Table of Contents
Shadowsocks! Sounds like the new superhero after Deadpool. Well, in a way it is a superhero! It let’s you bypass censorship, even the GFW! 1 Okay, so what’s this fuss about? Before going further, I think it needs some introduction.
Shadowsocks is a SOCKS5 compatible proxy server/client suite which excels at being undetectable. It leaves no fingerprint even when you use deep packet inspection. 2
Whoa! Wait, What does that mean? In simple terms, this means that shadowsocks lets you access blocked resources and is hard to detect by even the best firewalls.
Seems Interesting. I would definitely want one!
Okay, but before moving further, it’s important to know how this stuff works.
Shadowsocks is some software that has to be set up individually on two systems. One is your device,
or the client, which wants to bypass firewalls, and the other is a server - quite simply a
device which has unrestricted access to the internet.
The client then connects to the server (which isn’t blocked by the firewall), and tunnels all its traffic through the server via shadowsocks. The firewall thinks this is legitimate traffic, and so doesn’t block you.
Now you might think that if the client is already allowed to connect to the server, then why do we need shadowsocks in the first place? There are a couple of reasons why I recommend shadowsocks.
One, although you may have unrestricted access to the server, the firewall can still find out whether you’re using it to tunnel blocked resources. Shadowsocks excels at deceiving. It fools the firewall into believing that your communication is legitimate. Also, it’s fast. Trust me. You’re not limited by some crappy VPN that only lets through a few kilobits per second.
Two, an interesting advantage with shadowsocks is that it is available for most ecosystems. Ofcourse it’s available on the usual Linux, Mac and Windows, but there’s also android phones and wifi routers! 3 This means you don’t need a PC to tunnel anymore!
Enough of the talk. Let’s get some hands dirty.
I’ll be using an android phone as the client and an ubuntu machine as the server. If you cannot arrange for a server, I’d recommend renting one online. DigitalOcean lets you buy a decent server for as low as $5 per month. You can use this link while signing up to get $10 in free credit.
I’ll be setting up the server now. 4 First, a little housekeeping.
$ apt-get update
$ apt-get install python-pip
$ pip install shadowsocks
Next, create a config file
/etc/shadowsocks.json and paste this
There are some things worth looking out here.
0.0.0.0essentially means that you’re making shadowsocks accessible from outside the machine as well.
server_portsimply specifies the port over which shadowsocks would be accessible. So, if the server’s public IP is
22.214.171.124, shadowsocks is accessible on
126.96.36.199:465according to the configuration above.
- Also, make sure that
server_port, which is 465 in this case, isn’t blocked on your home network. 5 Else you wouldn’t be able to connect to the server in the first place.
- It turns out that you shouldn’t use the common HTTP ports like 80 and 443 for shadowsocks. Atleast they didn’t work out for me.
You don’t need to bother about other options for now. Just keep note of the password, we’ll be using that later. Next, you need to run shadowsocks in the background.
$ ssserver -c /etc/shadowsocks.json -d start
Once a client is connected, you can check the logs in
/var/log/shadowsocks.log to confirm that
it’s actually working. There! Halfway done.
Coming to the client, setting up shadowsocks for android is a piece of cake. Just install the
shadowsocks android app, and
encryption method and
password according to the config
file you just created on the server. Enter your server’s public IP 6 in place of the
server option, and you’re ready to hit the connect button.
An interesting option here is to selectively use shadowsocks for only some applications instead of a
global proxy using the
per app proxy setting. This works well if you only have a few apps that
There! you can now enjoy unrestricted internet, even on your phone! Visit the shadowsocks wiki page to find more about configuration options, optimization, and more advanced features.
The Great Firewall of China ↩︎
Shadowsocks is also available for routers running OpenWRT ↩︎
You could also enter a domain instead of an IP if you have one set up. ↩︎