Building Your Own NetGuard System

1. To save costs or avoid technical details, join our Shared Defense Plan.
2. You can also Build Your Own Server if you have sufficient funds and experience.
3. You must first understand its mechanism before building your NetGuard system.

Steps

Apply for a Dashboard Account

Send your application to: $XianIP@163.Com$

To prevent misuse of the server, please strictly follow the requirements below when writing your email. Emails that do not comply will not be replied.

Subject: Application for Self-hosted NetGuard Server

Body:

1. Introduce yourself.
2. Provide your phone number.
3. Describe your App (features, platform, homepage).

Please Note

• Free accounts must maintain at least 10 devices online.
• Inactive free accounts will be automatically deleted.

Download the Server Programs

Click here to download two types of server programs:

1. Gateway (handles data forwarding): Runs on port 16005
2. Shield (handles session persistence): Runs on port 18005

Please Note

The server programs supports only 64-bit Windows and Linux systems based on the x86 architecture.

Running the Server Programs

1. Log in to the Dashboard to obtain your instance's App ID and App Key.
2. If you only need session persistence functionality, you can run both programs on the same server.
3. If you need DDoS protection, the server programs must be run on separate servers.
4. The server programs are command-line based and needs to be started with parameters, as shown below:

  // For Linux Platform - Gateway Server
  transfer-linux-amd64 -appid "Your_AppID" -appkey "Your_AppKey"

  // For Linux Platform - Shield Server
  shield-linux-amd64 -appid "Your_AppID" -appkey "Your_AppKey"

  // For Windows Platform - Gateway Server
  transfer-windows-amd64.exe -appid "Your_AppID" -appkey "Your_AppKey"

  // For Windows Platform - Shield Server
  shield-windows-amd64.exe -appid "Your_AppID" -appkey "Your_AppKey"

Adding Servers to the Backend

1. Log in to the Dashboard.
2. Add the configured servers to the Gateway and Shield sections.
3. Add the configured servers to your instance correctly.

Limitations of Self-hosted NetGuard Server

The IDC resources for self-hosted NetGuard servers are fully procured by the developer, meaning there are no restrictions on bandwidth, concurrent online devices, etc. However, some public resources are still utilized. To avoid impacting other NetGuard users, the following limitations apply:

1. Each account is limited to a single NetGuard instance.
2. The real IP address of the client cannot be obtained.
3. Client connection frequency cannot be controlled.
4. Concurrent client connections cannot be restricted.
5. A minimum of 10 devices must remain online.
6. Instances that remain inactive will be automatically deleted.

Next Steps

1. Configure the firewall to permit only Gateway-to-Shield server connections.
2. Configure the firewall to permit only Shield-to-App server connections.
3. Contact the data center if their firewall disrupts TCP-based TLS connections.
4. Read the Developer Documentation to integrate the NetGuard SDK.