yinqiwen / gsnova Goto Github PK

Private proxy solution & network troubleshooting tool.

License: BSD 3-Clause "New" or "Revised" License

Go 98.08% Shell 1.28% Dockerfile 0.64%

tcp quic kcp tls http2 http websocket ssh proxy transparent-proxy mitmproxy packet-capture nat p2p p2s2p low-memory

gsnova's Introduction

GSnova: Private Proxy Solution & Network Troubleshooting Tool.

                                                                    
	        ___          ___          ___          ___         ___          ___     
	       /\  \        /\  \        /\__\        /\  \       /\__\        /\  \    
	      /::\  \      /::\  \      /::|  |      /::\  \     /:/  /       /::\  \   
	     /:/\:\  \    /:/\ \  \    /:|:|  |     /:/\:\  \   /:/  /       /:/\:\  \  
	    /:/  \:\  \  _\:\~\ \  \  /:/|:|  |__  /:/  \:\  \ /:/__/  ___  /::\~\:\  \ 
	   /:/__/_\:\__\/\ \:\ \ \__\/:/ |:| /\__\/:/__/ \:\__\|:|  | /\__\/:/\:\ \:\__\
	   \:\  /\ \/__/\:\ \:\ \/__/\/__|:|/:/  /\:\  \ /:/  /|:|  |/:/  /\/__\:\/:/  /
	    \:\ \:\__\   \:\ \:\__\      |:/:/  /  \:\  /:/  / |:|__/:/  /      \::/  / 
	     \:\/:/  /    \:\/:/  /      |::/  /    \:\/:/  /   \::::/__/       /:/  /  
	      \::/  /      \::/  /       /:/  /      \::/  /     ~~~~          /:/  /   
	       \/__/        \/__/        \/__/        \/__/                    \/__/

Deprecated, use the rust version rsnova instead.

Features

Multiple transport channel support
- http/https
- http2
- websocket
- tcp/tls
- quic
- kcp
- ssh
Multiplexing
- All proxy connections running over N persist proxy channel connections
Simple PAC(Proxy Auto Config)
Multiple Ciphers support
- Chacha20Poly1305
- Salsa20
- AES128
HTTP/Socks4/Socks5 Proxy
- Local client running as HTTP/Socks4/Socks5 Proxy
Transparent TCP/UDP Proxy
- Transparent tcp/udp proxy implementation in pure golang
Multi-hop Proxy
TLS man-in-the-middle(MITM) Proxy
HTTP(S) Packet Capture for Web Debugging
- Log HTTP(S) Packets in file
- Forward HTTP(S) Packets to Remote HTTP Server
P2P/P2S2P Proxy
- P2P: Use TCP NAT tunnel for direct P2P commnunication if possible
- P2S2P: Use middle server for two peers to communication
- Use UPNP to expose port for remote p2p peer if possible.
Low-memory Environments Support
- Use less than 20MB RSS memory at client/server side

Usage

go1.9 or higher is requied.

Compile

   go get -t -u -v github.com/yinqiwen/gsnova

There is also prebuilt binary release at here

Command Line Usage

Usage of ./gsnova:
  -admin string
    	Client Admin listen address
  -blackList value
    	Proxy blacklist item config
  -client
    	Launch gsnova as client.
  -cmd
    	Launch gsnova by command line without config file.
  -cnip string
    	China IP list. (default "./cnipset.txt")
  -conf string
    	Config file of gsnova.
  -forward value
    	Forward connection to specified address
  -hosts string
    	Hosts file of gsnova client. (default "./hosts.json")
  -httpdump.dst string
    	HTTP Dump destination file or http url
  -httpdump.filter value
    	HTTP Dump Domain Filter, eg:*.google.com
  -key string
    	Cipher key for transmission between local&remote. (default "809240d3a021449f6e67aa73221d42df942a308a")
  -listen value
    	Listen on address.
  -log string
    	Log file setting (default "color,gsnova.log")
  -mitm
    	Launch gsnova as a MITM Proxy
  -ots string
    	Online trouble shooting listen address
  -p2p string
    	P2P Token.
  -pid string
    	PID file (default ".gsnova.pid")
  -ping_interval int
    	Channel ping interval seconds. (default 30)
  -pprof string
    	PProf trouble shooting listen address
  -proxy string
    	Proxy setting to connect remote server.
  -remote value
    	Next remote proxy hop server to connect for client, eg:wss://xxx.paas.com
  -servable
    	Client as a proxy server for peer p2p client
  -server
    	Launch gsnova as server.
  -stream_idle int
    	Mux stream idle timout seconds. (default 10)
  -tls.cert string
    	TLS Cert file
  -tls.key string
    	TLS Key file
  -upnp int
    	UPNP port to expose for p2p.
  -user string
    	Username for remote server to authorize. (default "gsnova")
  -version
    	Print version.
  -whitelist value
    	Proxy whitelist item config
  -window string
    	Max mux stream window size, default 512K
  -window_refresh string
    	Mux stream window refresh size, default 32K

Deploy & Run Server

   ./gsnova -cmd -server -listen tcp://:48100 -listen quic://:48100 -listen tls://:48101 -listen kcp://:48101 -listen http://:48102 -listen http2://:48103  -key 809240d3a021449f6e67aa73221d42df942a308a -user "*"

This would launch a running instance listening at serveral ports with different transport protocol.

The server can also be deployed to serveral PAAS service like heroku/openshift and some docker host service.

