diff --git a/README-zh.md b/README-zh.md deleted file mode 100644 index cc8db11..0000000 --- a/README-zh.md +++ /dev/null @@ -1,145 +0,0 @@ -# 电光石火 - -[![workflow](https://github.com/zephyrchien/kaminari/workflows/release/badge.svg)](https://github.com/zephyrchien/kaminari/actions) -[![crates.io](https://img.shields.io/crates/v/kaminari.svg)](https://crates.io/crates/kaminari) -[![downloads](https://img.shields.io/github/downloads/zephyrchien/kaminari/total?color=green)](https://github.com/zephyrchien/kaminari/releases) -[![telegram](https://img.shields.io/badge/-telegram-blue?style=flat&color=grey&logo=telegram)](https://t.me/+zKbZTvQE2XtiYmIx) - -[English](README.md) | [简体中文](README-zh.md) - -基于 [lightws](https://github.com/zephyrchien/lightws) 构建的 websocket 隧道工具. - -## 简介 - -- 客户端接收tcp, 发送 [tcp/ws/tls/wss]. - -- 服务端接收 [tcp/ws/tls/wss], 发送 tcp. - -- 兼容 shadowsocks [SIP003 plugin](https://shadowsocks.org/en/wiki/Plugin.html). - -```text - tcp ws/tls/wss tcp - === ============ === - +-------------------+ +-------------------+ - | | | | -+-------> +--------------> +-------> - | kaminaric | | kaminaris | -<-------+ <--------------+ <-------+ - | | | | - +-------------------+ +-------------------+ -``` - -## 使用方法 - -单独运行: - -```shell -kaminaric - -kaminaris -``` - -作为 shadowsocks 插件运行: - -```shell -sslocal ... --plugin --plugin-opts - -ssserver ... --plugin --plugin-opts -``` - -## 选项及定义 - -所有的选项都包含在一个字符串内, 格式均为`key` 或 `key=value`, 各选项间用`;`分割. - -示例: -"ws;path=/ws;host=example.com". - -以下是完整的选项列表, 带 `*` 的为必要选项. - -### Websocket 选项 - -添加 `ws` 以启用 websocket. - -客户端、服务端通用选项: - -- `host=`* : 设置 http host. - -- `path=`* : 设置 http path. - -### TLS 选项 - -添加 `tls` 以启用 tls. - -客户端选项: - -- `sni=`* : 设置发送的 sni. - -- `0rtt`: 启用 early data. - -- `insecure`: 跳过证书验证. - -服务端选项: - -必须提供证书和私匙路径, 或者域名(用于自签证书). - -- `key=`* : 私钥路径. - -- `cert=`* : 证书路径. - -- `servername=`* : 自签证书, 以 $name 为域名. - -### 示例 - -tcp ⇋ ws --- ws ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'ws;host=example.com;path=/ws' - -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws' -``` - -tcp ⇋ tls --- tls ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'tls;sni=example.com' - -# 使用证书和私钥 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'tls;cert=example.com.crt;key=example.com.key' - -# 或者使用自签证书 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'tls;servername=example.com' -``` - -tcp ⇋ wss --- wss ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'ws;host=example.com;path=/ws;tls;sni=example.com' - -# 使用证书和私钥 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws;tls;cert=example.com.crt;key=example.com.key' - -# 或者使用自签证书 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws;tls;servername=example.com' -``` - -shadowsocks plugin: - -```shell -ssserver -s "0.0.0.0:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/kaminaris" \ - --plugin-opts "ws;host=example.com;path=/chat" -``` - -```shell -sslocal -b "127.0.0.1:1080" -s "example.com:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/kaminaric" \ - --plugin-opts "ws;host=example.com;path=/chat" -``` - -*如果要在客户端使用`v2ray-plugin`, 需要添加`mux=0`, 以禁用多路复用, 这样 `v2ray-plugin` 就会发送标准的 websocket. - -```shell -sslocal -b "127.0.0.1:1080" -s "example.com:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/v2ray-plugin" \ - --plugin-opts "mux=0;host=example.com;path=/chat" -``` diff --git a/README.md b/README.md deleted file mode 100644 index 5ada939..0000000 --- a/README.md +++ /dev/null @@ -1,172 +0,0 @@ -# Kaminari - -[![workflow](https://github.com/zephyrchien/kaminari/workflows/release/badge.svg)](https://github.com/zephyrchien/kaminari/actions) -[![crates.io](https://img.shields.io/crates/v/kaminari.svg)](https://crates.io/crates/kaminari) -[![downloads](https://img.shields.io/github/downloads/zephyrchien/kaminari/total?color=green)](https://github.com/zephyrchien/kaminari/releases) -[![telegram](https://img.shields.io/badge/-telegram-blue?style=flat&color=grey&logo=telegram)](https://t.me/+zKbZTvQE2XtiYmIx) - -[English](README.md) | [简体中文](README-zh.md) - -The ever fast websocket tunnel built on top of [lightws](https://github.com/zephyrchien/lightws). - -## Intro - -- Client side receives tcp then sends [tcp/ws/tls/wss]. - -- Server side receives [tcp/ws/tls/wss] then sends