HTTP proxy written in Go. COW can automatically identify blocked sites and use parent proxies to access.

Chen Yufei

Last update: Jan 9, 2023

Related tags

Network cow

Overview

COW (Climb Over the Wall) proxy

COW 是一个简化穿墙的 HTTP 代理服务器。它能自动检测被墙网站，仅对这些网站使用二级代理。

English README.

当前版本：0.9.8 CHANGELOG

欢迎在 develop branch 进行开发并发送 pull request :)

功能

COW 的设计目标是自动化，理想情况下用户无需关心哪些网站无法访问，可直连网站也不会因为使用二级代理而降低访问速度。

作为 HTTP 代理，可提供给移动设备使用；若部署在国内服务器上，可作为 APN 代理
支持 HTTP, SOCKS5, shadowsocks 和 cow 自身作为二级代理
- 可使用多个二级代理，支持简单的负载均衡
自动检测网站是否被墙，仅对被墙网站使用二级代理
自动生成包含直连网站的 PAC，访问这些网站时可绕过 COW
- 内置常见可直连网站，如国内社交、视频、银行、电商等网站（可手工添加）

快速开始

安装：

OS X, Linux (x86, ARM): 执行以下命令（也可用于更新）
```
  curl -L git.io/cow | bash
```
- 环境变量 COW_INSTALLDIR 可以指定安装的路径，若该环境变量不是目录则询问用户
- 所有 binary 在 OS X 上编译获得，若 ARM 版本可能无法工作，请下载 Go ARM 后从源码安装
Windows: 从 release 页面下载
熟悉 Go 的用户可用 go get github.com/cyfdecyf/cow 从源码安装

编辑 ~/.cow/rc (Linux) 或 rc.txt (Windows)，简单的配置例子如下：

#开头的行是注释，会被忽略
# 本地 HTTP 代理地址
# 配置 HTTP 和 HTTPS 代理时请填入该地址
# 若配置代理时有对所有协议使用该代理的选项，且你不清楚此选项的含义，请勾选
# 或者在自动代理配置中填入 http://127.0.0.1:7777/pac
listen = http://127.0.0.1:7777

# SOCKS5 二级代理
proxy = socks5://127.0.0.1:1080
# HTTP 二级代理
proxy = http://127.0.0.1:8080
proxy = http://user:[email protected]:8080
# shadowsocks 二级代理
proxy = ss://aes-128-cfb:[email protected]:8388
# cow 二级代理
proxy = cow://aes-128-cfb:[email protected]:8388

使用 cow 协议的二级代理需要在国外服务器上安装 COW，并使用如下配置：

listen = cow://aes-128-cfb:[email protected]:8388

完成配置后启动 COW 并配置好代理即可使用。

详细使用说明

配置文件在 Unix 系统上为 ~/.cow/rc，Windows 上为 COW 所在目录的 rc.txt 文件。 样例配置包含了所有选项以及详细的说明，建议下载然后修改。

启动 COW：

Unix 系统在命令行上执行 cow & (若 COW 不在 PATH 所在目录，请执行 ./cow &)
- Linux 启动脚本，如何使用请参考注释（Debian 测试通过，其他 Linux 发行版应该也可使用）
Windows
- 双击 cow-taskbar.exe，隐藏到托盘执行
- 双击 cow-hide.exe，隐藏为后台程序执行
- 以上两者都会启动 cow.exe

PAC url 为 http://<listen address>/pac，也可将浏览器的 HTTP/HTTPS 代理设置为 listen address 使所有网站都通过 COW 访问。

使用 PAC 可获得更好的性能，但若 PAC 中某网站从直连变成被封，浏览器会依然尝试直连。遇到这种情况可以暂时不使用 PAC 而总是走 HTTP 代理，让 COW 学习到新的被封网站。

命令行选项可以覆盖部分配置文件中的选项、打开 debug/request/reply 日志，执行 cow -h 来获取更多信息。

手动指定被墙和直连网站

一般情况下无需手工指定被墙和直连网站，该功能只是是为了处理特殊情况和性能优化。

配置文件所在目录下的 blocked 和 direct 可指定被墙和直连网站（direct 中的 host 会添加到 PAC）。 Windows 下文件名为 blocked.txt 和 direct.txt。

每行一个域名或者主机名（COW 会先检查主机名是否在列表中，再检查域名）
- 二级域名如 google.com 相当于 *.google.com
- com.hk, edu.cn 等二级域名下的三级域名，作为二级域名处理。如 google.com.hk 相当于 *.google.com.hk
- 其他三级及以上域名/主机名做精确匹配，例如 plus.google.com

技术细节

访问网站记录

COW 在配置文件所在目录下的 stat json 文件中记录经常访问网站被墙和直连访问的次数。

对未知网站，先尝试直接连接，失败后使用二级代理重试请求，2 分钟后再尝试直接
- 内置常见被墙网站，减少检测被墙所需时间（可手工添加）
直连访问成功一定次数后相应的 host 会添加到 PAC
host 被墙一定次数后会直接用二级代理访问
- 为避免误判，会以一定概率再次尝试直连访问
host 若一段时间没有访问会自动被删除（避免 stat 文件无限增长）
内置网站列表和用户指定的网站不会出现在统计文件中

