Closed hyhy01 closed 3 years ago
qiuzi
commented
3 years ago run-type: server
local-addr: 0.0.0.0
local-port: 443
remote-addr: 127.0.0.1
remote-port: 80
password:
- "xxx"
ssl:
cert: /root/.acme.sh/bandkvm.xxx/fullchain.cer
key: /root/.acme.sh/bandkvm.xxx/bandkvm.xxx.key
sni: bandkvm.xxx
router:
enabled: true
block:
- 'geoip:private'
geoip: /root/geoip.dat
geosite: /root/geosite.dat
websocket:
enabled: true
path: "/ws"
host: "bandkvm.xxx"试试这样
hyhy01
commented
3 years ago run-type: server local-addr: 0.0.0.0 local-port: 443 remote-addr: 127.0.0.1 remote-port: 80 password: - "xxx" ssl: cert: /root/.acme.sh/bandkvm.xxx/fullchain.cer key: /root/.acme.sh/bandkvm.xxx/bandkvm.xxx.key sni: bandkvm.xxx router: enabled: true block: - 'geoip:private' geoip: /root/geoip.dat geosite: /root/geosite.dat websocket: enabled: true path: "/ws" host: "bandkvm.xxx"试试这样
服务器启动不报错了,客户端没变化,感觉请求根本没到服务器
qiuzi
commented
3 years ago 提示什么错误
hyhy01
commented
3 years ago 提示什么错误 和上面的一样啊
[INFO] 2021/03/15 22:30:52 socks connection from 127.0.0.1:23619 metadata github.githubassets.com:443 [ERROR] 2021/03/15 22:30:53 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:30:53 socks connection from 127.0.0.1:23624 metadata github.com:443 [ERROR] 2021/03/15 22:30:53 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:30:53 socks connection from 127.0.0.1:23626 metadata github.githubassets.com:443 [ERROR] 2021/03/15 22:30:53 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | remote error: tls: error decoding message [ERROR] 2021/03/15 22:30:53 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:30:54 socks connection from 127.0.0.1:23630 metadata lp.open.weixin.qq.com:443 [INFO] 2021/03/15 22:31:07 socks connection from 127.0.0.1:23641 metadata github.githubassets.com:443 [INFO] 2021/03/15 22:31:07 socks connection from 127.0.0.1:23640 metadata github.com:443 [ERROR] 2021/03/15 22:31:08 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:08 socks connection from 127.0.0.1:23647 metadata github.githubassets.com:443 [ERROR] 2021/03/15 22:31:09 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:09 socks connection from 127.0.0.1:23649 metadata github.com:443 [ERROR] 2021/03/15 22:31:09 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:12 socks connection from 127.0.0.1:23654 metadata lp.open.weixin.qq.com:443 [ERROR] 2021/03/15 22:31:12 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:30 socks connection from 127.0.0.1:23702 metadata lp.open.weixin.qq.com:443 [INFO] 2021/03/15 22:31:35 socks connection from 127.0.0.1:23708 metadata 192.168.39.22:80 [INFO] 2021/03/15 22:31:35 socks connection from 127.0.0.1:23710 metadata 192.168.39.22:80 [INFO] 2021/03/15 22:31:39 socks connection from 127.0.0.1:23724 metadata github.com:443 [INFO] 2021/03/15 22:31:39 socks connection from 127.0.0.1:23725 metadata github.githubassets.com:443 [ERROR] 2021/03/15 22:31:39 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:39 socks connection from 127.0.0.1:23730 metadata github.githubassets.com:443 [ERROR] 2021/03/15 22:31:39 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:39 socks connection from 127.0.0.1:23732 metadata github.com:443 [ERROR] 2021/03/15 22:31:40 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [ERROR] 2021/03/15 22:31:41 github.com/p4gefau1t/trojan-go/proxy.(*Proxy).relayConnLoop.func1.1:proxy.go:66 proxy failed to dial connection | websocket cannot dial with underlying client | tls failed to handshake with remote server | local error: tls: unexpected message [INFO] 2021/03/15 22:31:48 socks connection from 127.0.0.1:23745 metadata lp.open.weixin.qq.com:443
客户端去掉 fingerprint: "chrome"呢?
hyhy01
commented
3 years ago chrome
一样的,最开始就是没有fingerprint
hyhy01
commented
3 years ago 还有mux一开始是开启的,报错之后才关掉
qiuzi
commented
3 years ago {
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 443,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"xxxxxxxx"
],
"ssl": {
"cert": "/root/.acme.sh/bandkvm.xxx/fullchain.cer",
"key": "/root/.acme.sh/bandkvm.xxx/bandkvm.xxx.key"
},
"websocket": {
"enabled": true,
"path": "/ws"
}
}cf里把ssl设置成完全
hyhy01
commented
3 years ago 啊啊啊啊啊啊啊,谢谢了,原来是这样,完全没意识到
hyhy01
commented
3 years ago 我还以为我请求哪个端口就会转发到后端哪个端口,原来的我访问443,和444全被发送到80端口去了。
jkyndir
commented
1 year ago hi there, could u plz elaborate on this solution? i've been having the same issue.
您好,请问你可以对这个solution进行更进一步的解释吗?我也有相同的议题。
huadaonan
commented
1 year ago 啊啊啊啊啊啊啊,谢谢了,原来是这样,完全没意识到
给讲讲具体改了哪里
jkyndir
commented
1 year ago { "run_type": "server", "local_addr": "0.0.0.0", "local_port": 443, "remote_addr": "127.0.0.1", "remote_port": 80, "password": [ "xxxxxxxx" ], "ssl": { "cert": "/root/.acme.sh/bandkvm.xxx/fullchain.cer", "key": "/root/.acme.sh/bandkvm.xxx/bandkvm.xxx.key" }, "websocket": { "enabled": true, "path": "/ws" } }cf里把ssl设置成完全
I think I got it. And now the problem is resolved.
For anyone who has the same issue, here's what i did.
So, apparently Cloudflare has a setting that's called SSL/TLS encryption mode. And you need to set it as Full, which should fix the problem.
jkyndir
commented
1 year ago SSL/TLS encryption mode
hi there, u can see my reply above.
U need to change the SSL/TLS encryption mode to Full in the Cloudflare. That fixed all my problems.
我们建议您按照下方模板填写 Bug Report,以便我们收集更多的有效信息
简单描述这个 Bug
通过floudflare访问nginx是正常的(https协议,444端口),但是trojan不行(websocket协议,443端口)。floudflare已经开启ws协议了。
证书通过acme.sh脚本生成的,域名是没备案的。估计备案的一样,腾讯云dns服务器切换到cloudflare太慢了。
相同配置,在其他机器不经过floudflare也是可以的,但是这个服务器国内无法访问,所以测试不了。
fingerprint试了几种都一样。
如何复现这个 Bug
启动服务器与客户端,配置floudflare,访问google
服务器和客户端环境信息
amd64,客户端为windwos,服务器为linux
服务端和客户端日志
客户端
如果用qv2ray的话(先不管这个,上面的搞定再说)
服务端启动之后是下面这样,问题应该不大。访问之后没有新增内容
服务端和客户端配置文件
可以复现该问题的客户端和服务端的完整配置(请隐去域名和IP等隐私信息)
服务端和客户端版本信息
v0.8.2
其他信息