search

FlowerWrong / ip2socks

ip flow to socks, support tun and tap.
40 stars 16 forks source link

为什么 ntp 不能正常工作? #8

Closed sbilly closed 5 years ago

sbilly commented 5 years ago

我删除了 china_ip_list.txt 文件,强制所有的请求都走 socks 代理。curl 已经可以正常访问 google.com,dns 是可以正常工作的,但使用 udp 协议的 ntp 却不工作。

我希望 udp 协议都能正常使用,ntp 只是我用来测试的工具。

# ./ip2socks --config=./scripts/config.linux.example.yml
Lwip netstack host 10.0.0.2 mask 255.255.255.0 gateway 10.0.0.1
Open tun device: tun0 for reading...
tun name is tun0
exec setup shell sh ./scripts/linux_setup_tuntap.sh 10.0.0.1
origin gateway is '192.168.158.2'
grep: ./scripts/china_ip_list/china_ip_list.txt: No such file or directory
Ip2socks started!

# # ip route
0.0.0.0/1 via 10.0.0.1 dev tun0
default via 192.168.158.2 dev ens33 proto dhcp src 192.168.158.221 metric 100
10.0.0.0/24 dev tun0 proto kernel scope link src 10.0.0.1
10.147.18.0/24 dev ens39 proto kernel scope link src 10.147.18.80
114.114.114.114 via 192.168.158.2 dev ens33
128.0.0.0/1 via 10.0.0.1 dev tun0
172.16.196.0/24 dev ens38 proto kernel scope link src 172.16.196.129
192.168.158.0/24 dev ens33 proto kernel scope link src 192.168.158.221
192.168.158.2 dev ens33 proto dhcp scope link src 192.168.158.221 metric 100
223.5.5.5 via 192.168.158.2 dev ens33
MY_VPS_IP via 192.168.158.2 dev ens33

# ping www.google.com
PING www.google.com (172.217.31.228) 56(84) bytes of data.
64 bytes from 172.217.31.228 (172.217.31.228): icmp_seq=1 ttl=255 time=0.102 ms
^C
--- www.google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.102/0.102/0.102/0.000 ms

# curl www.google.com -I
HTTP/1.1 200 OK
Date: Wed, 13 Feb 2019 04:25:35 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2019-02-13-04; expires=Fri, 15-Mar-2019 04:25:35 GMT; path=/; domain=.google.com
Set-Cookie: NID=158=Y3GKV2a22KTK3rrwCO3x-C-cJqZGaQZlz_t3_PWc5nMyqSo5g5OFuUbj1YUw8QI5vtHABT619xL-YX2lQjhQgFM_auNDko3VHA2NFRpbgg5P5LdQ03j0c5hD0jp9ygM4mlc7CrvuvGGaJC5TgqCenBcmy1QYreZbfkyDwV0aDoA; expires=Thu, 15-Aug-2019 04:25:35 GMT; path=/; domain=.google.com; HttpOnly
Transfer-Encoding: chunked
Accept-Ranges: none
Vary: Accept-Encoding

# ntpdate time.windows.com

# tcpdump -i tun0  -n udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 262144 bytes
04:18:15.060450 IP 10.0.0.1.123 > 52.173.193.166.123: NTPv4, Client, length 48
04:18:17.059996 IP 10.0.0.1.123 > 52.173.193.166.123: NTPv4, Client, length 48
04:18:19.061079 IP 10.0.0.1.123 > 52.173.193.166.123: NTPv4, Client, length 48
04:18:21.059810 IP 10.0.0.1.123 > 52.173.193.166.123: NTPv4, Client, length 48

@FlowerWrong 多谢啦

FlowerWrong commented 5 years ago

https://github.com/FlowerWrong/ip2socks/blob/master/src/udp_raw.cpp#L427

relay_none_dns_packet_with_udp: true

试试这个。

sbilly commented 5 years ago

relay_none_dns_packet_with_udp 配置成了 true 也无法正常工作

# ntpdate time.windows.com
13 Feb 06:44:48 ntpdate[1868]: no server suitable for synchronization found

# tcpdump -n -i tun0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 262144 bytes
06:44:40.573645 IP 10.0.0.1.123 > 52.179.17.38.123: NTPv4, Client, length 48
06:44:42.573617 IP 10.0.0.1.123 > 52.179.17.38.123: NTPv4, Client, length 48
06:44:44.526891 IP6 fe80::1288:d43d:4929:4231 > ff02::2: ICMP6, router solicitation, length 8
06:44:44.573435 IP 10.0.0.1.123 > 52.179.17.38.123: NTPv4, Client, length 48
06:44:46.573310 IP 10.0.0.1.123 > 52.179.17.38.123: NTPv4, Client, length 48

之前启动的 ip2socks 提示 udp query sendto failed

# ./ip2socks --config=./scripts/config.linux.example.yml
Lwip netstack host 10.0.0.2 mask 255.255.255.0 gateway 10.0.0.1
Open tun device: tun0 for reading...
tun name is tun0
exec setup shell sh ./scripts/linux_setup_tuntap.sh 10.0.0.1
origin gateway is '192.168.158.2'
grep: ./scripts/china_ip_list/china_ip_list.txt: No such file or directory
Ip2socks started!
UDP via socks 5 udp tunnel to 52.179.17.38
udp query sendto failed
UDP via socks 5 udp tunnel to 52.179.17.38
udp query sendto failed
UDP via socks 5 udp tunnel to 52.179.17.38
udp query sendto failed
UDP via socks 5 udp tunnel to 52.179.17.38
udp query sendto failed

修改过的 config.linux.example.yml

# cat scripts/config.linux.example.yml
ip_mode: tun # tun or tap, default tun
dns_mode: udp # tcp or udp, default tcp
socks_server: 127.0.0.1
socks_port: 1080
remote_dns_server: 8.8.8.8
remote_dns_port: 53
local_dns_port: 53 # if you use your own local dns server, eg: pdnsd, dnsmasg, this is upstream dns server.
relay_none_dns_packet_with_udp: true
custom_domian_server_file: ./scripts/block.conf;./scripts/custom_domain_server.conf;./scripts/dnsmasq-china-list/google.china.conf;./scripts/dnsmasq-china-list/apple.china.conf;./scripts/dnsmasq-china-list/accelerated-domains.china.conf; # if multi, split with ';'
gw: 10.0.0.1 # gateway of lwip netif
addr: 10.0.0.2 # ip of lwip netif
netmask: 255.255.255.0 # netmask of lwip netif
after_start_shell: './scripts/linux_setup_tuntap.sh'
before_shutdown_shell: './scripts/linux_down_tuntap.sh'
FlowerWrong commented 5 years ago

你debug看看,我现在都用 tun2socks, 这个项目基本不维护了。

sbilly commented 5 years ago

我也试试 tun2socks。多谢