-20220318131912-6a6367b8d12f
)
require (

8
go.sum
View File

@ -121,8 +121,8 @@ github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gost/core v0.0.0-20220317144108-bab2906aeb73 h1:N9iL7Jf+ahGBieyKu2iUqPVQFQzUjqGKl/lZM+YiSEo=
github.com/go-gost/core v0.0.0-20220317144108-bab2906aeb73/go.mod h1:+Eqgm24sZ61yY9uPhRIPM79Ig+r2Rk5QIOcZWLL+5q0=
github.com/go-gost/core v0.0.0-20220318131726-78089d88873f h1:xg+nZO1V+82TJzsZOeHH1lYoAlZpdYdU+Aiz4BGgaVs=
github.com/go-gost/core v0.0.0-20220318131726-78089d88873f/go.mod h1:oga1T7DJPJM+DpiQaZvTES9P9jvybRSgR/V5j+sEDpg=
github.com/go-gost/gosocks4 v0.0.1 h1:+k1sec8HlELuQV7rWftIkmy8UijzUt2I6t+iMPlGB2s=
github.com/go-gost/gosocks4 v0.0.1/go.mod h1:3B6L47HbU/qugDg4JnoFPHgJXE43Inz8Bah1QaN9qCc=
github.com/go-gost/gosocks5 v0.3.1-0.20211109033403-d894d75b7f09 h1:A95M6UWcfZgOuJkQ7QLfG0Hs5peWIUSysCDNz4pfe04=
@ -131,8 +131,8 @@ github.com/go-gost/relay v0.1.1-0.20211123134818-8ef7fd81ffd7 h1:itaaJhQJ19kUXEB
github.com/go-gost/relay v0.1.1-0.20211123134818-8ef7fd81ffd7/go.mod h1:lcX+23LCQ3khIeASBo+tJ/WbwXFO32/N5YN6ucuYTG8=
github.com/go-gost/tls-dissector v0.0.2-0.20211125135007-2b5d5bd9c07e h1:73NGqAs22ey3wJkIYVD/ACEoovuIuOlEzQTEoqrO5+U=
github.com/go-gost/tls-dissector v0.0.2-0.20211125135007-2b5d5bd9c07e/go.mod h1:/9QfdewqmHdaE362Hv5nDaSWLx3pCmtD870d6GaquXs=
github.com/go-gost/x v0.0.0-20220317145457-0f1f7790c52a h1:i2PGFgLyiFsOJICgYYAjeV+n9ce2yqOqfkuK0V3A5I8=
github.com/go-gost/x v0.0.0-20220317145457-0f1f7790c52a/go.mod h1:iJgHCWLZB5zA/0NNZWbRxzpUwk5YS1elHTGmACI84C0=
github.com/go-gost/x v0.0.0-20220318131912-6a6367b8d12f h1:D3a6VqprxZwuzEF1/xVhzz76IWKrX2oHx3KDALyiKx4=
github.com/go-gost/x v0.0.0-20220318131912-6a6367b8d12f/go.mod h1:0eqpLtDleyR05dUACjy3dkhMxVvknt0gPjsH15PXnys=
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=