COW 如何检测被墙网站

COW 将以下错误认为是墙在作怪：

服务器连接被重置 (connection reset)
创建连接超时
服务器读操作超时

无论是普通的 HTTP GET 等请求还是 CONNECT 请求，失败后 COW 都会自动重试请求。（如果已经有内容发送回 client 则不会重试而是直接断开连接。）

用连接被重置来判断被墙通常来说比较可靠，超时则不可靠。COW 每隔半分钟会尝试估算合适的超时间隔，避免在网络连接差的情况下把直连网站由于超时也当成被墙。 COW 默认配置下检测到被墙后，过两分钟再次尝试直连也是为了避免误判。

如果超时自动重试给你造成了问题，请参考样例配置高级选项中的 readTimeout, dialTimeout 选项。

限制

不提供 cache
不支持 HTTP pipeline（Chrome, Firefox 默认都没开启 pipeline，支持这个功能容易增加问题而好处并不明显）

致谢 (Acknowledgements)

贡献代码：

@fzerorubigd: various bug fixes and feature implementation
@tevino: http parent proxy basic authentication
@xupefei: 提供 cow-hide.exe 以在 windows 上在后台执行 cow.exe
@sunteya: 改进启动和安装脚本

Bug reporter:

GitHub users: glacjay, trawor, Blaskyy, lucifer9, zellux, xream, hieixu, fantasticfears, perrywky, JayXon, graminc, WingGao, polong, dallascao, luosheng
Twitter users: 特别感谢 @shao222 多次帮助测试新版并报告了不少 bug, @xixitalk

@glacjay 对 0.3 版本的 COW 提出了让它更加自动化的建议，使我重新考虑 COW 的设计目标并且改进成 0.5 版本之后的工作方式。

Comments

不停的写 "too many open files" 错误日志占满了服务器空间 ...

第 500390 行和 4500390行, 不停的再写 [ERROR]: too many open files 经过了2分钟, 已经写了 400w 行, 到了 "10:24:33" 服务器磁盘全满...

我是用 cow 起的 server.

# sed -n -e "500370,500390p" -e '500390q' cow.log.bak 
[<<<<<] 2014/02/15 09:55:03 cli(211.144.114.50:36561) response GET 59.124.41.250:80/ 200 OK
[<<<<<] 2014/02/15 09:55:04 cli(211.144.114.50:36675) response GET notify4.dropbox.com:80/subscribe?host_int=301684319&ns_map=121710541_9934381066189&user_id=74779823&nid=0&ts=1392457943 200 OK
[>>>>>] 2014/02/15 09:55:04 cli(211.144.114.50:36561) request  GET notify4.dropbox.com:80/subscribe?host_int=301684319&ns_map=121710541_9934381066189&user_id=74779823&nid=0&ts=1392457999
[>>>>>] 2014/02/15 09:55:07 cli(211.144.114.50:36913) request  CONNECT api.dropbox.com:443
[<<<<<] 2014/02/15 09:55:08 cli(211.144.114.50:36822) response GET notify7.dropbox.com:80/subscribe?host_int=844260197&ns_map=187658529_368877748842785,417523636_21892360116,34505156_587925222752708,36247974_2113160157606,3648430_416529875444673454&user_id=2206646&nid=1389010102423985921&ts=1392458052 200 OK
[>>>>>] 2014/02/15 09:55:08 cli(211.144.114.50:36675) request  GET notify7.dropbox.com:80/subscribe?host_int=844260197&ns_map=187658529_368877748842785,417523636_21892360116,34505156_587925222752708,36247974_2113160157606,3648430_416529875444673454&user_id=2206646&nid=1389010102423985921&ts=1392458108
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 09:55:08 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files

# sed -n -e "4500390p" cow.log.bak 
[ERROR] 2014/02/15 09:57:19 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files

# tail -n 30 cow.log.bak 
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ERROR] 2014/02/15 10:24:33 cow proxy([::]:5678) accept accept tcp [::]:5678: too many open files
[ER[>>>>>] 2014/02/15 20:04:57 cli(211.144.114.50:57506) request  CONNECT api.dropbox.com:443

bug

opened by sunteya 31

Support multiple user authentication

Hi Yufei,

When I tried to run multiple instances of cow, one for a port, I received the following error.

runtime: panic before malloc heap initialized fatal error: runtime: cannot allocate heap metadata

By searching Google I found these links.

https://code.google.com/p/go/issues/detail?id=5236 https://codereview.appspot.com/9791044/

These explanations do not make sense to me. I hope you will have a solution:-)

Also is it possible to open multiple ports in one config file so that I only need to run one instance? And with different authentication for each port? A proposed config format would be:

listen = xxx.xxx.xxx.xxx portUserPasswd = 1080:username1:password1 portUserPasswd = 1081:username2:password2 portUserPasswd = 1083:username3:password3

Thanks!
enhancement

opened by dallascao 21
一连被墙网站就crash

panic: runtime error: invalid memory address or nil pointer dereference [signal 0xb code=0x1 addr=0x20 pc=0x12aca]

goroutine 15 [running]: main.(_serverConn).doConnect(0xf8400ef000, 0xf8400e20c0, 0xf8400998a0, 0x0, 0x0, ...) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:813 +0xe1 main.(_clientConn).serve(0xf8400998a0, 0x0) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:281 +0x49f created by main.(*Proxy).Serve /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:124 +0x4ed

goroutine 1 [chan receive]: net.(_pollServer).WaitRead(0xf84009b840, 0xf8400b4000, 0xf8400992a0, 0x23, 0x1, ...) /usr/local/go/src/pkg/net/fd.go:268 +0x73 net.(_netFD).accept(0xf8400b4000, 0xa88d6, 0x0, 0xf840056cc0, 0xf84006e040, ...) /usr/local/go/src/pkg/net/fd.go:622 +0x20d net.(_TCPListener).AcceptTCP(0xf84006e450, 0xf84009bc40, 0x0, 0x0, 0x8, ...) /usr/local/go/src/pkg/net/tcpsock_posix.go:320 +0x71 net.(_TCPListener).Accept(0xf84006e450, 0x0, 0x0, 0x0, 0x0, ...) /usr/local/go/src/pkg/net/tcpsock_posix.go:330 +0x49 main.(*Proxy).Serve(0xf840057d80, 0xf840057d80) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:115 +0x298 main.main() /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/main.go:81 +0x1a3

goroutine 2 [syscall]: created by runtime.main /usr/local/go/src/pkg/runtime/proc.c:221

goroutine 3 [syscall]: os/signal.loop() /usr/local/go/src/pkg/os/signal/signal_unix.go:20 +0x1c created by os/signal.init·1 /usr/local/go/src/pkg/os/signal/signal_unix.go:26 +0x2f

goroutine 4 [chan receive]: main.sigHandler() /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/main.go:19 +0x140 created by main.main /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/main.go:77 +0x13b

goroutine 6 [syscall]: syscall.Syscall6() /usr/local/go/src/pkg/syscall/asm_darwin_amd64.s:38 +0x5 syscall.kevent(0x9, 0x0, 0x0, 0xf8400b3008, 0x10000000a, ...) /usr/local/go/src/pkg/syscall/zsyscall_darwin_amd64.go:199 +0x88 syscall.Kevent(0xf800000009, 0x0, 0x0, 0xf8400b3008, 0xa0000000a, ...) /usr/local/go/src/pkg/syscall/syscall_bsd.go:546 +0xa4 net.(_pollster).WaitFD(0xf8400b3000, 0xf84009b840, 0x1ccf64d48, 0x0, 0x0, ...) /usr/local/go/src/pkg/net/fd_darwin.go:96 +0x185 net.(_pollServer).Run(0xf84009b840, 0x0) /usr/local/go/src/pkg/net/fd.go:236 +0xe4 created by net.newPollServer /usr/local/go/src/pkg/net/newpollserver.go:35 +0x382

goroutine 9 [syscall]: created by addtimer /usr/local/go/src/pkg/runtime/ztime_amd64.c:72

goroutine 11 [chan receive]: net.(_pollServer).WaitRead(0xf84009b840, 0xf8400b41b0, 0xf8400992a0, 0x23, 0x1, ...) /usr/local/go/src/pkg/net/fd.go:268 +0x73 net.(_netFD).Read(0xf8400b41b0, 0xf8400e6000, 0x100000001000, 0xffffffff, 0xf840056cc0, ...) /usr/local/go/src/pkg/net/fd.go:428 +0x1ec net.(_TCPConn).Read(0xf84006e638, 0xf8400e6000, 0x100000001000, 0x1759ac, 0x0, ...) /usr/local/go/src/pkg/net/tcpsock_posix.go:87 +0xce main.copyClient2Server(0xf8400995d0, 0xf840001c80, 0xf840001cd0, 0xf8400d9000, 0x0, ...) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:741 +0x902 main.(_serverConn).doConnect(0xf840001c80, 0xf8400d9000, 0xf8400995d0, 0x0, 0x0, ...) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:841 +0x561 main.(_clientConn).serve(0xf8400995d0, 0x0) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:281 +0x49f created by main.(_Proxy).Serve /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:124 +0x4ed

goroutine 13 [chan receive]: net.(_pollServer).WaitRead(0xf84009b840, 0xf8400b4240, 0xf8400992a0, 0x23, 0x1, ...) /usr/local/go/src/pkg/net/fd.go:268 +0x73 net.(_netFD).Read(0xf8400b4240, 0xf8400e7000, 0x100000001000, 0xffffffff, 0xf840056cc0, ...) /usr/local/go/src/pkg/net/fd.go:428 +0x1ec net.(_TCPConn).Read(0xf84006eb78, 0xf8400e7000, 0x100000001000, 0x1759cc, 0x0, ...) /usr/local/go/src/pkg/net/tcpsock_posix.go:87 +0xce main.copyServer2Client(0xf840001c80, 0xf8400995d0, 0xf840001d20, 0xf8400d9000, 0x0, ...) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:674 +0x1dc main._func_001(0xf8400b8610, 0xf84006e950, 0xf84006e960, 0xf84006e970, 0xf84006e958, ...) /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:836 +0x54 created by main.(_serverConn).doConnect /Users/alex/local/mygo/src/github.com/cyfdecyf/cow/proxy.go:839 +0x51e
bug

opened by trawor 20
New version

Is there any milestone for creating new version? since all issue is in Chinese I can't help, even if I want to. Is there any Issue that I can help to solve? if there is, just mention me, and also if its not in english, please add a simple description to that.

