starred/Cloak
1
0
Fork 0
mirror of https://github.com/cbeuw/Cloak.git synced 2026-04-25 12:35:59 +03:00
Code Issues 144 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #65] [Question] How to use shadowsocks udp with cloak 2.1.1 #59

New issue
Open
opened 2026-02-26 12:33:51 +03:00 by kerem · 11 comments
kerem commented 2026-02-26 12:33:51 +03:00
Owner
Copy link

Originally created by @MigueSpark on GitHub (Sep 26, 2019).
Original GitHub issue: https://github.com/cbeuw/Cloak/issues/65

Hello, i need help with this because im using shadowsocks with cloak and when i try to use udp it doesnt work on android, here is my shadowsocks libev config:

"server":"127.0.0.1", "server_port":56781, "password":"*********", "timeout":60, "method":"chacha20-ietf-poly1305", "nameserver":"8.8.8.8", "mode":"tcp_and_udp"
My cloak config is this:
{ "ProxyBook": { "shadowsocks":["udp","127.0.0.1:56781"] , "panel":["tcp","127.0.0.1:0"] }, "BypassUID": [ "**", "**" ], "BindAddr":[":443"], "RedirAddr": "204.79.197.200", "PrivateKey": "**", "AdminUID": "**", "DatabasePath": "userinfo.db", "StreamTimeout": 300 }
Note: All * means that i replace them to post here but original values are on the vps

Originally created by @MigueSpark on GitHub (Sep 26, 2019). Original GitHub issue: https://github.com/cbeuw/Cloak/issues/65 Hello, i need help with this because im using shadowsocks with cloak and when i try to use udp it doesnt work on android, here is my shadowsocks libev config: `"server":"127.0.0.1", "server_port":56781, "password":"*********", "timeout":60, "method":"chacha20-ietf-poly1305", "nameserver":"8.8.8.8", "mode":"tcp_and_udp" ` My cloak config is this: `{ "ProxyBook": { "shadowsocks":["udp","127.0.0.1:56781"] , "panel":["tcp","127.0.0.1:0"] }, "BypassUID": [ "**", "**" ], "BindAddr":[":443"], "RedirAddr": "204.79.197.200", "PrivateKey": "**", "AdminUID": "**", "DatabasePath": "userinfo.db", "StreamTimeout": 300 } ` Note: All * means that i replace them to post here but original values are on the vps
kerem commented 2026-02-26 12:33:51 +03:00
Author
Owner
Copy link

@malikshi commented on GitHub (Sep 26, 2019):

I think not gonna work. Proxy book for shadowsocks must be tcp.

<!-- gh-comment-id:535323987 --> @malikshi commented on GitHub (Sep 26, 2019): I think not gonna work. Proxy book for shadowsocks must be tcp.
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@malikshi commented on GitHub (Sep 26, 2019):

Or try force run shadowsocks only in udp `-U'
case sensitive

<!-- gh-comment-id:535324180 --> @malikshi commented on GitHub (Sep 26, 2019): Or try force run shadowsocks only in udp `-U' case sensitive
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@Klaaktu commented on GitHub (Sep 26, 2019):

https://github.com/shadowsocks/shadowsocks-org/issues/28
I think Shadowsocks doesn't support udp for its plugins.

b. Only TCP traffic is forwarded. For now, there is no plan to support UDP traffic forwarding.

What about let UDP bypass for now? UDP over TCP expects very poor performance.

<!-- gh-comment-id:535395452 --> @Klaaktu commented on GitHub (Sep 26, 2019): https://github.com/shadowsocks/shadowsocks-org/issues/28 I think Shadowsocks doesn't support udp for its plugins. > b. Only TCP traffic is forwarded. For now, there is no plan to support UDP traffic forwarding. > What about let UDP bypass for now? UDP over TCP expects very poor performance.
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@malikshi commented on GitHub (Sep 26, 2019):

I am using proxy book openvpn with udp its greats, I know speed won't be good compared to shadowsocks, but I can use it for game and etc

<!-- gh-comment-id:535396134 --> @malikshi commented on GitHub (Sep 26, 2019): I am using proxy book openvpn with udp its greats, I know speed won't be good compared to shadowsocks, but I can use it for game and etc
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@chenshaoju commented on GitHub (Sep 27, 2019):

If you use a plugin in Shadowsocks, The UDP will not be working.

Restrictions
a. Plugin over plugin is NOT supported. Only one plugin can be enabled when a shadowsocks service is started. If you really need this feature, implement a plugin-over-plugin transport as a SIP003 plugin.
b. Only TCP traffic is forwarded. For now, there is no plan to support UDP traffic forwarding.

via: https://shadowsocks.org/en/spec/Plugin.html

<!-- gh-comment-id:535768166 --> @chenshaoju commented on GitHub (Sep 27, 2019): If you use a plugin in Shadowsocks, The UDP will not be working. >Restrictions >a. Plugin over plugin is NOT supported. Only one plugin can be enabled when a shadowsocks service is started. If you really need this feature, implement a plugin-over-plugin transport as a SIP003 plugin. >b. Only TCP traffic is forwarded. For now, there is no plan to support UDP traffic forwarding. via: https://shadowsocks.org/en/spec/Plugin.html
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@Klaaktu commented on GitHub (Nov 12, 2019):

WireGuard seems like a nice alternative to OpenVPN in terms of gaming, is it able to pair with Cloak too?

<!-- gh-comment-id:552837986 --> @Klaaktu commented on GitHub (Nov 12, 2019): WireGuard seems like a nice alternative to OpenVPN in terms of gaming, is it able to pair with Cloak too?
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@cbeuw commented on GitHub (Nov 12, 2019):

@klaaktu A while ago I have actually experimented pairing WireGuard with Cloak. Theoretically Cloak should work with anything that lets you tunnel UDP traffic, but I'm not familiar with WireGuard so unfortunately I couldn't find a way to configure WireGuard that works.

