ss-local

Run a Shadowsocks proxy by specifying the host, server port, local port, password, and encryption method

$ ss-local -s [host] -p [server_port] -l [local port] -k [password] -m [encrypt_method]

$ ss-local -c [path/to/config/file.json]

$ ss-local --plugin [plugin_name] --plugin-opts [plugin_options]

$ ss-local --fast-open

ss [options] [ FILTER ]

-h, --help
    Show help message and exit.

-V, --version
    Show version information and exit.

-n, --numeric
    Do not try to resolve service names.

-r, --resolve
    Try to resolve numeric address/ports.

-a, --all
    Display all sockets.

-l, --listening
    Display listening sockets.

-o, --options
    Show timer information.

-e, --extended
    Show detailed socket information.

-m, --memory
    Show socket memory usage.

-p, --processes
    Show process using socket.

-i, --info
    Show internal TCP information.

-s, --summary
    Show summary of socket usage.

-4, --ipv4
    Display only IPv4 sockets.

-6, --ipv6
    Display only IPv6 sockets.

-0, --unix
    Display only UNIX domain sockets.

-t, --tcp
    Display only TCP sockets.

-u, --udp
    Display only UDP sockets.

-d, --dccp
    Display only DCCP sockets.

-w, --raw
    Display only RAW sockets.

-x, --unix-all
    Display all UNIX domain sockets.

-f, --family=FAMILY
    Display sockets of type FAMILY.

FILTER := [ state TCP-STATE ] [ EXPRESSION ]
    Allows to filter specific state and expresssion for the socket

The ss command is a powerful utility used to investigate socket statistics. Replacing the older netstat tool in many modern Linux distributions, ss offers improved performance and the ability to display more TCP and state information.

Specifically, ss-local is not a command itself, but represents the usage of ss with filters or options to display information about local sockets. This commonly involves filtering by address, port, or process. The command can show listening and established connections, allowing system administrators to troubleshoot network issues, monitor network activity, and verify that services are operating correctly.

Unlike `netstat`, it uses the TCP connection information provided by the kernel directly. This allows faster gathering of information without the need to contact any process.

The ss command requires root privileges to display information about sockets owned by other users. Filtering can become complex, requiring a good understanding of socket states and available expressions.

ss with local can be shown by using a FILTER.
'ss -lt sport = :http' to show all TCP listening sockets with source port equals to 80.
'ss -at '( dport = :ssh or sport = :ssh )'' to show all TCP connections that either have dest port or source port 22.
'ss -o state established '( dport > :1024 and dport < :65535 )'' show established connections with dport between 1024 and 65535 with timer information.

ss was created to address performance limitations of netstat, especially on systems with a large number of sockets. Its development has focused on leveraging the kernel's TCP connection information efficiently. It is now the preferred tool for socket statistics in most modern Linux distributions.

netstat(1), tcpdump(1), lsof(8)