search

springzfx / cgproxy

Transparent Proxy with cgroup v2。透明代理,配合v2ray/Qv2ray食用最佳
GNU General Public License v2.0
344 stars 38 forks source link

[求助] 透明代理无法使用 #34

Open 517030910405 opened 3 years ago

517030910405 commented 3 years ago

您好!

这里无法运行透明代理,全都是按照教程一步一步操作的。

能帮忙看一下吗?谢谢!

流程

安装指令:

~$ uname -a
Linux myname-DellPro 5.4.0-62-generic #70~18.04.1-Ubuntu SMP Tue Jan 12 17:18:00 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
~$ cd Downloads/
~/Downloads$ sudo apt install ./cgproxy_0.19_amd64.deb

更改配置后运行:

~$ sudo systemctl enable --now cgproxy.service
~$ cgproxy curl -vI https://www.google.com
curl: /home/myname/anaconda3/envs/myenvirn/lib/libcurl.so.4: no version information available (required by curl)
*   Trying 104.244.46.85:443...
*   Trying 2001::45ab:f747:443...
* Immediate connect fail for 2001::45ab:f747: Network is unreachable

配置(v2ray 的配置是 Qv2ray 生成的):

{
    "comment":"For usage, see https://github.com/springzfx/cgproxy", 
    "port": 10809,
    "program_noproxy": ["v2ray", "qv2ray"],
    "program_proxy": [],
    "cgroup_noproxy": ["/system.slice/v2ray.service"],
    "cgroup_proxy": [],
    "enable_gateway": true,
    "enable_dns": true,
    "enable_udp": true,
    "enable_tcp": true,
    "enable_ipv4": true,
    "enable_ipv6": true,
    "table": 10007,
    "fwmark": 39283
}

image

{
    "inbounds": [
        {
            "listen": "0.0.0.0",
            "port": 1089,
            "protocol": "socks",
            "settings": {
                "auth": "noauth",
                "ip": "127.0.0.1",
                "udp": true,
                "userLevel": 0
            },
            "sniffing": {
                "enabled": false
            },
            "tag": "SOCKS_gConf"
        },
        {
            "allocate": {
                "concurrency": 2,
                "refresh": null,
                "strategy": "always"
            },
            "listen": "0.0.0.0",
            "port": "10809",
            "protocol": "dokodemo-door",
            "settings": {
                "address": null,
                "followRedirect": true,
                "network": "tcp,udp",
                "port": null,
                "timeout": null,
                "userLevel": null
            },
            "sniffing": {
                "destOverride": null,
                "enabled": null
            },
            "streamSettings": {
                "sockopt": {
                    "tproxy": "tproxy"
                }
            },
            "tag": "dokodemo-door"
        },
        {
            "listen": "0.0.0.0",
            "port": 8889,
            "protocol": "http",
            "sniffing": {
                "enabled": false
            },
            "tag": "http_gConf"
        }
    ],
    "outbounds": [
        {
            "_QV2RAY_USE_GLOBAL_FORWARD_PROXY_": false,
            "mux": {
                "concurrency": 1,
                "enabled": true
            },
            "protocol": "vmess",
            "sendThrough": "0.0.0.0",
            "settings": {
                "vnext": [
                    {
                        "address": "mydomain.com",
                        "port": 443,
                        "users": [
                            {
                                "alterId": 0,
                                "id": "b5b01b79-b1bc-4beb-b1bc-b7b4b8bbb04b",
                                "level": 0,
                                "security": "none",
                                "testsEnabled": "none"
                            }
                        ]
                    }
                ]
            },
            "streamSettings": {
                "dsSettings": {
                    "path": "/"
                },
                "httpSettings": {
                    "host": [
                    ],
                    "path": "/"
                },
                "kcpSettings": {
                    "congestion": false,
                    "downlinkCapacity": 20,
                    "header": {
                        "type": "none"
                    },
                    "mtu": 1350,
                    "readBufferSize": 1,
                    "seed": "",
                    "tti": 20,
                    "uplinkCapacity": 5,
                    "writeBufferSize": 1
                },
                "network": "ws",
                "quicSettings": {
                    "header": {
                        "type": "none"
                    },
                    "key": "",
                    "security": ""
                },
                "security": "tls",
                "sockopt": {
                    "mark": 0,
                    "tcpFastOpen": false,
                    "tproxy": "off"
                },
                "tcpSettings": {
                    "header": {
                        "request": {
                            "headers": {
                            },
                            "method": "GET",
                            "path": [
                            ],
                            "version": "1.1"
                        },
                        "response": {
                            "headers": {
                            },
                            "reason": "OK",
                            "status": "200",
                            "version": "1.1"
                        },
                        "type": "none"
                    }
                },
                "tlsSettings": {
                    "allowInsecure": false,
                    "allowInsecureCiphers": false,
                    "alpn": [
                    ],
                    "certificates": [
                    ],
                    "disableSessionResumption": true,
                    "disableSystemRoot": false,
                    "serverName": "mydomain.com"
                },
                "wsSettings": {
                    "headers": {
                        "Host": "mydomain.com"
                    },
                    "path": "/sjtu"
                }
            },
            "tag": "outBound_PROXY"
        },
        {
            "mux": {
            },
            "protocol": "freedom",
            "sendThrough": "0.0.0.0",
            "settings": {
                "domainStrategy": "AsIs",
                "redirect": "",
                "userLevel": 0
            },
            "streamSettings": {
            },
            "tag": "Freedom_78225879"
        }
    ],
    "routing": {
        "balancers": [
        ],
        "domainStrategy": "",
        "rules": [
            {
                "QV2RAY_RULE_ENABLED": true,
                "QV2RAY_RULE_TAG": "默认规则",
                "QV2RAY_RULE_USE_BALANCER": false,
                "attrs": "",
                "balancerTag": "oetcmgaffqks",
                "domain": [
                    "ext:h2y.dat:gfw",
                    "slack",
                    "wikimedia",
                    "wikipedia",
                    "git",
                    "conda"
                ],
                "inboundTag": [
                    "dokodemo-door",
                    "SOCKS_gConf",
                    "http_gConf"
                ],
                "ip": [
                ],
                "outboundTag": "outBound_PROXY",
                "port": "1-65535",
                "protocol": [
                ],
                "source": [
                ],
                "type": "field",
                "user": [
                ]
            },
            {
                "QV2RAY_RULE_ENABLED": true,
                "QV2RAY_RULE_TAG": "规则-udjshl",
                "QV2RAY_RULE_USE_BALANCER": false,
                "attrs": "",
                "balancerTag": "aogokomxvtij",
                "domain": [
                ],
                "inboundTag": [
                    "dokodemo-door",
                    "SOCKS_gConf",
                    "http_gConf"
                ],
                "ip": [
                ],
                "outboundTag": "Freedom_78225879",
                "port": "1-65535",
                "protocol": [
                ],
                "source": [
                ],
                "type": "field",
                "user": [
                ]
            }
        ]
    }
}
517030910405 commented 3 years ago

