### Install Gost via Ubuntu Snap Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Installs the Gost application on Ubuntu systems using the Snap package manager. This method first ensures the core snap daemon is installed, then proceeds with the Gost installation. ```bash sudo snap install core sudo snap install gost ``` -------------------------------- ### Install Gost from Source Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Clones the Gost repository, navigates to the command directory, and builds the executable from source code. This method requires a Go development environment to be set up. ```bash git clone https://github.com/ginuerzh/gost.git cd gost/cmd/gost go build ``` -------------------------------- ### Install Gost via Homebrew Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Installs the Gost application on macOS or Linux systems using the Homebrew package manager. This provides a convenient way to manage Gost installations and updates. ```bash brew install gost ``` -------------------------------- ### Start Gost as Standard HTTP/SOCKS5 Proxy Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Launches a Gost proxy server listening on port 8080 without any forward proxy configuration. This sets up a basic, standalone proxy accessible on the specified port. ```bash gost -L=:8080 ``` -------------------------------- ### Configure Gost Proxy with Authentication Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Starts a Gost proxy server on localhost:8080, requiring 'admin' as username and '123456' as password for access. This adds a layer of security to the proxy service. ```bash gost -L=admin:123456@localhost:8080 ``` -------------------------------- ### Configure Gost to Listen on Multiple Ports and Protocols Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Starts a Gost server listening on multiple ports with different protocols: HTTP2 on 443, SOCKS5 on 1080, and Shadowsocks with AES-128-CFB encryption on 8338. This demonstrates Gost's ability to handle diverse proxy services simultaneously. ```bash gost -L=http2://:443 -L=socks5://:1080 -L=ss://aes-128-cfb:123456@:8338 ``` -------------------------------- ### Configure Gost for KCP Protocol Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Details how to configure Gost to employ the KCP protocol, known for its reliable and fast UDP-based transmission. This covers basic server and client setups, along with the option to specify an external KCP configuration file, noting that KCP nodes must be the first in a proxy chain. ```bash gost -L=kcp://:8388 ``` ```bash gost -L=:8080 -F=kcp://server_ip:8388 ``` ```bash gost -L=kcp://:8388?c=/path/to/conf/file ``` -------------------------------- ### Configure Gost for Transparent Proxy with Iptables Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Demonstrates configuring Gost to act as an Iptables-based transparent proxy, seamlessly redirecting network traffic. The example shows forwarding this transparently proxied traffic through an HTTP2 proxy. ```bash gost -L=redirect://:12345 -F=http2://server_ip:443 ``` -------------------------------- ### Configure Gost for Shadowsocks Protocol Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Shows how to set up Gost to utilize the Shadowsocks protocol, including support for AES-128-CFB encryption. Configurations are provided for both TCP proxying (server and client) and a server-only setup for Shadowsocks UDP relay. ```bash gost -L=ss://aes-128-cfb:123456@:8338 ``` ```bash gost -L=:8080 -F=ss://aes-128-cfb:123456@server_ip:8338 ``` ```bash gost -L=ssu://aes-128-cfb:123456@:8338 ``` -------------------------------- ### Configure Gost for obfs4 Protocol Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Shows how to configure Gost to use the obfs4 obfuscation protocol, designed to bypass censorship by making traffic appear innocuous. This includes server setup, which outputs a unique client certificate, and the corresponding client configuration using this certificate. ```bash gost -L=obfs4://:443 ``` ```bash gost -L=:8888 -F='obfs4://server_ip:443?cert=4UbQjIfjJEQHPOs8vs5sagrSXx1gfrDCGdVh2hpIPSKH0nklv1e4f29r7jb91VIrq4q5Jw&iat-mode=0' ``` -------------------------------- ### Configure Gost for QUIC Protocol Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Shows how to set up Gost to utilize the QUIC protocol for proxying, offering a modern, low-latency