GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SS-MANAGER(1) Shadowsocks-libev Manual SS-MANAGER(1)

ss-manager - ss-server controller for multi-user management and traffic statistics

ss-manager [-AuUv] [-h|--help] [-s <server_host>] [-p <server_port>] [-l <local_port>] [-k <password>] [-m <encrypt_method>] [-f <pid_file>] [-t <timeout>] [-c <config_file>] [-i <interface>] [-b <local_addr>] [-a <user_name>] [-D <path>] [--manager-address <path_to_unix_domain>] [--executable <path_to_server_executable>] [--fast-open] [--reuse-port] [--plugin <plugin_name>] [--plugin-opts <plugin_options>]

Shadowsocks-libev is a lightweight and secure socks5 proxy. It is a port of the original shadowsocks created by clowwindy. Shadowsocks-libev is written in pure C and takes advantage of libev to achieve both high performance and low resource consumption.

Shadowsocks-libev consists of five components. ss-manager(1) is a controller for multi-user management and traffic statistics, using UNIX domain socket to talk with ss-server(1). Also, it provides a UNIX domain socket or IP based API for other software. About the details of this API, please refer to the following PROTOCOL section.

-s <server_host>
Set the server’s hostname or IP.

-k <password>

Set the password. The server and the client should use the same password.

-m <encrypt_method>

Set the cipher.

Shadowsocks-libev accepts 19 different ciphers:

aes-128-gcm, aes-192-gcm, aes-256-gcm, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, xchacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf.

The default cipher is chacha20-ietf-poly1305.

If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work.

-a <user_name>

Run as a specific user.

-f <pid_file>

Start shadowsocks as a daemon with specific pid file.

-t <timeout>

Set the socket timeout in seconds. The default value is 60.

-c <config_file>

Use a configuration file.

You may use "port_password" field inside this configuration file to bring up multiple ss-server instances together.

-i <interface>

Send traffic through specific network interface.

For example, there are three interfaces in your device, which is lo (127.0.0.1), eth0 (192.168.0.1) and eth1 (192.168.0.2). Meanwhile, you configure ss-local to listen on 0.0.0.0:8388 and bind to eth1. That results the traffic go out through eth1, but not lo nor eth0. This option is useful to control traffic in multi-interface environment.

-u

Enable UDP relay.

-U

Enable UDP relay and disable TCP relay.

-A

Enable onetime authentication.

-d <addr>

Setup name servers for internal DNS resolver (libc-ares). The default server is fetched from /etc/resolv.conf.

--fast-open

Enable TCP fast open.

Only available with Linux kernel > 3.7.0.

--reuse-port

Enable port reuse.

Only available with Linux kernel > 3.9.0.

--acl <acl_config>

Enable ACL (Access Control List) and specify config file.

--manager-address <path_to_unix_domain>

Specify UNIX domain socket address for the communication between ss-manager(1) and ss-server(1).

Only available in server and manager mode.

--executable <path_to_server_executable>

Specify the executable path of ss-server.

Only available in manager mode.

--executable <path_to_server_executable>

Specify the working directory of ss-manager.

Only available in manager mode.

--plugin <plugin_name>

Enable SIP003 plugin. (Experimental)

--plugin-opts <plugin_options>

Set SIP003 plugin options. (Experimental)

-v

Enable verbose mode.

-h|--help

Print help message.

ss-manager(1) provides several APIs through UDP protocol:

Send UDP commands in the following format to the manager-address provided to ss-manager(1):

command: [JSON data]

To add a port:

add: {"server_port": 8001, "password":"7cd308cc059"}

To remove a port:

remove: {"server_port": 8001}

To receive the traffic statistics:

ping

The format of the traffic statistics:

stat: {"8001":11370}

There is no way to reset the traffic statistics, unless you remove the port and add it again

To use ss-manager(1), First start it and specify necessary information.

Then communicate with ss-manager(1) through UNIX Domain Socket using UDP protocol:

# Start the manager. Arguments for ss-server will be passed to generated
# ss-server process(es) respectively.
ss-manager --manager-address /tmp/manager.sock --executable $(which ss-server) -s example.com -m aes-256-cfb -c /path/to/config.json
# Connect to the socket. Using netcat-openbsd as an example.
# You should use scripts or other programs for further management.
nc -Uu /tmp/manager.sock

After that, you may communicate with ss-manager(1) as described above in the PROTOCOL section.

ss-local(1), ss-server(1), ss-tunnel(1), ss-redir(1), shadowsocks-libev(8), iptables(8), /etc/shadowsocks-libev/config.json
04/09/2022 Shadowsocks-libev 3.3.5
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.