Gost Tutorial 1: Websocket Tunnel

本教程由本人编写,仅参考Gost官方文档

This series of tutorials aims to let you master the basic usage of Gost, thus ignoring the barriers of the Internet.

The first part of the series is about using a tunnel to go over the wall.

What is Gost

Gost, or Go Simple Tunnel, is a simple security tunnel written in Golang.

Why Gost

The current international Internet situation is grim, and traditional protocol cross-region communication is easily hindered, and the Gost tunnel can transmit completely normal and the most common communication traffic on the Internet, thereby secretly and efficiently transmitting data.

Install Gost

Get the latest version of Gost on github release

Or, if your server runs in Mainland China, you can download Gost 2.11.0 Linux AMD64 version here.

1
wget https://ddch.site:9001/public-tools/gost_2.11.gz

After you downloaded the binary files of Gost, unzip it

1
gunzip filename.gz

And rename it as Gost

1
mv filename gost

Give it permission to run

1
chmod +x gost

How to

before doing all these following, enter your Gost path first

1
cd yourpath

Server

Assuming that your server is running a service on port 9000, we will set up a tunnel on port 8000

1
./gost -L ws://:8000/127.0.0.1:9000

Parameter -L means you are creating a local agent

-L ws://:8000 means you are creating a local agent of WebSocket protocol

-L ws://:8000/127.0.0.1:9000 means you are creating a local agents of WebSocket and forwarding the traffic to local port 9000

If you are not running a service, you can do the work above while creating a local service

1
./gost -L ws://:8000/127.0.0.1:9000 -L ss://rc4-md5:password@:9000

It means while you’ve done the work above, you also created a ss service on port 9000

After the work above, keep port 8000 open and port 9000 closed

Client

Assuming that your server IP is 45.45.7.7

1
./gost -L tcp://:7000 -F forward+ws://45.45.7.7:8000

Parameter -F means you are forwarding your traffic

Protocol forward means it is a tunnel rather than a simple forwarding

So the whole command means that you are running a local tcp proxy on prot 7000 and forwarding your traffic through a WebSocket tunnel to 45.45.7.7 on port 8000

Keep port 7000 open

No need to open port 8000

Done

Test your configuration, after confirming the config is valid, use nohup to keep the service running

1
nohup yourcommand &