search

v2fly / v2ray-core

A platform for building proxies to bypass network restrictions.
https://v2fly.org
MIT License
29k stars 4.58k forks source link

为什么同样的配置, 在V2RAYN客户端可以正常使用,在路由器端提示403 #332

Closed WordsWorthLess closed 3 years ago

WordsWorthLess commented 3 years ago

除非特殊情况,请完整填写所有问题。不按模板发的 issue 将直接被关闭。 如果你遇到的问题不是 V2Ray 的 bug,比如你不清楚要如何配置,请使用Discussion进行讨论。

1) 你正在使用哪个版本的 V2Ray?(如果服务器和客户端使用了不同版本,请注明) 4.3.1 2) 你的使用场景是什么?比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。 路由器端部署V2RAY通过VLESS代理实现内网全局翻墙, 服务器端通过VLESS回落建站伪装(Cloudflare隐藏真实ip+Workers反代) 3) 你看到的不正常的现象是什么?(请描述具体现象,比如访问超时,TLS 证书错误等) 同样的outbound配置,PC端可以通过V2RAYN正常使用,路由器端则提示 403 Forbidden > websocket: bad handshake 4) 你期待看到的正确表现是怎样的? 路由器端也可以用同样的配置翻墙 5) 请附上你的配置(提交 Issue 前请隐藏服务器端IP地址)。

服务器端配置:

    // 在这里附上服务器端配置文件
{
    "log": {
        "loglevel": "warning",
        "error": "/var/log/v2ray/error.log",
        "access": "/var/log/v2ray/access.log"
    },
    "inbounds": [
        {
            "port": 443,
            "protocol": "vless",
            "settings": {
                "clients":[
                    {
                        "id": "uuid",
                        "flow": "xtls-rprx-origin",
                        "level": 0
                    }
                ],
                "decryption": "none",
                "fallbacks": [
                    {
                        "dest": 80
                    },
                    {
                        "path": "/wspath",
                        "dest": 13579,
                        "xver": 1
                    }
                ]
            },
            "streamSettings": {
                "network": "tcp",
                "security": "xtls",
                "xtlsSettings": {
                    "alpn": [
                        "http/1.1"
                    ],
                    "certificates": [
                        {
                            "certificateFile": "/etc/nginx/certs/fullchain.pem",
                            "keyFile": "/etc/nginx/certs/privkey.key"
                        }
                    ]
                }
            }
        },
        {
            "port": 13579,
            "listen": "127.0.0.1",
            "protocol": "vless",
            "settings": {
                "clients":[
                    {
                        "id": "uuid",
                        "level": 0
                    }
                ],
                "decryption": "none"
            },
            "streamSettings":{
                "network": "ws",
                "wsSettings": {
                    "acceptProxyProtocol": true,
                    "path": "/wspath"
                }
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom"
        }
    ]
}

客户端配置:

{
    "log": {
        "logLevel": "warning"
    },
    "inbounds":[
        {
            "port": 12345,
            "listen": "0.0.0.0",
            "protocol": "dokodemo-door",
            "settings": {
                "network": "tcp",
                "followRedirect": true
            },
            "sniffing": {
                "enabled": true,
                "destOverride": [ 
                    "http",
                    "tls"
                ]
            }
        }
    ],
    "outbounds":[
        {
            "protocol": "freedom",
            "tag": "direct"
        },
        {
            "protocol": "blackhole",
            "tag": "blocked"
        },
        {
            "protocol": "vless",
            "tag": "proxy",
            "settings":{
                "vnext": [
                    {
                        "address": "cloudflare的ip地址",
                        "port": 443,
                        "users": [
                            {
                                "id": "uuid",
                                "encryption": "none",
                                "level": 0
                            }
                        ]
                    }
                ]
            },
            "server": null,
            "response": null,
            "streamSettings": {
                "network": "ws",
                "security": "tls",
                "tlsSettings": {
                    "allowInsecure": false,
                    "serverName": "workers地址"
                },
                "wsSettings": {
                    "connectionReuse": true,
                    "path": "/wspath", 
                    "header": {
                        "Host": "workers地址"
                    }