cgroup_proxy 改了,现在变成不能连接了

~$ sudo systemctl enable --now cgproxy.service
Created symlink /etc/systemd/system/multi-user.target.wants/cgproxy.service → /usr/lib/systemd/system/cgproxy.service.

~$ wget www.baidu.com
--2021-02-04 00:14:03--  http://www.baidu.com/
Resolving www.baidu.com (www.baidu.com)... failed: Name or service not known.
wget: unable to resolve host address ‘www.baidu.com’

~$ cat /etc/cgproxy/config.json 
{
    "comment":"For usage, see https://github.com/springzfx/cgproxy",

    "port": 10809,
    "program_noproxy": ["v2ray", "qv2ray"],
    "program_proxy": [],
    "cgroup_noproxy": ["/system.slice/v2ray.service"],
    "cgroup_proxy": ["/"],
    "enable_gateway": true,
    "enable_dns": true,
    "enable_udp": true,
    "enable_tcp": true,
    "enable_ipv4": true,
    "enable_ipv6": true,
    "table": 10007,
    "fwmark": 39283
}

~$ sudo systemctl disable --now cgproxy.service
Removed /etc/systemd/system/multi-user.target.wants/cgproxy.service.

~$ wget www.baidu.com
--2021-02-04 00:18:02--  http://www.baidu.com/
Resolving www.baidu.com (www.baidu.com)... 180.101.49.12, 180.101.49.11
Connecting to www.baidu.com (www.baidu.com)|180.101.49.12|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2381 (2.3K) [text/html]
Saving to: ‘index.html’

index.html          100%[===================>]   2.33K  --.-KB/s    in 0s      

2021-02-04 00:18:02 (18.3 MB/s) - ‘index.html.3’ saved [2381/2381]
shanoaice commented 3 years ago

改完 cgroup_proxy 就直接变成透明代理全部了,我猜测是 DNS 出了点问题,可以试试看关掉 enable_dns ?