Closed willaytoun closed 1 week ago
服务端开 sniffing
试一下
这个有点没看明白它和路由routing的分流有啥不一样啊,重置当前连接的目标是什么意思啊?(sniffing:当流量为指定类型时,按其中包括的目标地址重置当前连接的目标) 为什么"系统代理"模式google分流成功走warp了但是"tun"就没有走啊?
系统代理模式下,域名直接被发送到服务器,服务端看到域名后分流。
Tun 模式下,客户端先将域名解析为 ip,服务器不进行嗅探的话,只会按照 ip 规则处理。
如果服务端不想动,请考虑使用 FakeDNS。但目前 GUI 暂未适配。
感谢您的解答,服务端sniffing这里更为这样"tun"模式google就可以正常分流了: "sniffing": { "enabled": true, "destOverride": [ "http", "tls", "quic" ] }
期待GUI可以早日适配FakeDNS让其他和我一样的人少些困扰(^_^)
FakeDNS 的话 v2ray 有,但是 nekoray 的魔改 core 很久没更新了。
nekobox 好像也有,只不过需要用自定义配置没试过。
自己魔改 core 迟早要完
nekobox的“tun”模式没有黑框挺好的,自定义路由网上貌似也没有教程的我想试试也不知道怎么上手。。。
隐藏黑框镜请在 VPN设置开启隐藏控制台
嗯好,Tun 模式客户端是先将域名解析为IP再发给服务端这样的话会不会存在DNS泄露的风险啊?
嗯好,Tun 模式客户端是先将域名解析为IP再发给服务端这样的话会不会存在DNS泄露的风险啊?
任何方案都有 DNS 泄漏的可能,但只要正确配置路由就没问题。
描述问题
预期行为:"系统代理"模式和"vpn"模式google.com都走warp。
实际行为:服务端我vps跳谷歌验证所以就套了warp google走warp,但是pc端vpn模式的话google就不走warp了还是跳验证google搜索my ip也显示的是vps的ip不是warp的ip,切换到系统代理模式就又不跳google验证了google搜索my ip也显示的是warp的ip了。 我试了v2aryn的"系统代理"和"tun"模式,google搜索my ip都是走了warp的。
如何复现
pc端sing-box内核只要是"vpn"模式google就都不走warp
日志
这个是我xray的配置 { "log": { "loglevel": "warning", "error": "/var/log/xray/error.log", "access": "/var/log/xray/access.log" }, "api": { "services": [ "HandlerService", "LoggerService", "StatsService" ], "tag": "api" }, "stats": {}, "policy": { "levels": { "0": { "handshake": 2, "connIdle": 128, "statsUserUplink": true, "statsUserDownlink": true } }, "system": { "statsInboundUplink": true, "statsInboundDownlink": true, "statsOutboundUplink": true, "statsOutboundDownlink": true } }, "dns": { "servers": [ "https+local://cloudflare-dns.com/dns-query", "1.1.1.1", "1.0.0.1", "8.8.8.8", "8.8.4.4", "localhost" ] }, "routing": { "domainStrategy": "IPIfNonMatch", "rules": [ { "inboundTag": [ "api" ], "outboundTag": "api", "type": "field" }, { "type": "field", "protocol": [ "bittorrent" ], "outboundTag": "block" }, { "type": "field", "ip": [ "geoip:private" ], "outboundTag": "block" }, { "type": "field", "ip": [ "geoip:cn" ], "outboundTag": "block" }, { "type": "field", "domain": [ "geosite:category-ads-all" ], "outboundTag": "block" }, { "type": "field", "domain": [ "domain:google.com", "geosite:netflix", "domain:ai.com", "domain:openai.com" ], "outboundTag": "warp" } ] }, "inbounds": [ { "listen": "127.0.0.1", "port": 32768, "protocol": "dokodemo-door", "settings": { "address": "127.0.0.1" }, "tag": "api", "sniffing": null }, { "tag": "xray-script-xtls-reality", "listen": "0.0.0.0", "port": 1443, "protocol": "vless", "settings": { "clients": [ { "email": "vless@xtls.reality", "id": "d44eb089-4f37-4539-bd27-1a3af2cd89fa", "flow": "xtls-rprx-vision", "level": 0 } ], "decryption": "none" }, "streamSettings": { "network": "tcp", "security": "reality", "realitySettings": { "show": false, "dest": "www.amazon.com:443", "xver": 0, "serverNames": [ "amazon.com" ], "privateKey": "qO4akox0liTuvVnsTRfyVsuN5dlc7cd9e467f53", "shortIds": [ "", "b1", "ea03" ] } }, "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] } } ], "outbounds": [ { "tag": "direct", "protocol": "freedom" }, { "tag": "block", "protocol": "blackhole" }, { "tag": "warp", "protocol": "wireguard", "settings": { "secretKey": "QAqJv1Y3o48bCH3L8yTiSXIkbiJomhgmKkmqXwVDq2b=", "address": [ "172.16.0.2/32" ], "peers": [ { "publicKey": "bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=", "allowedIPs": [ "0.0.0.0/0" ], "endpoint": "188.114.99.205:5279" } ], "reserved":[115, 63, 36], "mtu": 1420 } } ] }