search

snail007 / goproxy

🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
https://snail007.host900.com/goproxy/manual/zh/
GNU General Public License v3.0
15.86k stars 3.02k forks source link

多IP服务器UDP功能异常 #491

Open Raymond-C opened 2 years ago

Raymond-C commented 2 years ago

多IP服务器,通过 --bind-ip 绑定出口IP,但实际使用时,发现只有主IP能使用UDP协议。而其他IP只能使用TCP协议。

Expected Behavior

多IP服务器内的所有IP都可以支持TCP/UDP流量

Current Behavior

只有主IP同时支持TCP/UDP流量,非主IP仅支持TCP流量

Possible Solution

Steps to Reproduce

  1. 通过 sps 命令起服务
  2. 通过 SSTap 软件测试,在使用子IP/主IP连接时,不同协议联通情况
  3. 测试结果为 :只有使用主IP连接时可以发送UDP数据包,使用子IP连接时,只能发送TCP数据
  4. 通过SSTap/V2ray进行全局连接,
  5. 打开IP检查站点,发现通过主IP/子IP连接时,都显示出口IP为 bind-ip 指定的IP
  6. 编写UDP服务端/客户端,测试发送数据包,测试结果为:通过子IP连接无法发送UDP数据包,使用主IP连接时可以发送UDP数据包,但是服务端获取到的发送者IP为主IP

Context (Environment)

  1. proxy version is : commercial_11.8
  2. . full command is : proxy sps --udp -p :6666 --bind-ip 子IP:6666
  3. . system is : ubuntu 20.0
  4. . full log is:

例子中隐去实际IP,主IP用 212.212.212.212 代替,子 IP 段使用 247.247.247.12 代替,客户端IP用 191.191.191.253 代替

root@vz:~# proxy sps --udp -p :6666 --bind-ip 247.247.247.12:6666 2022/06/26 06:18:13.926036 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:13.926094 INFO init ss local cipher, aes-256-cfb, sspassword 2022/06/26 06:18:13.926265 INFO ss udp disabled 2022/06/26 06:18:13.926276 INFO tcp sps on [::]:6666 2022/06/26 06:18:18.918343 INFO your machine code is : XXXXXXXXXXXXXXXXXXXXXXXX 2022/06/26 06:18:18.918373 INFO checking ... 2022/06/26 06:18:18.932525 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:19.252370 INFO check success, your machine will expired at 2023-06-20 06:47:19

以下为使用主IP连接时的测试情况

2022/06/26 06:18:23.937701 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:28.943881 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:30.415316 INFO ip 191.191.191.253 rate, current: 1/s, max: 20/s 2022/06/26 06:18:30.415351 INFO outgoing ip is: 247.247.247.12, for 212.212.212.212:6666 2022/06/26 06:18:30.482791 INFO conn 191.191.191.253:35569 - 104.193.88.77:80 connected [www.baidu.com:80] 2022/06/26 06:18:31.869106 INFO s5 udp on [::]:52746 2022/06/26 06:18:32.102434 INFO conn 191.191.191.253:35569 - 104.193.88.77:80 released [www.baidu.com:80] 2022/06/26 06:18:33.949338 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:34.842252 WARN connect to tcp parent fail, ERR:read auth info fail,ERR: read tcp 212.212.212.212:6666->119.60.104.215:53236: read: connection reset by peer from 119.60.104.215:53236 2022/06/26 06:18:38.955678 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:43.960872 INFO binding 247.247.247.12 for 6666 2022/06/26 06:18:48.966153 INFO binding 247.247.247.12 for 6666

以下为使用子IP连接时的测试情况

2022/06/26 06:19:24.005743 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:29.012340 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:34.017433 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:39.022655 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:43.081951 INFO ip 191.191.191.253 rate, current: 1/s, max: 20/s 2022/06/26 06:19:43.081990 INFO outgoing ip is: 247.247.247.12, for 247.247.247.12:6666 2022/06/26 06:19:43.525221 INFO conn 191.191.191.253:35956 - 104.193.88.123:80 connected [www.baidu.com:80] 2022/06/26 06:19:44.029176 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:44.733472 INFO s5 udp on [::]:43716 2022/06/26 06:19:44.965335 INFO conn 191.191.191.253:35956 - 104.193.88.123:80 released [www.baidu.com:80] 2022/06/26 06:19:48.410577 INFO s5 udp on [::]:39659 2022/06/26 06:19:49.034397 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:52.075429 INFO s5 udp on [::]:51154 2022/06/26 06:19:54.039378 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:55.754057 INFO s5 udp on [::]:54372 2022/06/26 06:19:59.045615 INFO binding 247.247.247.12 for 6666 2022/06/26 06:19:59.401750 INFO s5 udp on [::]:57809

Detailed Description

以下log对应 sstap 连接测试截图 image image

Possible Implementation

snail007 commented 2 years ago

多IP,-p参数必须指定IP,有多少IP指定多少IP,不指定IP就只有主IP支持UDP,比如 -p 192.168.0.2 :6666 -p 192.168.0.3 :6666 .

Raymond-C commented 2 years ago

找一台绑了2个IP的机器进行测试,结果: 如果是通过goproxy转发到已经起好的父级服务,就没问题; 如果靠goproxy本身去起服务,就无法使用子IP进行UDP数据传输

root@ubuntu:~# ip a
2: eth0: ........
    ......................
    inet 192.168.168.1/22 brd 192.168.168.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 192.168.168.2/22 brd 192.168.168.255 scope global eth0:0
       valid_lft forever preferred_lft forever

测试1: 命令:proxy sps --udp -p 192.168.168.1:6666 -p 192.168.168.2:6666 --bind-ip 192.168.168.2:6666 结果:启动报错 log:2022/06/29 22:57:15.865826 proxy/main.go:86 ERROR err : flag 'local' cannot be repeated

测试2: 命令:proxy sps --udp -p 192.168.168.1:6666,192.168.168.2:6666 --bind-ip 192.168.168.2:6666 结果:和issue描述的问题一致,log也一样 通过主IP连接可以使用 TCP/UDP。但是UDP的出口IP为主IP;通过子IP连接只能使用TCP

测试3: 命令:1、先用 v2ray 起一个支持UDP的socks5,服务 端口 8888,绑定子IP 192.168.168.2 作为outbound 2、连接 8888 端口测试,可以同时使用TCP/UDP,且UDP端口为 192.168.168.2 3、起goproxy服务 proxy sps -p :6666 --udp -P socks5://127.0.0.1:8888 结果:通过主IP或者子IP都可以连接,且使用 TCP/UDP,UDP出口IP为 192.168.168.2 日志:

goproxy日志:

2022/06/29 23:13:49.687603 INFO conn 191.191.191.253:57450 - 127.0.0.1:8888 connected [www.baidu.com:80]
2022/06/29 23:13:51.378533 INFO conn 191.191.191.253:57450 - 127.0.0.1:8888 released [www.baidu.com:80]
v2ray日志:
2022/06/29 23:13:49 tcp:127.0.0.1:45278 accepted tcp:www.baidu.com:80 [out88]
2022/06/29 23:13:50 udp:127.0.0.1:39027 accepted udp:114.114.114.114:53 [out88]