# shadowsocks/shadowsocks-rust

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/shadowsocks-shadowsocks-rust).**

10,729 stars · 1,435 forks · Rust · MIT

## Links

- GitHub: https://github.com/shadowsocks/shadowsocks-rust
- Homepage: https://shadowsocks.org/
- awesome-repositories: https://awesome-repositories.com/repository/shadowsocks-shadowsocks-rust.md

## Topics

`http-proxy` `rust` `security` `shadowsocks` `socks4` `socks5` `transparent-proxy`

## Description

A Rust port of shadowsocks

## Tags

### Networking & Communication

- [SOCKS5 Servers](https://awesome-repositories.com/f/networking-communication/proxy-servers/socks5-servers.md) — Presents a standard SOCKS5 interface on the local machine for any SOCKS5-aware application to route traffic through the encrypted tunnel. ([source](https://shadowsocks.org/doc/what-is-shadowsocks.html))
- [Tunneling Server Deployments](https://awesome-repositories.com/f/networking-communication/tunneling-server-deployments.md) — Sets up a Shadowsocks server on a cloud-hosted Linux machine to route traffic through an encrypted tunnel. ([source](https://shadowsocks.org/doc/deploying.html))
- [Shadowsocks Server Managers](https://awesome-repositories.com/f/networking-communication/tunneling-server-deployments/shadowsocks-server-managers.md) — A lightweight encrypted proxy server written in Rust for bypassing network restrictions.
- [Proxy Connection Configurations](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-infrastructure-configuration/network-management/dns-connectivity-management/network-connectivity-configurations/proxy-connection-sharing/proxy-connection-configurations.md) — Configures tunnel proxy with server address, port, password, and encryption method in a JSON file. ([source](https://shadowsocks.org/doc/configs.html))
- [UDP Tunneling](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-proxying-tools/network-proxies/udp-tunneling.md) — Encrypts outbound UDP datagrams at the local proxy and decrypts them at the remote proxy for forwarding to the destination. ([source](https://shadowsocks.org/doc/what-is-shadowsocks.html))
- [Encrypted Datagram Transmitters](https://awesome-repositories.com/f/networking-communication/packet-engines/udp-datagram-transmitters/encrypted-datagram-transmitters.md) — Encrypts each UDP packet independently with a random salt and fixed nonce for out-of-order processing. ([source](https://shadowsocks.org/doc/aead.html))
- [SOCKS5 Proxies](https://awesome-repositories.com/f/networking-communication/socks5-proxies.md) — Accepts connections on a local SOCKS5 port and relays them through the encrypted tunnel to the destination. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [SOCKS5 Proxy Tunneling Clients](https://awesome-repositories.com/f/networking-communication/socks5-proxies/socks5-proxy-tunneling-clients.md) — Accepts local SOCKS5 connections and routes traffic through an encrypted tunnel to a remote server.
- [TCP Tunneling](https://awesome-repositories.com/f/networking-communication/tcp-protocol-implementations/tcp-tunneling.md) — Encrypts outbound TCP streams at the local proxy and decrypts them at the remote proxy for forwarding to the destination. ([source](https://shadowsocks.org/doc/what-is-shadowsocks.html))
- [AEAD Encrypted Proxies](https://awesome-repositories.com/f/networking-communication/tcp-proxies/aead-encrypted-proxies.md) — Encrypts TCP proxy streams using AEAD ciphers with per-session subkeys derived from a pre-shared key and random salt. ([source](https://shadowsocks.org/doc/sip022.html))
- [Encrypted Stream Handlers](https://awesome-repositories.com/f/networking-communication/tcp-stream-handlers/encrypted-stream-handlers.md) — Splits TCP connections into encrypted chunks with length, authentication tags, and a counting nonce. ([source](https://shadowsocks.org/doc/aead.html))
- [Traffic Tunneling](https://awesome-repositories.com/f/networking-communication/traffic-tunneling.md) — Encrypts and forwards network traffic through a remote server to bypass firewalls and hide the client's IP address. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Session ID-Based UDP Routers](https://awesome-repositories.com/f/networking-communication/udp-session-management/session-id-based-udp-routers.md) — Routes incoming UDP packets based on the client session ID rather than source address for network change resilience. ([source](https://shadowsocks.org/doc/sip022.html))
