RPRX
commented
3 years ago destOverride 才会出错吧?以及正确的地址应该是?
Closed Zzz3m closed 7 months ago
RPRX
commented
3 years ago destOverride 才会出错吧?以及正确的地址应该是?
Zzz3m
commented
3 years ago 刚才又经过了一些测试。 Q:destOverride 才会出错吧? A:确实和destOverride 有关。但是将"destOverride"中的"http","tls"删除后,还会出现问题。(无法将UDP re TCP 通过PDNSD解析?) Q:以及正确的地址应该是? A:刚才测试了许久,发现这个问题只出现在UDP re TCP这个流程中(NetflixUWP-LEAN的SSRP-PDNSD)。电脑本机Xray-core客户端DNS直接UDP解析 or OPENWRT DoH、UDP解析未出现此问题。还未探测到具体的问题所在,地址解析看log貌似是正确的。 其他:MUX开或者关均复现此问题;指纹伪造开或关均复现;测试发现通过dokodemo-door进行UDP re TCP,开启snffing和destOverride的VMess VLESS SS(套TLS)均复现此问题。 相关客户端日志: 开启MUX: 2021/02/17 12:40:28 [Debug] [1847057587] proxy/dokodemo: processing connection from: 192.168.50.2:8792 2021/02/17 12:40:28 [Info] [1847057587] proxy/dokodemo: received request for 192.168.50.2:8792 2021/02/17 12:40:28 [Info] [1847057587] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/17 12:40:28 [Info] [1847057587] common/mux: dispatching request to tcp:8.8.8.8:53 2021/02/17 12:40:28 [Info] transport/internet/websocket: creating connection to tcp:xxx.xxx.xxx:443 2021/02/17 12:40:28 [Info] proxy/vmess/outbound: tunneling request to tcp:v1.mux.cool:9527 via tcp:xxx.xxx.xxx:443 2021/02/17 12:40:29 [Debug] [4038128868] proxy/dokodemo: processing connection from: 192.168.50.15:1345 2021/02/17 12:40:29 [Info] [4038128868] proxy/dokodemo: received request for 192.168.50.15:1345 2021/02/17 12:40:29 [Info] [4038128868] app/dispatcher: sniffed domain: clients4.google.com 2021/02/17 12:40:29 [Info] [4038128868] app/dispatcher: default route for tcp:clients4.google.com:443 2021/02/17 12:40:29 [Info] [4038128868] common/mux: dispatching request to tcp:clients4.google.com:443 2021/02/17 12:40:31 [Debug] [3941933362] proxy/dokodemo: processing connection from: 192.168.50.15:1347 2021/02/17 12:40:31 [Info] [3941933362] proxy/dokodemo: received request for 192.168.50.15:1347 2021/02/17 12:40:31 [Info] [3941933362] app/dispatcher: sniffed domain: licensing.mp.microsoft.com 2021/02/17 12:40:31 [Info] [3941933362] app/dispatcher: default route for tcp:licensing.mp.microsoft.com:443 2021/02/17 12:40:31 [Info] [3941933362] common/mux: dispatching request to tcp:licensing.mp.microsoft.com:443 2021/02/17 12:40:32 [Debug] [439711771] proxy/dokodemo: processing connection from: 192.168.50.15:1351 2021/02/17 12:40:32 [Info] [439711771] proxy/dokodemo: received request for 192.168.50.15:1351 2021/02/17 12:40:32 [Info] [439711771] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 12:40:32 [Info] [439711771] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:32 [Info] [439711771] common/mux: dispatching request to tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:33 [Debug] [3245946218] proxy/dokodemo: processing connection from: 192.168.50.15:1352 2021/02/17 12:40:33 [Info] [3245946218] proxy/dokodemo: received request for 192.168.50.15:1352 2021/02/17 12:40:33 [Info] [3245946218] app/dispatcher: sniffed domain: ichnaea.netflix.com 2021/02/17 12:40:33 [Info] [3245946218] app/dispatcher: default route for tcp:ichnaea.netflix.com:443 2021/02/17 12:40:33 [Info] [3245946218] common/mux: dispatching request to tcp:ichnaea.netflix.com:443 2021/02/17 12:40:33 [Debug] [4118012471] proxy/dokodemo: processing connection from: 192.168.50.15:1354 2021/02/17 12:40:33 [Info] [4118012471] proxy/dokodemo: received request for 192.168.50.15:1354 2021/02/17 12:40:33 [Info] [4118012471] app/dispatcher: sniffed domain: k-ring.msedge.net 2021/02/17 12:40:33 [Info] [4118012471] app/dispatcher: default route for tcp:k-ring.msedge.net:443 2021/02/17 12:40:33 [Info] [4118012471] common/mux: dispatching request to tcp:k-ring.msedge.net:443 2021/02/17 12:40:33 [Debug] [3675390736] proxy/dokodemo: processing connection from: 192.168.50.15:1355 2021/02/17 12:40:33 [Info] [3675390736] proxy/dokodemo: received request for 192.168.50.15:1355 2021/02/17 12:40:33 [Info] [3675390736] app/dispatcher: sniffed domain: fp-as-nocache.azureedge.net 2021/02/17 12:40:33 [Info] [3675390736] app/dispatcher: default route for tcp:fp-as-nocache.azureedge.net:443 2021/02/17 12:40:33 [Info] [3675390736] common/mux: dispatching request to tcp:fp-as-nocache.azureedge.net:443 2021/02/17 12:40:33 [Debug] [1423077386] proxy/dokodemo: processing connection from: 192.168.50.15:1357 2021/02/17 12:40:33 [Info] [1423077386] proxy/dokodemo: received request for 192.168.50.15:1357 2021/02/17 12:40:33 [Info] [1423077386] app/dispatcher: sniffed domain: a-ring.msedge.net 2021/02/17 12:40:33 [Info] [1423077386] app/dispatcher: default route for tcp:a-ring.msedge.net:443 2021/02/17 12:40:33 [Info] [1423077386] common/mux: dispatching request to tcp:a-ring.msedge.net:443 2021/02/17 12:40:33 [Debug] [2580205384] proxy/dokodemo: processing connection from: 192.168.50.15:1363 2021/02/17 12:40:33 [Info] [2580205384] proxy/dokodemo: received request for 192.168.50.15:1363 2021/02/17 12:40:33 [Info] [2580205384] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 12:40:33 [Info] [2580205384] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:33 [Info] [2580205384] common/mux: dispatching request to tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:36 [Info] [3245946218] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport request > read tcp 192.168.50.2:1234->192.168.50.15:1352: read: connection reset by peer 2021/02/17 12:40:36 [Info] [3245946218] common/mux: failed to fetch all input > io: read/write on closed pipe 2021/02/17 12:40:47 [Debug] [1827196737] proxy/dokodemo: processing connection from: 192.168.50.15:1398 2021/02/17 12:40:47 [Info] [1827196737] proxy/dokodemo: received request for 192.168.50.15:1398 2021/02/17 12:40:47 [Info] [1827196737] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 12:40:47 [Info] [1827196737] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:47 [Info] [1827196737] common/mux: dispatching request to tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:52 [Debug] [2986914737] proxy/dokodemo: processing connection from: 192.168.50.15:1410 2021/02/17 12:40:52 [Info] [2986914737] proxy/dokodemo: received request for 192.168.50.15:1410 2021/02/17 12:40:52 [Info] [2986914737] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 12:40:52 [Info] [2986914737] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:52 [Info] [2986914737] common/mux: dispatching request to tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:40:54 [Info] [3675390736] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > context canceled 2021/02/17 12:40:54 [Info] [3675390736] common/mux: failed to fetch all input > io: read/write on closed pipe 2021/02/17 12:41:04 [Debug] [2383259299] proxy/dokodemo: processing connection from: 192.168.50.15:1447 2021/02/17 12:41:04 [Info] [2383259299] proxy/dokodemo: received request for 192.168.50.15:1447 2021/02/17 12:41:04 [Info] [2383259299] app/dispatcher: sniffed domain: checkappexec.microsoft.com 2021/02/17 12:41:04 [Info] [2383259299] app/dispatcher: default route for tcp:checkappexec.microsoft.com:443 2021/02/17 12:41:04 [Info] [2383259299] common/mux: dispatching request to tcp:checkappexec.microsoft.com:443 2021/02/17 12:41:07 [Debug] [984600156] proxy/dokodemo: processing connection from: 192.168.50.15:1458 2021/02/17 12:41:07 [Info] [984600156] proxy/dokodemo: received request for 192.168.50.15:1458 2021/02/17 12:41:07 [Info] [984600156] app/dispatcher: sniffed domain: mail.google.com 2021/02/17 12:41:07 [Info] [984600156] app/dispatcher: default route for tcp:mail.google.com:443 2021/02/17 12:41:07 [Info] [984600156] common/mux: dispatching request to tcp:mail.google.com:443 2021/02/17 12:41:10 [Debug] transport/internet/udp: UDP original destination: udp:17.253.114.253:123 2021/02/17 12:41:10 [Debug] [3735904178] proxy/dokodemo: processing connection from: 192.168.50.16:60445 2021/02/17 12:41:10 [Info] [3735904178] proxy/dokodemo: received request for 192.168.50.16:60445 2021/02/17 12:41:10 [Info] [3735904178] app/dispatcher: default route for udp:17.253.114.253:123 2021/02/17 12:41:10 [Info] [3735904178] common/mux: dispatching request to udp:17.253.114.253:123 2021/02/17 12:41:10 [Info] transport/internet/websocket: creating connection to tcp:xxx.xxx.xxx:443 2021/02/17 12:41:11 [Info] proxy/vmess/outbound: tunneling request to tcp:v1.mux.cool:9527 via tcp:xxx.xxx.xxx:443 2021/02/17 12:41:11 [Debug] transport/internet/udp: UDP original destination: udp:17.253.84.123:123 2021/02/17 12:41:11 [Debug] [1519575603] proxy/dokodemo: processing connection from: 192.168.50.16:55078 2021/02/17 12:41:11 [Info] [1519575603] proxy/dokodemo: received request for 192.168.50.16:55078 2021/02/17 12:41:11 [Info] [1519575603] app/dispatcher: default route for udp:17.253.84.123:123 2021/02/17 12:41:11 [Info] [1519575603] common/mux: dispatching request to udp:17.253.84.123:123 2021/02/17 12:41:11 [Debug] transport/internet/udp: UDP original destination: udp:17.253.84.251:123 2021/02/17 12:41:11 [Debug] [3020071219] proxy/dokodemo: processing connection from: 192.168.50.16:49823 2021/02/17 12:41:11 [Info] [3020071219] proxy/dokodemo: received request for 192.168.50.16:49823 2021/02/17 12:41:11 [Info] [3020071219] app/dispatcher: default route for udp:17.253.84.251:123 2021/02/17 12:41:11 [Info] [3020071219] common/mux: dispatching request to udp:17.253.84.251:123 2021/02/17 12:41:16 [Debug] [1548228274] proxy/dokodemo: processing connection from: 192.168.50.15:1483 2021/02/17 12:41:16 [Info] [1548228274] proxy/dokodemo: received request for 192.168.50.15:1483 2021/02/17 12:41:16 [Info] [1548228274] app/dispatcher: sniffed domain: ichnaea.netflix.com 2021/02/17 12:41:16 [Info] [1548228274] app/dispatcher: default route for tcp:ichnaea.netflix.com:443 2021/02/17 12:41:16 [Info] [1548228274] common/mux: dispatching request to tcp:ichnaea.netflix.com:443 2021/02/17 12:41:28 [Debug] [124219203] proxy/dokodemo: processing connection from: 192.168.50.15:1512 2021/02/17 12:41:28 [Info] [124219203] proxy/dokodemo: received request for 192.168.50.15:1512 2021/02/17 12:41:28 [Info] [124219203] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [124219203] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [124219203] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Debug] [235646353] proxy/dokodemo: processing connection from: 192.168.50.15:1513 2021/02/17 12:41:28 [Info] [235646353] proxy/dokodemo: received request for 192.168.50.15:1513 2021/02/17 12:41:28 [Info] [235646353] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [235646353] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [235646353] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] common/mux: failed to write to downstream. closing session 5 > io: read/write on closed pipe 2021/02/17 12:41:28 [Info] common/mux: failed to write to downstream. closing session 6 > io: read/write on closed pipe 2021/02/17 12:41:28 [Debug] [3843616372] proxy/dokodemo: processing connection from: 192.168.50.15:1514 2021/02/17 12:41:28 [Info] [3843616372] proxy/dokodemo: received request for 192.168.50.15:1514 2021/02/17 12:41:28 [Info] [3843616372] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [3843616372] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [3843616372] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Debug] [2243782160] proxy/dokodemo: processing connection from: 192.168.50.15:1515 2021/02/17 12:41:28 [Info] [2243782160] proxy/dokodemo: received request for 192.168.50.15:1515 2021/02/17 12:41:28 [Info] [2243782160] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [2243782160] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [2243782160] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] common/mux: failed to write to downstream. closing session 7 > io: read/write on closed pipe 2021/02/17 12:41:28 [Debug] [3033490864] proxy/dokodemo: processing connection from: 192.168.50.15:1516 2021/02/17 12:41:28 [Info] [3033490864] proxy/dokodemo: received request for 192.168.50.15:1516 2021/02/17 12:41:28 [Info] [3033490864] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [3033490864] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [3033490864] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [2243782160] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > writev tcp 192.168.50.2:1234->192.168.50.15:1515: writev: broken pipe 2021/02/17 12:41:28 [Info] [2243782160] common/mux: failed to fetch all input > io: read/write on closed pipe 2021/02/17 12:41:28 [Info] common/mux: failed to write to downstream. closing session 8 > io: read/write on closed pipe 2021/02/17 12:41:28 [Debug] [3685925284] proxy/dokodemo: processing connection from: 192.168.50.15:1517 2021/02/17 12:41:28 [Info] [3685925284] proxy/dokodemo: received request for 192.168.50.15:1517 2021/02/17 12:41:28 [Info] [3685925284] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [3685925284] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [3685925284] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] common/mux: failed to write to downstream. closing session 9 > io: read/write on closed pipe 2021/02/17 12:41:28 [Debug] [427004910] proxy/dokodemo: processing connection from: 192.168.50.15:1518 2021/02/17 12:41:28 [Info] [427004910] proxy/dokodemo: received request for 192.168.50.15:1518 2021/02/17 12:41:28 [Info] [427004910] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [427004910] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [427004910] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Debug] [1573651997] proxy/dokodemo: processing connection from: 192.168.50.15:1519 2021/02/17 12:41:28 [Info] [1573651997] proxy/dokodemo: received request for 192.168.50.15:1519 2021/02/17 12:41:28 [Info] [1573651997] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:28 [Info] [1573651997] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:28 [Info] [1573651997] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Debug] [2975884549] proxy/dokodemo: processing connection from: 192.168.50.15:1520 2021/02/17 12:41:29 [Info] [2975884549] proxy/dokodemo: received request for 192.168.50.15:1520 2021/02/17 12:41:29 [Info] [2975884549] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [2975884549] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [2975884549] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Debug] [2556054556] proxy/dokodemo: processing connection from: 192.168.50.15:1521 2021/02/17 12:41:29 [Info] [2556054556] proxy/dokodemo: received request for 192.168.50.15:1521 2021/02/17 12:41:29 [Info] [2556054556] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [2556054556] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [2556054556] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Debug] [673866196] proxy/dokodemo: processing connection from: 192.168.50.15:1522 2021/02/17 12:41:29 [Info] [673866196] proxy/dokodemo: received request for 192.168.50.15:1522 2021/02/17 12:41:29 [Info] [673866196] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [673866196] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [673866196] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Debug] [4158961108] proxy/dokodemo: processing connection from: 192.168.50.15:1523 2021/02/17 12:41:29 [Info] [4158961108] proxy/dokodemo: received request for 192.168.50.15:1523 2021/02/17 12:41:29 [Info] [4158961108] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [4158961108] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [4158961108] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Debug] [2781626277] proxy/dokodemo: processing connection from: 192.168.50.15:1524 2021/02/17 12:41:29 [Info] [2781626277] proxy/dokodemo: received request for 192.168.50.15:1524 2021/02/17 12:41:29 [Info] [2781626277] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [2781626277] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [2781626277] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] common/mux: failed to write to downstream. closing session 15 > io: read/write on closed pipe 2021/02/17 12:41:29 [Debug] [2005407116] proxy/dokodemo: processing connection from: 192.168.50.15:1525 2021/02/17 12:41:29 [Info] [2005407116] proxy/dokodemo: received request for 192.168.50.15:1525 2021/02/17 12:41:29 [Info] [2005407116] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [2005407116] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [2005407116] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] common/mux: failed to write to downstream. closing session 14 > io: read/write on closed pipe 2021/02/17 12:41:29 [Debug] [1442492027] proxy/dokodemo: processing connection from: 192.168.50.15:1526 2021/02/17 12:41:29 [Info] [1442492027] proxy/dokodemo: received request for 192.168.50.15:1526 2021/02/17 12:41:29 [Info] [1442492027] app/dispatcher: sniffed domain: occ-0-325-395.1.nflxso.net 2021/02/17 12:41:29 [Info] [1442492027] app/dispatcher: default route for tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] [1442492027] common/mux: dispatching request to tcp:occ-0-325-395.1.nflxso.net:443 2021/02/17 12:41:29 [Info] common/mux: failed to write to downstream. closing session 17 > io: read/write on closed pipe 2021/02/17 12:41:29 [Debug] [2351115329] proxy/dokodemo: processing connection from: 192.168.50.15:1527