Deploy & Run Client

Run From Command Line

   ./gsnova -cmd -client -listen :48100 -remote http2://app1.openshiftapps.com  -key 809240d3a021449f6e67aa73221d42df942a308a

This would launch a socks4/socks5/http proxy at port 48100 and use http2://app1.openshiftapps.com as next proxy hop.

Run With Confguration

This is a sample for client.json, the Key and the ServerList need to be modified to match your server.

   ./gsnova -client -conf ./client.json

Advanced Usage

Multi-Hop Proxy

GSnova support more than ONE remote server as the next hops, just add more -remote server arguments to enable multi-hop proxy.
This would use http2://app1.openshiftapps.com as the first proxy ho and use wss://app2.herokuapp.com as the final proxy hop.

   ./gsnova -cmd -client -listen :48101 -remote http2://app1.openshiftapps.com -remote wss://app2.herokuapp.com -key 809240d3a021449f6e67aa73221d42df942a308a

Transparent Proxy

Edit iptables rules.
It's only works on linux.

MITM Proxy

GSnova support running the client as a MITM proxy to capture HTTP(S) packets for web debuging.
This would capture HTTP(S) traffic packets into local dist file httpdump.log.

   ./gsnova -cmd -client -listen :48101 -remote direct -mitm -httpdump.dst ./httpdump.log -httpdump.filter "*.google.com" -httpdump.filter "*.facebook.com"

P2P/P2S2P Proxy

P2P/P2S2P Proxy can help you to connect two nodes, and use one of them as a tcp proxy server for the other one. This feature can be used for scenarios like:

Expose any tcp based service behind a NAT or firewall to a specific node in the internet.

There are 3 nodes which should install/run gsnova, a middle server(S) with public IP address, two client nodes(A & B) behind a NAT or firewall.
For the middle server(S), run as a server with a cipher key.

   ./gsnova -cmd -server  -listen tcp://:48103 -key p2pkey -log color

For the node(B) as a proxy server, run as a client to connect server with a P2P token:

  ./gsnova -cmd -client -servable -key p2pkey -remote tcp://<server ip>:48103 -p2p testp2p  -log color

For the node(A) as a client for peer proxy server, run as a client to connect server with same P2P token:

  ./gsnova -cmd -client -listen :7788 -key p2pkey -remote tcp://<server ip>:48103 -p2p testp2p -log color

If there is no error, now the node A with listen address :7788 can be used as a http/socks4/socks5 proxy to access servers behind a NAT or firewall which node B located in.

And in gsnova, it would try to run with P2P mode first, if it's not pissible, it would use P2S2P mode which would use the middle server to forward tcp stream to remote peeer.

Mobile Client(Android)

The client side can be compiled to android library by gomobile, eg:

   gomobile bind -target=android -a -v github.com/yinqiwen/gsnova/local/gsnova

Users can develop there own app by using the generated gsnova.aar.
There is a very simple andorid app gsnova-android-v0.27.3.1.zip which use tun2socks + gsnova to build.

gsnova's People

Contributors

Stargazers

Watchers

Forkers

yourchanges undercooled jacksunsea konglonghk buming code2u chenkaigood billhongs venliong larusx zyxar elephantsaunter saycv zfdang apollooqm fanflash hedongjie xieweiking yetist ahnan4arch amoyyean channely juju2013 flydragonle colasama archs yarec dwdcth mouzon smile-ttxp bobyangchina qingjiangshui mljack andymg huokedu losmj haylon joewoo scottxcn mitsuhamiyamizu zofuthan meergod liuzhentao suoba julien-noblet git-host yaowang908 nexcafe kennedy-han code-mx mind90code thinklib digideskio tsenzhi laogg beory gitter-badger vallind yuli6800 devcodewak ccwufu carotin cxnaive hainguyen007 wz7465 yanlixin geekhuyang sonsongo llengg mscharm type-of-tool 51itclub xiaofeihe fb2kfans angler-c iseecom yxd1024 lfyg devopsmi jickylive rgxy teamy xmgu junneyang pouring meabc ipaste kuyagic eversmily magictour kirbyzhu gracenice celthi u20024804 hobbit19 jonasxiao winxxp httpsgithu paulchern letssudormrf

gsnova's Issues

heroku不能打开google了吗？

google，youtube都打不开了。有人遇到同样情况吗？

Google feedproxy 502 错误

http://feedproxy.google.com 加到 user_spac.json 第二组(c.youtube.com)，解决，同理，o-o--- youtube 也会 502 ，删掉第一组解决。

谁能发个可以直接git push 的pass。

Y大的gsnova-paas-deploy-with-dependencies-v0.26.3.tar好像没法直接用GIT部署？我这老是出错。

编译错误

bash build.sh

...

main

main/server.go:11: MAX_READ_CHUNK_SIZE redeclared in this block
previous declaration at main/launch.go:21
main/server.go:14: seed redeclared in this block
previous declaration at main/launch.go:24
main/server.go:16: handleConn redeclared in this block
previous declaration at main/launch.go:26
main/server.go:21: handleServer redeclared in this block
previous declaration at main/launch.go:31
main/server.go:31: startLocalProxyServer redeclared in this block
previous declaration at main/launch.go:41

