URIs can be joined by "__" to indicate tunneling by relay. For example, ss://1.2.3.4:1324__http://4.5.6.7:4321 make remote connection to the first shadowsocks proxy server, and then tunnel to the second http proxy server.
URIs can be joined by "__" to indicate tunneling by jump. For example, ss://1.2.3.4:1324__http://4.5.6.7:4321 make remote connection to the first shadowsocks proxy server, and then jump to the second http proxy server.
Make sure **pproxy** runs in root mode (sudo), otherwise it cannot redirect pf packet.
- Relay tunnel
Relay tunnel example:
- Multiple jumps example
.. code:: rst
...
...
@@ -659,6 +659,12 @@ Examples
Server connects to client_ip:8081 and waits for client proxy requests. The protocol http specified is just an example. It can be any protocol and cipher **pproxy** supports. The scheme "**in**" should exist in URI to inform **pproxy** that it is a backward proxy.
It is a complicated example. Server connects to client_ip:8081 by jump http://jumpserver. The backward proxy works through jumps.
- SSH client tunnel
SSH client tunnel support is enabled by installing additional library asyncssh_. After "pip3 install asyncssh", you can specify "**ssh**" as scheme to proxy via ssh client tunnel.
...
...
@@ -675,6 +681,30 @@ Examples
SSH connection known_hosts feature is disabled by default.
First connection to server1 is made. Second, ssh connection to server2 is made from server1. Finally, connect to server3, and use server3 for proxying traffic.
It is a complicated example. SSH server2 is jumped from SSH server1, and ss://0.0.0.0:1234 on server2 is listened. Traffic is forwarded to ss://server3:1234.
- Trojan protocol example
Normally trojan:// should be used together with ssl://. You should specify the SSL crt/key file for ssl usage. A typical trojan server would be:
...
...
@@ -685,6 +715,21 @@ Examples
If trojan password doesn't match, the tunnal{localhost:80} will be switched to. It looks exactly the same as a common HTTPS website.
- QUIC protocol example
QUIC is a UDP stream protocol in HTTP/3. Library **aioquic** is required if you want to proxy via QUIC.
.. code:: rst
$ pip3 install aioquic
$ pproxy --ssl ssl.crt,ssl.key -l quic://:1234
On the client:
$ pproxy -r quic://server:1234
QUIC protocol can transfer a lot of TCP streams on one single UDP stream. If the connection number is hugh, QUIC can benefit by reducing TCP handshake time.
- VPN Server Example
You can run VPN server simply by installing pvpn (python vpn), a lightweight VPN server with pproxy tunnel feature.