2021/02/17 12:49:56 [Info] [2839216081] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 12:49:56 [Info] [2839216081] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:49:56 [Info] [2839216081] common/mux: dispatching request to tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:49:56 [Debug] [735530661] proxy/dokodemo: processing connection from: 192.168.50.15:9918 2021/02/17 12:49:56 [Info] [735530661] proxy/dokodemo: received request for 192.168.50.15:9918 2021/02/17 12:49:56 [Info] [735530661] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 12:49:56 [Info] [735530661] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:49:56 [Info] [735530661] common/mux: dispatching request to tcp:win10.prod.http1.netflix.com:443 2021/02/17 12:49:56 [Info] [452984509] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport request > read tcp 192.168.50.2:1234->192.168.50.15:9914: read: connection reset by peer 2021/02/17 12:49:56 [Info] [452984509] common/mux: failed to fetch all input > io: read/write on closed pipe 2021/02/17 12:49:56 [Info] [2516156484] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport request > read tcp 192.168.50.2:1234->192.168.50.15:9913: read: connection reset by peer 2021/02/17 12:49:56 [Info] [2516156484] common/mux: failed to fetch all input > io: read/write on closed pipe 2021/02/17 12:49:56 [Info] [735530661] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport request > read tcp 192.168.50.2:1234->192.168.50.15:9918: read: connection reset by peer 2021/02/17 12:49:56 [Info] [735530661] common/mux: failed to fetch all input > io: read/write on closed pipe
未开启MUX: 2021/02/17 13:19:05 [Info] [303700514] app/dispatcher: default route for tcp:www.google.com:80 2021/02/17 13:19:05 [Info] [303700514] transport/internet/websocket: creating connection to tcp:xxx.xxx.xxx:443 2021/02/17 13:19:05 [Info] [303700514] proxy/vmess/outbound: tunneling request to tcp:www.google.com:80 via tcp:xxx.xxx.xxx:443 2021/02/17 13:19:05 [Info] [303700514] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > write tcp 127.0.0.1:1234->192.168.50.2:57050: write: broken pipe 2021/02/17 13:19:05 [Info] [303700514] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > context canceled 2021/02/17 13:19:12 [Debug] [371222160] proxy/dokodemo: processing connection from: 192.168.50.15:1488 2021/02/17 13:19:12 [Info] [371222160] proxy/dokodemo: received request for 192.168.50.15:1488 2021/02/17 13:19:12 [Info] [371222160] app/dispatcher: sniffed domain: crl.identrust.com 2021/02/17 13:19:12 [Info] [371222160] app/dispatcher: default route for tcp:crl.identrust.com:80 2021/02/17 13:19:12 [Info] [371222160] transport/internet/websocket: creating connection to tcp:xxx.xxx.xxx:443 2021/02/17 13:19:13 [Info] [371222160] proxy/vmess/outbound: tunneling request to tcp:crl.identrust.com:80 via tcp:xxx.xxx.xxx:443 2021/02/17 13:19:45 [Info] [291294510] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > context canceled 2021/02/17 13:19:45 [Info] [291294510] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > context canceled 2021/02/17 13:20:14 [Info] [371222160] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > context canceled 2021/02/17 13:20:14 [Info] [371222160] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/02/17 13:20:18 [Debug] [3283145346] proxy/dokodemo: processing connection from: 192.168.50.15:1501 2021/02/17 13:20:18 [Info] [3283145346] proxy/dokodemo: received request for 192.168.50.15:1501 2021/02/17 13:20:18 [Info] [3283145346] app/dispatcher: sniffed domain: win10.prod.http1.netflix.com 2021/02/17 13:20:18 [Info] [3283145346] app/dispatcher: default route for tcp:win10.prod.http1.netflix.com:443 2021/02/17 13:20:18 [Info] [3283145346] transport/internet/websocket: creating connection to tcp:xxx.xxx.xxx:443 2021/02/17 13:20:19 [Info] [3283145346] proxy/vmess/outbound: tunneling request to tcp:win10.prod.http1.netflix.com:443 via tcp:xxx.xxx.xxx:443 2021/02/17 13:20:30 [Info] [1406540783] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > context canceled 2021/02/17 13:20:30 [Info] [1406540783] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > context canceled 2021/02/17 13:20:31 [Info] [730167022] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > context canceled 2021/02/17 13:20:31 [Info] [730167022] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > context canceled
RPRX
commented
3 years ago @cntzjjs 那个 commit 应该和 sniffing 无关,请提供更多信息
Zzz3m
commented
3 years ago 是的,昨晚我自编译运行了最新的代码,问题仍复现。这边需要完整的debug日志吗?关于这个问题我先梳理一下SSRP对DNS做解析的步骤,如有错误请帮忙指出。我的理解是:NFUWP应用发起了DNS的UDP请求-PDNSD转换成TCP-dokodemo-door入站-经过流量对于域名进行嗅探后-出站-Xray服务端进行TCP解析后再将结果返回SSRP。
因为这个涉及到的部分有些多,相关pdnsd的调试教程都不好使,未抓到pdnsd包。 可能的情况: 1、sniffning-destOverride与PDNSD或者DNS2socks存在兼容问题 2、sniffning-destOverride到的信息不对(目前通过log看解析到的域名信息是正确的) 3、PDNSD或者DNS2socks的TCP_only存在问题。
PS:因个人的能力水平有限,或者个人环境存在不确定性(2台电脑均出现),能看到此issue的朋友也可以查看下,用NF-UWP观看视频,路由器固件LEAN-PDNSD解析,观看一段时间后,或者暂停一段时间后,点击右上角的集数选项,是否会出现H403错误?
z826540272
commented
3 years ago 是的,昨晚我自编译运行了最新的代码,问题仍复现。这边需要完整的debug日志吗?关于这个问题我先梳理一下SSRP对DNS做解析的步骤,如有错误请帮忙指出。我的理解是:NFUWP应用发起了DNS的UDP请求-PDNSD转换成TCP-dokodemo-door入站-经过流量对于域名进行嗅探后-出站-Xray服务端进行TCP解析后再将结果返回SSRP。
因为这个涉及到的部分有些多,相关pdnsd的调试教程都不好使,未抓到pdnsd包。 可能的情况: 1、sniffning-destOverride与PDNSD或者DNS2socks存在兼容问题 2、sniffning-destOverride到的信息不对(目前通过log看解析到的域名信息是正确的) 3、PDNSD或者DNS2socks的TCP_only存在问题。
PS:因个人的能力水平有限,或者个人环境存在不确定性(2台电脑均出现),能看到此issue的朋友也可以查看下,用NF-UWP观看视频,路由器固件LEAN-PDNSD解析,观看一段时间后,或者暂停一段时间后,点击右上角的集数选项,是否会出现H403错误?
建议你给lean建议添加个嗅探开关
KyonCN
commented
3 years ago 是的,昨晚我自编译运行了最新的代码,问题仍复现。这边需要完整的debug日志吗?关于这个问题我先梳理一下SSRP对DNS做解析的步骤,如有错误请帮忙指出。我的理解是:NFUWP应用发起了DNS的UDP请求-PDNSD转换成TCP-dokodemo-door入站-经过流量对于域名进行嗅探后-出站-Xray服务端进行TCP解析后再将结果返回SSRP。
因为这个涉及到的部分有些多,相关pdnsd的调试教程都不好使,未抓到pdnsd包。 可能的情况: 1、sniffning-destOverride与PDNSD或者DNS2socks存在兼容问题 2、sniffning-destOverride到的信息不对(目前通过log看解析到的域名信息是正确的) 3、PDNSD或者DNS2socks的TCP_only存在问题。
PS:因个人的能力水平有限,或者个人环境存在不确定性(2台电脑均出现),能看到此issue的朋友也可以查看下,用NF-UWP观看视频,路由器固件LEAN-PDNSD解析,观看一段时间后,或者暂停一段时间后,点击右上角的集数选项,是否会出现H403错误?
