RPRX
commented
3 years ago 麻烦发一下配置
Closed zenithiks closed 3 years ago
RPRX
commented
3 years ago 麻烦发一下配置
zenithiks
commented
3 years ago 麻烦发一下配置
05_inbounds_01_vless_xtls.json
{
"inbounds": [
{
"port": "18443",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "c34d12fb-e5fc-f4ea-db56-7594ca3bf6c5",
"flow": "xtls-rprx-direct",
"level": 0
}
],
"decryption": "none",
"fallbacks": [
{
"alpn": "h2",
"dest": "lb:80",
"xver": 1
},
{
"dest": "lb:80",
"xver": 1
},
{
"path": "/vmess",
"dest": 8883,
"xver": 1
}
],
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"alpn": ["h2", "http/1.1"],
"certificates": [
{
"certificateFile": "/etc/ssl/acme/fullchain.cer",
"keyFile": "/etc/ssl/acme/private.key"
}
]
}
}
},
"tag": "vless_xtls"
}
]
}05_inbounds_02_trojan_xtls.json
{
"inbounds": [
{
"port": "28443",
"protocol": "trojan",
"settings": {
"clients": [
{
"password": "c34d12fb-e5fc-f4ea-db56-7594ca3bf6c5",
"flow": "xtls-rprx-direct",
"level": 0
}
],
"fallbacks": [
{
"alpn": "h2",
"dest": "lb:80",
"xver": 1
},
{
"dest": "lb:80",
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"alpn": ["h2", "http/1.1"],
"certificates": [
{
"certificateFile": "/etc/ssl/acme/fullchain.cer",
"keyFile": "/etc/ssl/acme/private.key"
}
]
}
},
"tag": "trojan_xtls"
}
]
}配置看上去没有什么问题
zenithiks
commented
3 years ago 配置看上去没有什么问题
全是 docker 部署的,traefik 占用 80,443 端口,sni 分流特定二级域名到 xray,trojan 无论 xtls 还是 tls 都正常,vless 都不行,所以很奇怪。😂
AkinoKaede
commented
3 years ago @paldies 能发下 traefik 相关的配置吗
RPRX
commented
3 years ago @paldies 或者是客户端的问题?
zenithiks
commented
3 years ago @paldies 或者是客户端的问题?
之前是小火箭连不上,尝试解决无果所以没管了。 今天得空又来研究了,特地下了最新的 xray 到 mac 上来测试,还是连接不上,不过 treafik 的报错跟小火箭连接时完全不一样,明天再继续琢磨下吧。
zenithiks
commented
3 years ago @paldies 能发下 traefik 相关的配置吗
明天发出来,麻烦大佬帮忙研究下 😂
RPRX
commented
3 years ago @sm0731 有一说一,你怕不是傻
sm0731
commented
3 years ago @ sm0731有人说一,你怕不是傻
什么意思,我不懂啊
RPRX
commented
3 years ago @sm0731 文件里写的是这几个字
sm0731
commented
3 years ago @ sm0731文件里写的是这几个字
我不会编程,所以dll文件 连你们也没办法查看吗?
RPRX
commented
3 years ago @sm0731 我看过了,就是这几个字,不骗你
RPRX
commented
3 years ago 发一下服务端相关日志,以及,traefik 报错为什么会出现 http2 字样?
zenithiks
commented
3 years ago @rprx
我在服务器上用二进制另外部署了一下 xray, 版本为最新的 v1.1.4, 配置如下:
{ "log": { "loglevel": "debug" }, "dns": { "servers": ["1.1.1.1", "1.0.0.1", "8.8.8.8", "8.8.4.4", "localhost"] }, "inbounds": [ { "port": "18443", "protocol": "vless", "settings": { "clients": [ { "id": "c34d12fb-e5fc-f4ea-db56-7594ca3bf6c5", "flow": "xtls-rprx-direct", "level": 0 } ], "decryption": "none", "fallbacks": [ { "alpn": "h2", "dest": "127.0.0.1:80", "xver": 1 }, { "dest": "127.0.0.1:80", "xver": 1 } ], "streamSettings": { "network": "tcp", "security": "xtls", "xtlsSettings": { "alpn": ["h2", "http/1.1"], "certificates": [ { "certificateFile": "fullchain.cer", "keyFile": "private.key" } ] } } } } ], "outbounds": [ { "protocol": "freedom" } ] }
启动日志如下:
Xray 1.1.4 (Xray, Penetrates Everything.) Custom (go1.15.6 linux/amd64) A unified platform for anti-censorship. 2020/12/21 22:41:03 [Info] main/jsonem: Reading config: config.json 2020/12/21 22:41:03 [Debug] app/log: Logger started 2020/12/21 22:41:03 [Info] app/dns: DNS: created udp client inited for 1.1.1.1:53 2020/12/21 22:41:03 [Info] app/dns: DNS: created udp client inited for 1.0.0.1:53 2020/12/21 22:41:03 [Info] app/dns: DNS: created udp client inited for 8.8.8.8:53 2020/12/21 22:41:03 [Info] app/dns: DNS: created udp client inited for 8.8.4.4:53 2020/12/21 22:41:03 [Info] app/dns: DNS: created localhost client 2020/12/21 22:41:03 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:18443 2020/12/21 22:41:03 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:18443 2020/12/21 22:41:03 [Warning] core: Xray 1.1.4 started
日志比我用 docker 部署 xray 多了条 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:18443 不知是啥意思,烦请大佬解答下。另外:
使用 iOS 端 shadowrocket 最新 v2.1.71 版本 vless+xtls 方式连接,服务端 xray 日志如下:
2020/12/21 22:45:41 [Info] [3870565089] proxy/vless/inbound: firstLen = 314 2020/12/21 22:45:41 [Info] [3870565089] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version
使用 windows 端 v2rayN 最新 v3.29 版本 vless+xtls 方式连接,服务端 xray 日志如下:
2020/12/21 22:48:19 [Info] [2195789836] proxy/vless/inbound: firstLen = 452 2020/12/21 22:48:19 [Info] [2195789836] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version
使用 windows 端 xray 最新 v1.1.4 版本 vless+xtls 方式连接,服务端 xray 日志如下:
2020/12/21 22:59:33 [Info] [3775049528] proxy/vless/inbound: firstLen = 452 2020/12/21 22:59:33 [Info] [3775049528] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version
badO1a5A90
commented
3 years ago "inbounds": [ { "port": "18443",
因为你配置了这个端口监听.