tcp. - -- Compatible with shadowsocks [SIP003 plugin](https://shadowsocks.org/guide/sip003.html). - -```text - tcp ws/tls/wss tcp - === ============ === - +-------------------+ +-------------------+ - | | | | -+-------> +--------------> +-------> - | kaminaric | | kaminaris | -<-------+ <--------------+ <-------+ - | | | | - +-------------------+ +-------------------+ -``` - -## Usage - -Standalone: - -```shell -kaminaric - -kaminaris -``` - -As shadowsocks plugin: - -```shell -sslocal ... --plugin --plugin-opts - -ssserver ... --plugin --plugin-opts -``` - -## Options - -All options are presented in a single formatted string. An example is "ws;path=/ws;host=example.com", where semicolons, equal signs and backslashes MUST be escaped with a backslash. - -Below is a list of availabe options, `*` means **must**. - -### Websocket Options - -use `ws` to enable websocket. - -Client or server side options: - -- `host=`* : set http host. - -- `path=`* : set http path. - -Client side extra options: - -- `mask=` : set mask mode. Available values: [skipped, standard, fixed] - -#### About Mask Mode - -A websocket client should mask the payload before sending it. - -With `mode=skip`(default mode), we use an empty mask key(0x00..0) to simply skip masking, which can also be detected by our server, and then skip unmasking. Other softwares(Nginx, Haproxy, CDNs..) can still correctly handle our data without knowing this trick. - -As for `mode=fixed` or `mode=standard`, client will mask the payload data as normal. In `fixed` mode, client will use the same mask key for a unique websocket connection. While In `standard` mode, client will update the mask key between sending each frames. - -### TLS Options - -use `tls` to enable tls. - -Client side options: - -- `sni=`* : set sni. - -- `alpn=`: set alpn. e.g.: `h2,http/1.1`. - -- `0rtt`: enable early data. - -- `insecure`: skip server cert verification. - -Server side options: - -Requires either `cert+key` or `servername`. - -- `key=`* : private key path. - -- `cert=`* : certificate path. - -- `servername=`* : generate self signed cert/key, use $name as CN. - -- `ocsp=`: der-encoded OCSP response. - -#### OCSP Stapling - -See [Wikipedia](https://en.wikipedia.org/wiki/OCSP_stapling). - -Openssl example for [Let's Encrypt](https://letsencrypt.org/): - -```shell -openssl ocsp -issuer \ - -cert \ - -url http://r3.o.lencr.org \ - -header Host=r3.o.lencr.org \ - -respout -noverify -no_nonce -``` - -### Examples - -tcp ⇋ ws --- ws ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'ws;host=example.com;path=/ws' - -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws' -``` - -tcp ⇋ tls --- tls ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'tls;sni=example.com' - -# use cert + key -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'tls;cert=example.com.crt;key=example.com.key' - -# or generate self signed cert/key -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'tls;servername=example.com' -``` - -tcp ⇋ wss --- wss ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'ws;host=example.com;path=/ws;tls;sni=example.com' - -# use cert + key -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws;tls;cert=example.com.crt;key=example.com.key' - -# or generate self signed cert/key -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws;tls;servername=example.com' -``` - -shadowsocks plugin: - -```shell -ssserver -s "0.0.0.0:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/kaminaris" \ - --plugin-opts "ws;host=example.com;path=/chat" -``` - -```shell -sslocal -b "127.0.0.1:1080" -s "example.com:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/kaminaric" \ - --plugin-opts "ws;host=example.com;path=/chat" -``` - -*To use `v2ray-plugin` on client side, add `mux=0` to disable multiplex, so that it sends standard websocket stream which can be handled by `kaminari` or any other middlewares. - -```shell -sslocal -b "127.0.0.1:1080" -s "example.com:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/v2ray-plugin" \ - --plugin-opts "mux=0;host=example.com;path=/chat" -``` diff --git a/README.md b/README.md new file mode 120000 index 0000000..e269f8f --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +cmd/README.md \ No newline at end of file diff --git a/cmd/README-zh.md