Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SS-SERVER(1)		   Shadowsocks-libev Manual		  SS-SERVER(1)

NAME
       ss-server - shadowsocks server, libev port

SYNOPSIS
       ss-server [-uUv]	[-h|--help] [-s	_server_host_] [-p _server_port_] [-l
       _local_port_] [-k _password_] [-m _encrypt_method_] [-f _pid_file_] [-t
       _timeout_] [-c _config_file_] [-i _interface_] [-a _user_name_] [-d
       _addr_] [-n _nofile_] [-b _local_address_] [--fast-open]	[--reuse-port]
       [--mptcp] [--acl	_acl_config_] [--mtu _MTU_] [--no-delay]
       [--manager-address _path_to_unix_domain_] [--plugin _plugin_name_]
       [--plugin-opts _plugin_options_]	[--password _password_]	[--key
       _key_in_base64_]

DESCRIPTION
       Shadowsocks-libev is a lightweight and secure socks5 proxy. It is a
       port of the original shadowsocks	created	by clowwindy.
       Shadowsocks-libev is written in pure C and takes	advantage of libev to
       achieve both high performance and low resource consumption.

       Shadowsocks-libev consists of five components. ss-server(1) runs	on a
       remote server to	provide	secured	tunnel service.	For more information,
       check out shadowsocks-libev(8).

OPTIONS
       -s _server_host_
	   Set the server's hostname or	IP.

       -p _server_port_
	   Set the server's port number.

       -k _password_, --password _password_
	   Set the password. The server	and the	client should use the same
	   password.

       --key _key_in_base64_
	   Set the key directly. The key should	be encoded with	URL-safe
	   Base64.

       -m _encrypt_method_
	   Set the cipher.

	   Shadowsocks-libev accepts 18	different ciphers:

	   aes-128-gcm,	aes-192-gcm, aes-256-gcm, rc4-md5, aes-128-cfb,
	   aes-192-cfb,	aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr,
	   bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb,
	   chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf.

	   If built with PolarSSL or custom OpenSSL libraries, some of these
	   ciphers may not work.

       -a _user_name_
	   Run as a specific user.

       -f _pid_file_
	   Start shadowsocks as	a daemon with specific pid file.

       -t _timeout_
	   Set the socket timeout in seconds. The default value	is 60.

       -c _config_file_
	   Use a configuration file.

	   Refer to shadowsocks-libev(8) CONFIG	FILE section for more details.

       -n _number_
	   Specify max number of open files.

	   Only	available on Linux.

       -i _interface_
	   Send	traffic	through	specific network interface.

	   For example,	there are three	interfaces in your device, which is lo
	   (127.0.0.1),	eth0 (192.168.0.1) and eth1 (192.168.0.2). Meanwhile,
	   you configure ss-server to listen on	0.0.0.0:8388 and bind to eth1.
	   That	results	the traffic go out through eth1, but not lo nor	eth0.
	   This	option is useful to control traffic in multi-interface
	   environment.

       -b _local_address_
	   Specify the local address to	use while this server is making
	   outbound connections	to remote servers on behalf of the clients.

       -u
	   Enable UDP relay.

       -U
	   Enable UDP relay and	disable	TCP relay.

       -6
	   Resovle hostname to IPv6 address first.

       -d _addr_
	   Setup name servers for internal DNS resolver	(libc-ares). The
	   default server is fetched from /etc/resolv.conf.

       --fast-open
	   Enable TCP fast open.

	   Only	available with Linux kernel > 3.7.0.

       --reuse-port
	   Enable port reuse.

	   Only	available with Linux kernel > 3.9.0.

       --no-delay
	   Enable TCP_NODELAY.

       --acl _acl_config_
	   Enable ACL (Access Control List) and	specify	config file.

       --manager-address _path_to_unix_domain_
	   Specify UNIX	domain socket address for the communication between
	   ss-manager(1) and ss-server(1).

	   Only	available in server and	manager	mode.

       --mtu _MTU_
	   Specify the MTU of your network interface.

       --mptcp
	   Enable Multipath TCP.

	   Only	available with MPTCP enabled Linux kernel.

       --plugin	_plugin_name_
	   Enable SIP003 plugin. (Experimental)

       --plugin-opts _plugin_options_
	   Set SIP003 plugin options. (Experimental)

       -v
	   Enable verbose mode.

       -h|--help
	   Print help message.

EXAMPLE
       It is recommended to use	a config file when starting ss-server(1).

       The config file is written in JSON and is easy to edit. Check out the
       SEE ALSO	section	for the	default	path of	config file.

	   # Start the ss-server
	   ss-server -c	/etc/shadowsocks-libev/config.json

INCOMPATIBILITY
       The config file of shadowsocks-libev(8) is slightly different from
       original	shadowsocks.

       In order	to listen to both IPv4/IPv6 address, use the following grammar
       in your config json file:

	   {
	   "server":["::0","0.0.0.0"],
	   ...
	   }

       ss-server(1) also does not understand "port_password" field in config
       file. If	you want to start up multiple server instances with a single
       config file, please try ss-manager tool.	See ss-manager(8) for details.

SEE ALSO
       ss-local(1), ss-tunnel(1), ss-redir(1), ss-manager(1),
       shadowsocks-libev(8), iptables(8), /etc/shadowsocks-libev/config.json

Shadowsocks-libev 3.3.2		  08/10/2020			  SS-SERVER(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | INCOMPATIBILITY | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ss-server&sektion=1&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help