bannedbook / fanqiang

翻墙-科学上网
38.72k stars 7.29k forks source link

ip被封后,套CDN依然无法访问 #761

Closed zzyalbert closed 1 year ago

zzyalbert commented 2 years ago

ip被封后,使用 tls+ws+nginx+cloudflare CDN部署v2ray server,客户端使用Mac下的clashX pro 无法连通。

但是nginx部署的伪装网站可以访问。是cloudflare不支持websocket了吗?

server端v2ray与nginx配置与教程一致 https://github.com/bannedbook/fanqiang/blob/master/v2ss/V2Ray%E4%B9%8BTLS+WebSocket+Nginx+CDN%E9%85%8D%E7%BD%AE%E6%96%B9%E6%B3%95.md

客户端clashX配置

- name: v2ray 
    type: vmess
    server: xxx.xxxxx.cn
    port: 443
    uuid: xxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxx
    alterId: 0
    cipher: auto
    tls: true
    skip-cert-verify: false
    network: ws
    ws-opts:
      path: /path

求助求助

bannedbook commented 2 years ago

确保校准 服务器和客户端时间

zzyalbert commented 2 years ago

确保校准 服务器和客户端时间

已经安装了NTP来校准时间了,还是连不上。。

zzyalbert commented 2 years ago

貌似是延时太高超过3秒了,过了一会儿好了

zzyalbert commented 2 years ago

对了,再请教下,套CDN可以不用nginx转发吗?比如直接cdn+tcp?现在延时实在太高想减少流量转发负担

bannedbook commented 2 years ago

可以不用 nginx ,但仍然需要ws ,不能tcp

bannedbook commented 2 years ago

只能cf 支持的几个端口

zzyalbert commented 2 years ago

只能cf 支持的几个端口

80和443?

zzyalbert commented 2 years ago

试了一下,连不上呀 server端配置

{
  "log": {
    "loglevel": "warning",
    "access": "/dev/null",
    "error": "/dev/null"
  },
  "inbounds": [{
    "listen":"127.0.0.1",
    "port": 80,
    "protocol": "vmess",
    "settings": {
      "clients": [
        {
          "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
          "level": 1,
          "alterId": 0
        }
      ]
    },
        "streamSettings": {
        "network": "ws",
        "wsSettings": {
        "path": "/path"
        }
    }
  }],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "allowed"
    },
    {
      "protocol": "blackhole",
      "settings": {},
      "tag": "blocked"
    }
  ],
  "routing": {
    "rules": [
      {
        "type": "field",
        "ip": [
          "geoip:private"
        ],
        "outboundTag": "blocked"
      }
    ]
  }
}

client端clashx配置

  - name: v2ray 
    type: vmess
    server: xx.xxxxx.cn
    port: 80
    uuid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
    alterId: 0
    cipher: auto
    tls: true
    skip-cert-verify: false
    network: ws
    ws-opts:
      path: /path
bannedbook commented 2 years ago

"listen":"127.0.0.1", 改成 "listen":"0.0.0.0",

zzyalbert commented 2 years ago

哦是是忘改了,listen这行删了应该就行,牛逼牛逼,感谢👍🏻