<!-- gh-comment-id:552840904 --> @cbeuw commented on GitHub (Nov 12, 2019): @klaaktu A while ago I have actually experimented pairing WireGuard with Cloak. Theoretically Cloak should work with anything that lets you tunnel UDP traffic, but I'm not familiar with WireGuard so unfortunately I couldn't find a way to configure WireGuard that works.
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@malikshi commented on GitHub (Nov 12, 2019):

@cbeuw i will try this one, i hope speed are good like original speed wireguard itself

<!-- gh-comment-id:552855439 --> @malikshi commented on GitHub (Nov 12, 2019): @cbeuw i will try this one, i hope speed are good like original speed wireguard itself
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@Klaaktu commented on GitHub (Nov 15, 2019):

Wait... can u tunnel UDP traffic from Shadowsocks if you run Cloak in standalone mode? Is there a way to test this?

Edit: nope... same error as WireGuard when tested in Sockscap64.

Edit2:
Change to "NumConn": 1 and no more ck-client error when tunneling Shadowsocks UDP.
It's the same for WireGuard and OpenVPN, now they connect without problem (I can open websites).
However Shadowsocks' server side gives this error:

ERROR: failed to handshake with ::1: authentication error
ERROR: failed to handshake with 127.0.0.1: authentication error

WireGuard client gives this error, if endpoint is localhost instead (with "kill-switch" disabled):

Failed to send data packet write udp4 0.0.0.0:53457->127.0.0.1:1984: wsasendto: The requested address is not valid in its context.
<!-- gh-comment-id:554545730 --> @Klaaktu commented on GitHub (Nov 15, 2019): Wait... can u tunnel UDP traffic from Shadowsocks if you run Cloak in standalone mode? Is there a way to test this? Edit: nope... same error as WireGuard when tested in Sockscap64. Edit2: Change to `"NumConn": 1` and no more ck-client error when tunneling Shadowsocks UDP. It's the same for WireGuard and OpenVPN, now they connect without problem (I can open websites). However Shadowsocks' server side gives this error: ``` ERROR: failed to handshake with ::1: authentication error ERROR: failed to handshake with 127.0.0.1: authentication error ``` WireGuard client gives this error, if endpoint is localhost instead (with "kill-switch" disabled): ``` Failed to send data packet write udp4 0.0.0.0:53457->127.0.0.1:1984: wsasendto: The requested address is not valid in its context. ```
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@qwerttvv commented on GitHub (Jan 11, 2020):

cloak with standalone mode

you can use ss with cloak[tcp] or only ss[tcp&udp]

<!-- gh-comment-id:573328814 --> @qwerttvv commented on GitHub (Jan 11, 2020): cloak with standalone mode you can use ss with cloak[tcp] or only ss[tcp&udp]
kerem commented 2026-02-26 12:33:52 +03:00
Author
Owner
Copy link

@Klaaktu commented on GitHub (Mar 27, 2020):

Sry I might have forgotten to change Shadowsocks ProxyBook entry to UDP or restart ck-server after editing, the error message hinted at it since handshake is for TCP. Anyway it seems UDP does work with Shadowsocks!

Testing UDP Associate...
Proxy server bound on 127.0.0.1:1080 for udp relay.
Testing data transmission...
The UDP transmission testing was successful.

What I did:
Shadowsocks client settings, change to 127.0.0.1:1984 no plugin.
ck-client, add -u parameter, and change NumConn to 1 in config file (#96).
ck-server config, ProxyBook shadowsocks entry, change 'tcp' to 'udp'. Restart ck-server.

For TCP+UDP I think I need:
2 ck-client, 2 config files with different ProxyMethod names. One listens to tcp the other udp (same port number).
ck-server 2 ProxyBook entries as well. One "tcp" one "udp".

<!-- gh-comment-id:604924253 --> @Klaaktu commented on GitHub (Mar 27, 2020): Sry I might have forgotten to change Shadowsocks ProxyBook entry to UDP or restart ck-server after editing, the error message hinted at it since handshake is for TCP. Anyway it seems UDP does work with Shadowsocks! ``` Testing UDP Associate... Proxy server bound on 127.0.0.1:1080 for udp relay. Testing data transmission... The UDP transmission testing was successful. ``` What I did: Shadowsocks client settings, change to 127.0.0.1:1984 no plugin. ck-client, add `-u` parameter, and change `NumConn` to 1 in config file (#96). ck-server config, ProxyBook shadowsocks entry, change 'tcp' to 'udp'. Restart ck-server. For TCP+UDP I think I need: 2 ck-client, 2 config files with different ProxyMethod names. One listens to tcp the other udp (same port number). ck-server 2 ProxyBook entries as well. One "tcp" one "udp".
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
renovate/go-github.com-refraction-networking-utls-vulnerability
dependabot/go_modules/golang.org/x/crypto-0.45.0
utls-1.7.0
deps-20250430
padding
docker-tests
ptspec
legacy-v1
v2.12.0
v2.11.0
v2.10.0
v2.9.0
v2.8.0
v2.7.1-pre
v2.7.0
v2.6.1
v2.6.0
v2.5.5
v2.5.4
v2.5.3
v2.5.2
v2.5.1
v2.5.0
v2.4.1
v2.4.0
v2.3.2
v2.3.1
v2.3.0
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.3
v2.1.2
v2.1.1
v2.1.0
v2.0.2
v2.0.1
v2.0.0
v1.1.2
v1.1.1
v1.1.0
v1.0.0
v0.2.0
v0.1.0
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Cloak#59
No description provided.