-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
Copy pathrc-en
185 lines (162 loc) · 6.03 KB
/
rc-en
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# Lines starting with "#" are comments.
#
# Listen address of the proxy server, repeat to specify multiple ones.
# Syntax:
#
# listen = protocol://[optional@]server_address:server_port
#
# Supported protocols:
#
# HTTP (provides http proxy):
# listen = http://127.0.0.1:7777
#
# The generated PAC url in the above example is http://127.0.0.1:7777/pac
#
# cow (need two cow servers to use this protocol):
# listen = cow://encrypt_method:[email protected]:5678
#
# Suppose 1.2.3.4:5678 is outside your country and the network is not
# disturbed, then COW running in your own country should configure it
# as parent proxy. The two COW servers will use encrypted connection to
# pass data. The encryption method used is the same as shadowsocks.
#
# Note:
# - If server_address is 0.0.0.0, listen all IP addresses on the system.
# - The following syntax can specify the proxy address in the generated PAC.
# (Use this if you are using port forwarding to provide COW to external network.)
#
# listen = http://127.0.0.1:7777 1.2.3.4:5678
#
listen = http://127.0.0.1:7777
# Log file path, defaults to stdout
#logFile =
# By default, COW only uses parent proxy if the site is blocked.
# If the following option is true, COW will use parent proxy for all sites.
#alwaysProxy = false
# With multiple parent proxies, COW can employ one of the load balancing
# strategies:
#
# backup: default policy, use the first prarent proxy in config,
# the others are just backup
# hash: hash to a specific parent proxy according to host name
# latency: use the parent proxy with lowest connection latency
#
# When one parent proxy fails to connect, COW will try other parent proxies
# in order.
# Failed parent proxy will be tried with some probability, so they will be
# used again after recovery.
#loadBalance = backup
#############################
# Specify parent proxy
#############################
# Parent proxies are specified with a generic syntax (following RFC 3986):
#
# proxy = protocol://[authinfo@]server:port
#
# Repeat to specify multiple parent proxies. Backup load balancing will use
# them in order if one fails to connect.
#
# Supported parent proxies and config example:
#
# SOCKS5:
# proxy = socks5://127.0.0.1:1080
#
# HTTP:
# proxy = http://127.0.0.1:8080
# proxy = http://user:[email protected]:8080
#
# authinfo is optional
#
# shadowsocks:
# proxy = ss://encrypt_method:[email protected]:8388
# proxy = ss://encrypt_method-auth:[email protected]:8388
#
# Append -auth to encrypt_method to enable One Time Auth.
# authinfo specifies encryption method and password.
# Here are the supported encryption methods:
#
# aes-128-cfb, aes-192-cfb, aes-256-cfb,
# bf-cfb, cast5-cfb, des-cfb, rc4-md5,
# chacha20, salsa20, rc4, table
#
# aes-128-cfb is recommended.
#
# cow:
# proxy = cow://method:[email protected]:4321
#
# authinfo is the same as shadowsocks parent proxy
#############################
# Run ssh command to create SOCKS5 parent proxy
#############################
# Note: shadowsocks is better, use it if you can.
# The following option lets COW execute ssh command to create local
# SOCKS5 proxy and automatically re-execute if ssh connection is closed.
# The created SOCKS5 proxy will be used as a parent proxy.
# The option can be repeated to create multiple SOCKS5 proxies.
#
# Note: requires ssh command and must use ssh public key authentication.
#
# COW will execute the following command if the option is given:
#
# ssh -n -N -D <local_socks_port> -p <server_ssh_port> <user@server>
#
# server_ssh_port defaults to 22
# Please modify ~/.ssh/config to specify other ssh options
#sshServer = user@server:local_socks_port[:server_ssh_port]
#############################
# Authentication
#############################
# Specify allowed IP address (IPv4 and IPv6) or sub-network (only IPv4).
# Don't forget to specify 127.0.0.1 with this option.
#allowedClient = 127.0.0.1, 192.168.1.0/24, 10.0.0.0/8
# Require username and password authentication. COW always check IP in
# allowedClient first, then ask for username authentication.
#userPasswd = username:password
# To specify multiple username and password, list all those in a file with
# content like this:
#
# username:password[:port]
#
# port is optional, user can only connect from the specific port if specified.
# COW will report error and exit if there's duplicated user.
#userPasswdFile = /path/to/file
# Time interval to keep authentication information.
# Syntax: 2h3m4s means 2 hours 3 minutes 4 seconds
#authTimeout = 2h
#############################
# Advanced options
#############################
# Take a specific HTTP error code as blocked and use parent proxy to retry.
#httpErrorCode =
# Maximum CPU core to use.
#core = 2
# cow uses this site to estimate timeout, better to use a fast website.
#estimateTarget = example.com
# Ports allowed to create tunnel (HTTP CONNECT method), comma separated list
# or repeat to append more ports.
# Ports for the following service are allowed by default:
#
# ssh, http, https, rsync, imap, pop, jabber, cvs, git, svn
#
# Limiting ports for tunneling prevents exposing internal services to outside.
#tunnelAllowedPort = 80, 443
# GFW may timeout DNS query, or return wrong server address which can connect
# but blocks on read forever.
# Decrease the following timeout values can speed up detecting blocked sites,
# but may mistake normal sites as blocked.
# DNS and connection timeout (same syntax with authTimeout).
#dialTimeout = 5s
# Read from server timeout.
#readTimeout = 5s
# Detect SSL error based on client close connection speed, only effective for
# Chrome.
# This detection is no reliable, may mistaken normal sites as blocked.
# Only consider this option when GFW is making middle man attack.
#detectSSLErr = false
# Change the stat/blocked/direct file position, defaults to files under directory
# containing rc file.
# The cow user must write access to directory containing the stat file in order
# to update stat.
#statFile = <dir to rc file>/stat
#blockedFile = <dir to rc file>/blocked
#directFile = <dir to rc file>/direct