还有 git submodule update --init 时

No submodule mapping found in .gitmodules for path 'src/github.com/nsf/gocode'

common/event 404

gae编译失败，
web.go:12: can't find import: "github.com/yinqiwen/gsnova/common/event"
--- end server output ---
打开发现真的不存在
https://github.com/yinqiwen/gsnova/common/event

twitter无法访问，请问如何导入证书？

访问facebook.com时也会有提示说证书问题，但是可以强制访问，
但是访问twitter.com时，就没有强制按钮。
看到有些地方说需要导入证书可以解决，能否详细说明原理与步骤。

谢谢

can't visit Google

2015/11/20 15:24:01 google.go:97: Session[199]Request CONNECT https://mtalk.google.com:5228
2015/11/20 15:24:01 dispatch.go:111: Session[199][WARN][GoogleHttps]Failed to request proxy event for reason:No google proxy reachable:dial tcp 173.194.72.199:443: i/o timeout
2015/11/20 15:24:01 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:2 stop working
2015/11/20 15:24:01 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:2 start working
2015/11/20 15:24:03 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:0 recv invalid res:<nil>
2015/11/20 15:24:04 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:0 stop working
2015/11/20 15:24:04 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:0 start working
2015/11/20 15:24:06 forward.go:134: Failed to dial address:mtalk.google.com:5228 for reason:No available IP found for mtalk.google.com:5228
2015/11/20 15:24:06 forward.go:201: Failed to connect forward address for mtalk.google.com:5228.
2015/11/20 15:24:06 dispatch.go:111: Session[199][WARN][Forwardhttp://mtalk.google.com:5228]Failed to request proxy event for reason:No available IP found for mtalk.google.com:5228
2015/11/20 15:24:06 c4.go:274: Session[199] Request CONNECT https://mtalk.google.com:5228
2015/11/20 15:24:12 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:2 recv invalid res:<nil>
2015/11/20 15:24:13 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:2 stop working
2015/11/20 15:24:13 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:2 start working
2015/11/20 15:24:14 google.go:97: Session[200]Request CONNECT https://www.google.com:443
2015/11/20 15:24:14 dispatch.go:111: Session[200][WARN][GoogleHttps]Failed to request proxy event for reason:No google proxy reachable:dial tcp 64.233.187.86:443: i/o timeout
2015/11/20 15:24:14 forward.go:134: Failed to dial address:www.google.com:443 for reason:No available IP found for www.google.com:443
2015/11/20 15:24:14 forward.go:201: Failed to connect forward address for www.google.com:443.
2015/11/20 15:24:14 dispatch.go:111: Session[200][WARN][Forwardhttp://www.google.com:443]Failed to request proxy event for reason:No available IP found for www.google.com:443
2015/11/20 15:24:14 c4.go:274: Session[200] Request CONNECT https://www.google.com:443
2015/11/20 15:24:15 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:0 recv invalid res:<nil>
2015/11/20 15:24:16 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:0 stop working
2015/11/20 15:24:16 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:0 start working
2015/11/20 15:24:16 google.go:97: Session[201]Request CONNECT https://www.google.com:443
2015/11/20 15:24:16 dispatch.go:111: Session[201][WARN][GoogleHttps]Failed to request proxy event for reason:No google proxy reachable:dial tcp 74.125.23.100:443: i/o timeout
2015/11/20 15:24:22 forward.go:134: Failed to dial address:www.google.com:443 for reason:No available IP found for www.google.com:443
2015/11/20 15:24:22 forward.go:201: Failed to connect forward address for www.google.com:443.
2015/11/20 15:24:22 dispatch.go:111: Session[201][WARN][Forwardhttp://www.google.com:443]Failed to request proxy event for reason:No available IP found for www.google.com:443
2015/11/20 15:24:22 c4.go:274: Session[201] Request CONNECT https://www.google.com:443
2015/11/20 15:24:23 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:2 recv invalid res:<nil>
2015/11/20 15:24:24 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:2 stop working
2015/11/20 15:24:24 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:2 start working
2015/11/20 15:24:26 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:0 recv invalid res:<nil>
2015/11/20 15:24:27 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:0 stop working
2015/11/20 15:24:27 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:0 start working
2015/11/20 15:24:34 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:2 recv invalid res:<nil>
2015/11/20 15:24:35 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:2 stop working
2015/11/20 15:24:35 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:2 start working
2015/11/20 15:24:36 c4.go:173: Session[201]Remote www.google.com:443 connection closed, current proxy addr:www.google.com:443
2015/11/20 15:24:42 google.go:97: Session[202]Request CONNECT https://www.google.com:443
2015/11/20 15:24:45 c4_http.go:151: Pull worker[evening-basin-7128.herokuapp.com]:2 recv invalid res:<nil>
2015/11/20 15:24:46 c4_http.go:160: Pull worker[evening-basin-7128.herokuapp.com]:2 stop working
2015/11/20 15:24:46 c4_http.go:147: Pull worker[evening-basin-7128.herokuapp.com]:2 start working
2015/11/20 15:24:48 forward.go:79: Found 192.30.252.128:443 for github.com:443
2015/11/20 15:24:48 forward.go:205: Session[203]Request CONNECT https://github.com:443
2015/11/20 15:24:49 forward.go:79: Found 54.175.100.133:443 for collector.githubapp.com:443
2015/11/20 15:24:50 forward.go:205: Session[204]Request CONNECT https://collector.githubapp.com:443
2015/11/20 15:24:50 forward.go:79: Found 192.30.252.125:443 for api.github.com:443
2015/11/20 15:24:51 forward.go:205: Session[206]Request CONNECT https://api.github.com:443
2015/11/20 15:24:53 google.go:97: Session[205]Request CONNECT https://clients1.google.com:443
2015/11/20 15:24:53 dispatch.go:111: Session[205][WARN][GoogleHttps]Failed to request proxy event for reason:No google proxy reachable:dial tcp 74.125.203.199:443: i/o timeout

编译问题

archlinux最新版, go1.1.2, 说是yinqiwen/src/github.com源码找不到

linux出的feature版里没有32位真是相当地奇怪. 一般而言都是32位的bin能在64位的机器上跑, 反过来却不行. 所以这样出的release相当欠妥.

