HirbodBehnam
commented
4 years ago Hello
Can you send me the server logs with systemctl status shadowsocks-server -l?
Closed aboka2k closed 4 years ago
HirbodBehnam
commented
4 years ago Hello
Can you send me the server logs with systemctl status shadowsocks-server -l?
aboka2k
commented
4 years ago Hello Can you send me the server logs with
systemctl status shadowsocks-server -l?root@v2ray:~# systemctl status shadowsocks-server -l ● shadowsocks-server.service - Shadowsocks-libev Server Service Loaded: loaded (/etc/systemd/system/shadowsocks-server.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2020-08-23 21:41:04 +08; 1min 43s ago Docs: man:shadowsocks-libev(8) Main PID: 722 (ss-server) Tasks: 6 (limit: 1062) Memory: 5.5M CGroup: /system.slice/shadowsocks-server.service ├─722 /usr/bin/ss-server └─724 ck-server
Aug 23 21:41:04 v2ray systemd[1]: Started Shadowsocks-libev Server Service. Aug 23 21:41:04 v2ray ss-server[722]: 2020-08-23 21:41:04 INFO: plugin "ck-server" enabled Aug 23 21:41:04 v2ray ss-server[722]: 2020-08-23 21:41:04 INFO: initializing ciphers... chacha20-ietf-poly1305 Aug 23 21:41:04 v2ray ss-server[722]: 2020-08-23 21:41:04 INFO: using nameserver: 8.8.8.8 Aug 23 21:41:04 v2ray ss-server[722]: 2020-08-23 21:41:04 INFO: tcp server listening at 127.0.0.1:51135 Aug 23 21:41:04 v2ray ss-server[722]: 2020-08-23 21:41:04 INFO: running from root user Aug 23 21:41:04 v2ray ss-server[724]: 2020/08/23 21:41:04 ck-server.go:265: Listening on 0.0.0.0:443
/etc/shadowsocks-libev/config.json "server":"0.0.0.0", "server_port":443, "password":"xxxxxxxxxx", "timeout":60, "method":"chacha20-ietf-poly1305", "nameserver":"8.8.8.8", "plugin":"ck-server", "plugin_opts":"/etc/shadowsocks-libev/ckconfig.json"
/etc/shadowsocks-libev/ckconfig.json "WebServerAddr":"204.79.197.200:443", "PrivateKey":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "AdminUID":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "DatabasePath":"/etc/shadowsocks-libev/userinfo.db"
the WebServerAddr is the default @msn. Thank you,
p/s - im on a Ubuntu 20.04 LTS vps
HirbodBehnam
commented
4 years ago From the client log, it looks like that the server is refusing the connection. Have you checked your firewall?
aboka2k
commented
4 years ago From the client log, it looks like that the server is refusing the connection. Have you checked your firewall?
hi, its more like nothing is listening/receiving the traffic on ipv4(443).
its a new vps and there is no iptables/firewall-
root@v2ray:~# sudo iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT
on another server running ss+v2ray, it is listening on both ipv4 and ipv6. its weird why there is no ipv4 for this one. as far i know, the vps doesn't has ipv6. any suggestions?
thank you,
HirbodBehnam
commented
4 years ago Hello again Unfortunately I don't know what to do. It's kinda strange because in the shadowsocks config and log it says that it's listening on ipv4 (0.0.0.0) however as you pointed, netstat is showing that it's only listening on ipv6. It could be a script bug or it could be a bug from cloak. I'll just label this issue as "Help Wanted" so maybe someone else could help you. Also why you are not using cloak 2?
aboka2k
commented
4 years ago hi, i was thinking of using v2, but from my understanding from the guide, v2 is for tor or openvpn.
could we use v2 with ss? if yes, how do we do that? manually install ss then cloak v2 and setup the config etc + ssl? is there guide some where we could follow as im kinda noob on this
thank you,
HirbodBehnam
commented
4 years ago Hello CloakV2 can be used with tor or openvpn. If you want to use it with shadowsocks, just use the my own script for Cloak2. You will be asked if you want to install shadowsocks or not. Or just
curl -o Cloak-Installer.sh -L https://git.io/fj5mh && bash Cloak-Installer.shand follow the instructions.
aboka2k
commented
4 years ago hi, thanks a lot ~! will install and revert later :)
HirbodBehnam
commented
4 years ago @aboka2k I also forgot, please uninstall cloak 1 completely and then install cloak 2.
