Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

同一个客户端配置文件,Windows和Debian都正常,但是在Openwrt中不工作 #2270

Closed
oTnTh opened this issue Jan 18, 2023 · 8 comments
Closed

同一个客户端配置文件,Windows和Debian都正常,但是在Openwrt中不工作 #2270

oTnTh opened this issue Jan 18, 2023 · 8 comments
Labels
Stale

Comments

@oTnTh
Copy link

oTnTh commented Jan 18, 2023

你正在使用哪个版本的 V2Ray?

服务器端:V2Ray 5.2.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.19.4 linux/amd64)

v2ray-core下载的v5.2.1 User Preview作为客户端,linux-64和Windows-64均正常。

Openwrt中测试过v2ray-core下载的linux-arm64-v8a,还有Openwrt官方源的5.2.0,表现一致,均不工作。

你的使用场景是什么?

服务器端跑在国外的VPS上,因为IP地址被墙了,所以套了Cloudflare的CDN。服务器端没有套Nginx,直接监听443端口。

配置文件是从这里抄的:https://github.com/v2fly/v2ray-examples/tree/master/VLESS-TCP-TLS-WS%20(recommended)

服务器端和客户端都跑起来以后,用curl测试连接:

curl -vI --socks5-hostname xxxx:1080 https://google.com

你看到的异常现象是什么?

我在config中将loglevel设置为debug,当客户端跑在Windows和Debian中时,服务器端和客户端的STDOUT都有一些连接相关的内容。

但是客户端跑在Openwrt中时,服务器端的STDOUT没有任何输出,似乎客户端的连接请求完全没发到服务器端。

curl的输出是这样的:

curl -vI --socks5-hostname 192.168.1.1:1080 https://google.com
*   Trying 192.168.1.1:1080...
* SOCKS5 connect to google.com:443 (remotely resolved)
* SOCKS5 request granted.
* Connected to 192.168.1.1 (192.168.1.1) port 1080 (#0)
* schannel: disabled automatic use of client certificate
* ALPN: offers http/1.1
* schannel: failed to receive handshake, SSL/TLS connection failed
* Closing connection 0
curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed

都是从v2ray-core下载的程序,服务器端是同一个,客户端的配置文件也完全一样,但是Openwrt中就是不工作。

请附上你的配置

服务端配置:

{
    "log": {
        "loglevel": "debug"
    },
    "inbounds": [
        {
            "port": 443,
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "[UUID]",
                        "level": 0,
                        "email": "love@v2fly.org"
                    }
                ],
                "decryption": "none",
                "fallbacks": [
                    {
                        "dest": "80"
                    },
                    {
                        "path": "[路径]",
                        "dest": [端口],
                        "xver": 1
                    }
                ]
            },
            "streamSettings": {
                "network": "tcp",
                "security": "tls",
                "tlsSettings": {
                    "alpn": [
                        "http/1.1"
                    ],
                    "certificates": [
                        {
                            "certificateFile": "/usr/local/etc/v2ray/v2ray.crt",
                            "keyFile": "/usr/local/etc/v2ray/v2ray.key"
                        }
                    ]
                }
            }
        },
        {
            "port": [端口],
            "listen": "127.0.0.1",
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "[UUID]",
                        "level": 0,
                        "email": "love@v2fly.org"
                    }
                ],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "ws",
                "security": "none",
                "wsSettings": {
                    "acceptProxyProtocol": true,
                    "path": "[路径]"
                }
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom"
        }
    ]
}

客户端配置:

{
    "log": {
        "loglevel": "debug"
    },
    "inbounds": [
        {
            "port": 1080,
            "listen": "0.0.0.0",
            "protocol": "socks",
            "settings": {
                "udp": true
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "vless",
            "settings": {
                "vnext": [
                    {
                        "address": "[域名]",
                        "port": 443,
                        "users": [
                            {
                                "id": "[UUID]",
                                "encryption": "none",
                                "level": 0
                            }
                        ]
                    }
                ]
            },
            "streamSettings": {
                "network": "ws",
                "security": "tls",
                "tlsSettings": {
                    "serverName": "[域名]"
                },
                "wsSettings": {
                    "path": "[路径]"
                }
            }
        }
    ]
}

请附上出错时软件输出的错误日志

服务器端错误日志:

// 服务器端没有输出任何内容

客户端错误日志:

Openwrt系统设置里已经将时区设置为东八区,date命令的输出也是正常的Thu Jan 19 07:43:10 CST 2023,但是日志里的时间戳是UTC时间。可是我用的是VLESS,按照文档的说法,跟时间设置应该没有关系才对?