346
gost.yml
View File

@ -1,283 +1,110 @@
log:
output: stderr # none, stderr, stdout, /path/to/file
level: debug # debug, info, warn, error, fatal
format: json # text, json
services:
- name: http+tcp
addr: ":28000"
# bypass: bypass01
- name: service-0
addr: ":8080"
interface: eth0
admission: admission-0
bypass: bypass-0
resolver: resolver-0
hosts: hosts-0
handler:
type: http
chain: chain01
metadata:
proxyAgent: "gost/3.0"
auths:
- user1:pass1
- user2:pass2
# probeResist: code:404 # code, web, host, file
# knock: example.com
auth:
username: user
password: pass
auther: auther-0
chain: chain-0
retries: 1
metadata:
foo: bar
bar: baz
listener:
type: tcp
auth:
username: user
password: pass
auther: auther-0
chain: chain-0
tls:
certFile: cert.pem
keyFile: key.pem
caFile: ca.pem
metadata:
keepAlive: 15s
- name: ss
addr: ":28338"
# bypass: bypass01
handler:
type: ss
# chain: chain01
metadata:
method: chacha20-ietf
password: gost
readTimeout: 5s
udp: true
bufferSize: 4096
listener:
type: tcp
metadata:
keepAlive: 15s
- name: socks5
addr: ":21080"
# bypass: bypass01
handler:
type: socks5
# chain: chain-ss
metadata:
auths:
- gost:gost
readTimeout: 5s
notls: true
bind: true
udp: true
# udpBufferSize: 4096 # range [512, 66560]
listener:
type: tcp
metadata:
keepAlive: 15s
- name: socks5+tcp
addr: ":21081"
handler:
type: socks5
metadata:
auths:
- gost:gost
readTimeout: 5s
notls: true
# udpBufferSize: 1024
listener:
type: tcp
metadata:
keepAlive: 15s
- name: forward
addr: ":10053"
abc: xyz
def: 456
forwarder:
targets:
- 192.168.8.8:53
- 192.168.8.1:53
- 1.1.1.1:53
- 192.168.1.1:1234
- 192.168.1.2:2345
selector:
strategy: fifo
strategy: rand
maxFails: 1
failTimeout: 30s
handler:
type: forward
chain: chain-ss
metadata:
readTimeout: 5s
listener:
type: udp
metadata:
keepAlive: 15s
- name: kcp-forward-tunnel
addr: ":8388"
forwarder:
targets:
- 127.0.0.1:28338
handler:
type: forward
metadata:
readTimeout: 5s
listener:
type: kcp
metadata:
keepAlive: 15s
- name: rtcp
addr: ":28100"
forwarder:
targets:
- 192.168.8.8:80
handler:
type: forward
metadata:
readTimeout: 5s
listener:
type: rtcp
# chain: chain-socks5
metadata:
keepAlive: 15s
mux: true
- name: rudp
addr: ":1053"
forwarder:
targets:
- 192.168.8.8:53
- 192.168.8.1:53
selector:
strategy: round
maxFails: 1
failTimeout: 30s
handler:
type: forward
metadata:
readTimeout: 5s
listener:
type: rudp
chain: chain-socks5
metadata:
keepAlive: 15s
chains:
- name: chain01
# chain level selector
- name: chain-0
selector:
strategy: round
maxFails: 1
failTimeout: 30s
hops:
- name: hop01
# hop level selector
- name: hop-0
interface: 192.168.1.2
selector:
strategy: round
maxFails: 1
failTimeout: 30s
strategy: rand
maxFails: 3
failTimeout: 60s
bypass: bypass-0
nodes:
- name: node01
addr: ":8081"
# bypass: bypass01
connector:
type: http
metadata:
userAgent: "gost/3.0"
auth: user1:pass1
dialer:
type: tcp
metadata: {}
- name: node02
addr: ":8082"
# bypass: bypass01
connector:
type: http
metadata:
userAgent: "gost/3.0"
auth: user2:pass2
dialer:
type: tcp
metadata: {}
- name: hop02
# hop level selector
selector:
strategy: round
maxFails: 1
failTimeout: 30s
nodes:
- name: node03
addr: ":8083"
# bypass: bypass01
connector:
type: http
metadata:
userAgent: "gost/3.0"
auth: user3:pass3
dialer:
type: tcp
metadata: {}
- name: chain-socks4
hops:
- name: hop01
nodes:
- name: node01
addr: ":8081"
url: "http://gost:gost@:8081"
# bypass: bypass01
connector:
type: socks4
metadata: {}
dialer:
type: tcp
metadata: {}
- name: chain-socks5
hops:
- name: hop01
nodes:
- name: node01
addr: ":21080"
# bypass: bypass01
- name: node-0
addr: ":1080"
interface: eth1
bypass: bypass-0
connector:
type: socks5
auth:
username: user
password: pass
metadata:
notls: true
auth: gost:gost
foo: bar
dialer:
type: tcp
metadata: {}
- name: chain-ss
hops:
- name: hop01
nodes:
- name: node01
addr: ":28338"
url: "http://gost:gost@:8081"
# bypass: bypass01
connector:
type: ss
metadata:
method: chacha20-ietf
password: gost
readTimeout: 5s
nodelay: true
udp: true
bufferSize: 4096
dialer:
type: tcp
metadata: {}
auth:
username: user
password: pass
tls:
caFile: "ca.pem"
secure: true
serverName: "example.com"
metadata:
bar: baz
tls:
certFile: "cert.pem"
keyFile: "key.pem"
caFile: "ca.pem"
authers:
- name: auther-0
auths:
- username: user1
password: pass1
- username: user2
password: pass2
admissions:
- name: admission-0
reverse: false
matchers:
- 127.0.0.1
- 192.168.0.0/16
bypasses:
- name: bypass-0
reverse: false
matchers:
- .baidu.com
- "*.example.com" # domain wildcard
- .example.org # will match example.org and *.example.org
# From IANA IPv4 Special-Purpose Address Registry
# http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
- 0.0.0.0/8 # RFC1122: "This host on this network"
- 10.0.0.0/8 # RFC1918: Private-Use
- 100.64.0.0/10 # RFC6598: Shared Address Space
- 127.0.0.0/8 # RFC1122: Loopback
- 169.254.0.0/16 # RFC3927: Link Local
- 172.16.0.0/12 # RFC1918: Private-Use
- 192.0.0.0/24 # RFC6890: IETF Protocol Assignments
- 192.0.2.0/24 # RFC5737: Documentation (TEST-NET-1)
- 192.88.99.0/24 # RFC3068: 6to4 Relay Anycast
- 192.168.0.0/16 # RFC1918: Private-Use
- 198.18.0.0/15 # RFC2544: Benchmarking
- 198.51.100.0/24 # RFC5737: Documentation (TEST-NET-2)
- 203.0.113.0/24 # RFC5737: Documentation (TEST-NET-3)
- 240.0.0.0/4 # RFC1112: Reserved
- 255.255.255.255/32 # RFC0919: Limited Broadcast
# From IANA Multicast Address Space Registry
# http://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml
- 224.0.0.0/4 # RFC5771: Multicast/Reserved
tls:
cert: "cert.pem"
key: "key.pem"
# ca: "root.ca"
- "*.example.com"
- .example.org
- 0.0.0.0/8
resolvers:
- name: resolver-0
@ -308,6 +135,23 @@ hosts:
- bar
- baz
log:
output: stderr
level: debug
format: json
profiling:
addr: ":6060"
enabled: true
api:
addr: ":18080"
pathPrefix: /api
accesslog: true
auth:
username: user
password: pass
auther: auther-0
metrics:
addr: :9000
path: /metrics