Cette page est affichée en anglais. Une traduction française est en cours.
ScriptsJul 5, 2026·3 min de lecture

GOST — Versatile Go Tunnel with Multi-Protocol Support

A simple yet powerful tunnel and proxy written in Go, supporting HTTP/HTTPS/SOCKS5/Shadowsocks/SNI/SSH/KCP/QUIC protocols. Functions as a proxy chain, port forwarder, and encrypted tunnel with a YAML-based configuration system.

Prêt pour agents

Installation agent prête

Cet actif peut être installé après choix du runtime, vérification du plan et exécution de la commande adaptée.

Native · 98/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Skill
Installation
Single
Confiance
Confiance : Established
Point d'entrée
GOST
Commande d'installation directe
npx -y tokrepo@latest install 7384d620-786d-11f1-9bc6-00163e2b0d79 --target codex

À exécuter après confirmation du plan en dry-run.

Introduction

GOST (GO Simple Tunnel) is a security tunnel and proxy tool written in Go. It supports a wide array of protocols and can chain proxies, forward ports, and create encrypted tunnels. Its YAML configuration and REST API make it suitable for both quick command-line use and complex multi-hop deployments.

What GOST Does

  • Creates encrypted tunnels over HTTP, SOCKS5, Shadowsocks, SSH, KCP, QUIC, and more
  • Chains multiple proxies together for multi-hop routing
  • Forwards TCP/UDP ports through encrypted channels
  • Provides TUN/TAP device support for VPN-like functionality
  • Exposes a REST API for dynamic runtime configuration

Architecture Overview

GOST v3 uses a pipeline architecture: listeners accept connections, handlers process them, and dialers establish outbound connections. Each component is pluggable — you can mix any listener (TCP, UDP, TUN, ICMP tunnel) with any handler (proxy, relay, tunnel) and dialer (direct, proxy chain, DNS). Configuration is hot-reloadable via YAML files or the REST API.

Self-Hosting & Configuration

  • Download a single static binary for your platform (no dependencies)
  • Configure via command-line flags for simple setups
  • Use YAML configuration files for complex multi-service deployments
  • Enable the REST API for dynamic configuration changes at runtime
  • Deploy as a systemd service for persistent background operation

Key Features

  • Multi-protocol: HTTP, SOCKS4/5, Shadowsocks, SSH, KCP, QUIC, WebSocket, gRPC
  • Proxy chaining: route traffic through multiple proxy hops
  • Dynamic configuration: REST API and hot-reload of YAML configs
  • TUN/TAP support: create virtual network interfaces for full VPN mode
  • ICMP tunnel: encapsulate traffic in ICMP packets for restricted networks

Comparison with Similar Tools

  • frp — focuses on reverse proxying NAT traversal; GOST is a general-purpose tunnel
  • Chisel — SSH-based TCP tunnel; GOST supports many more transport protocols
  • WireGuard — kernel-level VPN; GOST operates in userspace with more protocol flexibility
  • Shadowsocks — single protocol; GOST supports Shadowsocks plus a dozen others
  • ngrok — cloud-based tunnel service; GOST is fully self-hosted

FAQ

Q: What is the difference between GOST v2 and v3? A: v3 (go-gost/gost) is a complete rewrite with a modular pipeline architecture, YAML config, and REST API. v2 (ginuerzh/gost) is the older version.

Q: Can GOST be used as a VPN? A: Yes, with TUN mode enabled it can function as a VPN, routing all traffic through the tunnel.

Q: Does it support UDP forwarding? A: Yes, GOST supports UDP relay and forwarding across supported protocols.

Q: Is traffic encrypted by default? A: Encryption depends on the protocol chosen. TLS, SSH, Shadowsocks, and QUIC all provide encryption.

Sources

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires