A one-key script to setup Cloak plugin with Shadowsocks on your server
A script to install Cloak in your server with or without shadowsocks.
ss://link at the end (Only for shadowsocks)
Cloak eliminates any "fingerprints" exposed by traditional proxy protocol designs which can be identified by adversaries through deep packet inspection. If a non-Cloak program or an unauthorized Cloak user (such as an adversary's prober) attempts to connect to Cloak server, it will serve as a transparent proxy between said machine and an ordinary website, so that to any unauthorized third party, a host running Cloak server is indistinguishable from an innocent web server. This is achieved through the use a series of cryptographic steganography techniques.
Since Cloak is transparent, it can be used in conjunction with any proxy software that tunnels traffic through TCP, such as Shadowsocks, OpenVPN and Tor. Multiple proxy servers can be running on the same server host machine and Cloak server will act as a reverse proxy, bridging clients with their desired proxy end.
Cloak multiplexes traffic through multiple underlying TCP connections which reduces head-of-line blocking and eliminates TCP handshake overhead.
Cloak provides multi-user support, allowing multiple clients to connect to the proxy server on the same port (443 by default). It also provides QoS controls for individual users such as data usage limit and bandwidth control. source
The script should work with these operating systems: * CentOS 7 * Debian 8 / 9 / 10 (Thanks to @xiamaz) * Ubuntu 16 / 18 / 19 * Raspbian Buster (Thanks to Raphael)
arm, arm64, amd64 and i386 are supported.
bash curl -o Cloak-Installer.sh -L https://git.io/fj5mh && bash Cloak-Installer.shAnswer questions and wait until the setup finishes installing. Installing the shadowsocks is optional. #### Install Openvpn or Tor with Cloak Please read here. The tutorial is just fine! It is recommended to install the openvpn or tor before installing my script.
Also here is an script to install openvpn.
After you set up the openvpn or tor, re-run the script. If you had the Cloak installed, you can use
Change Forwarding Rulesto add the address to proxy. If you are installing, when the script asks for custom rule, select yes and define it there.
After installing, re-run the script to either uninstall the proxy, add or delete users, generate QR codes for shadowsocks, or change the forwarding rules.
Also script creates a service named
Copy and execute this command:
bash curl -o Shadowsocks-Cloak-Installer.sh -L https://git.io/fjECg && bash Shadowsocks-Cloak-Installer.shAnswer questions and wait until the setup finishes installing. You can scan the QR Code after or use
ss://link or even enter server config manually.
After installing, re-run the script to either uninstall the proxy or regenerate QR code and
ss://link and configs.
Also script creates a service named
shadowsocks-server. DO NOT USE shadowsocks-libev service.
chmod +x ck-client-linux-XXXto make it executable). Run client like this:
bash ss-local -s -p -l 1080 -k -m --plugin path/to/ck-client-linux-XXX --plugin-opts path/to/ckclient.jsonYou can connect to your shadowsocks with socks or http proxy set on localhost and 1080 port.
It looks like that this app does support cloak but I haven't tested it.
ck-client-windows-386-X.exeif your system is 64-bit use
ck-client-windows-amd64-X.exe. Then use the QR Code or
ss://link to import the server.
The program will give you an error that shadowsocks cannot find
ck-clientor something like this. Click OK and go to Edit Servers. Then write the absolute path to ck-client file in Plugin Program. Example of path:
At first download the suitable plugin from here. Then download the
ckclient.jsonand change it as you need it. link. Then run the ck-client like this:
bash ./ck-client -s -p -l -c
If you need to setup Tor or Openvpn with Cloak read here
Cloak V2 FAQ (Soon...)
At first what is BBR?
TL;DR: It speeds up TCP connections = Faster Server
BBR or Bottleneck Bandwidth and Round-trip propagation time (BBR) is a TCP congestion control algorithm developed at Google in 2016. While most congestion control algorithms are loss-based, in that they rely on packet loss as a signal to lower rates of transmission, BBR is model-based. The algorithm uses the maximum bandwidth and round-trip time at which the network delivered the most recent flight of outbound data packets to build an explicit model of the network. Each cumulative or selective acknowledgment of packet delivery produces a rate sample which records the amount of data delivered over the time interval between the transmission of a data packet and the acknowledgment of that packet. As network interface controllers evolve from megabit per second to gigabit per second performance, packet loss should no longer be considered the primary determining factor in identifying congestion, making model-based congestion control algorithms which provide higher throughput and lower latency, such as BBR, a more reliable alternative to more popular algorithms like CUBIC. Source
The requirement to enable BBR is to have Linux Kernel 4.9 or higher. If you do, you can enable BBR like this:
bash echo 'net.core.default_qdisc=fq' | sudo tee -a /etc/sysctl.conf echo 'net.ipv4.tcp_congestion_control=bbr' | sudo tee -a /etc/sysctl.conf sysctl -pTo check if it is enabled: ```bash sysctl net.ipv4.tcpavailablecongestion_control
sysctl -n net.ipv4.tcpcongestioncontrol
lsmod | grep bbr
If your kernel is not 4.9 or higher just search how to upgrade it.
Here are some handy links to install BBR and upgrade kernel:
Whole System Tunnel VPN
Shadowsocks cannot natively route all traffic. You can use some apps like SocksCap or other stuff to route applications through shadowsocks.
You can use any VPS or Dedicated Server. If you want a cheap and low-end server, I personally recommend to buy one at Virmach; They also accept cryptos!
You can donate to me through bitcoin at
1XDgEkpnkJ7hC8Kwv5adfaDC1Z3FrkwsK, Ethereum at
0xbb527a28B76235E1C125206B7CcFF944459b4894, ZCash at
t1ZKYrYZCjxDYvo6mQaLZi3gNe2a6MydUo3and Bitcoin Gold at