V2Ray 5.2.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.19.4 linux/arm64)
A unified platform for anti-censorship.
2023/01/18 22:59:10 [Debug] app/log: Logger started
2023/01/18 22:59:10 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:1080
2023/01/18 22:59:10 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:1080
2023/01/18 22:59:10 [Info] transport/internet/udp: listening UDP on 0.0.0.0:1080
2023/01/18 22:59:10 [Warning] V2Ray 5.2.1 started
2023/01/18 22:59:15 [Info] [606408028] proxy/socks: TCP Connect request to tcp:google.com:443
2023/01/18 22:59:15 [Warning] [606408028] app/dispatcher: default route for tcp:google.com:443
2023/01/18 22:59:15 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:15 tcp:192.168.1.100:63221 accepted tcp:google.com:443
2023/01/18 22:59:26 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:36 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:47 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:57 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 23:00:08 [Warning] [606408028] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:50704->[2606:4700:3030::ac43:c97f]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:51296->[2606:4700:3032::6815:3cd1]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:54852->[2606:4700:3032::6815:3cd1]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:57452->[2606:4700:3030::ac43:c97f]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:37996->[2606:4700:3032::6815:3cd1]:443: i/o timeout] > common/retry: all retry attempts failed
2023/01/18 23:00:08 [Info] [606408028] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
@oTnTh
Copy link
Author

oTnTh commented Jan 19, 2023

我看到有人提到5.2.0可能存在问题:#2243

于是我将客户端和服务器端都换成了v2ray-core下载的5.1.0,再次测试还是一样的问题。

@oldflag2333333
Copy link

openwrt有很多防火墙规则,我觉得你可以看看是不是哪条把他拦了。

@oTnTh
Copy link
Author

oTnTh commented Jan 30, 2023

我用的是Openwrt官方固件,内置的防火墙规则好像也不多,出站什么都没拦,sshtunel和shadowsocks(撞墙之前)都是正常的。/etc/init.d/firewall stop 关闭防火墙以后测试,也还是一样的问题。

比较挠头的是,都看不出应该去哪个部分找问题。

@yyiu
Copy link

yyiu commented Feb 1, 2023 

            "tlsSettings": {
                "serverName": "[域名]"
            },

这个不要了,加了可能会墙

@oldflag2333333
Copy link

oldflag2333333 commented Feb 2, 2023
edited

没仔细看说明,才发现你套了cdn,如果你要用 websocket 的话得确认 cdn 这边是不是支持 websocket,供应商有没有防火墙规则,然后另外 v2ray 报错日志显示的是建立 tcp 连接的时候找不到“目的地”,可能是ipv6之类的原因导致的。

补充一些题外话,如果你要套 cdn 就不要使用 websocket 了,因为 cdn 其实不是解决这个问题的,这种动态请求会回源,而且有可能cdn自己会有些什么规则,让你的 websocket 的表现很奇怪,比如cdn的回源超时时间很短,那么你的 websocket 就会频繁断连。而且就我个人经验来说,一般的 cdn 服务对性能的影响太大了,除非被关了能不套还是不套吧。

@oTnTh
Copy link
Author

oTnTh commented Feb 2, 2023
edited

需要套cdn是因为vps的ipv4地址已经撞墙了,不得已。

至于websocket,则是因为看到了这篇文档:https://guide.v2fly.org/advanced/cdn.html

所以才抄了这里的配置文件:https://github.com/v2fly/v2ray-examples/tree/master/VLESS-TCP-TLS-WS%20(recommended)

我遇到的主要问题是,同一个客户端配置文件,Openwrt上不能用,但是在Openwrt后面的Windows和Debian都正常工作。

@oTnTh
Copy link
Author

oTnTh commented Feb 2, 2023

我自己的ISP是联通,然后我将配置文件发给一个用电信的朋友帮忙测试了一下。在他的Openwrt路由器上,同一个配置文件似乎是能工作的。

但是因为我没法把我的路由器搬到他家里去测试,所以我无法确认这个问题是不是跟ISP相关。

@github-actions
Copy link
Contributor

github-actions bot commented Jun 4, 2023

This issue is stale because it has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days

@github-actions github-actions bot added the Stale label Jun 4, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Jun 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@oTnTh @yyiu @oldflag2333333