居然是这个问题 困惑了我好久 我用的op是lean的下游一个版本 使用ws tls观看视频会被降速到原来的百分之一 日志也是一样的错误
Zzz3m
commented
3 years ago Passwall中 DNS凡是为TCP解析的(PDNSD DNS2SOCKS FAKE IP)均复现此问题。 以下是完整配置文件: 透明代理json: { "inboundDetour": [ { "port": 1080, "protocol": "socks", "settings": { "udp": true, "auth": "noauth" } } ], "log": { "loglevel": "warning" }, "outbound": { "settings": { "vnext": [ { "port": 443, "users": [ { "id": "uuid", "alterId": 4, "security": "auto" } ], "address": "xxx.xxx.xxx" } ] }, "mux": { "enabled": true, "concurrency": 8 }, "protocol": "vmess", "streamSettings": { "network": "ws", "tlsSettings": { "fingerprint": "chrome" }, "wsSettings": { "path": "/xxxxxxx" }, "security": "tls" } }, "inbound": { "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "port": 1234, "protocol": "dokodemo-door", "settings": { "network": "tcp,udp", "followRedirect": true } } }
TPROXY-IPTABLES: Chain SS_SPEC_WAN_AC (2 references) num target prot opt source destination 1 REDIRECT tcp -- anywhere anywhere match-set netflix dst redir ports 1234 2 RETURN all -- anywhere anywhere match-set whitelist dst 3 SS_SPEC_WAN_FW all -- anywhere anywhere match-set blacklist dst 4 RETURN all -- anywhere anywhere match-set bplan src 5 SS_SPEC_WAN_FW all -- anywhere anywhere match-set fplan src 6 RETURN tcp -- anywhere xxx.xxx.xxx.xxx tcp dpt:!domain 7 RETURN all -- anywhere anywhere match-set ss_spec_wan_ac dst 8 RETURN all -- anywhere anywhere match-set china dst 9 SS_SPEC_WAN_FW all -- anywhere anywhere match-set gmlan src ! match-set china dst 10 SS_SPEC_WAN_FW all -- anywhere anywhere
Chain SS_SPEC_WAN_FW (4 references) num target prot opt source destination 1 RETURN all -- anywhere 0.0.0.0/8 2 RETURN all -- anywhere 10.0.0.0/8 3 RETURN all -- anywhere 127.0.0.0/8 4 RETURN all -- anywhere 169.254.0.0/16 5 RETURN all -- anywhere 172.16.0.0/12 6 RETURN all -- anywhere 192.168.0.0/16 7 RETURN all -- anywhere base-address.mcast.net/4 8 RETURN all -- anywhere 240.0.0.0/4 9 REDIRECT udp -- anywhere anywhere redir ports 1234 10 REDIRECT tcp -- anywhere anywhere redir ports 1234
Pdnsd.conf: global{ perm_cache=1024; cache_dir="/var/etc/ssrplus/pdnsd"; pid_file="/var/run/pdnsd.pid"; run_as="nobody"; server_ip=127.0.0.1; server_port=5335; status_ctl=on; query_method=tcp_only; min_ttl=1h; max_ttl=1w; timeout=10; neg_domain_pol=on; proc_limit=2; procq_limit=8; par_queries=1; } server{ label="ssr-usrdns"; ip=8.8.8.8; port=53; timeout=6; uptest=none; interval=10m; purge_cache=off; reject=::/0; }
Wireshark抓包:
erro.log: 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:uiload.com:80 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:uiload.com:80 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:uiload.com:80 2021/02/16 14:00:29 [Info] [748162085] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:29 [Info] [748162085] common/mux: session 12 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47928->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 1 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47930->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 2 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [748162085] common/mux: received request for tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [748162085] app/dispatcher: default route for tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [748162085] proxy/freedom: opening connection to tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [748162085] transport/internet/tcp: dialing TCP to tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47936->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 4 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [748162085] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:29 [Info] [748162085] common/mux: session 13 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47938->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 5 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47942->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 7 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47944->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 8 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47948->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 9 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47950->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 10 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47952->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 11 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [748162085] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:30 [Info] [748162085] common/mux: session 10 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47956->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 13 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47958->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 14 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47960->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 15 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47962->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 16 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47964->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 17 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] common/mux: received request for tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] app/dispatcher: default route for tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] proxy/freedom: opening connection to tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47970->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:31 [Info] [922601300] common/mux: session 21 ends. > io: read/write on closed pipe 2021/02/16 14:00:31 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:31 [Info] [922601300] common/mux: session 12 ends. > io: read/write on closed pipe 2021/02/16 14:00:31 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:31 [Info] [922601300] common/mux: session 18 ends. > io: read/write on closed pipe 2021/02/16 14:00:32 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:32 [Info] [922601300] common/mux: session 19 ends. > io: read/write on closed pipe 2021/02/16 14:00:32 [Info] [922601300] common/mux: received request for tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] app/dispatcher: default route for tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] proxy/freedom: opening connection to tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:32 [Info] [922601300] common/mux: session 22 ends. > io: read/write on closed pipe 2021/02/16 14:00:32 [Info] [922601300] common/mux: received request for tcp:client.wns.windows.com:443 2021/02/16 14:00:32 [Info] [922601300] app/dispatcher: default route for tcp:client.wns.windows.com:443 2021/02/16 14:00:49 [Info] [177402604] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [177402604] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [177402604] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [177402604] common/mux: received request for tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] app/dispatcher: default route for tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] proxy/freedom: opening connection to tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] transport/internet/tcp: dialing TCP to tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:48156->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:49 [Info] [177402604] common/mux: session 15 ends. > io: read/write on closed pipe 2021/02/16 14:00:49 [Info] [805275688] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:48162->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:49 [Info] [805275688] common/mux: session 26 ends. > io: read/write on closed pipe 2021/02/16 14:00:49 [Info] [177402604] common/mux: received request for tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] app/dispatcher: default route for tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] proxy/freedom: opening connection to tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] transport/internet/tcp: dialing TCP to tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:48166->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:49 [Info] [922601300] common/mux: session 34 ends. > io: read/write on closed pipe 2021/02/16 14:00:49 [Info] [177402604] common/mux: received request for tcp:8.8.8.8:53
PS1:Wireshark抓包中出现了很多rDNS的查询记录PTR,不知道是否和此有关(!!还想问下对于PTR记录Xray-core是怎么处理的?!!):
issue
PTR-PDNSD-Xray造成查询堵塞?