试试 openshift docker 部署 gsnova-paas

https://github.com/wangyi2005/gsnova-paas

skype无法通过gsnova的https代理，什么原因？

用的herokuapp.com搭建[C4]服务，客户端是Proxifer+gsnova，gsnova日志：

...
...
2014/01/12 19:41:16 c4.go:273: Session[502] Request CONNECT https://65.55.223.22:33033
2014/01/12 19:41:17 c4.go:273: Session[503] Request CONNECT https://157.55.56.167:33033
2014/01/12 19:41:18 c4.go:273: Session[504] Request CONNECT https://65.55.223.22:443
2014/01/12 19:41:18 c4.go:273: Session[505] Request CONNECT https://157.55.130.175:33033
2014/01/12 19:41:19 c4.go:273: Session[506] Request CONNECT https://157.55.56.167:443
2014/01/12 19:41:19 c4.go:273: Session[507] Request CONNECT https://157.55.56.174:33033
2014/01/12 19:41:20 c4.go:273: Session[508] Request CONNECT https://157.55.130.175:443
2014/01/12 19:41:20 c4.go:273: Session[509] Request CONNECT https://157.56.52.33:33033
2014/01/12 19:41:21 c4.go:273: Session[510] Request CONNECT https://157.55.56.174:443
2014/01/12 19:41:22 c4.go:273: Session[511] Request CONNECT https://157.56.52.33
...
...

Proxifer一直连接中，没有响应。

是gsnova无法支持skype吗？

Feedly支持问题

gsnova代理下打开http://cloud.feedly.com/#latest
提示error:405
而使用goagent页面正常载入无错误提示

用arm版报错？

报错信息如下：
dial websocket error:x509: failed to load system roots and no roots provided
2016/12/26 11:03:02 Channel[0] connect wss://.herokuapp.com failed:x509: failed to load system roots and no roots provided.
2016/12/26 11:03:03 Channel[0] auth failed since remote server disconnect.
2016/12/26 11:03:03 [ERROR]Failed to connect [0]wss://.herokuapp.com for reason:Server:wss://.herokuapp.com auth failed.
2016/12/26 11:03:03 Proxy channel(PAAS):heroku init failed with reason:Failed to auth wss://*.herokuapp.com

请问 pass 去哪了？

@yinqiwen

大改了，是不是不支持（heroku）pass 了？谢谢！

不具备从源码安装的条件

原因：如今连github也被墙了，golang代码编译时依赖的类库又是在github上的，根本就是个死循环。
download李提供的二进制版本又没有包含linux386、freebsd386 、freebsdamd64 这3个常用版本，这让人情何以堪啊。。。

无法连接到facebook

服务器使用github最新版 nodejs (也试过google code 上的版本 )
客户端使用 0.19.4
安装在cloudfoundry上正常

└─(09:32:29)──> ./gsnova ──(一, 121)─┘
2013/01/21 09:32:33 hosts.go:156: Init AutoHost.
2013/01/21 09:32:33 google.go:439: Init Google.
2013/01/21 09:32:33 c4.go:448: Init C4.
2013/01/21 09:32:33 c4.go:437: UserToken is a8:20:66:02:29:89
2013/01/21 09:32:34 c4.go:113: Session[0]Role:push unexpected response 404 Not Found for backdoor.cloudfoundry.com
2013/01/21 09:32:34 launch.go:93: [WARN]Failed to init GAE:GAE not inited since [GAE] Enable=0
2013/01/21 09:32:34 launch.go:98: =============Start gsnova 0.19.4==============
2013/01/21 09:32:34 launch.go:52: Listen on address localhost:48100
2013/01/21 09:32:34 launch.go:52: Listen on address localhost:48102
2013/01/21 09:32:38 local_hosts.go:56: Fetch remote clound hosts:https://snova.googlecode.com/svn/trunk/repository/cloud_hosts.conf
2013/01/21 09:32:38 spac.go:357: Generate PAC from gfwlist https://autoproxy-gfwlist.googlecode.com/svn/trunk/gfwlist.txt
2013/01/21 09:32:38 spac.go:314: Fetch remote clound spac rule:https://snova.googlecode.com/svn/trunk/repository/cloud_spac.json
2013/01/21 09:32:38 google.go:317: Session[7]Request CONNECT https://snova.googlecode.com:443
2013/01/21 09:32:43 google.go:317: Session[8]Request CONNECT https://snova.googlecode.com:443
2013/01/21 09:32:43 google.go:317: Session[9]Request CONNECT https://smarthosts.googlecode.com:443
2013/01/21 09:32:45 c4.go:310: Session[10]Request GET http://www.google.com.hk/complete/search?client=chrome&hl=en-US&q=fa&sugkey=AIzaSyCLlKc60a3z7lo8deV-hAyDU7rHYgL4HZg
2013/01/21 09:32:45 c4.go:310: Session[11]Request GET http://www.google.com.hk/complete/search?client=chrome&hl=en-US&q=fac&sugkey=AIzaSyCLlKc60a3z7lo8deV-hAyDU7rHYgL4HZg
2013/01/21 09:32:45 c4.go:113: Session[10]Role:pull unexpected response 404 Not Found for backdoor.cloudfoundry.com
2013/01/21 09:32:45 c4.go:310: Session[12]Request GET http://www.google.com.hk/complete/search?client=chrome&hl=en-US&q=face&sugkey=AIzaSyCLlKc60a3z7lo8deV-hAyDU7rHYgL4HZg
2013/01/21 09:32:46 c4.go:113: Session[11]Role:pull unexpected response 404 Not Found for backdoor.cloudfoundry.com
2013/01/21 09:32:46 c4.go:310: Session[15]Request CONNECT https://www.facebook.com:443
2013/01/21 09:32:46 c4.go:310: Session[16]Request CONNECT https://www.facebook.com:443
2013/01/21 09:32:46 c4.go:310: Session[14]Request CONNECT https://www.facebook.com:443
2013/01/21 09:32:46 c4.go:310: Session[17]Request CONNECT https://www.facebook.com:443
2013/01/21 09:32:46 c4.go:310: Session[13]Request GET http://www.facebook.com/
2013/01/21 09:32:47 c4.go:113: Session[16]Role:pull unexpected response 404 Not Found for backdoor.cloudfoundry.com
2013/01/21 09:32:47 c4.go:113: Session[13]Role:pull unexpected response 404 Not Found for backdoor.cloudfoundry.com
2013/01/21 09:32:48 c4.go:113: Session[11]Role:pull unexpected response 404 Not Found for backdoor.cloudfoundry.com