Thank you.

opened by fzerorubigd 14
可以编译一个mips的版本吗？

今天帮人装了一个Netgear R6300V2的，cow支持arm，帅呆了。回家想折腾自己的R6300V1，发现是mips的，晕倒了。 system type : Broadcom BCM5300 chip rev 1 processor : 0 cpu model : MIPS 74Kc V4.9

翻看了lz以前的帖子，说mips内存小。现在v1和v2都是256M内存的，应该可以吧？

opened by aloasut 12
Ubuntu 上交叉编译 ARM 版本运行提示 illegal instruction

我在 Ubuntu 上配置好 Go 的交叉编译环境，用：

GOARM=5 go-linux-arm get github.com/cyfdecyf/cow

编译出来的 cow 执行文件：

$ file ~/mygo/bin/linux_arm/cow /home/punk/mygo/bin/linux_arm/cow: ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, not stripped

但是放去路由器上运行则提示 illegal instruction；

网站提供的 cow-linux-armv5tel-0.9.1.gz 在同一路由器上运行没有问题。

请问编译过程中需要注意什么？

opened by rampageX 12
有些网站打不开，错误页面看着像是你的 COW 生成的。

页面内容如下：「 Service Unavailable

The server is temporarily unable to service your request. Please try again later. Reference #60.df41424c.4a7d8079.1374894109 」

下面的 Reference 啥的每次刷新都会变。

COW版本：29b0ed4

opened by glacjay 12
[Error] Page not found 报错 cow-win64-0.8.zip

http://detail.zol.com.cn/pk/344620_346409.shtml

[Error] Page not found

Serving request to COW proxy. Generated by COW 0.8 at Mon Aug 19 07:22:01 2013

cow-win64-0.8.zip这个版本刚开始使用时，或第一次打开新网址时，出错率较高，刷新后正常显示。

http://detail.zol.com.cn/ProductComp_param_344620-346409.html

[Error] Page not found

Serving request to COW proxy. Generated by COW 0.8 at Mon Aug 19 07:24:24 2013

下面类型错误也时不时出现，不知道怎么查到与什么软件冲突。

http://detail.zol.com.cn/345/344620/param.shtml

[Error] WSARecv tcp 127.0.0.1:49872: An established connection was aborted by the software in your host machine.

HTTP Request GET detail.zol.com.cn:80/345/344620/param.shtml

parse response

Using direct connection.

Generated by COW 0.8 at Mon Aug 19 07:21:53 2013
enhancement

opened by graminc 11
仅对私有 IP 总是直连

COW 0.6.3 rc.txt 配置如下： listen = 127.0.0.1:7777 alwaysProxy = false loadBalance = backup #8087 goagent #10000 apjp #7070 ssh #1080 shadowsocks

httpParent = 127.0.0.1:8087 httpParent = 127.0.0.1:10000 socksParent = 127.0.0.1:7070 socksParent = 127.0.0.1:1080 dialTimeout = 3s readTimeout = 4s

addrInPAC = 127.0.0.1:7777

虽然 cow 内置了 shadowsocks 支持，为了便于shadowsocks-local.exe进程限速，而不是shadowsocks流量包含在cow.exe进程内，所以另外使用shadowsocks-go开启shadowsocks代理。

“ 指定多个二级代理时使用的负载均衡策略，可选策略如下 backup: 默认策略，优先使用第一个指定的二级代理，其他仅作备份使用 hash: 根据请求的 host name，优先使用 hash 到的某一个二级代理一个二级代理连接失败后会依次尝试其他二级代理失败的二级代理会以一定的概率再次尝试使用，因此恢复后会重新启用 loadBalance = backup ”

问题： 1

addrInPAC = 127.0.0.1:7777 与 addrInPAC = 127.0.0.1:7777 一样，cow-taskbar窗口显示PAC都照样添加。

2 8087 goagent 不稳定，有时出现403、500错误，但过几分钟后就正常，但是cow几天后都没有尝试使用。 “失败的二级代理会以一定的概率再次尝试使用，因此恢复后会重新启用” 不知道此处的概率计算怎么设置的，只能每行用#屏蔽其他三个代理，cow才使用8087 goagent。建议在rc.txt中可以设置成cow重新载入或重新启动后，就能从头开始依次尝试使用各个二级代理，包括失败的二级代理。

