Scripts2026年7月5日·1 分钟阅读

GOST — Versatile Go Tunnel with Multi-Protocol Support

A simple yet powerful tunnel and proxy written in Go, supporting HTTP/HTTPS/SOCKS5/Shadowsocks/SNI/SSH/KCP/QUIC protocols. Functions as a proxy chain, port forwarder, and encrypted tunnel with a YAML-based configuration system.

Agent 就绪

Agent 可直接安装

这个资产可安装;Agent 先选择当前运行时、检查安装计划,再运行匹配命令。

Native · 98/100策略:允许
Agent 入口
任意 MCP/CLI Agent
类型
Skill
安装
Single
信任
信任等级:Established
入口
GOST
直接安装命令
npx -y tokrepo@latest install 7384d620-786d-11f1-9bc6-00163e2b0d79 --target codex

先 dry-run 确认安装计划,再运行此命令。

Introduction

GOST (GO Simple Tunnel) is a security tunnel and proxy tool written in Go. It supports a wide array of protocols and can chain proxies, forward ports, and create encrypted tunnels. Its YAML configuration and REST API make it suitable for both quick command-line use and complex multi-hop deployments.

What GOST Does

  • Creates encrypted tunnels over HTTP, SOCKS5, Shadowsocks, SSH, KCP, QUIC, and more
  • Chains multiple proxies together for multi-hop routing
  • Forwards TCP/UDP ports through encrypted channels
  • Provides TUN/TAP device support for VPN-like functionality
  • Exposes a REST API for dynamic runtime configuration

Architecture Overview

GOST v3 uses a pipeline architecture: listeners accept connections, handlers process them, and dialers establish outbound connections. Each component is pluggable — you can mix any listener (TCP, UDP, TUN, ICMP tunnel) with any handler (proxy, relay, tunnel) and dialer (direct, proxy chain, DNS). Configuration is hot-reloadable via YAML files or the REST API.

Self-Hosting & Configuration

  • Download a single static binary for your platform (no dependencies)
  • Configure via command-line flags for simple setups
  • Use YAML configuration files for complex multi-service deployments
  • Enable the REST API for dynamic configuration changes at runtime
  • Deploy as a systemd service for persistent background operation

Key Features

  • Multi-protocol: HTTP, SOCKS4/5, Shadowsocks, SSH, KCP, QUIC, WebSocket, gRPC
  • Proxy chaining: route traffic through multiple proxy hops
  • Dynamic configuration: REST API and hot-reload of YAML configs
  • TUN/TAP support: create virtual network interfaces for full VPN mode
  • ICMP tunnel: encapsulate traffic in ICMP packets for restricted networks

Comparison with Similar Tools

  • frp — focuses on reverse proxying NAT traversal; GOST is a general-purpose tunnel
  • Chisel — SSH-based TCP tunnel; GOST supports many more transport protocols
  • WireGuard — kernel-level VPN; GOST operates in userspace with more protocol flexibility
  • Shadowsocks — single protocol; GOST supports Shadowsocks plus a dozen others
  • ngrok — cloud-based tunnel service; GOST is fully self-hosted

FAQ

Q: What is the difference between GOST v2 and v3? A: v3 (go-gost/gost) is a complete rewrite with a modular pipeline architecture, YAML config, and REST API. v2 (ginuerzh/gost) is the older version.

Q: Can GOST be used as a VPN? A: Yes, with TUN mode enabled it can function as a VPN, routing all traffic through the tunnel.

Q: Does it support UDP forwarding? A: Yes, GOST supports UDP relay and forwarding across supported protocols.

Q: Is traffic encrypted by default? A: Encryption depends on the protocol chosen. TLS, SSH, Shadowsocks, and QUIC all provide encryption.

Sources

讨论

登录后参与讨论。
还没有评论,来写第一条吧。

相关资产