outbounds转机场出了问题

elric8 commented 9 months ago

aws机场，一个公网一部私网在公网搭了hysteria2 outbounds把奈菲的流量转给私网

listen: :443

tls:
  cert: /etc/hysteria/cert/**.**_public.crt
  key: /etc/hysteria/cert/**.**.key

auth:
  type: password
  password: ！@#￥%

outbounds:
  - name: out1 
    type: direct
  - name: nf
    type: socks5
    socks5:
      addr: 172.31.107.249:443#私网ip

acl:
  inline:
    - nf(geosite:netflix)
    - direct(all)

目前报错

Oct 17 13:36:55 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:36:55Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ios.prod.ftl.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:54450->54.189.33.245:443: stream 32 canceled by remote with error code 0"}
Oct 17 13:36:55 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:36:55Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ios.prod.ftl.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:54460->54.189.33.245:443: stream 36 canceled by remote with error code 0"}
Oct 17 13:37:02 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:02Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ios.prod.ftl.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:54710->54.189.33.245:443: stream 52 canceled by remote with error code 0"}
Oct 17 13:37:04 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:04Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ichnaea-web.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:45670->44.232.163.86:443: stream 56 canceled by remote with error code 0"}
Oct 17 13:37:13 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:13Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ios.prod.ftl.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:59370->44.225.17.85:443: stream 76 canceled by remote with error code 0"}
Oct 17 13:37:13 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:13Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "api.fast.com:443", "error": "readfrom tcp4 172.31.40.168:44960->44.236.74.109:443: stream 72 canceled by remote with error code 0"}
Oct 17 13:37:14 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:14Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ichnaea-web.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:35192->35.160.2.130:443: stream 80 canceled by remote with error code 0"}
Oct 17 13:37:24 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:24Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "appboot.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:49042->54.201.191.132:443: stream 28 canceled by remote with error code 0"}
Oct 17 13:37:28 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:28Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ichnaea-web.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:42716->44.232.163.86:443: stream 124 canceled by remote with error code 0"}
Oct 17 13:37:28 ip-172-31-40-168 hysteria[93298]: 2023-10-17T13:37:28Z        ERROR        TCP error        {"addr": "114.84.148.95:59769", "id": "user", "reqAddr": "ichnaea-web.netflix.com:443", "error": "readfrom tcp4 172.31.40.168:48154->35.160.2.130:443: stream 120 canceled by remote with error code 0"}

私网vps搭了sock5代理端口443 小白不知道哪里有问题了

tobyxdd commented 9 months ago

能正常用吗

elric8 commented 9 months ago

能正常用吗

其他流量没问题奈菲没走私网，因为私网的公ip解锁了奈菲我看了下日志报这个错所以来请教各位大神难道要在私网也搭hysteria端口443？

wy15 commented 9 months ago

nf(geosite:netflix)

这个能好用？不支持geosite吧？

elric8 commented 9 months ago

nf(geosite:netflix)

这个能好用？不支持geosite吧？

应该可以用啊，否则他怎么识别出netflix的流量，报错全是netflix的链接

tobyxdd commented 9 months ago

不支持 geosite，你那个写法是没用的。tcp error 属于正常现象不影响用

elric8 commented 9 months ago

不支持 geosite，你那个写法是没用的。tcp error 属于正常现象不影响用

那大哥怎么写啊感谢！！！！！！！！！！！！！！！！！！

tobyxdd commented 9 months ago

不支持 geosite 就是不支持啊，你可以在这里找到 netflix 的域名添加成 ACL 域名规则 https://github.com/v2fly/domain-list-community/blob/master/data/netflix

tobyxdd commented 9 months ago

2.2.0 确实在考虑添加 geosite 支持

B1gCarr0t commented 9 months ago

不支持geosite，你那个写法没用的。tcp错误属于现象正常不影响用

那大哥怎么写啊感谢！！！！！！！！！！！！！！！

应该这么写：

acl:
  inline: 
    - nf(*.netflix.com)
    - nf(*.netflix.com.edgesuite.net)
    - nf(*.netflix.net)
    - nf(*.netflixdnstest.com)
    - nf(*.netflixdnstest0.com)
    - nf(*.netflixdnstest1.com)
    - nf(*.netflixdnstest2.com)
    - nf(*.netflixdnstest3.com)
    - nf(*.netflixdnstest4.com)
    - nf(*.netflixdnstest5.com)
    - nf(*.netflixdnstest6.com)
    - nf(*.netflixdnstest7.com)
    - nf(*.netflixdnstest8.com)
    - nf(*.netflixdnstest9.com)
    - nf(*.fast.com)
    - direct(all)

ItTonySuperMan commented 9 months ago

不支持 geosite，你那个写法是没用的。tcp error 属于正常现象不影响用

以下这种类型的tcp error，能否考虑纳进debug不在info里面显示。避免不必要的误会和过多的Logs

connection reset by peer
timeout: no recent network activity

apernet / hysteria

outbounds转机场出了问题 #757