有时候并不是某个二级代理本身有问题，是我没有启动它或上网所用网络不稳定，cow可能就认为这个二级代理失败不再使用它。

3 httpParent = 127.0.0.1:8087 httpParent = 127.0.0.1:10000 socksParent = 127.0.0.1:7070 socksParent = 127.0.0.1:1080 使用一段时间后，修改为 socksParent = 127.0.0.1:1080 httpParent = 127.0.0.1:8087 httpParent = 127.0.0.1:10000 socksParent = 127.0.0.1:7070 无效。依然按照先前的顺序加载二级代理，8087、10000、7070二级代理如果没打开，尽管1080 shadowsocks打开了且有效，也排在第一位但cow此时却跳过第一位的1080 shadowsocks，依次尝试到7070二级代理就宣告失败了。要说cow对rc.txt有缓存也不对，因为每行用#屏蔽却可以生效。

4 对于直接用ip地址访问的网站一直是Using direct connection. 造成自动翻墙失败。

希望改进cow，感谢作者编写功能强大实用的二级代理调度和直接内置支持shadowsocks登陆的软件！
enhancement

opened by graminc 11
上传文件时经常超时出错
例如，在 Redmine 中提交 Bug、并上传附件的时候，或使用 OTRS 回复邮件、并发附件的时候，提交后出现如下错误信息：

[Error] read tcp ww.xx.yy.zz:80: i/o timeout HTTP Request POST www.abc.com:80/xxxx Request is too large to hold in buffer, can't retry. Refresh to retry may work. Using direct connection. Generated by COW at Fri Jul 26 10:36:52 2013

然后看 Redmine 和 OTRS 都分别有了新的记录，附件看起来也是正常的，就是不知 OTRS 的邮件有没有发出。
bug
opened by felixlu 10

Unhandled server read error on Windows

用的0.6.2，没用过之前版本我在win8上用cow监听0.0.0.0:7777，然后用android手机连接wifi，手动设置代理为192.168.1.6:7777，可以正常使用，但是经常出现这个ERROR

2013/05/17 19:35:25 COW proxy address 0.0.0.0:7777, PAC url http://<hostip>:7777
/pac
[ERROR] 2013/05/17 19:36:36 Unhandled server read error: WSASend tcp 192.168.1.6
:7777: An established connection was aborted by the software in your host machin
e. GET lh5.ggpht.com:80/QZmCC09p__4PwbttCw51n62J-BMljRxQWPhJtgUofH3zBCvh4D6aEslK
C7y1wBfCGoad=w136-h136
[ERROR] 2013/05/17 19:37:42 Unhandled server read error: WSASend tcp 192.168.1.6
:7777: An established connection was aborted by the software in your host machin
e. GET producer.googleusercontent.com:80/producer/attachment/CAAqBwgKMJ6nnQIwp6E
i-OPSimagespagespg-01.jpg?fife=w218-h314
2013/05/17 19:40:57 new read timeout: 5.224562s
2013/05/17 19:41:27 new read timeout: 5s
[ERROR] 2013/05/17 19:42:55 Unhandled server read error: WSASend tcp 192.168.1.6
:7777: An established connection was aborted by the software in your host machin
e. GET lh4.ggpht.com:80/lvD0XYlNlBzk2pcVakr_AqlajLI4nGpSltYOTrOJ5uiuxG37IOZ5QlXQ
2Sv1qCyNfhQ=h360
[ERROR] 2013/05/17 19:52:48 Unhandled server read error: WSASend tcp 192.168.1.6
:7777: An existing connection was forcibly closed by the remote host. GET weathe
r.yahooapis.com:80/forecastrss?w=2127866&u=c
[ERROR] 2013/05/17 19:54:23 Unhandled server read error: WSASend tcp 192.168.1.6
:7777: An established connection was aborted by the software in your host machin
e. GET lh6.ggpht.com:80/clVMCWYIHYn2p5CisHJTWkt43sWj36FX4usz9FcvYZtItjovL0KspGjU
8W5YgUjoBCUH=h298

bug

opened by JayXon 10

fatal error: concurrent map read and map write

[>>>>>] 2019/04/11 16:55:38 DIRECT 127.0.0.1:54635 CONNECT console.aliyun.com:443 [193/1961] fatal error: concurrent map read and map write

goroutine 13435 [running]: runtime.throw(0x12f6431, 0x21) /usr/local/go/src/runtime/panic.go:608 +0x72 fp=0xc0003ebcd0 sp=0xc0003ebca0 pc=0x102bbb2 runtime.mapaccess1_faststr(0x12a1680, 0xc0000947b0, 0xc0002a0160, 0x17, 0x1) /usr/local/go/src/runtime/map_faststr.go:21 +0x418 fp=0xc0003ebd40 sp=0xc0003ebcd0 pc=0x10130f8 main.(*DomainList).judge(0xc00009e440, 0xc0002d2320, 0xc00010a360) /Users/gsh/go/src/github.com/netheril96/MEOW/directlist.go:34 +0xed fp=0xc0003ebdd0 sp=0xc0003ebd40 pc=0x124526d main.(*clientConn).getServerConn(0xc000020300, 0xc00011c090, 0x0, 0x0, 0x0) /Users/gsh/go/src/github.com/netheril96/MEOW/proxy.go:653 +0x50 fp=0xc0003ebe70 sp=0xc0003ebdd0 pc=0x1256c50 main.(*clientConn).serve(0xc000020300) /Users/gsh/go/src/github.com/netheril96/MEOW/proxy.go:470 +0x18b fp=0xc0003ebfd8 sp=0xc0003ebe70 pc=0x1254e3b runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1333 +0x1 fp=0xc0003ebfe0 sp=0xc0003ebfd8 pc=0x1057ef1 created by main.(*httpProxy).Serve /Users/gsh/go/src/github.com/netheril96/MEOW/proxy.go:181 +0x518

