search

shadowsocks / v2ray-plugin

A SIP003 plugin based on v2ray
MIT License
2.67k stars 569 forks source link

The v2ray-plugin doesn't seem to work properly on Linux clients. Any suggestion? #197

Closed dm116 closed 4 years ago

dm116 commented 4 years ago

I got some error on kali2019 when I run shadowsocks-libev ss-local.But my another client shadowsocks4.1.9.2 run perfectly on window10.

My VPS already run v2ray+ws+tls+nginx+cdn(cdn of cloudflare) well.

1. shadowsocks4.1.9.2 configuration on window10

"server":"mydomain.com",
"server_port":443,
"password":"mypassword",
"encryption":"aes-256-gcm",
"plugin":"v2ray-plugin",
"plugin_options":"tls;host=mydomain.com;path=/ss/;loglevel=none",
"local_port":1080

2. Configuration of client on Kali2019

2.1 local.json of shadowsocks-libev

{
    "server":"mydomain.com",
    "server_port":443,
    "local_port":1080,
    "password":"mypassword",
    "timeout":300,
    "method":"aes-256-gcm",
    "plugin":"/usr/bin/v2ray-plugin",
    "plugin_opt":"tls;host=mydomain.com;path=/ss/;loglevel=none",
    "reuse_port":true
}

2.2 error message of chrome

root@kali:~# chrome
[2097:2097:0325/184838.830074:ERROR:edid_parser.cc(102)] Too short EDID data: manufacturer id
[2126:2126:0325/184838.931405:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process.
[2129:2134:0325/184854.258843:ERROR:ssl_client_socket_impl.cc(941)] handshake failed; returned -1, SSL error code 1, net_error -100
[2129:2134:0325/184854.259257:ERROR:ssl_client_socket_impl.cc(941)] handshake failed; returned -1, SSL error code 1, net_error -100
[2129:2134:0325/184854.276415:ERROR:ssl_client_socket_impl.cc(941)] handshake failed; returned -1, SSL error code 1, net_error -100

2.3 nginx.conf of client ()

I used nginx on client because chrome didn't work well on kali so I used nginx as a reverse proxy. I add to http{...} as following:

server {
        listen 80;
        server_name 127.0.0.1;
        location /autoproxy.pac {
            alias /etc/shadowsocks-libev/autoproxy.pac;
        }
}

The whole content of nginx.conf is as follows:

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##
    server {
        listen 80;
        server_name 127.0.0.1;
        location /autoproxy.pac {
            alias /etc/shadowsocks-libev/autoproxy.pac;
        }
    }

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

# proxy chrome 

#mail {
#   # See sample authentication script at:
#   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#   # auth_http localhost/auth.php;
#   # pop3_capabilities "TOP" "USER";
#   # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#   server {
#       listen     localhost:110;
#       protocol   pop3;
#       proxy      on;
#   }
# 
#   server {
#       listen     localhost:143;
#       protocol   imap;
#       proxy      on;
#   }
#}

3 configuration of server

By the way my VPS has been configured by v2ray+tls+nginx+cdn(cloudflare's cdn)

3.1 configuration of shadowsocks-libev

{
    "server":"0.0.0.0",
    "server_port":10086,
    "local_port":1080,
    "password":"mypassword",
    "timeout":300,
    "plugin":"/usr/bin/v2ray-plugin",
    "plugin_opts":"server;path=/ss/;loglevel=none",
    "method":"aes-256-gcm"
}

3.2 configuration of nginx on VPS

server {
        listen 443 ssl http2 default_server;
        listen [::]:443 ssl http2 default_server;

        server_name mydomain.com www.mydomain.com;
        root /var/www/mydomain.com;
        index index.php index.html index.htm;

        ssl_certificate         /etc/ssl/certs/cloudflare_mydomain.com;
        ssl_certificate_key     /etc/ssl/private/cloudflare_mydomain.com;
        ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache       shared:SSL:1m;
        ssl_session_timeout     10m;
        ssl_ciphers             HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
        ssl_client_certificate  /etc/ssl/certs/origin-pull-ca.pem;
        ssl_verify_client on;

        client_max_body_size 100M;

        autoindex off;

        location / {
                try_files $uri $uri/ /index.php?$args;
        }

        location /ss {
                access_log off;
                proxy_redirect off;
                proxy_pass http://localhost:10086;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $http_host;
        }

        location /mn_v2ray {
                access_log off;
                proxy_redirect off;
                proxy_pass http://localhost:110;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $http_host;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }
}
rampageX commented 4 years ago

Use curl -x test your proxy work or not, then you know it is chrome & nginx reverse proxy or proxy problem.

dm116 commented 4 years ago

I don't think it was a problem with chrome or the nginx reverse proxy, because I used another browser firefox to try the same thing and I got the sam result. Because firefox didn't need nginx reverse proxy.

dm116 commented 4 years ago

@rampageX I found the problem and solved it. The problem is that Kali's time is not network synchronized. But v2ray-plugin and v2ray are the same strict on time. So I installed ntp and synced the time, and it worked.

f1h0 commented 4 years ago

@rampageX I found the problem and solved it. The problem is that Kali's time is not network synchronized. But v2ray-plugin and v2ray are the same strict on time. So I installed ntp and synced the time, and it worked.

how to do it please show

dm116 commented 4 years ago

@rampageX I found the problem and solved it. The problem is that Kali's time is not network synchronized. But v2ray-plugin and v2ray are the same strict on time. So I installed ntp and synced the time, and it worked.

how to do it please show

The approximate steps are as follows

  1. Install ntp 
    sudo apt-get install ntp

    2.start at boot

    sudo systemctl enable ntp

    3.reboot

    sudo reboot