aboutsummaryrefslogtreecommitdiff
path: root/net/shadowsocks-libev/files
Commit message (Collapse)AuthorAge
* shadowsocks-libev: support ss-server option local_{ipv4,ipv6}_addressYousong Zhou2020-08-03
| | | | | | | | | | | | | | | | At the moment ss-server seems to be the only component using these two options. It also accepts "local_address" of either ip4 or ip6 address, but the meaning is different from that of ss-local, ss-tunnel etc. where it is for listen bind With this commit, we start deprecation process of uci option "bind_address". The name was replaced with "local_addr" in upstream project commit 5fa98a66 ("Fix #1911") and available as json config option "local_address". This upstream change was released in 3.2.0 Link: https://github.com/shadowsocks/shadowsocks-libev/commit/4a42da641b6e0039497998614e84c94205939c24 Link: https://github.com/openwrt/packages/issues/12931 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ignore error from flushing route tableYousong Zhou2020-05-06
| | | | | | | | | | | | | | | | | | | | | | | | Linux kernel and iproute2 together now implement strict checking of the existence of route tables. Previously kernel does not support filtering by table id, now it does and will error with nlmsgerr "ipv4: FIB table does not exist". Previously iproute2 dump all routes and filter by table id in userspace, now this has changed with iproute2 commit c7e6371bc4af ("ip route: Add protocol, table id and device to dump request") Error scene root@OpenWrt:/# ip route flush table 100 Error: ipv4: FIB table does not exist. Flush terminated root@OpenWrt:/# echo $? 2 Fixes: https://github.com/openwrt/packages/issues/12095 Ref: https://lists.openwall.net/netdev/2019/05/02/105 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: move plugin options to server sectionYousong Zhou2019-05-09
| | | | | | | | | | | | | | Plugin options are properties of shadowsocks deployment as a whole, including both server and each client components. Multiple client instances accessing the same server will need to share the same plugin settings With this change, plugin options will need to specified to "server" and "ss-server" section, not to each component section. Fixes: c19e949 ("shadowsocks-libev: add plugin options support") Reference: https://github.com/openwrt/packages/issues/8903#issuecomment-489674137 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: add plugin options supportYousong Zhou2019-05-06
| | | | | Reference: https://github.com/openwrt/packages/issues/8903 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: move --no-delay into json config fileYousong Zhou2019-02-19
| | | | | | | It was introduced in 3.1.0 as a command line argument and was part of the json config since 3.1.1 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: use jshn.sh for making json configYousong Zhou2019-02-19
| | | | | | As suggested by Jeffery To in openwrt/packages#8233 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: flush ipv6 ss-rules on service stopYousong Zhou2019-02-16
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: fix flushing ipv6 rulesYousong Zhou2019-02-12
| | | | | | "-6" has to be the first argument Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: tweak for readabilityYousong Zhou2019-02-12
| | | | | | | - quash errors on detection of ipv6 nat - remove unnecessary rule args "--comment ..." and "-p ..." Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: flush ss rules on entryYousong Zhou2019-02-11
| | | | | | Fixes issue reported in openwrt/luci#2527 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: simplify grep_afYousong Zhou2019-01-22
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: add ipv6 supportYousong Zhou2019-01-21
| | | | | | | | | | | | | | | It will require support from ip6tables-mod-nat. The added functionality will be skipped otherwise. For $o_dst_bypass6_, include only address blocks in link [1] whose "Globally Reachable" field are explicitly "False" Closes openwrt/packages#7508 [1] IANA IPv6 Special-Purpose Address Registry, https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: remove unnecessary curly bracesYousong Zhou2018-02-02
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: bump to version 3.1.3Yousong Zhou2018-02-02
| | | | | | | | | | | | | Notable changes since 3.1.2 afce1b3 eliminate timered delay between handshake and data stream #1572 539bf6e sni in redir removed and no disable_sni option #1876 1d94442..29ff5d3 udprelay fix (no idea what's the problem...) #1883 Now disable_sni=true is the default. Existing uci configs setting it will be a nop Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: remove option manager_addressYousong Zhou2018-01-04
| | | | | | | | It's an option that is supposed to be fed by ss-manager. It can be in the form of host:port or path to unix dgram socket. Drop it now with the assumption that it has no real user at the moment Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: new option no_delayYousong Zhou2018-01-02
