Are you happy with your logging solution? Would you help us out by taking a 30-second survey? Click here


Next-generation Shadowsocks in Go

Subscribe to updates I use go-shadowsocks2

Statistics on go-shadowsocks2

Number of watchers on Github 564
Number of open issues 16
Average time to close an issue 2 days
Main language Go
Average time to merge a PR about 18 hours
Open pull requests 3+
Closed pull requests 3+
Last commit almost 2 years ago
Repo Created over 2 years ago
Repo Last Updated over 1 year ago
Size 71 KB
Organization / Authorshadowsocks
Page Updated
Do you use go-shadowsocks2? Leave a review!
View open issues (16)
View on github
Fresh, new opensource launches πŸš€πŸš€πŸš€
Trendy new open source projects in your inbox! View examples

Subscribe to our mailing list

Evaluating go-shadowsocks2 for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)


A fresh implementation of Shadowsocks in Go.

GoDoc at


  • SOCKS5 proxy (Including UDP Associate)
  • Support for Netfilter TCP redirect (IPv6 should work but not tested)
  • UDP tunneling (e.g. relay DNS packets)
  • TCP tunneling (e.g. benchmark with iperf3)


go get -u -v

Basic Usage


Start a server listening on port 8488 using AEAD_CHACHA20_POLY1305 AEAD cipher with password your-password.

go-shadowsocks2 -s ss://AEAD_CHACHA20_POLY1305:your-password@:8488 -verbose


Start a client connecting to the above server. The client listens on port 1080 for incoming SOCKS5 connections, and tunnels both UDP and TCP on port 8053 and port 8054 to and respectively.

go-shadowsocks2 -c ss://AEAD_CHACHA20_POLY1305:your-password@[server_address]:8488 \
     -verbose -socks :1080 -u -udptun :8053=,:8054= \
                              -tcptun :8053=,:8054=

Replace [server_address] with the server's public address.

Advanced Usage

Use random keys instead of passwords

A random key is almost always better than a password. Generate a base64url-encoded 16-byte random key

go-shadowsocks2 -keygen 16

Start a server listening on port 8848 using AEAD_AES_128_GCM AEAD cipher with the key generated above.

go-shadowsocks2 -s :8488 -cipher AEAD_AES_128_GCM -key k5yEIX5ciUDpkpdtvZm7zQ== -verbose

And the corresponding client to connect to it.

go-shadowsocks2 -c [server_address]:8488 -cipher AEAD_AES_128_GCM -key k5yEIX5ciUDpkpdtvZm7zQ== -verbose

Netfilter TCP redirect (Linux only)

The client offers -redir and -redir6 (for IPv6) options to handle TCP connections redirected by Netfilter on Linux. The feature works similar to ss-redir from shadowsocks-libev.

Start a client listening on port 1082 for redirected TCP connections and port 1083 for redirected TCP IPv6 connections.

go-shadowsocks2 -c [server_address]:8488 -cipher AEAD_AES_128_GCM -key k5yEIX5ciUDpkpdtvZm7zQ== \
    -redir :1082 -redir6 :1083

TCP tunneling

The client offers -tcptun [local_addr]:[local_port]=[remote_addr]:[remote_port] option to tunnel TCP. For example it can be used to proxy iperf3 for benchmarking.

Start iperf3 on the same machine with the server.

iperf3 -s

By default iperf3 listens on port 5201.

Start a client on the same machine with the server. The client listens on port 1090 for incoming connections and tunnels to localhost:5201 where iperf3 is listening.

go-shadowsocks2 -c [server_address]:8488 -cipher AEAD_AES_128_GCM -key k5yEIX5ciUDpkpdtvZm7zQ== \
    -tcptun :1090=localhost:5201

Start iperf3 client to connect to the tunneld port instead

iperf3 -c localhost -p 1090


  • Test coverage
  • Binary releases for common platforms

Design Principles

The code base strives to

  • be idiomatic Go and well organized;
  • use fewer external dependences as reasonably possible;
  • only include proven modern ciphers;
go-shadowsocks2 open issues Ask a question     (View All Issues)
  • over 2 years How can I build it with static exe file in windows system
  • over 2 years obfu plugin interface
go-shadowsocks2 open pull requests (View All Pulls)
  • Changes:
  • Add dialer interface according to
  • ζ”―ζŒrc4-md5ε’Œchacha20
go-shadowsocks2 list of languages used
Other projects in Go