b/cmd/README-zh.md deleted file mode 100644 index cc8db11..0000000 --- a/cmd/README-zh.md +++ /dev/null @@ -1,145 +0,0 @@ -# 电光石火 - -[![workflow](https://github.com/zephyrchien/kaminari/workflows/release/badge.svg)](https://github.com/zephyrchien/kaminari/actions) -[![crates.io](https://img.shields.io/crates/v/kaminari.svg)](https://crates.io/crates/kaminari) -[![downloads](https://img.shields.io/github/downloads/zephyrchien/kaminari/total?color=green)](https://github.com/zephyrchien/kaminari/releases) -[![telegram](https://img.shields.io/badge/-telegram-blue?style=flat&color=grey&logo=telegram)](https://t.me/+zKbZTvQE2XtiYmIx) - -[English](README.md) | [简体中文](README-zh.md) - -基于 [lightws](https://github.com/zephyrchien/lightws) 构建的 websocket 隧道工具. - -## 简介 - -- 客户端接收tcp, 发送 [tcp/ws/tls/wss]. - -- 服务端接收 [tcp/ws/tls/wss], 发送 tcp. - -- 兼容 shadowsocks [SIP003 plugin](https://shadowsocks.org/en/wiki/Plugin.html). - -```text - tcp ws/tls/wss tcp - === ============ === - +-------------------+ +-------------------+ - | | | | -+-------> +--------------> +-------> - | kaminaric | | kaminaris | -<-------+ <--------------+ <-------+ - | | | | - +-------------------+ +-------------------+ -``` - -## 使用方法 - -单独运行: - -```shell -kaminaric - -kaminaris -``` - -作为 shadowsocks 插件运行: - -```shell -sslocal ... --plugin --plugin-opts - -ssserver ... --plugin --plugin-opts -``` - -## 选项及定义 - -所有的选项都包含在一个字符串内, 格式均为`key` 或 `key=value`, 各选项间用`;`分割. - -示例: -"ws;path=/ws;host=example.com". - -以下是完整的选项列表, 带 `*` 的为必要选项. - -### Websocket 选项 - -添加 `ws` 以启用 websocket. - -客户端、服务端通用选项: - -- `host=`* : 设置 http host. - -- `path=`* : 设置 http path. - -### TLS 选项 - -添加 `tls` 以启用 tls. - -客户端选项: - -- `sni=`* : 设置发送的 sni. - -- `0rtt`: 启用 early data. - -- `insecure`: 跳过证书验证. - -服务端选项: - -必须提供证书和私匙路径, 或者域名(用于自签证书). - -- `key=`* : 私钥路径. - -- `cert=`* : 证书路径. - -- `servername=`* : 自签证书, 以 $name 为域名. - -### 示例 - -tcp ⇋ ws --- ws ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'ws;host=example.com;path=/ws' - -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws' -``` - -tcp ⇋ tls --- tls ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'tls;sni=example.com' - -# 使用证书和私钥 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'tls;cert=example.com.crt;key=example.com.key' - -# 或者使用自签证书 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'tls;servername=example.com' -``` - -tcp ⇋ wss --- wss ⇋ tcp: - -```shell -kaminaric 127.0.0.1:10000 127.0.0.1:20000 'ws;host=example.com;path=/ws;tls;sni=example.com' - -# 使用证书和私钥 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws;tls;cert=example.com.crt;key=example.com.key' - -# 或者使用自签证书 -kaminaris 127.0.0.1:20000 127.0.0.1:30000 'ws;host=example.com;path=/ws;tls;servername=example.com' -``` - -shadowsocks plugin: - -```shell -ssserver -s "0.0.0.0:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/kaminaris" \ - --plugin-opts "ws;host=example.com;path=/chat" -``` - -```shell -sslocal -b "127.0.0.1:1080" -s "example.com:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/kaminaric" \ - --plugin-opts "ws;host=example.com;path=/chat" -``` - -*如果要在客户端使用`v2ray-plugin`, 需要添加`mux=0`, 以禁用多路复用, 这样 `v2ray-plugin` 就会发送标准的 websocket. - -```shell -sslocal -b "127.0.0.1:1080" -s "example.com:8080" -m "aes-128-gcm" -k "123456" \ - --plugin "path/to/v2ray-plugin" \ - --plugin-opts "mux=0;host=example.com;path=/chat" -``` diff --git a/cmd/README.md b/cmd/README.md index bbab6ca..ab4a5e3 100644 --- a/cmd/README.md +++ b/cmd/README.md @@ -5,8 +5,6 @@ [![downloads](https://img.shields.io/github/downloads/zephyrchien/kaminari/total?color=green)](https://github.com/zephyrchien/kaminari/releases) [![telegram](https://img.shields.io/badge/-telegram-blue?style=flat&color=grey&logo=telegram)](https://t.me/+zKbZTvQE2XtiYmIx) -[English](README.md) | [简体中文](README-zh.md) - The ever fast websocket tunnel built on top of [lightws](https://github.com/zephyrchien/lightws). ## Intro @@ -15,7 +13,7 @@ The ever fast websocket tunnel built on top of [lightws](https://github.com/zeph - Server side receives [tcp/ws/tls/wss] then sends tcp. -- Compatible with shadowsocks [SIP003 plugin](https://shadowsocks.org/en/wiki/Plugin.html). +- Compatible with shadowsocks [SIP003 plugin](https://shadowsocks.org/guide/sip003.html). ```text tcp ws/tls/wss tcp