                }
            },
            "mux": {
                "enabled": false,
                "concurrency": -1
            }
        }
    ],
    "routing": {
        "rules":[
            {
                "type": "field",
                "outboundTag": "blocked",
                "domain": [
                    "geosite:category-ads-all"
                ]
            },
            {
                "type": "field",
                "outboundTag": "proxy",
                "domain": [
                    "geosite:geolocation-!cn",
                ]
            },
            {   
                "type": "field",
                "outboundTag": "proxy",
                "ip": [
                    "91.108.12.0/22",
                    "149.154.172.0/22",
                    "91.108.16.0/22",
                    "91.108.56.0/23",
                    "149.154.168.0/22",
                    "91.108.4.0/22",
                    "91.108.8.0/22",
                    "91.108.56.0/22",
                    "149.154.160.0/20",
                    "149.154.164.0/22"
                ]
            },
            {
                "type": "field",
                "outboundTag": "direct",
                "domain": [
                    "geosite:cn"
                ]
            }
        ]
    }
}

6) 请附上出错时软件输出的错误日志。在 Linux 中,日志通常在 /var/log/v2ray/error.log 文件中。

服务器端错误日志:

2020/10/17 08:24:39 [Warning] [4199436213] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: invalid request from [ip]:49090 > v2ray.com/core/proxy/vless/encoding: failed to read request version > websocket: close 1006 (abnormal closure): unexpected EOF
2020/10/17 08:32:05 [Warning] [48836059] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: invalid request from [ip]:55312 > v2ray.com/core/proxy/vless/encoding: failed to read request version > websocket: close 1000 (normal)
2020/10/17 08:36:23 [Warning] [2577216711] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: invalid request from [ip]:16460 > v2ray.com/core/proxy/vless/encoding: failed to read request version > websocket: close 1006 (abnormal closure): unexpected EOF
2020/10/17 08:42:28 [Warning] [3489623348] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: invalid request from [ip]:13678 > v2ray.com/core/proxy/vless/encoding: failed to read request version > websocket: close 1006 (abnormal closure): unexpected EOF
2020/10/17 08:42:28 [Warning] [3027657345] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: invalid request from [ip]:12160 > v2ray.com/core/proxy/vless/encoding: failed to read request version > websocket: close 1006 (abnormal closure): unexpected EOF
2020/10/17 08:43:33 [Warning] [2399926249] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: invalid request from [ip]:28236 > v2ray.com/core/proxy/vless/encoding: failed to read request version > websocket: close 1006 (abnormal closure): unexpected EOF

客户端错误日志:

 2020/10/19 03:43:07 [Warning] [3112783253] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vless/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://cloudflare的ip/wspath): 403 Forbidden > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed
2020/10/19 03:43:07 [Warning] [3193137366] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vless/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://cloudflare的ip/wspath): 403 Forbidden > websocket: bad handshake] >  v2ray.com/core/common/retry:all retry attempts failed

7) 请附上访问日志。在 Linux 中,日志通常在 /var/log/v2ray/access.log 文件中。

此文件空白
kslr commented 3 years ago

403 常见于路径错误

WordsWorthLess commented 3 years ago

403 常见于路径错误

问题是,我把我的OUTBOUND配置直接复制到win10的v2ray core的config.json,用命令行打开,然后浏览器设置好代理就能愉快地使用了

RPRX commented 3 years ago

看了下描述,99% 是路由器上客户端配置/版本等问题,非 v2ray-core 的 BUG,因为也没有其它类似的报告。

(或许试试删掉 wsSettings 的 connectionReuse?)

WordsWorthLess commented 3 years ago

f

看了下描述,99% 是路由器上客户端配置/版本等问题,非 v2ray-core 的 BUG,因为也没有其它类似的报告。

(或许试试删掉 wsSettings 的 connectionReuse?)

问题是, 我不使用workers反代,直接把address 改成域名,把tlsSettings的serverName还有wsSettings的Host改为空白就能正常使用了.那个connectionReuse改不改都没有影响。 我查了一下error.log里面提及的

failed to read request version > websocket: close 1006 (abnormal closure): unexpected EOF

貌似解决方案是修改proxy_read_timeout,但是我并没有使用nginx,而是直接用vless回落,不知道在哪里修改 而且即使使用workers的,在v2rayN跟那个iOS的shadowrocket都正常的。