请问各位大神怎样部署gae服务端？

说一下步骤也行，谷歌半天没有可参考的教程。paas须好，但是担心帐号问题。谢谢

Is the sniproxy function for PaaS deprecated in version 0.28.0?

Looks like this project still keeps the string 'SNIProxy' ,however I cannot estabish websocket connection through a sni proxy via configuring client.json as follows, which works well for version 0.26.3：

"Channel":[
{
"Enable":true,
"Name":"heroku-websocket",
//Allowed server url with schema 'http/http2/https/ws/wss/tcp/tls/quic/kcp/ssh'
//"ServerList":["quic://1.1.1.1:48101"],
"ServerList":[
"wss://example.herokuapp.com"
],
"SNI": ["herokuapp.com"],
"SNIProxy" : "cn_sni_proxy",
//"ServerList":["tcp://127.0.0.1:18080"],
//"ServerList":["ssh://[email protected]:22?key=./PPP"],
//if u are behind a HTTP proxy
"Proxy":"",
"ConnsPerServer":3,
//Unit: second
"DialTimeout":6,
//Unit: second
"ReadTimeout":15,
//Reconnect after 120s
"ReconnectPeriod": 300,
//ReconnectPeriod rand adjustment, the real reconnect period is random value between [P - adjust, P + adjust]
"RCPRandomAdjustment" : 10,
//Send heartbeat msg to keep alive
"HeartBeatPeriod": 30,
"Compressor":"none"
},

Although sniproxy is specified in client.json & hosts.json respectively, the client in version 0.28.0 ignore that and still connect wss server directly. Is the sniproxy function for PaaS deprecated in version 0.28.0?

GAE ipv6支持问题

请问gsnova支持gae ipv6吗？

openshift部署的APP无法使用

yinqiwen你好，，这是我部署的 http://gsnova-liupanshan-liupanshan.7e14.starter-us-west-2.openshiftapps.com/

客户端如下显示：
owed proxy channel with schema:[http http2 https kcp quic ssh tcp tls ws wss]
2017/09/23 01:10:56 proxy.go:281: Proxy channel:direct init success
2017/09/23 01:10:56 dns.go:136: DNS query gsnova-liupanshan-liupanshan.7e14.starter-us-west-2.openshiftapps.com to 208.67.222.222:443
2017/09/23 01:10:57 dial.go:100: Connect tcp://gsnova-liupanshan-liupanshan.7e14.starter-us-west-2.openshiftapps.com:443 success.
2017/09/23 01:10:58 ws.go:34: dial websocket error:websocket: bad handshake
2017/09/23 01:10:58 proxy.go:272: [ERROR]Failed to create mux session for wss://gsnova-liupanshan-liupanshan.7e14.starter-us-west-2.openshiftapps.com/:0 with reason:websocket: bad handshake
2017/09/23 01:10:58 proxy.go:286: [ERROR]Proxy channel:heroku-websocket init failed
2017/09/23 01:10:58 proxy.go:409: Started GSnova r11.
2017/09/23 01:10:58 local_server.go:249: Listen on address :48100
2017/09/23 01:10:58 local_server.go:249: Listen on address :48101
2017/09/23 01:10:58 local_server.go:249: Listen on address :48102
2017/09/23 01:11:48 local_server.go:180: Failed to open stream for reason:No proxy found to get mux session by proxy:heroku-websocket
--------------------------------------------------------帮我看看谢谢

gsnova gae服务端部署成功，请问大神客户端google ip 填在哪里，谢谢给个配置文件

client.json
"Enable":true,
"Type":"direct",
"Name":"TLSDirect",
"SNI":["www.google.com.hk", "www.google.co.jp"],
"ForceTLS":true
},
{
"Enable":true,
//'reject' channel would reject all traffic
"Type":"reject",
"Name":"Reject"
},
{
"Enable":true,
"Type":"gae",
"Name":"mygae",
"ServerList":["appid"],
"SNI":["www.google.com.hk", "www.google.co.jp"],
//Unit: second
"DialTimeout":5,
//Unit: second
"ReadTimeout":15
hosts.json

