<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="generator" content="AsciiDoc 8.6.9">
<title>ss-server(1)</title>
</head>
<body>
<h1>ss-server(1)</h1>
<p>
</p>
<hr>
<h2><a name="_name"></a>NAME</h2>
<p>ss-server - shadowsocks server, libev port</p>
<hr>
<h2><a name="_synopsis"></a>SYNOPSIS</h2>
<p><strong>ss-server</strong>
[-uUv] [-h|--help]
[-s <emphasis><server_host></emphasis>] [-p <emphasis><server_port></emphasis>] [-l <emphasis><local_port></emphasis>]
[-k <emphasis><password></emphasis>] [-m <emphasis><encrypt_method></emphasis>] [-f <emphasis><pid_file></emphasis>]
[-t <emphasis><timeout></emphasis>] [-c <emphasis><config_file></emphasis>] [-i <emphasis><interface></emphasis>]
[-a <emphasis><user_name></emphasis>] [-d <emphasis><addr></emphasis>] [-n <emphasis><nofile></emphasis>]
[-b <emphasis><local_address></emphasis>] [--fast-open] [--reuse-port] [--mptcp]
[--acl <emphasis><acl_config></emphasis>] [--mtu <emphasis><MTU></emphasis>]
[--manager-address <emphasis><path_to_unix_domain></emphasis>]
[--plugin <emphasis><plugin_name></emphasis>] [--plugin-opts <emphasis><plugin_options></emphasis>]
[--password <emphasis><password></emphasis>] [--key <emphasis><key_in_base64></emphasis>]</p>
<hr>
<h2><a name="_description"></a>DESCRIPTION</h2>
<p><strong>Shadowsocks-libev</strong> is a lightweight and secure socks5 proxy.
It is a port of the original shadowsocks created by clowwindy.
<strong>Shadowsocks-libev</strong> is written in pure C and takes advantage of libev to
achieve both high performance and low resource consumption.</p>
<p><strong>Shadowsocks-libev</strong> consists of five components.
<code>ss-server</code>(1) runs on a remote server to provide secured tunnel service.
For more information, check out <code>shadowsocks-libev</code>(8).</p>
<hr>
<h2><a name="_options"></a>OPTIONS</h2>
<dl>
<dt>
-s <emphasis><server_host></emphasis>
</dt>
<dd>
<p>
Set the server’s hostname or IP.
</p>
</dd>
<dt>
-p <emphasis><server_port></emphasis>
</dt>
<dd>
<p>
Set the server’s port number.
</p>
</dd>
<dt>
-k <emphasis><password></emphasis>
</dt>
<dt>
--password <emphasis><password></emphasis>
</dt>
<dd>
<p>
Set the password. The server and the client should use the same password.
</p>
</dd>
<dt>
--key <emphasis><key_in_base64></emphasis>
</dt>
<dd>
<p>
Set the key directly. The key should be encoded with URL-safe Base64.
</p>
</dd>
<dt>
-m <emphasis><encrypt_method></emphasis>
</dt>
<dd>
<p>
Set the cipher.
</p>
<p><strong>Shadowsocks-libev</strong> accepts 18 different ciphers:</p>
<p>aes-128-gcm, aes-192-gcm, aes-256-gcm,
rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb,
aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb,
camellia-128-cfb, camellia-192-cfb, camellia-256-cfb,
chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf.</p>
<p>If built with PolarSSL or custom OpenSSL libraries, some of
these ciphers may not work.</p>
</dd>
<dt>
-a <emphasis><user_name></emphasis>
</dt>
<dd>
<p>
Run as a specific user.
</p>
</dd>
<dt>
-f <emphasis><pid_file></emphasis>
</dt>
<dd>
<p>
Start shadowsocks as a daemon with specific pid file.
</p>
</dd>
<dt>
-t <emphasis><timeout></emphasis>
</dt>
<dd>
<p>
Set the socket timeout in seconds. The default value is 60.
</p>
</dd>
<dt>
-c <emphasis><config_file></emphasis>
</dt>
<dd>
<p>
Use a configuration file.
</p>
<p>Refer to <code>shadowsocks-libev</code>(8) <em>CONFIG FILE</em> section for more details.</p>
</dd>
<dt>
-n <emphasis><number></emphasis>
</dt>
<dd>
<p>
Specify max number of open files.
</p>
<p>Only available on Linux.</p>
</dd>
<dt>
-i <emphasis><interface></emphasis>
</dt>
<dd>
<p>
Send traffic through specific network interface.
