How to Enable Multi-Port on Shadowsocks

The one-click script will only open a single port for use by default. The reason for this is because it is generally considered that only personal use will build its own Shadowsocks server, so when installing the interaction, by default only a certain port is required to be entered. But if you want to share within a small area, then you may need to open multiple ports.
The current four mainstream versions actually support multiple ports, but the methods of opening them are different. The focus of this article is to write about how to open multiple ports for different versions of Shadowsocks.

Note: This article is based on the correct installation and use of the four-in-one version.

1. Shadowsocks-Python

The configuration file path of Shadowsocks-Python version is /etc/shadowsocks-python/config.json. The following explains how to modify the configuration file.
It is recommended to use vim or nano to edit this configuration file under Linux. Specific instructions on how to use these two editors are not given here. You can search for related usage by yourself.
Shadowsocks-Python version multi-port configuration file example:

{
    "server":"0.0.0.0",
    "local_address":"127.0.0.1",
    "local_port":1080,
    "port_password":{
         "9000":"password0",
         "9001":"password1",
         "9002":"password2",
         "9003":"password3",
         "9004":"password4"
    },
    "timeout":300,
    "method":"your_encryption_method",
    "fast_open": false
}

The focus is on the modification of the port_password field.
Add as many ports as you want. Note that they need to conform to the json format. There is no English comma after the last line. There needs to be a English comma at the end of the whole brace.
After the modification is completed, save the configuration file and restart it. The command is as follows:

/etc/init.d/shadowsocks-python restart

2. ShadowsocksR

The configuration file path of ShadowsocksR version is /etc/shadowsocks-r/config.json. The following explains how to modify the configuration file.
ShadowsocksR version multi-port configuration file example:

{
    "server":"0.0.0.0",
    "server_ipv6": "(::)",
    "local_address":"127.0.0.1",
    "local_port":1080,
    "port_password":{
        "9000":"password0",
        "9001":"password1",
        "9002":"password2",
        "9003":"password3",
        "9004":"password4"
    },
    "timeout":300,
    "method":"your_encryption_method",
    "protocol": "your_protocol",
    "protocol_param": "",
    "obfs": "your_obfs",
    "obfs_param": "",
    "redirect": "",
    "dns_ipv6": false,
    "fast_open": false,
    "workers": 1
}

The focus is on the modification of the port_password field.
Add as many ports as you want. Note that they need to conform to the json format. There is no English comma after the last line. There needs to be a English comma at the end of the whole brace.
After the modification is completed, save the configuration file and restart it. The command is as follows:

/etc/init.d/shadowsocks-r restart

三、Shadowsocks-Go

The configuration file path of Shadowsocks-Go version is /etc/shadowsocks-go/config.json. The following explains how to modify the configuration file.
Shadowsocks-Go version multi-port configuration file example:

{
    "port_password":{
         "9000":"password0",
         "9001":"password1",
         "9002":"password2",
         "9003":"password3",
         "9004":"password4"
    },
    "method":"your_encryption_method",
    "timeout":300
}

The focus is on the modification of the port_password field.
Add as many ports as you want. Note that they need to conform to the json format. There is no English comma after the last line. There needs to be a English comma at the end of the whole brace.
After the modification is completed, save the configuration file and restart it. The command is as follows:

/etc/init.d/shadowsocks-go restart

四、Shadowsocks-libev

The Shadowsocks-libev version is the only one that cannot open multiple ports simply by modifying the configuration file.
However, the developer developed a separate ss-manager to manage and open multiple ports. Its working principle is roughly as follows:
Call ss-server and generate a hidden folder .shadowsocks in the current user directory based on multiple port numbers in the configuration file and split the configuration file into .shadowsocks_port number.conf, create a new process, and then generate .shadowsocks_port number.pid to save the pid information of the process.
Finally, the number of ss-server processes created is the same as the number of ports in the configuration file. In other words, each port needs to open an ss-server process.

So I simply wrote a startup script for Shadowsocks-libev version multi-user management ss-manager. You can start and stop the multi-port libev version service by editing the json configuration file /etc/shadowsocks-manager/config.json. end.
Let’s talk about usage below.

1. Download the startup script and grant execution permissions.

wget -O /etc/init.d/shadowsocks-manager https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-manager
chmod 755 /etc/init.d/shadowsocks-manager

2. Create a new directory to store configuration files

mkdir /etc/shadowsocks-manager

3. Create a multi-port configuration file, /etc/shadowsocks-manager/config.json example:

{
    "server":"0.0.0.0",
    "port_password":{
         "9000":"password0",
         "9001":"password1",
         "9002":"password2",
         "9003":"password3",
         "9004":"password4"
    },
    "timeout":300,
    "user":"nobody",
    "method":"your_encryption_method",
    "nameserver":"8.8.8.8",
    "mode":"tcp_and_udp"
}

Regarding configuration files, for more options, please refer to:
https://github.com/shadowsocks/shadowsocks-libev/blob/master/doc/shadowsocks-libev.asciidoc

4. Use startup script

Start: /etc/init.d/shadowsocks-manager start
Stop: /etc/init.d/shadowsocks-manager stop
Restart: /etc/init.d/shadowsocks-manager restart
View status:/etc/init.d/shadowsocks-manager status

5. Common steps

If you are running on a CentOS system, you may need to open the corresponding port in the configuration file in the firewall.
CentOS 6 generally uses iptables, check the status first:

/etc/init.d/iptables status

If it is running, the command to open a new port is as follows:

iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 新端口号 -j ACCEPT
iptables -I INPUT -m state --state NEW -m udp -p udp --dport 新端口号 -j ACCEPT

Save and restart iptables with the following command:

/etc/init.d/iptables save
/etc/init.d/iptables restart

Display the iptables list and confirm whether the port is added successfully:

iptables -L -n

CentOS 7 generally uses firewalld, first confirm the status:

systemctl status firewalld

If it is running, the command to open a new port is as follows:

firewall-cmd --permanent --zone=public --add-port=新端口号/tcp
firewall-cmd --permanent --zone=public --add-port=新端口号/udp

Reload firewalld with the following command:

firewall-cmd --reload

Display the firewall list and confirm whether the port is added successfully:

firewall-cmd --list-all

Debian or Ubuntu generally does not turn on the firewall by default. Of course, it may be turned on under special circumstances, so you also need to open the corresponding port in the configuration file in the firewall.
Of course, if you find it troublesome, you can just turn off the firewall.
How to shut down iptables:

/etc/init.d/iptables stop

Turn off auto-start at boot

chkconfig iptables off

How to shut down firewalld:

systemctl stop firewalld

Turn off auto-start at boot

systemctl disable firewalld

In addition, if you are using a cloud product from a large company, such as AWS, Google Cloud, Azure, Alibaba Cloud, etc., you may also need to open the corresponding communication port in the background control panel. I won’t go into too much detail here, as each method is similar.