//this is just a example, do not use the ip in your env

//"sni_proxy":["10.10.10.10", "11.11.11.11"],
// "cn_sni_proxy" :["10.10.10.10", "11.11.11.11"],
// "google_https":["sni_proxy"],
// "*.appspot.com":["sni_proxy"],
// "*.google.com":["google_https"],
// "*.googlevideo.com":["google_https"],
// "*.gstatic.com":["google_https"],
// "*.googleusercontent.com":["google_https"],
// "*.ytimg.com":["google_https"],

不明白怎样配置google ip 的位置，用gae模式翻墙.
2.如果用gae+sni 应该如何配置，，谢谢大神指教！

use bufio.Reader may error

func ServConn(local_reader *bufio.Reader, local *net.TCPConn, dialer Dialer) error {
connections.Add(1)
defer local.Close()
defer connections.Done()

// SOCKS does not include a length in the header, so take
// a punt that each request will be readable in one go.
buf := make([]byte, 256)
n, err := local_reader.Read(buf)
if err != nil || n < 2 {
    //log.Printf("[%s] unable to read SOCKS header: %v", local.RemoteAddr(), err)
    return fmt.Errorf("[%s] unable to read SOCKS header: %v", local.RemoteAddr(), err)
}
buf = buf[:n]

.......
see http://golang.org/pkg/bufio/#Reader.Read
It calls Read at most once on the underlying Reader, hence n may be less than len(p).
if local_reader.Read(buf) return 4 bytes, it may fall, is it?

SPAC和Google https搜索重定向问题

主要体现为：
搜索：https://encrypted.google.com/search?q=keyword
会被重定向到：http://encrypted.google.com.hk/url?sa=p&hl=zh-CN&pref=hkredirect&pval=yes&q=http://encrypted.google.com.hk/search%3Fq%3Dkeyword&ust=xxxxxxxxxxxxxxxx&usg=xxxxxxxxxxxxxxxxxxxxxx

错误页面提示：
503. That’s an error.

The service you requested is not available at this time.

Service error -27. That’s all we know.

发现关闭SPAC之后就能正常搜索
请问这是为什么呢？

另外发现即便是[host] 和[spac]中的enable被设置为0的情况下
开启程序后依然会
fetch hosts and pac

请问能不能加一个选项允许用户彻底不加载这两个内容(remote hosts and pac)

user_spac.json里设置twitter规则貌似无效

user_spac.json

  {
    "Host" : ["accounts.youtube.com", "twitter.com", "login.yahoo.com"],
    "Proxy":["socks://127.0.0.1:3439", "SSH"]
  },

log

2013/03/03 10:35:58 gae.go:526: Session[1]Request CONNECT https://twitter.com:443

显示twitter.com还是连接到gae,而不是走自定义代理.

如果走自定义代理的话,应该就不需要导入证书了吧?
我拿https://login.yahoo.com/测试了下,貌似的确可以.

2013/03/03 10:45:45 ssh.go:105: Session[6]Request CONNECT https://login.yahoo.com:443

不晓得twitter.com规则是命中cloud_spac.json的规则,还是snova-gfwlist.pac里的规则,这个命中规则希望有熟悉的朋友能够讲解下

请教新版本下admin.bat管理问题

一年前我安装过snova，最近部署为gsnova 0.22版，准备修改root密码

可是发现Google Code上面的Java包里面和原来不一样，没有了admin.bat，于是我使用0.21版本的admin.bat

打开后，输入appid，root，密码
然后提示如下错误
java.lang.NullPointerException
at org.snova.framework.admin.gae.GAEAdmin.runGAEAdmin.java:169
at org.snova.framework.admin.Admin.mainAdmin.java:68
null

然后点击回车退出

请问作者新版本下要如何使用admin.bat，这个错误又是什么原因？

自动弹出的web页中的拼写错误

You can use snova admin tool to control traffic and blacklist for 'anonymouse'.

应该是：anonymous吧？还是作者故意如此？

另外，是否我自己搭建的GAE服务端是会自动共享给他人的？

另外上面说的这个对anoymous的blacklist命令要如何使用？

(PS: 我觉得很有可能作者在程序里面也把这个拼写弄错了，不仅仅是网页，希望能够改正一下)

@devcodewak 大，@jzp820927兄弟专家请进，谢谢指导！

Snova-C4-NodeJS openshiftv2 服务端用gsnova-0.23.1 客户端怎样配置用sni 加速 ..https模式，先谢过！

Several question about server.conf

Readme tells little about server.conf and client.conf.

Howto generate key used for encryption ?
Can cipher be defined at server.conf ? Or server will auto-match client setting ?
Can application layer packet encryption be disabled and only use TLS or QUIC (transport layer) for security ?

What does "UDPGW" do ?
What does local "Admin" do ?

