0

I am trying to set up a Shadow Socks connection from China. To do that, I

  1. downloaded and installed a ShadowCocks client (ShadowsocksX-NG.app) on my local, and configure
  2. create a ShadowCocks service at a server aboard

For 2), I have created one instance on AWS of east US zone, and the service is already started with the following configuration. The server instance is SECURED with key pair for connection.

{
"server":"0.0.0.0",
"local_address":"127.0.0.1",
"local_port":1080,
"port_password":{
"7777":"password1",
"8888":"password2"
},
"timeout":300,
"method":"aes-256-cfb",
"fast_open":false
}

For 1), I connect with the address of the server instance's address, port number 7777 and password = password1.

I use global mode (to ensure Shadowcocks kick in) for ShadowCocks client and start it, no website gets loaded (both blocked sites and unblocked sites by the GFW). I assert there is problem with the connection between the Shadowcocks client side and server sides). I also tried different encyption algorithm but still doesn't load.

I need some hint on where the problems might be!

I suspect something wrong with the crytographics? I think the concept of Shadowcocks is that

  1. the client side encrypts the URL and sends it to the server side
  2. then the server side receives the encrypted text and decrypt it, and then fetch the result with the decrypted URL. I am guessing the problem might occur at this part. I don't see how my client side encrypts or how my server side can decrypt since I didn't share the keys between the 2 sides.
ChrisZ
  • 482
  • 2
  • 11
  • 26
  • AWS has built-in firewall which blocks all incoming frames to your VM - you need to add rule for the port 1080 . Also this looks strange to me ```"local_address":"127.0.0.1"``` . Should it not be 0.0.0.0 ? BTW, most likely you already know that StackOverflow is designed to accumulate nice pairs of question and answer about software development. Your question is not related to software development so it is off-topic at StackOverflow. You could try your chances at [SuperUser](https://superuser.com/) or [ServerFault](https://serverfault.com/) or [Unix & Linux](https://unix.stackexchange.com/) – Maxim Sagaydachny Aug 19 '20 at 10:46
  • @MaximSagaydachny inbound rule is the reason! – ChrisZ Aug 21 '20 at 06:50

1 Answers1

0

Set the inbound rules to allow traffics to port 7777 and 8888.

type = TCP

port = 7777 or 8888

source = 0.0.0.0/0

So Shadowsocks will be able to connect.

ChrisZ
  • 482
  • 2
  • 11
  • 26