mirror of https://github.com/go-gost/gost.git
dnsdtlsgolanggrpchttphttp2http3httpsicmp-tunnelkcpquicreverse-proxyshadowsockssocks4asocks5sshtun2sockstunneltuntapwebsocket
Adds an e2e suite (tests/e2e/utls_test.go + testdata/utls/*)
that exercises the utls dialer in a forward-proxy chain:
curl -> client gost (http proxy :8080)
-> chain node (http connector + utls dialer)
-> server gost (http over TLS listener :8443)
-> tcp-echo
Two cases:
- TestUTLSInsecure: regression for go-gost/gost#887. A utls
dialer with `secure: false` must still complete the handshake
(InsecureSkipVerify must be honoured). The old unsafe cast read
garbage for InsecureSkipVerify and the handshake failed.
- TestUTLSSecureWithCA: exercises the converter's RootCAs /
ServerName path with a CA-signed server cert.
Uses the deterministic `Chrome` fingerprint (not `randomized`, which
randomises the ClientHello and is flaky against a standard Go TLS
server).
Bumps github.com/go-gost/x to v0.13.11, which fixes the
second half of #887: the curve-preference enum divergence between
crypto/tls and utls (Go 1.24+ appends PQC hybrid curves that
utls does not define).
Related: go-gost/gost#887, go-gost/x#111, go-gost/x#112
|
||
|---|---|---|
| .github/workflows | ||
| cmd/gost | ||
| tests/e2e | ||
| .gitignore | ||
| .goreleaser.yaml | ||
| CLAUDE.md | ||
| Dockerfile | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| README_en.md | ||
| go.mod | ||
| go.sum | ||
| gost.yml | ||
| install.sh | ||
README_en.md
GO Simple Tunnel
A simple security tunnel written in golang
Features
- Listening on multiple ports
- Multi-level forwarding chain
- Rich protocol
- TCP/UDP port forwarding
- Reverse Proxy and Tunnel
- TCP/UDP transparent proxy
- DNS resolver and proxy
- TUN/TAP device and TUN2SOCKS
- Load balancing
- Routing control
- Admission control
- Bandwidth/Rate Limiter
- Plugin System
- Prometheus metrics
- Dynamic configuration
- Web API
- GUI/WebUI
Overview
There are three main ways to use GOST as a tunnel.
Proxy
As a proxy service to access the network, multiple protocols can be used in combination to form a forwarding chain for traffic forwarding.
Port Forwarding
Mapping the port of one service to the port of another service, you can also use a combination of multiple protocols to form a forwarding chain for traffic forwarding.
Reverse Proxy
Use tunnel and intranet penetration to expose local services behind NAT or firewall to public network for access.
Installation
Binary files
https://github.com/go-gost/gost/releases
install script
# install latest from [https://github.com/go-gost/gost/releases](https://github.com/go-gost/gost/releases)
bash <(curl -fsSL https://github.com/go-gost/gost/raw/master/install.sh) --install
# select version for install
bash <(curl -fsSL https://github.com/go-gost/gost/raw/master/install.sh)
From source
git clone https://github.com/go-gost/gost.git
cd gost/cmd/gost
go build
Docker
docker run --rm gogost/gost -V
Tools
GUI
WebUI
Shadowsocks Android
hamid-nazari/ShadowsocksGostPlugin
Support
Wiki: https://gost.run
YouTube: https://www.youtube.com/@gost-tunnel
Telegram: https://t.me/gogost
Google group: https://groups.google.com/d/forum/go-gost
Legacy version: v2.gost.run



