Hackage :: [Package]

moesocks: A functional firewall killer

[ apache, network, program ] [ Propose Tags ]

A socks5 proxy using the client / server architecture.

[Skip to Readme]

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

Versions [RSS] 0.1.0.0, 0.1.0.1, 0.1.0.2, 0.1.0.3, 0.1.0.4, 0.1.0.5, 0.1.0.6, 0.1.0.7, 0.1.0.8, 0.1.0.9, 0.1.0.10, 0.1.0.11, 0.1.0.12, 0.1.0.13, 0.1.0.14, 0.1.0.15, 0.1.0.16, 0.1.0.17, 0.1.0.18, 0.1.0.19, 0.1.0.20, 0.1.0.21, 0.1.0.22, 0.1.0.23, 0.1.0.24, 0.1.0.25, 0.1.0.26, 0.1.0.27, 0.1.1.0, 0.1.1.10, 0.1.1.20, 0.1.1.30, 0.1.1.31, 0.1.1.32, 0.1.2.0, 0.1.2.10, 0.1.2.20, 0.1.2.30, 1.0.0.0, 1.0.0.1, 1.0.0.10, 1.0.0.20, 1.0.0.30, 1.0.0.40, 1.0.0.41, 1.0.0.42, 1.0.0.43, 1.0.0.44, 1.0.1.0
Change log CHANGELOG.md
Dependencies aeson, async, attoparsec, base (>4 && <=5), binary, bytestring, containers, cryptohash, hslogger, HsOpenSSL, iproute, lens, lens-aeson, mtl, network, optparse-applicative, random, stm, strict, text, time, transformers, unix, unordered-containers [details]
License Apache-2.0
Copyright Copyright (C) 2015 Jinjing Wang
Author Jinjing Wang
Maintainer Jinjing Wang <nfjinjing@gmail.com>
Category Network
Home page https://github.com/nfjinjing/moesocks
Source repo head: git clone git://github.com/nfjinjing/moesocks.git
Uploaded by JinjingWang at 2015-08-31T03:03:44Z
Distributions
Reverse Dependencies 1 direct, 0 indirect [details]
Executables moesocks
Downloads 30801 total (137 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs not available [build log]
Last success reported on 2015-11-23 [all 6 reports]

Readme for moesocks-0.1.1.31

[back to package description]

MoeSocks

A socks5 proxy using the client / server architecture.

MoeSocks is greatly inspired by shadowsocks and can be used in place of it.

Installation

  • Need GHC 7.10.2 and cabal-install.

    Installing haskell-platform should be sufficient. (Linux users should pick the Generic distribution, since it's the most up to date)

  • Repeat, you need GHC 7.10.2 exactly, not 7.10.1 or anything else, since remote only runs well in 7.10.2.

  • Update packages

      cabal update

  • Install

      cabal install moesocks

  • Add ~/.cabal/bin to your $PATH, if you haven't already.

Usage

  • Download a sample config.json to your current path

  • Edit config.json to fit your setup (at least the remote and password fields)

  • Start a remote node outside a firewall:

      moesocks --role remote -c config.json

  • Start a local node inside a firewall:

      moesocks --role local -c config.json

  • Now you have a socks5 proxy running inside a firewall using port localPort.

  • Shadowsocks compatible obfuscation can be turned on with the -o flag to make statistical analysis on packet length a bit more confusing.

  • See more options:

      moesocks --help

  • You might want to run moesocks under some kind of a supervising daemon to auto restart the program if it crashes, likely due to #10590, the fix of which was not included in the 7.10.2 release.

Features

  • Socks5 proxy service, obviously
  • TCP port forwarding
  • UDP port forwarding, for example -U 5300:8.8.8.8:53
  • TCP per connection throttling (as a side effect of trying to find a bug in the remote)
  • Socks5 service on local can be turned off
  • Understand shadowsocks' configuration file

Drawbacks

  • UDP over Socks5 is not implemented
  • More then 2 times slower then the original Python implementation (measured at 20M/s vs 43M/s on an Intel P8800, using the AES-256-CFB method)

TCP Fast Open (TFO)

TFO means faster response in this case

Both local and remote will use TFO when instructed. If the browser in use and the website to visit both support TFO, you can enjoy TFO all the way through. This could lead to a huge reduction of latency.

Enable TFO in your OS runtime.

On Linux 3.7+, to check the availability of TFO:

cat /proc/sys/net/ipv4/tcp_fastopen

On Linux 3.7+, to enable TFO (as root):

echo 3 > /proc/sys/net/ipv4/tcp_fastopen

Enable TFO in MoeSocks

TFO can be turned on by adding a "fastOpen":true field in config.json or specifying a --fast-open flag in the command line arguments.

Verify

Use tcpdump on the remotePort, check for that SYN should start to carry payload. An example command is:

tcpdump port 8388 -i any -X -v

Credits

  • shadowsocks greatly inspired MoeSocks. Shadowsocks introduced a ground breaking design and implementation to bypass Internet censorship in China.
  • shadowsocks-haskell by rnons, another implementation of shadowsocks in Haskell, also greatly inspired MoeSocks. Much of the understanding of the internal of shadowsocks was gained by reading rnons's implementation.

License

Copyright 2015 Jinjing Wang

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.