search

p4gefau1t / trojan-go

Go实现的Trojan代理,支持多路复用/路由功能/CDN中转/Shadowsocks混淆插件,多平台,无依赖。A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW. https://p4gefau1t.github.io/trojan-go/
GNU General Public License v3.0
7.81k stars 1.68k forks source link

UDP不能通訊 #156

Open elric8 opened 4 years ago

elric8 commented 4 years ago

udp显示错误,TCP可以,手机上shadowrocket可以连接(udp不知道) 日志

微信图片_20200803134619

微信图片编辑_20200803134531

配置文件: 服务端: { "run_type": "server", "local_addr": "0.0.0.0", "local_port": 443, "remote_addr": "127.0.0.1", "remote_port": 80, "password": ["XXX"], "udp_timeout": 3600, "ssl": { "cert": "/usr/src/trojan-cert/XXX", "key": "/usr/src/trojan-cert/XXX", "sni": "XXX" }, "router": { "enabled": true, "block": [ "geoip:private" ], "geoip": "/usr/share/trojan-go/geoip.dat", "geosite": "/usr/share/trojan-go/geosite.dat" } }

本地端: { "run_type": "client", "local_addr": "127.0.0.1", "local_port": 1080, "remote_addr": "XXX", "remote_port": 443, "password": [ "XXX" ], "ssl": { "sni": "XXX" }, "mux": { "enabled": true }, "router": { "enabled": true, "bypass": [ "geoip:cn", "geoip:private", "geosite:cn", "geosite:geolocation-cn" ], "block": [ "geosite:category-ads" ], "proxy": [ "geosite:geolocation-!cn" ], "default_policy": "proxy", "geoip": "/usr/share/trojan-go/geoip.dat", "geosite": "/usr/share/trojan-go/geosite.dat" } }

p4gefau1t commented 4 years ago

无法复现,请指出你的使用 socks 代理的客户端(如浏览器或其他应用)

elric8 commented 4 years ago

无法复现,请指出你的使用 socks 代理的客户端(如浏览器或其他应用)

微信图片编辑_20200803233508

yon用的是sstap

HiFiPhile commented 4 years ago

手机端使用igniter 0.98, 服务器log出现相同错误

服务器

配置

{
    "run_type": "server",
    "local_addr": "::",
    "local_port": 8110,
    "remote_addr": "127.0.0.1",
    "remote_port": 80,
    "password": [
    ],
    "log_level": 3,
    "ssl": {
        "cert": "/etc/trojan/fullchain.pem",
        "key": "/etc/trojan/privkey.pem",
        "key_password": "",
        "cipher": "",
        "prefer_server_cipher": true,
        "alpn": [
            "http/1.1"
        ],
        "alpn_port_override": {
            "h2": 81
        },
        "reuse_session": true,
        "session_ticket": false,
        "session_timeout": 600,
        "plain_http_response": "",
        "curves": "",
        "dhparam": ""
    },
    "mysql": {
        "enabled": true,
        "server_addr": "127.0.0.1",
        "server_port": 3306,
        "database": "trojan",
        "username": "trojan",
        "password": "xxx",
        "key": "",
        "cert": "",
        "ca": ""
    },
    "router": {
        "enabled": true,
        "block": [
            "geoip:private"
        ],
        "geoip": "/etc/trojan/geoip.dat",
        "geosite": "/etc/trojan/geosite.dat"
    }
}

nginx转发:

# Request dispatcher
stream {
    # SNI forward
    map $ssl_preread_server_name $backend_name {
        xxx.xxx.com trojan;
        default web;
    }

    # web
    upstream web {
        server localhost:8443;
    }

    # trojan
    upstream trojan {
        server localhost:8110;
    }

    # listen port 443 and enable ssl_preread
    server {
        listen 443 reuseport;
        listen [::]:443 reuseport;
        proxy_pass  $backend_name;
        ssl_preread on;
    }
}

客户端log

[08-05 08:35:31.459 26825:26825 V/TrojanConfig]
{"local_addr":"127.0.0.1","local_port":40785,"remote_server_remark":"xxx","remote_addr":"xxx.xxx.com","remote_port":443,"password":["xxx"],"log_level":2,"ssl":{"verify":true,"cert":"\/data\/user\/0\/io.github.trojan_gfw.igniter\/cache\/cacert.pem","cipher":"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA","cipher_tls13":"TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384","alpn":["h2","http\/1.1"],"sni":"xxx.xxx.com"},"enable_ipv6":true}

[08-05 08:35:51.612 26825:26825 W/System.err]
java.net.URISyntaxException: Illegal character in path at index 82: github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayPacketLoop.func1.1:proxy.go:142 failed to parse udp packet addr

[08-05 08:35:51.612 26825:26825 W/System.err]
    at io.github.trojan_gfw.igniter.TrojanURLHelper.ParseTrojanURL(TrojanURLHelper.java:26)

[08-05 08:35:51.612 26825:26825 W/System.err]
    at io.github.trojan_gfw.igniter.MainActivity$16.run(MainActivity.java:445)
p4gefau1t commented 4 years ago

服务端的报错是因为 UDP 隧道长时间不活跃,连接被客户端关闭。

我使用其他 UDP 客户端的测试均正常,从日志来看很可能是你的客户端没有正确处理返回的 UDP 包。

另外 @HiFiPhile 的客户端日志是 UI 的日志,不包含任何关于连接的有效信息。

HiFiPhile commented 4 years ago

总结下来是这样的,也可能是Ignite的问题: image

Ignite的log没有更多的信息

elric8 commented 4 years ago

找到原因了 @p4gefau1t 只要開啓 多路復用 就會造成UDP大量報錯 現在關閉后,正常通訊 微信图片编辑_20200815115553

GVMESS commented 3 years ago

MUX不是特色功能么,开启MUX UDP报错是否有影响

dotNetDR commented 3 years ago

我也遇到同样问题 软路由模式:nat 开启了websocket 使用mux.enabled=true时,程序的udp包转发失败,把mux.enabled设为false就正常了

版本:v0.8.2

hak0 commented 3 years ago

遇到同样问题 客户端: igniter-go 0.9.5beta-SNAPSHOT, qv2ray 2.6.3:5840, shadowrocket 最新版,开启多路复用后服务端报错:

failed to parse udp packet addr | unable to read ATYP | EOF

服务端版本0.8.2

gaorui84 commented 3 years ago

遇到同样问题 PC客户端:V2RayN v4.19,Mux未开启 Android客户端:V2RayNG v1.6.14,无Mux选项 服务器端:Trojan-go v0.8.2,用 tls-shunt-proxy v0.7.0 分流反代 trojan-go 流量出现此问题,netstat 查看连接发现 trojan-go 进程产生大量 udp6 连接,改为 trojan-go 直接监听 443 端口后此问题消失。

chr09670 commented 2 years ago

遇到相同的问题。 客户端用openwrt,passwall的trojan-go,服务端是容器p4gefau1t/trojan-go,配置除了添加ws和mux,其它都是默认的,在服务端日志也发现了这个问题[ERROR] 2022/05/26 01:46:38 github.com/p4gefau1t/trojan-go/tunnel/simplesocks.(*Server).acceptLoop:server.go:41 simplesocks server faield to read header | EOF