transport. Server and client configurations are included, with an important note that a QUIC node must always be the initial point in any proxy chain. ```bash gost -L=quic://:6121 ``` ```bash gost -L=:8080 -F=quic://server_ip:6121 ``` -------------------------------- ### Configure Gost Proxy with Multiple Authentication Credentials Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Launches a Gost proxy server on localhost:8080, loading multiple authentication credentials from a specified 'secrets.txt' file. This allows for managing a list of authorized users without hardcoding them in the command. ```bash gost -L=localhost:8080?secrets=secrets.txt ``` -------------------------------- ### Run Gost Docker Container Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Executes the Gost Docker image to display its version, demonstrating basic container usage. This command pulls the image if not already present and runs it in a temporary container. ```bash docker run --rm ginuerzh/gost -V ``` -------------------------------- ### Configure gost with obfs4 Obfuscation Source: https://github.com/ginuerzh/gost/blob/master/README.md Shows how to set up gost using the obfs4 obfuscation protocol. The server provides a certificate for client connection, which is printed to the console. The client uses this certificate to establish an obfuscated connection to the server. ```bash gost -L=obfs4://:443 ``` ```bash gost -L=:8888 -F='obfs4://server_ip:443?cert=4UbQjIfjJEQHPOs8vs5sagrSXx1gfrDCGdVh2hpIPSKH0nklv1e4f29r7jb91VIrq4q5Jw&iat-mode=0' ``` -------------------------------- ### Configure Gost for HTTP2 Proxy and Tunnel Modes Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Illustrates how to configure Gost to operate as a standard HTTP2 proxy, which is also backwards-compatible with HTTPS, and as a dedicated HTTP2 transport tunnel. Both server and client configurations are provided, showcasing how to establish these secure and efficient connections. ```bash gost -L=http2://:443 ``` ```bash gost -L=:8080 -F=http2://server_ip:443?ping=30 ``` ```bash gost -L=h2://:443 ``` ```bash gost -L=:8080 -F=h2://server_ip:443 ``` -------------------------------- ### Configure Gost for Multi-level Proxy Chaining Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Establishes a Gost proxy chain, listening on port 8080 and forwarding requests sequentially through multiple proxy layers (QUIC, SOCKS5 over WebSocket Secure, HTTP2) to a final destination. This demonstrates advanced proxy routing capabilities. ```bash gost -L=:8080 -F=quic://192.168.1.1:6121 -F=socks5+wss://192.168.1.2:1080 -F=http2://192.168.1.3:443 ... -F=a.b.c.d:NNNN ``` -------------------------------- ### Configure gost for Shadowsocks Proxying Source: https://github.com/ginuerzh/gost/blob/master/README.md Demonstrates how to set up gost as a Shadowsocks proxy, leveraging the shadowsocks-go library. Both server and client configurations are provided, using the chacha20 cipher for encryption. ```bash gost -L=ss://chacha20:123456@:8338 ``` ```bash gost -L=:8080 -F=ss://chacha20:123456@server_ip:8338 ``` -------------------------------- ### Enable Server Certificate Verification for gost Client Source: https://github.com/ginuerzh/gost/blob/master/README_en.md This command configures a gost client to perform server's certificate chain and hostname verification. The `secure=true` parameter ensures that the client validates the server's TLS certificate against trusted CAs, enhancing security by preventing man-in-the-middle attacks. ```bash gost -L=:8080 -F="http2://server_domain_name:443?secure=true" ``` -------------------------------- ### Configure Gost for SSH Forward and Transport Tunnels Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Explains how to use Gost with SSH in two distinct modes: as a forward tunnel for local/remote TCP port forwarding, and as a direct transport tunnel. Server and client configurations are provided for both, with the client supporting an optional `ping` parameter for heartbeat detection. ```bash gost -L=forward+ssh://:2222 ``` ```bash gost -L=rtcp://:1222/:22 -F=forward+ssh://server_ip:2222 ``` ```bash gost -L=ssh://:2222 ``` ```bash gost -L=:8080 -F=ssh://server_ip:2222?ping=60 ``` -------------------------------- ### Configure Gost for Remote TCP Port Forwarding Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Demonstrates how to