zenithiks
commented
3 years ago "inbounds": [ { "port": "18443",
因为你配置了这个端口监听.
是不能用这个端口监听吗?
badO1a5A90
commented
3 years ago "inbounds": [ { "port": "18443",
因为你配置了这个端口监听.
是不能用这个端口监听吗?
不是,是因为监听这个端口,所以有那一条日志
RPRX
commented
3 years ago v1.2.1 此问题仍存在吗
RPRX
commented
3 years ago @paldies 这位也是消失了。应该不是相关代码的 BUG,如果这里的问题仍未解决,请开新的 issue
zenithiks
commented
3 years ago v1.2.1 此问题仍存在吗
抱歉,最近工作太忙了,好长时间没研究了。今天将版本升级到最新的 v1.2.3 了,问题还是一样。
我从网页访问角度陈述这个问题,tx.example.com 是 trojan 用的域名,vx.example.com 是 vless 用的域名。
浏览器访问 https://tx.example.com 正常命中 xray 的 fallback,traefik、xray 的日志如下:
lb_1 | 127.0.0.1 - - [28/Jan/2021:10:51:27 +0000] "GET / HTTP/2.0" 200 762 "-" "-" 96 "fallback@docker" "http://172.21.0.3:80" 0ms
xray_1 | 2021/01/28 18:51:27 127.0.0.1:33276 rejected proxy/trojan: not trojan protocol
xray_1 | 2021/01/28 18:51:27 [Info] [515099574] proxy/trojan: firstLen = 70
xray_1 | 2021/01/28 18:51:27 [Info] [515099574] proxy/trojan: fallback starts > proxy/trojan: not trojan protocol
xray_1 | 2021/01/28 18:51:27 [Info] [515099574] proxy/trojan: realName = tx.example.com
xray_1 | 2021/01/28 18:51:27 [Info] [515099574] proxy/trojan: realAlpn = h2
浏览器访问 https://vx.example.com 命中 traefik 的 404,traefik、xray 的日志如下:
lb_1 | 127.0.0.1 - - [28/Jan/2021:10:51:36 +0000] "GET / HTTP/2.0" - - "-" "-" 98 "-" "-" 0ms
xray_1 | 2021/01/28 18:51:36 [Info] [4023740516] proxy/vless/inbound: firstLen = 517
xray_1 | 2021/01/28 18:51:36 [Info] [4023740516] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version
RPRX
commented
3 years ago @paldies 域名对调下看看
zenithiks
commented
3 years ago @paldies 域名对调下看看
对调了下 变成 vx 正常,tx 报错了。
另外刚用小火箭测试了下 vless,日志如下:
xray_1 | 2021/01/28 19:37:56 [Info] [572514580] proxy/vless/inbound: firstLen = 314
xray_1 | 2021/01/28 19:37:56 [Info] [572514580] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version
pavlelee
commented
3 years ago 小火箭有这个问题
服务端使用 traefik 进行 sni 分流,xray 配置了 vless+xtls、trojan+xtls。
客户端 xray 配置 vless+xtls 进行连接,服务端 traefik 报错如下:
http2: server: error reading preface from client 172.19.0.13:52708: bogus greeting \"\\x00\\xc3M\\x12\\xfb\\xe5\\xfc\\xf4\\xea\\xdbVu\\x94\\xca;\\xf6\\xc5\\x12\\n\\x10xtls\"客户端 xray 配置 vless+tls 进行连接,服务端 traefik 报错如下:
http2: server: error reading preface from client 172.19.0.13:53076: bogus greeting \"\\x00\\xc3M\\x12\\xfb\\xe5\\xfc\\xf4\\xea\\xdbVu\\x94\\xca;\\xf6\\xc5\\x00\\x01\\x01\\xbb\\x02\\x18a\"客户端 xray 配置 trojan+xtls、trojan+tls 都连接正常。