search

XTLS / Xray-core

Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
https://t.me/projectXray
Mozilla Public License 2.0
24.19k stars 3.81k forks source link

使用ss2022+httpupgrade出现时而通,时而不通的情况 #3328

Closed moranno closed 4 months ago

moranno commented 4 months ago

完整性要求

版本

1.8.11

描述

使用ss2022+httpupgrade出现时而通,时而不通的情况

重现方式

按如下配置,ss2022+httpupgrade传输 服务端配置:

    "inbounds": [
        {
            "listen": "0.0.0.0",
            "port": 8005,
            "protocol": "shadowsocks",
            "settings": {
                "method": "2022-blake3-aes-128-gcm",
                "password": "Yjg5YzA5NDNhNGQ5NzU1Mw==",
                "clients": [
                    {
                      "password": "NDZmMzM1ZTYtOTg0MS00ZQ=="
                    }
                ]
            },
            "streamSettings": {
                "network": "httpupgrade",
                "httpupgradeSettings": {
                    "path": "/web"
                }
            },
            "sniffing": {
                "enabled": true,
                "destOverride": [
                    "http",
                    "tls",
                    "quic"
                ]
            }
        }
    ],

客户端配置:

    "outbounds": [
        {
            "protocol": "shadowsocks",
            "settings": {
              "servers": [
                {
                  "address": "11.11.11.11",
                  "port": 8005,
                  "method": "2022-blake3-aes-128-gcm",
                  "password": "Yjg5YzA5NDNhNGQ5NzU1Mw==:NDZmMzM1ZTYtOTg0MS00ZQ=="
                }
              ]
            },
            "streamSettings": {
                "network": "httpupgrade",
                "httpupgradeSettings": {
                    "path": "/web?ed=2560"
                }
            },
            "tag": "proxy"
        },
        {
            "protocol": "freedom",
            "tag": "direct"
        }
    ]

日志

不通的时候服务端没有日志,
通的时候服务端日志:

2024/05/03 16:30:23 45.12.3.23:61502 accepted encrypted-tbn3.gstatic.com:443 [direct] email: unnamed-user-0-a44e40e0-199c-454c-8e2a-8e85aa687f5a
2024/05/03 16:30:23 [Info] [1624427075] proxy/freedom: connection opened to tcp:encrypted-tbn3.gstatic.com:443, local endpoint [2xxx:xxx4:6xxxd1:xxxd:4xxb:cxx6:dxx8]:52490, remote endpoint [2404:6800:4004:80a::200e]:443
2024/05/03 16:30:23 [Info] [1624427075] proxy: CopyRawConn readv
2024/05/03 16:30:23 [Info] [1790558026] proxy/shadowsocks_2022: tunnelling request to tcp:www.gstatic.com:443
2024/05/03 16:30:23 [Info] [1790558026] app/dispatcher: sniffed domain: www.gstatic.com
2024/05/03 16:30:23 [Info] [1790558026] app/dispatcher: default route for tcp:www.gstatic.com:443
2024/05/03 16:30:23 [Info] [1790558026] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
2024/05/03 16:30:23 [Debug] transport/internet: dialing to tcp:www.gstatic.com:443
Fangliding commented 4 months ago

完全没有日志大抵是被阻断了

moranno commented 4 months ago

完全没有日志大抵是被阻断了

我在本地测试的,麻烦关闭issue的前自己测一下:

不通的时候:

image

通的时候:

image
Fangliding commented 4 months ago

理论上底层传输只能搭配vless vmess 其他协议不知道有没有和底层连接完全解耦 说白了不支持这么组合 所以完全可能出问题 换掉ss或者去掉http upgrade 再看看

RPRX commented 4 months ago

如上所述,如果你需要内层加密,请把 SS2022 换成 VMess,不要执着于奇奇怪怪的组合,SS2022 is not designed for *ray