Closed Polaris0112 closed 3 years ago
作者你好, issue发生环境:
# ./redsocks/redsocks2 -v redsocks.git/release-0.67-36-g1951b49 OpenSSL\nFeatures: Built with libevent-2.0.21-stable Runs with libevent-2.0.21-stable
# curl --version curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets
目前已经搭建http和https代理,通过系统设置http_proxy和https_proxy变量能正常使用,证明正向代理是正常能用的 然后通过redsocks配置后 配置文件如下
base { log_debug = on; log_info = on; log = stderr; daemon = off; redirector = iptables; reuseport = off; } redsocks { bind = "127.0.0.1:1**8"; relay = "142.******161:10***"; type = http-relay; autoproxy = 0; timeout = 10; } redsocks { bind = "127.0.0.1:2****"; relay = "142.******.161:**2"; type = http-connect; autoproxy = 0; timeout = 10; }
iptables配置:
Chain OUTPUT (policy ACCEPT) target prot opt source destination REDSOCKS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 REDSOCKSHTTPS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain REDSOCKS (1 references) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 redir ports 1**8 Chain REDSOCKSHTTPS (1 references) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 redir ports **2
启动后http请求没问题,能符合预期使用,但是https请求会出现
# curl https://ipinfo.io curl: (35) gnutls_handshake() failed: The TLS connection was non-properly terminated.
然后redsocks2控制台报错是
1628248017.122668 debug redsocks.c:837 redsocks_accept_client(...) [192.*******.154:41224->34.******.81:443]: accepted 1628248017.448724 notice http-connect.c:139 httpc_read_cb(...) [192.*******.154:41224->34.******.81:443]: HTTP/1.0 403 Forbidden 1628248017.448986 debug redsocks.c:421 redsocks_drop_client(...) [192.*******.154:41224->34.******.81:443]: dropping client @ state: 1
请问这个是redsocks2里面对http有修改?还是https proxy是需要支持http1.0?
已排查https proxy支持http 1.0
作者你好, issue发生环境:
目前已经搭建http和https代理,通过系统设置http_proxy和https_proxy变量能正常使用,证明正向代理是正常能用的 然后通过redsocks配置后 配置文件如下
iptables配置:
启动后http请求没问题,能符合预期使用,但是https请求会出现
然后redsocks2控制台报错是
请问这个是redsocks2里面对http有修改?还是https proxy是需要支持http1.0?