Shadowsocks-windows: when i set the mode to PAC,the shadowsocks will encrypt 1080 port?
i want to know that,when i set the shadowsocks 's mode to PAC, and i have set the other app use the port 1080.the shadowsocks will encrypt the data pass 1080 port?
helinlin007
All 8 comments
Nope
kimw
on 8 Sep 2016
i have look the resource code,then i have know the PAC and global is effect to the webbrower,will not effect to other APP. so the shadowsocks will encrypt the data when the data pass 1080 port.
helinlin007
on 8 Sep 2016
Yes, u r right @helinlin007
breakwa11
on 8 Sep 2016
I do not really got the points:
- ... the shadowsocks will encrypt the data pass 1080 port? ...
- ... then i have know the PAC and global is effect to the webbrower ...
But, anyway, the SS works in follow dia.
APP 1 \ non-encrypted encrypted
APP 2 -+ <=================================> SS <=========> Internet
... / listen on port 80 for PAC |
listen on port 1080 for PROXY |
(work for client) | (working on internet)
As shows above, the APPs like browser, IM, whatever APPs which support PAC will works well on port 80 and 1080 _sequentially_; APPs which do _NOT_ support PAC will work on 1080 only.
- The goal for PAC is to tell the APPs that the URL requested should be go though PROXY or not, according to the PAC file.
- The goal for PROXY is to lead the requests (from the APP) to SS server running on remote side. The data was encrypted of cause.
In short, SS will _NOT ENCRYPT_ data on the client side (the left side in dia above), and _WILL ENCRYPT_ data on internet side (the right side in dia).
kimw
on 8 Sep 2016
i have a question. if the PAC mode and global mode both will encrypt data.why when i select the PAC mode,the url link always faster than global?@kimw.
helinlin007
on 8 Sep 2016
@helinlin007 You should try disable system proxy then test again
breakwa11
on 8 Sep 2016
Hi @helinlin007,
PAC MODE
APP SS.PACService SS.PROXY ISP DESTINATION
| 1 | | | |
|--------->|ask | | |
|<---------|resp | | |
| | | |
| YES, 2 | | |
< go proxy? > ---------------->|ask | |
\ | |----------+------------>| encrypted access
\ | |<---------+-------------|
\ |<---------------|resp | |
\ | |
\ NO, 3 | |
|------------------------------>|ask |
| |------------>| non-encrypted access
| |<------------|
|<------------------------------|resp |
- STEP 1
The APP ask PAC server for a PAC file which combined by rules. The rules specified whether if the URL should be PROXYed or not. For example, thehttps://blocked.exmaple.org/should be go though PROXY rule; however, thehttps://unblocked.example.org/should be go though DIRECT rule. You can find some details by deep in PAC file (some kind of javascript source code). - STEP 2
If the URL should go through PROXY, the APP will request it from SS. And SS encrypted all the data to/from destination through ISP. - STEP 3
If the URL should go DIRECT, the APP will request it from your ISP without encryption.
Global MODE
APP SS.PROXY ISP DESTINATION
| | | |
|--------->|ask | |
| |-----------+------------>| encrypted access
| |<----------+-------------|
|<---------|resp | |
Whatever the destination it is, the APP will request them all from SS, never the ISP.
Why PAC is faster than global?
Will, the answer is - some request which do not need to be PROXYed is be PROXYed while it works in global mode. Which means, it's definitely your SS server is more time expensive than your ISP router.
For example, the time cost from your PC to ISP router is 20ms, time cost from your PC to SS server is 100ms, and you make a 5 encrypted + 10 non-encrpyted requests. The total time cost should be:
- PAC mode
TTC = 20ms * 10 + 100ms * 5 = 700ms - Golbal mode
TTC = 100ms * (10 + 5) = 1500ms
As the number shows above, the PAC is 2 times faster.
But if the time cost to your SS server is less than your ISP's, the global mode must be the faster one. Just like the accelerators (a kind of network service provider who has less time cost cable) do.
kimw
on 9 Sep 2016
@kimw , yes ,you are right,thanks
helinlin007
on 12 Sep 2016
Related issues
Galaxy0419
·
4Comments
WildBlizzard
·
4Comments
Galaxy0419
·
3Comments
hztgz
·
3Comments
spectereye
·
4Comments
Most helpful comment
Hi @helinlin007,
PAC MODE
The APP ask PAC server for a PAC file which combined by rules. The rules specified whether if the URL should be PROXYed or not. For example, the
https://blocked.exmaple.org/should be go though PROXY rule; however, thehttps://unblocked.example.org/should be go though DIRECT rule. You can find some details by deep in PAC file (some kind of javascript source code).If the URL should go through PROXY, the APP will request it from SS. And SS encrypted all the data to/from destination through ISP.
If the URL should go DIRECT, the APP will request it from your ISP without encryption.
Global MODE
Whatever the destination it is, the APP will request them all from SS, never the ISP.
Why PAC is faster than global?
Will, the answer is - some request which do not need to be PROXYed is be PROXYed while it works in global mode. Which means, it's definitely your SS server is more time expensive than your ISP router.
For example, the time cost from your PC to ISP router is 20ms, time cost from your PC to SS server is 100ms, and you make a 5 encrypted + 10 non-encrpyted requests. The total time cost should be:
TTC = 20ms * 10 + 100ms * 5 = 700ms
TTC = 100ms * (10 + 5) = 1500ms
As the number shows above, the PAC is 2 times faster.
But if the time cost to your SS server is less than your ISP's, the global mode must be the faster one. Just like the accelerators (a kind of network service provider who has less time cost cable) do.