PS2:我自己在Debian中搭建了TPROXY透明代理,让DNS全部经过Xray-core,在日志中发现了有很多empty response,不止是否和此有关: 2021/02/21 00:09:11 [Info] [4144653677] app/dispatcher: taking detour [proxy] for [tcp:oauthaccountmanager.googleapis.com:443] 2021/02/21 00:09:11 [Info] [4144653677] transport/internet/websocket: creating connection to tcp:服务器域名:443 2021/02/21 00:09:11 [Debug] transport/internet/udp: UDP original destination: udp:192.168.50.2:53 2021/02/21 00:09:11 [Debug] [1964168657] proxy/dokodemo: processing connection from: 192.168.50.93:33699 2021/02/21 00:09:11 [Info] [1964168657] proxy/dokodemo: received request for 192.168.50.93:33699 2021/02/21 00:09:11 [Info] [1964168657] app/dispatcher: taking detour [dns-out] for [udp:192.168.50.2:53] 2021/02/21 00:09:11 [Info] [1964168657] proxy/dns: handling DNS traffic to udp:8.8.8.8:53 2021/02/21 00:09:11 [Info] app/dns: UDP:119.29.29.29:53 cache HIT 服务器域名 -> [] > empty response 2021/02/21 00:09:11 [Info] app/dns: failed to lookup ip for domain 服务器域名 at server UDP:119.29.29.29:53 > empty response 2021/02/21 00:09:11 [Debug] transport/internet/udp: UDP original destination: udp:192.168.50.2:53 2021/02/21 00:09:11 [Debug] [855683948] proxy/dokodemo: processing connection from: 192.168.50.93:41462 2021/02/21 00:09:11 [Info] [855683948] proxy/dokodemo: received request for 192.168.50.93:41462 2021/02/21 00:09:11 [Info] [855683948] app/dispatcher: taking detour [dns-out] for [udp:192.168.50.2:53] 2021/02/21 00:09:11 [Info] [855683948] proxy/dns: handling DNS traffic to udp:8.8.8.8:53 2021/02/21 00:09:11 [Info] app/dns: returning 1 IPs for domain 服务器域名 2021/02/21 00:09:11 [Info] [3392237274] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/21 00:09:11 [Info] [3392237274] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/02/21 00:09:11 [Debug] [3078221542] proxy/dokodemo: processing connection from: 192.168.50.15:12711 2021/02/21 00:09:11 [Info] [3078221542] proxy/dokodemo: received request for 192.168.50.15:12711 2021/02/21 00:09:11 [Info] [3078221542] app/dispatcher: default route for tcp:119.147.4.46:33445 2021/02/21 00:09:11 [Info] [3078221542] proxy/freedom: opening connection to tcp:119.147.4.46:33445 2021/02/21 00:09:11 [Info] [3078221542] transport/internet/tcp: dialing TCP to tcp:119.147.4.46:33445 2021/02/21 00:09:11 [Info] [4198751536] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/21 00:09:11 [Info] [4198751536] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/02/21 00:09:11 [Debug] [879044346] proxy/dokodemo: processing connection from: 192.168.50.15:12712
目前针对此问题我的临时解决办法: PDNSD 中配置文件query_method=tcp_only;改为tcp_udp(只要不是纯TCP解析就没事) 透明代理json中将sniffning值设置为false也可解决此问题。
z826540272
commented
3 years ago passwall关闭嗅探路径: /usr/lib/lua/luci/model/cbi/passwall/api/gen_xray. 搜索 sniffning 字段
pdnsd使用tcp_udp查询路径 /usr/share/passwall/app.sh
z826540272
commented
3 years ago Passwall中 DNS凡是为TCP解析的(PDNSD DNS2SOCKS FAKE IP)均复现此问题。 以下是完整配置文件: 透明代理json: { "inboundDetour": [ { "port": 1080, "protocol": "socks", "settings": { "udp": true, "auth": "noauth" } } ], "log": { "loglevel": "warning" }, "outbound": { "settings": { "vnext": [ { "port": 443, "users": [ { "id": "uuid", "alterId": 4, "security": "auto" } ], "address": "xxx.xxx.xxx" } ] }, "mux": { "enabled": true, "concurrency": 8 }, "protocol": "vmess", "streamSettings": { "network": "ws", "tlsSettings": { "fingerprint": "chrome" }, "wsSettings": { "path": "/xxxxxxx" }, "security": "tls" } }, "inbound": { "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "port": 1234, "protocol": "dokodemo-door", "settings": { "network": "tcp,udp", "followRedirect": true } } }
TPROXY-IPTABLES: Chain SS_SPEC_WAN_AC (2 references) num target prot opt source destination 1 REDIRECT tcp -- anywhere anywhere match-set netflix dst redir ports 1234 2 RETURN all -- anywhere anywhere match-set whitelist dst 3 SS_SPEC_WAN_FW all -- anywhere anywhere match-set blacklist dst 4 RETURN all -- anywhere anywhere match-set bplan src 5 SS_SPEC_WAN_FW all -- anywhere anywhere match-set fplan src 6 RETURN tcp -- anywhere xxx.xxx.xxx.xxx tcp dpt:!domain 7 RETURN all -- anywhere anywhere match-set ss_spec_wan_ac dst 8 RETURN all -- anywhere anywhere match-set china dst 9 SS_SPEC_WAN_FW all -- anywhere anywhere match-set gmlan src ! match-set china dst 10 SS_SPEC_WAN_FW all -- anywhere anywhere
Chain SS_SPEC_WAN_FW (4 references) num target prot opt source destination 1 RETURN all -- anywhere 0.0.0.0/8 2 RETURN all -- anywhere 10.0.0.0/8 3 RETURN all -- anywhere 127.0.0.0/8 4 RETURN all -- anywhere 169.254.0.0/16 5 RETURN all -- anywhere 172.16.0.0/12 6 RETURN all -- anywhere 192.168.0.0/16 7 RETURN all -- anywhere base-address.mcast.net/4 8 RETURN all -- anywhere 240.0.0.0/4 9 REDIRECT udp -- anywhere anywhere redir ports 1234 10 REDIRECT tcp -- anywhere anywhere redir ports 1234
Pdnsd.conf: global{ perm_cache=1024; cache_dir="/var/etc/ssrplus/pdnsd"; pid_file="/var/run/pdnsd.pid"; run_as="nobody"; server_ip=127.0.0.1; server_port=5335; status_ctl=on; query_method=tcp_only; min_ttl=1h; max_ttl=1w; timeout=10; neg_domain_pol=on; proc_limit=2; procq_limit=8; par_queries=1; } server{ label="ssr-usrdns"; ip=8.8.8.8; port=53; timeout=6; uptest=none; interval=10m; purge_cache=off; reject=::/0; }
Wireshark抓包:
erro.log: 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:uiload.com:80 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:uiload.com:80 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:uiload.com:80 2021/02/16 14:00:29 [Info] [748162085] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:29 [Info] [748162085] common/mux: session 12 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47928->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 1 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47930->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 2 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [748162085] common/mux: received request for tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [748162085] app/dispatcher: default route for tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [748162085] proxy/freedom: opening connection to tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [748162085] transport/internet/tcp: dialing TCP to tcp:content-autofill.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47936->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 4 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [748162085] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:29 [Info] [748162085] common/mux: session 13 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47938->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 5 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:www.googleapis.com:443 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47942->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 7 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47944->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:29 [Info] [922601300] common/mux: session 8 ends. > io: read/write on closed pipe 2021/02/16 14:00:29 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:29 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47948->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 9 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47950->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 10 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47952->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 11 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [748162085] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:30 [Info] [748162085] common/mux: session 10 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47956->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 13 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47958->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 14 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47960->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 15 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47962->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 16 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47964->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:30 [Info] [922601300] common/mux: session 17 ends. > io: read/write on closed pipe 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:30 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] common/mux: received request for tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] app/dispatcher: default route for tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] proxy/freedom: opening connection to tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:apis.google.com:443 2021/02/16 14:00:31 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:31 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:47970->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:31 [Info] [922601300] common/mux: session 21 ends. > io: read/write on closed pipe 2021/02/16 14:00:31 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:31 [Info] [922601300] common/mux: session 12 ends. > io: read/write on closed pipe 2021/02/16 14:00:31 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:31 [Info] [922601300] common/mux: session 18 ends. > io: read/write on closed pipe 2021/02/16 14:00:32 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:32 [Info] [922601300] common/mux: session 19 ends. > io: read/write on closed pipe 2021/02/16 14:00:32 [Info] [922601300] common/mux: received request for tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] app/dispatcher: default route for tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] proxy/freedom: opening connection to tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:aa.google.com:443 2021/02/16 14:00:32 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/16 14:00:32 [Info] [922601300] common/mux: session 22 ends. > io: read/write on closed pipe 2021/02/16 14:00:32 [Info] [922601300] common/mux: received request for tcp:client.wns.windows.com:443 2021/02/16 14:00:32 [Info] [922601300] app/dispatcher: default route for tcp:client.wns.windows.com:443 2021/02/16 14:00:49 [Info] [177402604] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [177402604] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [177402604] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [177402604] common/mux: received request for tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] app/dispatcher: default route for tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] proxy/freedom: opening connection to tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] transport/internet/tcp: dialing TCP to tcp:ipv4-c001-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:48156->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:49 [Info] [177402604] common/mux: session 15 ends. > io: read/write on closed pipe 2021/02/16 14:00:49 [Info] [805275688] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [805275688] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:48162->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:49 [Info] [805275688] common/mux: session 26 ends. > io: read/write on closed pipe 2021/02/16 14:00:49 [Info] [177402604] common/mux: received request for tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] app/dispatcher: default route for tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] proxy/freedom: opening connection to tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [177402604] transport/internet/tcp: dialing TCP to tcp:ipv4-c002-ssn001-sejongtelecom-isp.1.oca.nflxvideo.net:443 2021/02/16 14:00:49 [Info] [922601300] common/mux: received request for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] app/dispatcher: default route for tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] proxy/freedom: opening connection to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] transport/internet/tcp: dialing TCP to tcp:8.8.8.8:53 2021/02/16 14:00:49 [Info] [922601300] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp xxxxxxxxxxip:48166->8.8.8.8:53: read: connection reset by peer 2021/02/16 14:00:49 [Info] [922601300] common/mux: session 34 ends. > io: read/write on closed pipe 2021/02/16 14:00:49 [Info] [177402604] common/mux: received request for tcp:8.8.8.8:53