- [Proxy DNS Routers](https://awesome-repositories.com/f/networking-communication/dns-forwarding-routing/proxy-dns-routers.md) — Intercepts DNS queries and forwards them through the encrypted tunnel to a remote DNS server. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [HTTP Proxies](https://awesome-repositories.com/f/networking-communication/http-proxies.md) — Runs an HTTP proxy using the CONNECT method to support standard HTTP clients. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [DNS Proxy Bridges](https://awesome-repositories.com/f/networking-communication/local-proxy-gateways/dns-proxy-bridges.md) — Intercepts plaintext DNS queries and forwards them over encrypted upstream connections. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Live Config Managers](https://awesome-repositories.com/f/networking-communication/multi-port-proxy-bridges/multi-user-port-isolators/live-config-managers.md) — Supports multiple users on a single port with live configuration updates and per-user monitoring. ([source](https://shadowsocks.org/doc/deploying.html))
- [RFC1929 Authentication](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-proxying-tools/proxy-clients/socks5/rfc1929-authentication.md) — Implements RFC1929 username/password authentication for SOCKS5 connections.
- [TUN Mode Integration](https://awesome-repositories.com/f/networking-communication/network-traffic-routing/tun-mode-integration.md) — Creates a virtual network interface that routes all system traffic through the proxy for full-device coverage. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Proxy Configuration Standards](https://awesome-repositories.com/f/networking-communication/proxy-configuration-standards.md) — Implements standard URL and JSON formats for sharing proxy server configurations.
- [SOCKS5 User Authentication](https://awesome-repositories.com/f/networking-communication/socks5-proxies/socks5-user-authentication.md) — Authenticates SOCKS5 users with username and password verification against a configuration file. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Lightweight Proxies](https://awesome-repositories.com/f/networking-communication/traffic-proxying/lightweight-proxies.md) — Runs a minimal-footprint proxy server suitable for embedded devices and low-end hardware. ([source](https://shadowsocks.org/doc/deploying.html))
- [Transparent Proxy Forwarders](https://awesome-repositories.com/f/networking-communication/traffic-proxying/transparent-proxy-forwarders.md) — Intercepts network traffic at the system level using firewall rules and redirects it through the encrypted tunnel without client configuration. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [HTTP Proxy Forwarders](https://awesome-repositories.com/f/networking-communication/traffic-tunneling/http-tunneled-socks-proxies/http-proxy-forwarders.md) — Accepts HTTP and HTTPS connections on a local port and forwards them through the encrypted tunnel. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Transparent Network Proxies](https://awesome-repositories.com/f/networking-communication/transparent-network-proxies.md) — Intercepts and redirects network traffic at the system level using firewall rules, requiring no client configuration. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Transparent Proxying](https://awesome-repositories.com/f/networking-communication/transparent-proxying.md) — Intercepts system-level traffic via firewall rules or TUN interface for transparent proxy redirection.
- [Firewall Redirection](https://awesome-repositories.com/f/networking-communication/transparent-proxying/firewall-redirection.md) — Intercepts system-level traffic via firewall rules and redirects it through the encrypted tunnel.
- [TUN Interface Proxies](https://awesome-repositories.com/f/networking-communication/tun-interface-pivots/tun-interface-proxies.md) — Creates a virtual network interface that routes all system traffic through the encrypted tunnel for full-device coverage. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Encrypted Session Relays](https://awesome-repositories.com/f/networking-communication/udp-session-management/encrypted-session-relays.md) — Relays UDP packets over sessions identified by a unique session ID, encrypting each with a session-specific subkey. ([source](https://shadowsocks.org/doc/sip022.html))
- [Session-Based Relays](https://awesome-repositories.com/f/networking-communication/udp-session-management/session-based-relays.md) — Relays UDP packets over session-based tunnels with per-session encryption and replay protection.
- [Session-Based UDP Relays](https://awesome-repositories.com/f/networking-communication/udp-session-management/session-based-udp-relays.md) — Relays UDP packets over session-based tunnels with per-session encryption and replay protection.
- [TUN Interface Routing](https://awesome-repositories.com/f/networking-communication/virtual-network-interfaces/tun-interface-routing.md) — Creates a virtual TUN interface that routes all system traffic through the encrypted tunnel.
- [Proxy Configuration Encoders](https://awesome-repositories.com/f/networking-communication/web-based-local-sharing-tools/local-site-sharing/qr-code-mobile-access/proxy-configuration-encoders.md) — Encodes proxy server details into a BASE64 URI for quick mobile client setup via scanning. ([source](https://shadowsocks.org/doc/configs.html))