</p>
<p>For example, there are three interfaces in your device,
which is lo (127.0.0.1), eth0 (192.168.0.1) and eth1 (192.168.0.2).
Meanwhile, you configure <code>ss-server</code> to listen on 0.0.0.0:8388 and bind to eth1.
That results the traffic go out through eth1, but not lo nor eth0.
This option is useful to control traffic in multi-interface environment.</p>
</dd>
<dt>
-b <emphasis><local_address></emphasis>
</dt>
<dd>
<p>
Specify local address to bind.
</p>
</dd>
<dt>
-u
</dt>
<dd>
<p>
Enable UDP relay.
</p>
</dd>
<dt>
-U
</dt>
<dd>
<p>
Enable UDP relay and disable TCP relay.
</p>
</dd>
<dt>
-6
</dt>
<dd>
<p>
Resovle hostname to IPv6 address first.
</p>
</dd>
<dt>
-d <emphasis><addr></emphasis>
</dt>
<dd>
<p>
Setup name servers for internal DNS resolver (libudns).
The default server is fetched from <em>/etc/resolv.conf</em>.
</p>
</dd>
<dt>
--fast-open
</dt>
<dd>
<p>
Enable TCP fast open.
</p>
<p>Only available with Linux kernel > 3.7.0.</p>
</dd>
<dt>
--reuse-port
</dt>
<dd>
<p>
Enable port reuse.
</p>
<p>Only available with Linux kernel > 3.9.0.</p>
</dd>
<dt>
--acl <emphasis><acl_config></emphasis>
</dt>
<dd>
<p>
Enable ACL (Access Control List) and specify config file.
</p>
</dd>
<dt>
--manager-address <emphasis><path_to_unix_domain></emphasis>
</dt>
<dd>
<p>
Specify UNIX domain socket address for the communication between ss-manager(1) and ss-server(1).
</p>
<p>Only available in server and manager mode.</p>
</dd>
<dt>
--mtu <emphasis><MTU></emphasis>
</dt>
<dd>
<p>
Specify the MTU of your network interface.
</p>
</dd>
<dt>
--mptcp
</dt>
<dd>
<p>
Enable Multipath TCP.
</p>
<p>Only available with MPTCP enabled Linux kernel.</p>
</dd>
<dt>
--plugin <emphasis><plugin_name></emphasis>
</dt>
<dd>
<p>
Enable SIP003 plugin. (Experimental)
</p>
</dd>
<dt>
--plugin-opts <emphasis><plugin_options></emphasis>
</dt>
<dd>
<p>
Set SIP003 plugin options. (Experimental)
</p>
</dd>
<dt>
-v
</dt>
<dd>
<p>
Enable verbose mode.
</p>
</dd>
<dt>
-h|--help
</dt>
<dd>
<p>
Print help message.
</p>
</dd>
</dl>
<hr>
<h2><a name="_example"></a>EXAMPLE</h2>
<p>It is recommended to use a config file when starting <code>ss-server</code>(1).</p>
<p>The config file is written in JSON and is easy to edit.
Check out the <em>SEE ALSO</em> section for the default path of config file.</p>
<pre><code># Start the ss-server
ss-server -c /etc/shadowsocks-libev/config.json</code></pre>
<hr>
<h2><a name="_incompatibility"></a>INCOMPATIBILITY</h2>
<p>The config file of <code>shadowsocks-libev</code>(8) is slightly different from original
shadowsocks.</p>
<p>In order to listen to both IPv4/IPv6 address, use the following grammar in
your config json file:</p>
<pre><code>{
"server":["::0","0.0.0.0"],
...
}</code></pre>
<p><code>ss-server</code>(1) also does not understand "port_password" field in config file.
If you want to start up multiple server instances with a single config file,
please try ss-manager tool. See <code>ss-manager</code>(8) for details.</p>
<hr>
<h2><a name="_see_also"></a>SEE ALSO</h2>
<p><code>ss-local</code>(1),
<code>ss-tunnel</code>(1),
<code>ss-redir</code>(1),
<code>ss-manager</code>(1),
<code>shadowsocks-libev</code>(8),
<code>iptables</code>(8),
/etc/shadowsocks-libev/config.json</p>
<p></p>
<p></p>
<hr><p><small>
Last updated 2017-06-27 06:33:10 UTC
</small></p>
</body>
</html>
distrib
>
Mageia
>
6
>
x86_64
>
media
>
core-updates
>
by-pkgid
>
4266f34df60651c5354368b73e314991
>
files
>
19