goroutine 1 [semacquire, 169 minutes]: sync.runtime_Semacquire(0xc0000a6494) /usr/local/go/src/runtime/sema.go:56 +0x39 sync.(*WaitGroup).Wait(0xc0000a6494) /usr/local/go/src/sync/waitgroup.go:130 +0x64 main.main() /Users/gsh/go/src/github.com/netheril96/MEOW/main.go:50 +0x1da

goroutine 20 [sleep, 2 minutes]: time.Sleep(0x45d964b800) /usr/local/go/src/runtime/time.go:105 +0x14f github.com/shadowsocks/shadowsocks-go/shadowsocks.newReqList.func1(0xc0000928e0) /Users/gsh/go/src/github.com/shadowsocks/shadowsocks-go/shadowsocks/udprelay.go:82 +0x2d created by github.com/shadowsocks/shadowsocks-go/shadowsocks.newReqList /Users/gsh/go/src/github.com/shadowsocks/shadowsocks-go/shadowsocks/udprelay.go:80 +0x73

goroutine 24 [IO wait]: internal/poll.runtime_pollWait(0x4254f00, 0x72, 0x0) /usr/local/go/src/runtime/netpoll.go:173 +0x66 internal/poll.(*pollDesc).wait(0xc00012af98, 0x72, 0xc000020a00, 0x0, 0x0) /usr/local/go/src/internal/poll/fd_poll_runtime.go:85 +0x9a internal/poll.(*pollDesc).waitRead(0xc00012af98, 0xffffffffffffff00, 0x0, 0x0) /usr/local/go/src/internal/poll/fd_poll_runtime.go:90 +0x3d internal/poll.(*FD).Accept(0xc00012af80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) /usr/local/go/src/internal/poll/fd_unix.go:384 +0x1a0 net.(*netFD).accept(0xc00012af80, 0x4254fd0, 0x2000, 0x2000) /usr/local/go/src/net/fd_unix.go:238 +0x42 net.(*TCPListener).accept(0xc0000ae0e0, 0xc000113b70, 0xc000113b78, 0x8) /usr/local/go/src/net/tcpsock_posix.go:139 +0x2e net.(*TCPListener).Accept(0xc0000ae0e0, 0x12ff468, 0xc000020300, 0xc0000a8300, 0xc000020300) /usr/local/go/src/net/tcpsock.go:260 +0x47 main.(*httpProxy).Serve(0xc0000a8300, 0xc0000a6494) /Users/gsh/go/src/github.com/netheril96/MEOW/proxy.go:171 +0x30b created by main.main /Users/gsh/go/src/github.com/netheril96/MEOW/main.go:48 +0x1ba

goroutine 13456 [runnable]: net._C2func_getaddrinfo(0xc00030e3e0, 0x0, 0xc00038e780, 0xc00000e090, 0x0, 0x0, 0x0) _cgo_gotypes.go:98 +0x55 net.cgoLookupIPCNAME.func1(0xc00030e3e0, 0x0, 0xc00038e780, 0xc00000e090, 0x13, 0x13, 0x1006caf) /usr/local/go/src/net/cgo_unix.go:149 +0x131 net.cgoLookupIPCNAME(0xc0002a0140, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) /usr/local/go/src/net/cgo_unix.go:149 +0x153

opened by bitmyth 0
MAC OS 10.14.3 运行错误

release 中的二进制在MAC上运行错误

failed MSpanList_Insert 0x704000 0x436fc852f7ae 0x0 0x0 fatal error: MSpanList_Insert