aboka2k
commented
4 years ago @aboka2k I also forgot, please uninstall cloak 1 completely and then install cloak 2.
no worry, i will reset the whole vps and do a update && upgrade then only install them :)
aboka2k
commented
4 years ago @HirbodBehnam V2 is working now :) but got some questions after installing and playing with them -
1) now i choose the default 'chacha20-ietf-poly1305' for the encryption, is there way to change this in future? thought of changing that inside 'shadowsocks.json' but it show 'plain' as its encryption method
2) what is "RedirAddr": "204.79.197.200" for and how it works? My understanding is when someone trying to access your server from the browser, they will be direct to this decoy IP. Now whenever i try to access my server using its IP, it will say
This site can’t be reached173.82.xxx.xxx refused to connect.
thank you,
HirbodBehnam
commented
4 years ago @aboka2k Hello
And lastly, for cloak 1, I will go and check it's code to see how does it bind on IP address and check if the problem of ipv6 is because of my script or cloak itself.
aboka2k
commented
4 years ago @aboka2k Hello
- The encryption is server independent. That means that you just have to change the encryption from client and it will be automatically configured and used on client hello. Also as the main documents for cloak says, you can use plain for shadowsocks because it's encrypted and does not give any fingerprints.
- You are right! If anyone tries to send a normal https request to cloak, they will be redirected to that IP. Also I realized that probably my script and the cloak's example configs have a problem. It looks like that the RedirAddr must contain a port number as well. I will fix this problem. Thanks for reporting!
And lastly, for cloak 1, I will go and check it's code to see how does it bind on IP address and check if the problem of ipv6 is because of my script or cloak itself.
hi, thanks alot for all the help and info. interesting to know 'plain' is an encryption method, would try search for that as like to read the details. in the meantime, hv edit them like this "RedirAddr": "204.79.197.200:443", and its working now. It will divert to the IP after accepting the unsecure page warning
i hv got 2 more questions if you dont mind - 1) how do we change the server IP address to a domainname?
2) this is relate to the original question - wonder why there is no ipv4 shown on netstat. although it is working now.
root@v2ray:~# sudo netstat -tulpn Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:62643 0.0.0.0: LISTEN 49803/ss-server tcp 0 0 127.0.0.53:53 0.0.0.0: LISTEN 21521/systemd-resol tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN 20408/sshd: /usr/sb tcp6 0 0 :::22 ::: LISTEN 20408/sshd: /usr/sb tcp6 0 0 :::443 ::: LISTEN 50179/ck-server udp 0 0 127.0.0.53:53 0.0.0.0: 21521/systemd-resol
aboka2k
commented
4 years ago 'found' the ipv4 443 by using 'sudo ss -tulpn'
tcp LISTEN 0 4096 :443 :* users:(("ck-server",pid=710,fd=7))
not sure why its not shown on netstat, perhaps it is not consider as a server?
HirbodBehnam
commented
4 years ago No problem I'm just here to help :)
lsof -i -P -n | grep LISTEN.aboka2k
commented
4 years ago @HirbodBehnam i already have a domain and pointing to the server now and im using the domainname on the client settings. i thought we need to change the IP to domain in the server settings as the proper way
thanks again and hv a nice day :)
hi, hv tried to install SS with Cloak v.1 using your example here -
curl -o Shadowsocks-Cloak-Installer.sh -L https://git.io/fjECg && bash Shadowsocks-Cloak-Installer.shinstallation completes with no error. but couldn't make connection to the server. here is the error on the client side:
truncate... 2020-08-23 18:29:47.7409|INFO|Shadowsocks.Controller.ShadowsocksController|Started SIP003 plugin for 173.82.104.152:443 on 127.0.0.1:54398 - PID: 5212 2020-08-23 18:29:47.9550|DEBUG|Shadowsocks.Controller.TCPHandler|connect to s.yimg.com:443 2020-08-23 18:29:47.9760|INFO|Shadowsocks.Controller.ShadowsocksController|Started SIP003 plugin for 173.82.104.152:443 on 127.0.0.1:54403 - PID: 6460 2020-08-23 18:29:48.7980|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult) at Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult) at Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar) 2020-08-23 18:29:48.9780|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it ... truncatedont know where is the server log, so couldn't attach here. one thing i notice is there no ipv4. the ck-server only listen on ipv6 and not on ipv4. i try to disable ipv6 with the code below, but still no ipv4. please advice. thank you.
p/s - after installation, i just scan the qr code on the client side and change the plugin path and connect