set up Gost for remote TCP port forwarding, allowing traffic from a remote port to be forwarded to a local destination. This includes basic forwarding through a proxy chain and leveraging SSH remote port forwarding directly for efficiency. ```bash gost -L=rtcp://:2222/192.168.1.1:22 [-F=... -F=socks5://172.24.10.1:1080] ``` ```bash gost -L=rtcp://:2222/192.168.1.1:22 -F forward+ssh://:2222 ``` -------------------------------- ### Manage TLS Certificates in gost Source: https://github.com/ginuerzh/gost/blob/master/README.md Provides methods for managing TLS certificates in gost. This includes automatic loading from `cert.pem` and `key.pem` in the running directory, specifying paths via parameters, enabling server certificate and domain validation for clients, and implementing certificate pinning using a CA certificate. ```bash gost -L="http2://:443?cert=/path/to/my/cert/file&key=/path/to/my/key/file" ``` ```bash gost -L=:8080 -F="http2://server_domain_name:443?secure=true" ``` ```bash gost -L=:8080 -F="http2://:443?ca=ca.pem" ``` -------------------------------- ### Configure Gost for HTTP Encryption with TLS Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Explains how to enable TLS encryption for HTTP proxying in Gost, effectively transforming it into an HTTPS proxy for secure communication. Both server and client configurations are provided to establish an encrypted HTTP connection. ```bash gost -L=http+tls://:443 ``` ```bash gost -L=:8080 -F=http+tls://server_ip:443 ``` -------------------------------- ### Gost Secrets File Format Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Defines the plain text format for the 'secrets.txt' file used by Gost for multiple authentication credentials. Each line in the file should contain a username followed by a password, separated by a space. ```plain # username password test001 123456 test002 12345678 ``` -------------------------------- ### Configure Gost as a Forward Proxy Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Sets up a Gost proxy listening on port 8080, forwarding all requests to an upstream proxy at 192.168.1.1:8081. This creates a simple proxy chain where Gost acts as an intermediary. ```bash gost -L=:8080 -F=192.168.1.1:8081 ``` -------------------------------- ### Configure gost for HTTP/HTTPS Proxying Source: https://github.com/ginuerzh/gost/blob/master/README.md Explains how to set up gost for HTTP and HTTPS proxying. The server listens for HTTPS connections, and the client connects using HTTP over TLS to the server, encrypting the entire communication process. ```bash gost -L=https://:443 ``` ```bash gost -L=:8080 -F=http+tls://server_ip:443 ``` -------------------------------- ### Configure Certificate Pinning with Custom CA for gost Client Source: https://github.com/ginuerzh/gost/blob/master/README_en.md This command configures a gost client to use a specific CA certificate for certificate pinning. The `ca` parameter points to the CA certificate file, allowing the client to trust only certificates signed by this specific CA, providing a strong security measure against rogue certificate authorities. ```bash gost -L=:8080 -F="http2://:443?ca=ca.pem" ``` -------------------------------- ### Configure Custom TLS Certificate for gost Listener Source: https://github.com/ginuerzh/gost/blob/master/README_en.md This command configures a gost listener to use a custom TLS certificate and private key specified by file paths. It allows overriding the built-in certificates for secure communication, providing flexibility for custom certificate authorities or self-signed certificates. ```bash gost -L="http2://:443?cert=/path/to/my/cert/file&key=/path/to/my/key/file" ``` -------------------------------- ### Configure Gost Forward Proxy with Upstream Authentication Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Configures a Gost proxy listening on port 8080 to forward requests to an authenticated HTTP upstream proxy at 192.168.1.1:8081. The upstream proxy requires 'admin' as username and '123456' as password for authentication. ```bash gost -L=:8080 -F=http://admin:123456@192.168.1.1:8081 ``` -------------------------------- ### Configure gost for Shadowsocks UDP Relay (Server-side) Source: https://github.com/ginuerzh/gost/blob/master/README.md Explains how to enable UDP relay for Shadowsocks connections on the gost server. Currently, only the server-side