gitwtfhub

wtf is gost?

ginuerzh/gost — explained in plain English

Analysis updated 2026-06-24

17,940GoAudience · ops devopsComplexity · 3/5Setup · moderate

TL;DR

GOST is a Go command-line tool that builds secure network tunnels and chained proxies across many protocols (HTTP, SOCKS, Shadowsocks, QUIC, WebSocket, etc.).

Mindmap

mindmap
  root((GOST))
    What it does
      Network tunnels
      Proxy chaining
      Port forwarding
      Traffic obfuscation
    Protocols
      HTTP HTTPS
      SOCKS4 SOCKS5
      Shadowsocks
      HTTP2 QUIC
    Extras
      DNS proxy
      Load balancing
      TUN TAP VPN
    Audience
      Network engineers
      Power users

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Why would anyone build with this?

REASON 1

Run a SOCKS5 or HTTP proxy server with one command.

REASON 2

Chain multiple proxies (e.g. QUIC then SOCKS5 over WebSocket) so traffic hops through several servers.

REASON 3

Forward a local TCP/UDP port to a remote service behind a firewall.

REASON 4

Build a lightweight VPN-style setup using TUN/TAP tunneling.

What's in the stack?

GoTCP UDPTUN TAP

How it stacks up

ginuerzh/gostmatryer/xbarthealgorithms/go
Stars17,94018,01518,032
LanguageGoGoGo
Setup difficultymoderatemoderateeasy
Complexity3/52/52/5
Audienceops devopsdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you spin it up?

Difficulty · moderate Time to first run · 30min

Single Go binary, comfort with networking concepts and command-line flags is required, and most docs are in Chinese.

License is not stated in the explanation.

Wtf does this do

GOST (GO Simple Tunnel) is a command-line tool written in Go that creates secure network tunnels and proxy chains. A network tunnel lets you route your internet traffic through one or more intermediate servers, which is useful for bypassing network restrictions, accessing services that are not directly reachable, or adding a layer of encryption to otherwise unprotected connections. The tool supports a wide range of proxy protocols including HTTP, HTTPS, SOCKS4, SOCKS5, Shadowsocks, and HTTP2, meaning it can act as a standard proxy server that other applications already know how to talk to. One of its key features is proxy chaining: you can set up a sequence of forwarding servers, and GOST will route your traffic through each one in order, for example, through a QUIC tunnel, then a SOCKS5 server over WebSocket, then an HTTP2 server, before the traffic reaches its destination. Each hop in the chain can use a different protocol. Beyond proxying, GOST can forward specific local or remote TCP and UDP ports to other addresses, which is useful when you need to expose a service behind a firewall or redirect traffic between machines. It also supports transparent proxying (redirecting traffic without the sender knowing), DNS proxying and resolution, load balancing across multiple upstream servers, and TUN/TAP device tunneling (which lets you build VPN-like setups). Obfs4 is also supported for traffic obfuscation. The README content is primarily in Chinese. You would use GOST if you are a network engineer or developer who needs a flexible, multi-protocol tunneling tool that can be composed into complex routing configurations from the command line.

Yoink these prompts

Prompt 1
Show me the simplest GOST command to run a SOCKS5 proxy on port 1080 with username/password auth.
Prompt 2
Translate this Chinese GOST tutorial about proxy chaining into English and explain the -L and -F flags.
Prompt 3
Give me a GOST command that chains three hops: QUIC -> SOCKS5-over-WebSocket -> HTTP2.
Prompt 4
I want to forward local port 8080 to a remote MySQL server on 10.0.0.5:3306 using GOST. Give me the exact command.
Prompt 5
Write a systemd unit file that runs GOST as a SOCKS5 proxy on boot, with a config file at /etc/gost/gost.yml.

Frequently asked questions

wtf is gost?

GOST is a Go command-line tool that builds secure network tunnels and chained proxies across many protocols (HTTP, SOCKS, Shadowsocks, QUIC, WebSocket, etc.).

What language is gost written in?

Mainly Go. The stack also includes Go, TCP UDP, TUN TAP.

What license does gost use?

License is not stated in the explanation.

How hard is gost to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is gost for?

Mainly ops devops.

View the repo → Decode another repo

This repo across BitVibe Labs

Don't trust strangers blindly. Verify against the repo.