### Security & Cryptography

- [Authenticated Encryption](https://awesome-repositories.com/f/security-cryptography/authenticated-encryption.md) — Encrypts tunnel data using authenticated encryption that provides confidentiality, integrity, and authenticity in one operation. ([source](https://shadowsocks.org/doc/aead.html))
- [Encrypted Tunneling](https://awesome-repositories.com/f/security-cryptography/encrypted-tunneling.md) — Provides encrypted tunneling to bypass network restrictions and hide the client's IP address.
- [AEAD-2022 Cipher Suites](https://awesome-repositories.com/f/security-cryptography/encrypted-tunneling/aead-2022-cipher-suites.md) — Encrypts proxy traffic using modern authenticated encryption with per-session subkeys and replay protection for TCP and UDP.
- [AEAD Cipher Implementations](https://awesome-repositories.com/f/security-cryptography/encrypted-tunneling/aead-cipher-implementations.md) — Encrypts TCP and UDP traffic using AEAD ciphers like chacha20-poly1305 and aes-256-gcm.
- [AEAD-2022 Cipher Suites](https://awesome-repositories.com/f/security-cryptography/encryption/cipher-suite-detection/aead-2022-cipher-suites.md) — Implements the AEAD-2022 cipher suite for encrypting proxy traffic with per-session subkeys.
- [Session Key Derivation](https://awesome-repositories.com/f/security-cryptography/key-derivation-protocols/session-key-derivation.md) — Generates a unique per-session subkey from a shared master key using HKDF-SHA1 with a random salt. ([source](https://shadowsocks.org/doc/aead.html))
- [Configurable Cipher Encryptors](https://awesome-repositories.com/f/security-cryptography/traffic-encryption/configurable-cipher-encryptors.md) — Encrypts tunnel traffic using AEAD ciphers like chacha20-ietf-poly1305 or aes-256-gcm for integrity and authenticity. ([source](https://shadowsocks.org/doc/configs.html))
- [Traffic Obfuscation](https://awesome-repositories.com/f/security-cryptography/traffic-obfuscation.md) — Implements traffic obfuscation by making proxy traffic indistinguishable from random bytes to evade deep packet inspection. ([source](https://shadowsocks.org/doc/sip022.html))
- [Access Control Lists](https://awesome-repositories.com/f/security-cryptography/access-restrictions/access-control-lists.md) — Provides access control lists to block or allow traffic to specific destinations based on rules defined in an ACL file. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Replay Prevention Salts](https://awesome-repositories.com/f/security-cryptography/configuration-encryption/salt-configuration/replay-prevention-salts.md) — Prevents replay attacks on TCP streams by storing incoming salts and checking timestamps.
- [Base64 Key Generators](https://awesome-repositories.com/f/security-cryptography/encryption-key-management/base64-key-generators.md) — Creates secure, Base64-encoded keys of the correct length for a specified encryption method. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Proxy Management](https://awesome-repositories.com/f/security-cryptography/key-management/proxy-management.md) — Manages multiple proxy users by starting, stopping, listing, and monitoring individual proxy server instances. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [SOCKS5 Authenticators](https://awesome-repositories.com/f/security-cryptography/password-authentication/socks5-authenticators.md) — Requires username and password authentication for SOCKS5 connections using the standard RFC1929 protocol. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [AEAD-2022 Cipher Encryptors](https://awesome-repositories.com/f/security-cryptography/traffic-encryption/configurable-cipher-encryptors/aead-2022-cipher-encryptors.md) — Encrypts tunnel traffic using AEAD-2022 ciphers with keys generated from a secure command-line tool. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))
- [Proxy User Managers](https://awesome-repositories.com/f/security-cryptography/user-account-management/multi-user-support/proxy-user-managers.md) — Supports multiple proxy users on a single port with live configuration updates and monitoring.

### Software Engineering & Architecture

- [TCP Stream Replay Protections](https://awesome-repositories.com/f/software-engineering-architecture/request-validation/replay-attacks-prevention/tcp-stream-replay-protections.md) — Implements TCP replay attack prevention by storing incoming salts and rejecting duplicates with out-of-range timestamps. ([source](https://shadowsocks.org/doc/sip022.html))
- [UDP Session Replay Protections](https://awesome-repositories.com/f/software-engineering-architecture/request-validation/replay-attacks-prevention/udp-session-replay-protections.md) — Implements UDP replay attack prevention using a sliding window filter per relay session to reject duplicate packet IDs. ([source](https://shadowsocks.org/doc/sip022.html))

### System Administration & Monitoring

- [Server Instance Managers](https://awesome-repositories.com/f/system-administration-monitoring/server-instance-managers.md) — Manages multiple proxy server instances in a single process via a management API for live config updates and monitoring. ([source](https://cdn.jsdelivr.net/gh/shadowsocks/shadowsocks-rust@master/README.md))

### Web Development

- [Proxy Instance Managers](https://awesome-repositories.com/f/web-development/server-process-management/multi-instance-managers/proxy-instance-managers.md) — Provides a management API to start, stop, list, and monitor multiple proxy server instances.