编译的问题

我之前编译成功过，用的是ubuntu 12.10 X64,现在用ubuntu 13.04 X64一直编译通不过

github.com/yinqiwen/gsnova/src/main
main
#  main

/var/tmp/go-link-nXKOkG/000000.o: file not recognized: File format not recognized
collect2: error: ld returned 1 exit status
/usr/local/go/pkg/tool/linux_amd64/6l: running gcc failed: unsuccessful exit status 0x100
#  github.com/yinqiwen/gsnova/src/main

/var/tmp/go-link-y1YzQG/000000.o: file not recognized: File format not recognized
collect2: error: ld returned 1 exit status
/usr/local/go/pkg/tool/linux_amd64/6l: running gcc failed: unsuccessful exit status 0x100

这是我认为比较关键的出错信息，是在看不懂，难道是gcc的原因？

这READEME看得揪心，愣是搞不懂怎么编译

话说提供一个完善的自动编译脚本不行吗？我虽然对go不熟悉，但也不至于看了半天还搞不定吧。

ubuntu 14.04 i686

这个项目是不是不需要安装Java？

原来用过snova，本地端需要安装Java环境，请问这个项目是不是不需要Java环境？
那样的话真的方便多了

求助：android 0.28.0 配置同步失败

提示 no updates from conf server:224.0.0.1:48100

能否请作者发布一个新编译版的Gsonva 0.22版

#17
正如上面这个issue所提，此版本不能播放youtube视频，我不知道要怎么编译，按照首页的教程试了一下，还是没有成功，能不能请作者发布一个改进版的 0.22版本？

请作者发布一个编译版的Gsnova 0.23.1???

之前的0.22.1里面有gsnova可执行文件，在苹果OSX下可用start指令运行，可最新版没了，苹果系统下还得装GO语言先编译，麻烦作者能否发布一个编译版？？？谢谢！

refactor C4 后，服务器无法连接

c4.go:107: Unexpected response 405 Method Not Allowed for xxxx

服务器版本已经是最新的 0.16.1 。

是否支持socks5代理？

我去snova项目地址看了下，说是go语言版支持。

[建议] gsnova 的 spac 语法改成 TOML

https://github.com/mojombo/toml

看上去好像配置起来会比 json 舒服一些。

Logger.go bad file descriptor 修复？

#31 #43 两处 OpenFile ，我这里 freebsd 都会产生 bad file descriptor 错误，改成

os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644

这边日志文件就能正常写入了。我看了下 golangnut 邮件列表好像也有人遇到类似问题，也是说需要 O_CREATE 配合 RW 那三个掩码。

gsnova0.26.4 如何部署到heroku 然后Android能用呢？

gsnova-paas-deploy-with-dependencies-v0.26.4.tar.bz2 里面哪些要改？
gsnova_android-v0.26.4.apk里面貌似都是默认的选项貌似也没啥要改的。 T。T 好难啊~~