supports this feature. ```bash gost -L=ssu://chacha20:123456@:8338 ``` -------------------------------- ### Configure gost for SOCKS5 Proxying with Encryption Source: https://github.com/ginuerzh/gost/blob/master/README.md Describes how to set up gost as a SOCKS5 proxy. It supports standard SOCKS5 authentication methods (no-auth, user/pass) and extends them with TLS (0x80) and TLS-auth (0x82) for data encryption when both client and server are gost instances. Otherwise, standard SOCKS5 is used. ```bash gost -L=socks5://:1080 ``` ```bash gost -L=:8080 -F=socks5://server_ip:1080 ``` -------------------------------- ### Configure gost for SSH Tunneling Source: https://github.com/ginuerzh/gost/blob/master/README.md Demonstrates how to set up gost as an SSH tunnel. The server listens for SSH connections, and the client forwards traffic through the SSH tunnel to the server. Includes an option for heartbeat pings, with the 'ping' parameter setting the interval in seconds. ```bash gost -L=ssh://:2222 ``` ```bash gost -L=:8080 -F=ssh://server_ip:2222?ping=60 ``` -------------------------------- ### Configure Gost for SOCKS5 Protocol with Encryption Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Details how to configure Gost for SOCKS5 proxying, supporting standard authentication methods (no-auth, user/pass) and extending with custom TLS/TLS-auth encryption. When both ends are Gost instances, data transfer is automatically encrypted, otherwise it defaults to standard SOCKS5. ```bash gost -L=socks://:1080 ``` ```bash gost -L=:8080 -F=socks://server_ip:1080 ``` -------------------------------- ### Configure Gost for Remote UDP Port Forwarding Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Explains how to configure Gost for remote UDP port forwarding, enabling UDP traffic from a remote source to be directed to a local destination. The `ttl` parameter manages channel timeout, and for proxy chains, the last node must be a Gost SOCKS5 proxy to facilitate UDP-over-TCP. ```bash gost -L=rudp://:5353/192.168.1.1:53?ttl=60 [-F=... -F=socks5://172.24.10.1:1080] ``` -------------------------------- ### Set up gost as an iptables-based Transparent Proxy Source: https://github.com/ginuerzh/gost/blob/master/README.md Illustrates how to configure gost to act as a transparent proxy using iptables redirection. Traffic is redirected to a local port and then forwarded to a remote HTTP2 server. ```bash gost -L=redirect://:12345 -F=http2://server_ip:443 ``` -------------------------------- ### Configure Gost for Local UDP Port Forwarding Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Forwards traffic from local UDP port 5353 to a remote DNS server at 192.168.1.1:53, with a configurable channel timeout (TTL) for inactive connections. This enables tunneling UDP traffic, with a note that the end of a proxy chain must be a Gost SOCKS5 proxy for UDP-over-TCP forwarding. ```bash gost -L=udp://:5353/192.168.1.1:53?ttl=60 [-F=...] ``` -------------------------------- ### Configure Gost for Local TCP Port Forwarding via SSH Tunnel Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Utilizes Gost to forward local TCP port 2222 traffic to 192.168.1.1:22 by leveraging the SSH local port forwarding feature of the last node in the proxy chain. This provides a secure and efficient way to tunnel TCP connections. ```bash gost -L=tcp://:2222/192.168.1.1:22 -F forward+ssh://:2222 ``` -------------------------------- ### Configure Gost for Local TCP Port Forwarding Source: https://github.com/ginuerzh/gost/blob/master/README_en.md Sets up Gost to forward traffic from local TCP port 2222 to a remote SSH server at 192.168.1.1:22, optionally through a proxy chain. This is useful for accessing remote services as if they were local. ```bash gost -L=tcp://:2222/192.168.1.1:22 [-F=...] ``` -------------------------------- ### gost HTTP2 Protocol Support Source: https://github.com/ginuerzh/gost/blob/master/README.md Details gost's support for the HTTP2 protocol. It clarifies that HTTP2 proxy mode only supports TLS-encrypted HTTP2 (h2), not plaintext HTTP2. However, HTTP2 tunnel mode supports both encrypted (h2) and plaintext (h2c) modes. ```APIDOC gost's HTTP2 proxy mode only supports TLS-encrypted HTTP2 (h2), not plaintext HTTP2. gost's HTTP2 tunnel mode supports both encrypted (h2) and plaintext (h2c) modes. ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.