runtime stack: runtime.throw(0x320e30, 0x10) /usr/local/go/src/runtime/panic.go:530 +0x90 fp=0x7ffeefbff5d0 sp=0x7ffeefbff5b8 runtime.(*mSpanList).insert(0x46c5c8, 0x704000) /usr/local/go/src/runtime/mheap.go:933 +0x293 fp=0x7ffeefbff600 sp=0x7ffeefbff5d0 runtime.(*mheap).freeSpanLocked(0x46bdc0, 0x704000, 0x100, 0x0) /usr/local/go/src/runtime/mheap.go:809 +0x4be fp=0x7ffeefbff668 sp=0x7ffeefbff600 runtime.(*mheap).grow(0x46bdc0, 0x8, 0x0) /usr/local/go/src/runtime/mheap.go:675 +0x2a0 fp=0x7ffeefbff6c0 sp=0x7ffeefbff668 runtime.(*mheap).allocSpanLocked(0x46bdc0, 0x1, 0x0) /usr/local/go/src/runtime/mheap.go:553 +0x4e3 fp=0x7ffeefbff718 sp=0x7ffeefbff6c0 runtime.(*mheap).alloc_m(0x46bdc0, 0x1, 0x15, 0x0) /usr/local/go/src/runtime/mheap.go:437 +0x119 fp=0x7ffeefbff748 sp=0x7ffeefbff718 runtime.(*mheap).alloc.func1() /usr/local/go/src/runtime/mheap.go:502 +0x41 fp=0x7ffeefbff778 sp=0x7ffeefbff748 runtime.systemstack(0x7ffeefbff798) /usr/local/go/src/runtime/asm_amd64.s:307 +0xab fp=0x7ffeefbff780 sp=0x7ffeefbff778 runtime.(*mheap).alloc(0x46bdc0, 0x1, 0x10000000015, 0x5a29f) /usr/local/go/src/runtime/mheap.go:503 +0x63 fp=0x7ffeefbff7c8 sp=0x7ffeefbff780 runtime.(*mcentral).grow(0x46d9c0, 0x0) /usr/local/go/src/runtime/mcentral.go:209 +0x93 fp=0x7ffeefbff830 sp=0x7ffeefbff7c8 runtime.(*mcentral).cacheSpan(0x46d9c0, 0x4679d8) /usr/local/go/src/runtime/mcentral.go:89 +0x47d fp=0x7ffeefbff870 sp=0x7ffeefbff830 runtime.(*mcache).refill(0x700000, 0x15, 0x7ffeefbff8d8) /usr/local/go/src/runtime/mcache.go:119 +0xcc fp=0x7ffeefbff8a8 sp=0x7ffeefbff870 runtime.mallocgc.func2() /usr/local/go/src/runtime/malloc.go:642 +0x2b fp=0x7ffeefbff8c8 sp=0x7ffeefbff8a8 runtime.systemstack(0x7ffeefbff968) /usr/local/go/src/runtime/asm_amd64.s:307 +0xab fp=0x7ffeefbff8d0 sp=0x7ffeefbff8c8 runtime.mallocgc(0x180, 0x2e8c00, 0x0, 0x800000000) /usr/local/go/src/runtime/malloc.go:643 +0x869 fp=0x7ffeefbff9a8 sp=0x7ffeefbff8d0 runtime.newobject(0x2e8c00, 0x468050) /usr/local/go/src/runtime/malloc.go:781 +0x42 fp=0x7ffeefbff9d0 sp=0x7ffeefbff9a8 runtime.malg(0x8000, 0x4682c0) /usr/local/go/src/runtime/proc.go:2634 +0x27 fp=0x7ffeefbffa08 sp=0x7ffeefbff9d0 runtime.mpreinit(0x468820) /usr/local/go/src/runtime/os1_darwin.go:140 +0x1f fp=0x7ffeefbffa20 sp=0x7ffeefbffa08 runtime.mcommoninit(0x468820) /usr/local/go/src/runtime/proc.go:494 +0x105 fp=0x7ffeefbffa68 sp=0x7ffeefbffa20 runtime.schedinit() /usr/local/go/src/runtime/proc.go:434 +0x79 fp=0x7ffeefbffab0 sp=0x7ffeefbffa68 runtime.rt0_go(0x7ffeefbffae8, 0x1, 0x7ffeefbffae8, 0x0, 0x0, 0x1, 0x7ffeefbffc00, 0x0, 0x7ffeefbffc06, 0x7ffeefbffc22, ...) /usr/local/go/src/runtime/asm_amd64.s:138 +0x132 fp=0x7ffeefbffab8 sp=0x7ffeefbffab0

CentOS 7.2 交叉编译后即可正常运行

opened by zhoubowen-sky 1
如何全局代理走外网，本地网络不走代理？
在配置文件设置alwaysProxy = true实现了全局代理，但是本地DMA服务便无法正常访问。把alwaysProxy关闭后可以正常访问DMA服务。尝试在~/.cow/direct添加,但未能生效：

127.0.0.1 127.0.0.0/8 172.16.0.0/12 192.168.0.0/16

我又尝试了将alwaysProxy关闭，通过blocked 和direct来制定IP段科学上网，但是尝试了下想让某个App科学上网，并不能完整的全局代理（该App使用不同域名，可能遗漏哪个域名，导致App不可用）。

我的设备（Apple TV4）只能通过Http代理进行科学上网，没办法在设备上对本地IP进行区分。请问，我应该如何设置才能实现“除本地网络外的全局代理”？
opened by FormioCour 1

Releases(0.9.8)

0.9.8(Jun 19, 2016)
Fix OTA bug caused by bug in shadowsocks-go library (report by @defia)

Fix WeChat image url fix (by @breath-co2 @haha1903)

Fix connection reset detection (by @fgid)