0.22.0版，GAE下载youtube视频会reset

日志出错的部分：

2013/03/27 09:19:59 gae.go:405: Session[1]Request GET http://www.youtube.com/watch?feature=player_embedded&v=ibPziLRGvkg
2013/03/27 09:20:00 range.go:332: Session[1]Recv res:200 map[X-Youtube-Visitor:[pcp1H23Vt3Q] X-Youtube-Experiment:[;922912;902000;919512;913605;931202;900821;900823;931203;931401;908529;919373;930803;906836;920201;929602;930101;930603;900824;910223] Date:[Wed, 27 Mar 2013 01:19:59 GMT] Cache-Control:[no-cache] Server:[gwiseguy/2.0] X-Google-Cache-Control:[remote-fetch] Set-Cookie:[SID=DQAAAL0AAAB0fxdzRwEgnInzeH2aVR-nghvLbSfOl8elF7izqkIV8gbyjtSpPgL_S4GHaXNRvhrLHnAkCo9kEEQDcCifnCuPLOVHlW93GTaKlkn7b0TQeXm-xughS4rfPbS-88bhhAAMS_13G-RFU79ehpbD1-E_KtFJAIw51o-x2BswpjqrN7AevNuRj2PqtpnY0wb5jBjV-N9ohmj7WjFnK0ymy-kINri8Y2-0I3laA7lvzBm6XkoBG0BwR86pGL_zbmZj7oc; path=/; domain=.youtube.com; expires=Sat, 25-Mar-2023 01:19:59 GMT] Expires:[Tue, 27 Apr 1971 19:44:06 EST] Content-Length:[26949] P3p:[CP="This is not a P3P policy! See http://support.google.com/accounts/bin/answer.py?answer=151657&hl=en-US for more info."] Content-Encoding:[gzip] Via:[HTTP/1.1 GWA] X-Xss-Protection:[1; mode=block] Content-Type:[text/html; charset=utf-8] X-Youtube-Other-Cookies:[VISITOR_INFO1_LIVE=pcp1H23Vt3Q;LOGIN_INFO=39;PREF=al=zh-CN&fv=11.2.202&f1=50000000] X-Content-Type-Options:[nosniff] X-Frame-Options:[SAMEORIGIN]]
2013/03/27 09:20:00 gae.go:405: Session[2]Request GET http://www.youtube.com/watch?v=ibPziLRGvkg&additional=noparsemeplease
2013/03/27 09:20:01 gae.go:405: Session[3]Request GET http://r14---sn-p5q7ynle.c.youtube.com/generate_204?ms=au&ip=74.125.184.86&cp=U0hVSVNRV19GUkNONV9LS0FHOnR6bzVIMzdBdjJV&mt=1364347155&factor=1.25&key=yt1&source=youtube&upn=IkHhog33ktk&mv=m&sparams=algorithm%2Cburst%2Ccp%2Cfactor%2Cid%2Cip%2Cipbits%2Citag%2Csource%2Cupn%2Cexpire&id=89b3f388b446be48&newshard=yes&sver=3&ipbits=8&fexp=922912%2C902000%2C919512%2C913605%2C931202%2C900821%2C900823%2C931203%2C931401%2C908529%2C919373%2C930803%2C906836%2C920201%2C929602%2C930101%2C930603%2C900824%2C910223&signature=AB88C68AA6F6DFF27875103B2C07CC32BCCBDC70.8F48CCBBFEA2943BE075465005E21FA4810431C2&itag=35&algorithm=throttle-factor&burst=40&expire=1364369618
2013/03/27 09:20:01 range.go:332: Session[2]Recv res:200 map[Content-Type:[text/html; charset=utf-8] Content-Length:[27387] Set-Cookie:[SID=DQAAALwAAAB0fxdzRwEgnInzeH2aVR-naEUszbYx7caWheKAnkEC8esABi0cb6ez1CZj-ysTJzKn96d_hI7_WefDRnJ0cs7DXLJbKhPsR2f6zZbldLhygWVXJv3p8l0J99ti2xjj3gHxRiV5PrDtWSFFOMEjoUT-qAicKqBY0bgb_a2JsT8FXYpdhY2uwm3VUEW2MSWe6J6ZUQCVU7MSti4MbIHHg9jnaRaU5_It4tSsOfFkOU0YSlgCfqXjfOlgTM5QKvKO0sc; path=/; domain=.youtube.com; expires=Sat, 25-Mar-2023 01:20:00 GMT] Expires:[Tue, 27 Apr 1971 19:44:06 EST] X-Youtube-Experiment:[;922912;902000;919512;913605;931202;900821;900823;931203;931401;908529;919373;930803;906836;920201;929602;930101;930603;900824;910223] Cache-Control:[no-cache] Content-Encoding:[gzip] Via:[HTTP/1.1 GWA] X-Google-Cache-Control:[remote-fetch] X-Frame-Options:[SAMEORIGIN] P3p:[CP="This is not a P3P policy! See http://support.google.com/accounts/bin/answer.py?answer=151657&hl=en-US for more info."] Date:[Wed, 27 Mar 2013 01:20:01 GMT] X-Youtube-Other-Cookies:[VISITOR_INFO1_LIVE=pcp1H23Vt3Q;LOGIN_INFO=39;PREF=al=zh-CN&fv=11.2.202&f1=50000000] X-Youtube-Visitor:[pcp1H23Vt3Q] Server:[gwiseguy/2.0] X-Content-Type-Options:[nosniff] X-Xss-Protection:[1; mode=block]]
2013/03/27 09:20:02 range.go:332: Session[3]Recv res:204 map[Server:[GFE/2.0] Date:[Wed, 27 Mar 2013 01:20:02 GMT] X-Google-Cache-Control:[remote-fetch] Content-Type:[text/html; charset=UTF-8] Content-Length:[0] Via:[HTTP/1.1 GWA]]

现在GAE的go版本还无法使用ConnectionMode=HTTPS，请问有可能得到支持吗？

用最新源码部署 GAE 服务端报错了

10:16 PM Error 422: --- begin server output ---
Compile failed:
2016/09/29 07:16:11 go-app-builder: build timing: 8×compile (1.586s total), 0×link (0 total)
2016/09/29 07:16:11 go-app-builder: failed running compile: exit status 1

web.go:68: undefined: c
--- end server output ---
10:16 PM Rolling back the update.
Error 422: --- begin server output ---

--- end server output ---

关于透明代理的UDP部分

我在配置文件的 Proxy 节点里设置了 Transparent 为true 端口假设为 6060
然后启动后通过 netstat -ntplu 查看并没有看到程序在UDP 监听6060 端口

请问 iptables 这个转发要怎么写理解中是用 TPROXY 来实现的udp转发但是需要程序监听对应的UDP端口

谢谢.

vps(arukas) HTTPProxy ---- No proxy found

已在 client.json 里把 HTTPProxy 改为 "Proxy":"http://127.0.0.1:8087"

日志

travis-ci deploy 出错

Can't ssh into AWS instance.

无法通过SSH的方式使用AWS的虚拟机。报错如下：
2014/03/06 16:15:22 ssh.go:281: Init SSH.
2014/03/06 16:15:22 ssh.go:362: Invalid SSH server url:ssh://[email protected]:22/?i=aws.pem to connect for reason:dial tcp: missing address

尝试了很多组合，带端口、不带端口；私钥文件相对路径、绝对路径都不正确。

SSH中断问题

我启用了SSH（为了看 vimeo），买的廉价SSH所以不是很稳定会断，好像 gsnova 当 SSH 断开时不会自动重连？我只能重开 gsnova 。

paas,sniproxy,hosts相关

hosts.json里只配置sniproxy，client.json里也配置了sniproxy，log里有connect的记录，但是连接速度明显是直连的，hosts.json配置上加上
"google_https":["sni_proxy"],
*.googlevideo.com":["google_https"],
速度就上去了，但是这是走的TSLDirect，那就是说现在的paas是默认不走sniproxy了吗？因为看现在http站点访问也没什么问题了，故有此一问。那要是不走sniproxy，log里connect是怎么回事呢，要想走sniproxy，client.json又该怎么配置？