| | | | | | | | | --no-delay is a new cmdline argument introduced in 3.1.0 to NOT turn off TCP_NODELAY socket option, i.e. keeping it's default value without setting it explicitly. This can be potentially useful for interactive traffics Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: eliminiate not needed local varYousong Zhou2017-09-18
|
* shadowsocks-libev: minor tweak without functional changeYousong Zhou2017-09-14
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: more common default configYousong Zhou2017-08-30
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: query resolveip only for ipv4 addressesYousong Zhou2017-08-30
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: fix multiple continous \x20 in $o_ifnamesYousong Zhou2017-08-30
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: shorten init script by 2 linesYousong Zhou2017-08-30
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: resolve server names before adding to ipsetYousong Zhou2017-08-30
| | | | | | | | | | ipset command line utility supports ranges of address: IP-IP, but the dash character is also valid character in host names. If we have a remote server ss-00.example.com, ipset may complain that ipset v6.32: Syntax error: cannot parse ss: resolving to IPv4 address failed Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: fix validation of list optionYousong Zhou2017-08-30
| | | | | | | | | | ubox 'list' type is for validating multiple elements separated by tabs/whitespaces in a single value. E.g. The following should not be accepted list src_ip_bypass '1.2.3.4 4.3.2.1' Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: new bool option --dst-forward-recentrstYousong Zhou2017-08-22
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: rename usage funcYousong Zhou2017-08-22
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: rewrite ss-rulesYousong Zhou2017-08-20
| | | | | | | | | | | | - New UCI options ifnames, dst_default - UCI options src_ips_xxx now accept cidr as their values - Export ipset names as part of the interface so that it can be depended on and used by other programs - Bypass only remote servers used ss-redir instances, so that it's possible to let other servers to go through existing re-redir instances Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: Update AEAD cipher names.Leong Hui Wong2017-08-19
| | | | Signed-off-by: Leong Hui Wong <wong.leonghui@gmail.com>
* shadowsocks-libev: setting mode with default value tcp_onlyYousong Zhou2017-08-13
| | | | | | | | This is the default value taken by ss-server and ss-redir. After this change ss_rules section can still use those ss-redir instances who do not have mode explicitly specified. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: support disable_sni for ss_server sectionYousong Zhou2017-08-04
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: add ipv6_first option supportYousong Zhou2017-08-02
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: fix cases where passwords contain dquoteYousong Zhou2017-07-24
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: validate bool with default value 0Yousong Zhou2017-07-23
| | | | | | | | | | | | | | | | | | | | | The change is mainly for keeping compatibility with old validate_data before ubox commit ac481cdd999ee84d3f115c33a56397237e95ec64 in Sat Jul 16 14:52:36 2016 +0200. The behaviour change comes with that commit can be seen with the following command line session root@LEDE:/usr/bin# validate_data network interface wan 'disabled:bool:false' network.wan.disabled is unset and defaults to bool false disabled=0; root@LEDE:/usr/bin# root@OpenWrt:/# validate_data network interface lan 'disabled:bool:false' disabled='false'; root@OpenWrt:/# This will cause shadowsocks-libev in current master branch fail on OpenWrt 15.01 though they actually should only use packages from the 15.01 branch... Fixes openwrt/packages#4614 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: ss-rules: add executable bitsYousong Zhou2017-07-23
|
* shadowsocks-libev: rewriteYousong Zhou2017-07-02
| | | | | | | | | | | | | | | | | | - Selecting only a single or subset of all components of shadowsocks-libev is now possible (this is the main motivation behind the rewrite) - Configuring multiple instances of the same component is now also possible - Same option names as with the json config - Unified configuration generation method for each component - Add support for ss-local, ss-tunnel, ss-server - Most data validation is now done with validate_data - USE_PROCD=1 - Update ss-rules with the one from shadowsocks/luci-app-shadowsocks - Add README.md - Set myself as the maintainer Addresses #4435 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* shadowsocks-libev: bump versionJian Chang2015-07-22
| | | | | | | Fix the multiple UDP source port issue. Allow using different IP and ports for TCP and UDP Signed-off-by: Jian Chang <aa65535@live.com>
* shadowsocks-libev: add packageaa655352015-07-03
Shadowsocks-libev is a lightweight secured socks5 proxy for embedded devices and low end boxes. Signed-off-by: aa65535 <aa65535@live.com>
Powered by cgit, Themed by Ted Yin.