PS1:Wireshark抓包中出现了很多rDNS的查询记录PTR,不知道是否和此有关(!!还想问下对于PTR记录Xray-core是怎么处理的?!!):
PS2:我自己在Debian中搭建了TPROXY透明代理,让DNS全部经过Xray-core,在日志中发现了有很多empty response,不止是否和此有关: 2021/02/21 00:09:11 [Info] [4144653677] app/dispatcher: taking detour [proxy] for [tcp:oauthaccountmanager.googleapis.com:443] 2021/02/21 00:09:11 [Info] [4144653677] transport/internet/websocket: creating connection to tcp:服务器域名:443 2021/02/21 00:09:11 [Debug] transport/internet/udp: UDP original destination: udp:192.168.50.2:53 2021/02/21 00:09:11 [Debug] [1964168657] proxy/dokodemo: processing connection from: 192.168.50.93:33699 2021/02/21 00:09:11 [Info] [1964168657] proxy/dokodemo: received request for 192.168.50.93:33699 2021/02/21 00:09:11 [Info] [1964168657] app/dispatcher: taking detour [dns-out] for [udp:192.168.50.2:53] 2021/02/21 00:09:11 [Info] [1964168657] proxy/dns: handling DNS traffic to udp:8.8.8.8:53 2021/02/21 00:09:11 [Info] app/dns: UDP:119.29.29.29:53 cache HIT 服务器域名 -> [] > empty response 2021/02/21 00:09:11 [Info] app/dns: failed to lookup ip for domain 服务器域名 at server UDP:119.29.29.29:53 > empty response 2021/02/21 00:09:11 [Debug] transport/internet/udp: UDP original destination: udp:192.168.50.2:53 2021/02/21 00:09:11 [Debug] [855683948] proxy/dokodemo: processing connection from: 192.168.50.93:41462 2021/02/21 00:09:11 [Info] [855683948] proxy/dokodemo: received request for 192.168.50.93:41462 2021/02/21 00:09:11 [Info] [855683948] app/dispatcher: taking detour [dns-out] for [udp:192.168.50.2:53] 2021/02/21 00:09:11 [Info] [855683948] proxy/dns: handling DNS traffic to udp:8.8.8.8:53 2021/02/21 00:09:11 [Info] app/dns: returning 1 IPs for domain 服务器域名 2021/02/21 00:09:11 [Info] [3392237274] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/21 00:09:11 [Info] [3392237274] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/02/21 00:09:11 [Debug] [3078221542] proxy/dokodemo: processing connection from: 192.168.50.15:12711 2021/02/21 00:09:11 [Info] [3078221542] proxy/dokodemo: received request for 192.168.50.15:12711 2021/02/21 00:09:11 [Info] [3078221542] app/dispatcher: default route for tcp:119.147.4.46:33445 2021/02/21 00:09:11 [Info] [3078221542] proxy/freedom: opening connection to tcp:119.147.4.46:33445 2021/02/21 00:09:11 [Info] [3078221542] transport/internet/tcp: dialing TCP to tcp:119.147.4.46:33445 2021/02/21 00:09:11 [Info] [4198751536] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled 2021/02/21 00:09:11 [Info] [4198751536] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport response > io: read/write on closed pipe 2021/02/21 00:09:11 [Debug] [879044346] proxy/dokodemo: processing connection from: 192.168.50.15:12712
目前针对此问题我的临时解决办法: PDNSD 中配置文件query_method=tcp_only;改为tcp_udp(只要不是纯TCP解析就没事) 透明代理json中将sniffning值设置为false也可解决此问题。
我把sniffning 关掉之后基本没法用了啊,youtube无法播放视频,谷歌首页也大概率打不开. 开启后恢复正常
Bearljj
commented
3 years ago Passwall中 DNS凡是为TCP解析的(PDNSD DNS2SOCKS FAKE IP)均复现此问题。 以下是完整配置文件: 透明代理json: { "inboundDetour": [ { "port": 1080, "protocol": "socks", "settings": { "udp": true, "auth": "noauth" } } ], "log": { "loglevel": "warning" }, "outbound": { "settings": { "vnext": [ { "port": 443, "users": [ { "id": "uuid", "alterId": 4, "security": "auto" } ], "address": "xxx.xxx.xxx" } ] }, "mux": { "enabled": true, "concurrency": 8 }, "protocol": "vmess", "streamSettings": { "network": "ws", "tlsSettings": { "fingerprint": "chrome" }, "wsSettings": { "path": "/xxxxxxx" }, "security": "tls" } }, "inbound": { "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "port": 1234, "protocol": "dokodemo-door", "settings": { "network": "tcp,udp", "followRedirect": true } } } TPROXY-IPTABLES: Chain SS_SPEC_WAN_AC (2 references) num target prot opt source destination 1 REDIRECT tcp -- anywhere anywhere match-set netflix dst redir ports 1234 2 RETURN all -- anywhere anywhere match-set whitelist dst 3 SS_SPEC_WAN_FW all -- anywhere anywhere match-set blacklist dst 4 RETURN all -- anywhere anywhere match-set bplan src 5 SS_SPEC_WAN_FW all -- anywhere anywhere match-set fplan src 6 RETURN tcp -- anywhere xxx.xxx.xxx.xxx tcp dpt:!domain 7 RETURN all -- anywhere anywhere match-set ss_spec_wan_ac dst 8 RETURN all -- anywhere anywhere match-set china dst 9 SS_SPEC_WAN_FW all -- anywhere anywhere match-set gmlan src ! match-set china dst 10 SS_SPEC_WAN_FW all -- anywhere anywhere Chain SS_SPEC_WAN_FW (4 references) num target prot opt source destination 1 RETURN all -- anywhere 0.0.0.0/8 2 RETURN all -- anywhere 10.0.0.0/8 3 RETURN all -- anywhere 127.0.0.0/8 4 RETURN all -- anywhere 169.254.0.0/16 5 RETURN all -- anywhere 172.16.0.0/12 6 RETURN all -- anywhere 192.168.0.0/16 7 RETURN all -- anywhere base-address.mcast.net/4 8 RETURN all -- anywhere 240.0.0.0/4 9 REDIRECT udp -- anywhere anywhere redir ports 1234 10 REDIRECT tcp -- anywhere anywhere redir ports 1234 Pdnsd.conf: global{ perm_cache=1024; cache_dir="/var/etc/ssrplus/pdnsd"; pid_file="/var/run/pdnsd.pid"; run_as="nobody"; server_ip=127.0.0.1; server_port=5335; status_ctl=on; query_method=tcp_only; min_ttl=1h; max_ttl=1w; timeout=10; neg_domain_pol=on; proc_limit=2; procq_limit=8; par_queries=1; } server{ label="ssr-usrdns"; ip=8.8.8.8; port=53; timeout=6; uptest=none; interval=10m; purge_cache=off; reject=::/0; } Wireshark抓包:
我把sniffning 关掉之后基本没法用了啊,youtube无法播放视频,谷歌首页也大概率打不开. 开启后恢复正常 透明代理下如果关了嗅探确实无法工作,socks模式没问题
Xray-core版本:1.3.0(V2ray4.34.0及以前版本也复现此问题)
一句话版本:sniffing经过dokodemo-door时,对于部分非标地址会出现解析错误。
使用现象:使用Windows10 Netflix UWP客户端时,播放一段时间后会出现H403错误。
服务端Xray-core会报错类似的日志: common/mux: session 48 ends. > io: read/write on closed pipe app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
客户端: 使用的是LEAN的固件(Xray-core1.3.0),PDNSD解析。在.json中sniffing开启时出现问题,将sniffing关闭时问题解决。可能的原因是对于某些非标地址通过sniffing后地址改变导致解析错误。 很久以前的push.apple地址issue可能也是这个问题 issue 前两天彩六老哥的语音问题估计也是这样。issue
H403出现时解析的地址: occ-0-3109-3996.1.nflxso.net
配置文件: "inbound": { "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "port": 1234, "protocol": "dokodemo-door", "settings": { "network": "tcp,udp", "followRedirect": true } } Xray-core