Source code(tar.gz)
Source code(zip)
cow-linux-armv5tel-0.9.8.gz(1.67 MB)
cow-linux-armv6l-0.9.8.gz(1.66 MB)
cow-linux-armv7l-0.9.8.gz(1.66 MB)
cow-linux32-0.9.8.gz(1.71 MB)
cow-linux64-0.9.8.gz(1.84 MB)
cow-mac64-0.9.8.gz(1.83 MB)
cow-win32-0.9.8.zip(1.74 MB)
cow-win64-0.9.8.zip(1.88 MB)
0.9.7(May 4, 2016)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, download compiled binaries below.
Source code(tar.gz)
Source code(zip)
cow-linux-armv5tel-0.9.7.gz(1.67 MB)
cow-linux-armv6l-0.9.7.gz(1.66 MB)
cow-linux-armv7l-0.9.7.gz(1.66 MB)
cow-linux32-0.9.7.gz(1.71 MB)
cow-linux64-0.9.7.gz(1.84 MB)
cow-mac64-0.9.7.gz(1.83 MB)
cow-win32-0.9.7.zip(1.74 MB)
cow-win64-0.9.7.zip(1.88 MB)
0.9.6(Jun 7, 2015)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/latest

Changes

Reload config by sending SIGUSR1 on Unix system

Load blocked/direct/stat file from same directory as rc file by default

Allow user to specify blocked/direct/stat file path

Detect arm without vfp in install script.

Fix estimate timeout bug

Source code(tar.gz)
Source code(zip)
0.9.5(May 12, 2015)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/latest

Changes:

Support new encryption method "chacha20" and "salsa20"

Avoid biased parent proxy selection for hash load balacing

Fix AirDrop on OS X when using PAC

Fix failed start with corrupted stat file

Support changing the estimate timeout target

Source code(tar.gz)
Source code(zip)
0.9.4(Oct 8, 2014)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/
Source code(tar.gz)
Source code(zip)
0.9.3(Sep 21, 2014)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Support new encryption method "rc4-md5"

Source code(tar.gz)
Source code(zip)
0.9.2(Jul 22, 2014)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Reduce the possibility of encountering too many open file error

New connection latency based load balancing

Fix auto load plist for OS X

Identify blocked site by HTTP error code

Source code(tar.gz)
Source code(zip)
0.9.1(Dec 21, 2013)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Fix can't save site stat file if tmp directory is on a different partition with cow's config directory

Improved install and startup script

Source code(tar.gz)
Source code(zip)
0.9(Dec 2, 2013)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Note: configuration syntax is simplified, existing configuration will be upgraded automatically.

New feature: two COW servers can be connected using encrypted connection, thus we have an encrypted HTTP proxy chain that can be used to bypass the firewall

Allow client to use HTTP basic authentication

Simplify configuration syntax

Better reuse for HTTP parent connections

Reduce direct/blocked delta

Generate new PAC every minute

Source code(tar.gz)
Source code(zip)
0.8(Aug 10, 2013)
For OS X and Linux, run the following command to update

curl -L git.io/cow | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Share server connections between different clients

Add tunnelAllowedPort option to limit ports CONNECT method can connect to

Avoid timeout too soon for frequently visited direct sites

Fix reporting malformed requests in two cases when request has body:

Authenticate requests

Error occured before request is sent

Support multi-lined headers

Change client connection timeout to 15s

Change as direct delta to 15

Provide ARMv5 binary

Source code(tar.gz)
Source code(zip)
0.7.6(Jul 28, 2013)
For OS X and Linux, run the following command to update

curl -s -L https://github.com/cyfdecyf/cow/raw/master/install-cow.sh | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Fix bug for close connection response with no body

Fix response not keep alive by default

Always try parent proxy upon DNS/connection error

Do not take special handling on log with debug option

Add proxy status statistics in debug code

Source code(tar.gz)
Source code(zip)
0.7.5(Jul 25, 2013)
For OS X and Linux, run the following command to update

curl -s -L https://github.com/cyfdecyf/cow/raw/master/install-cow.sh | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Fix crash on IPv6 client authentication

Provide ARMv6 binary

Source code(tar.gz)
Source code(zip)
0.7.4(Jul 15, 2013)
For OS X and Linux, run the following command to update

curl -s -L https://github.com/cyfdecyf/cow/raw/master/install-cow.sh | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Fix adding extra connection header for client request with both "Proxy-Connection" and "Connection" headers

Ignore UTF-8 BOM in config file

Source code(tar.gz)
Source code(zip)
0.7.3(Jul 10, 2013)
For OS X and Linux, run the following command to update

curl -s -L https://github.com/cyfdecyf/cow/raw/master/install-cow.sh | bash

For Windows, please download from http://dl.chenyufei.info/cow/

Handle 100-continue: do not forward expect header from client, ignore 100 continue response replied by some web servers

For windows: add cow-hide.exe to run cow.exe as background process, (provided by to xupefei)

Filter sites covered by user specified domains on load

Fix incorrectly changing header value to lower case: user name and password can now contain upper case letters

Source code(tar.gz)
Source code(zip)