freedom转发UDP有问题？

Cwek commented 6 years ago

Please skip to the English section below if you don't write Chinese.

中文：提交 Issue 之前请先阅读 Issue 指引，然后回答下面的问题，谢谢。除非特殊情况，请完整填写所有问题。不按模板发的 issue 将直接被关闭。

1) 你正在使用哪个版本的 V2Ray？（如果服务器和客户端使用了不同版本，请注明） v3.11-arm 2) 你的使用场景是什么？比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。使用Max Lv 的ss Android 4.4.6连接v2ray的ss时，将其DNS请求通过路由和freedom转发到同在ss一个服务器的dnsmasq上来做域名解释。 3) 你看到的不正常的现象是什么？（请描述具体现象，比如访问超时，TLS 证书错误等） ss连接后测试是表示可用的，但是访问域名站点时，v2是有日志记录，但dnsmasq日志没收到请求记录。使用一个网络检测工具直接做DNS请求，的确没收到。v2日志是提示TCP的请求。直接访问IP站点是没问题的。（后者已通过部分网站和telegram验证过） 4) 你期待看到的正确表现是怎样的？正常通过freedom转发UDP流量。 5) 请附上你的配置（提交 Issue 前请隐藏服务器端IP地址）。

服务器端配置:

   {
    "log" : {
        "access" : "/var/log/v2ray/access.log",
        "error" : "/var/log/v2ray/error.log",
        "loglevel" : "debug" //"warning"
    },

    "inbound" : {
        "tag" : "socks-in",
        "port" : 1080,
        "listen" : "*",
        "protocol" : "socks",
        "settings" : {
            "auth" : "noauth",
            "udp" : false,
            "ip" : "*",
            "timeout": 0
        }
    },
    "inboundDetour":[
        {
            "tag": "shadowsocks-in",
            "port": 8010,
            "listen": "192.168.0.30",
            "protocol": "shadowsocks",
            "allocate": { "strategy": "always"},
            "settings":{
                "email": "*",
                "method": "chacha20-ietf",
                "password": "*",
                "udp": false,
                "level": 0
            }
        }        
    ],

    "outbound" :{
        "tag" : "vmess-lacn2", 
        "protocol" : "vmess",
        "settings" : {
            "vnext" : [
                {
                    "address" : "*"
                    ,"port" : 6981,
                    "users" : [
                        {
                            "id" : "*",
                            "alterId" : 64,
                            "security" : "aes-128-gcm"
                        }
                    ]
                }
            ]
        },
        "mux" : {
            "enabled" : true,
            "concurrency":16
        }
    },
    "outboundDetour": [
        {
            "tag": "direct",
            "protocol": "freedom",
            "sendThrough": "192.168.0.30",
            "settings": {"domainStrategy": "AsIs"}
        },
        {
            "tag": "dns-fake",
            "protocol": "freedom",
            "sendThrough": "192.168.0.30",
            "settings": {
               "domainStrategy": "UseIP",
               "redirect": "127.0.0.1:53"
            }
        },
        {
            "tag" : "vmess-gcp", //Google GCP
            "protocol" : "vmess",
            "settings" : {
                "vnext" : [
                    {
                        "address": "*"
                        ,"port" : 6982,
                        "users" : [
                            {
                                "id" : "*",
                                "alterId" : 64,
                                "security" : "chacha20-poly1305" 
                            }
                        ]
                    }
                ]
            },
            "mux" : {
                "enabled" : true,
                "concurrency":16
            }
        }
    ],

    "policy":{
        "levels": {
            "0": {
                "handshake": 1,
                "connIdle": 600,
                "uplinkOnly": 5,
                "downlinkOnly": 30
            },
            "100": {
                "handshake": 3,
                "connIdle": 60,
                "uplinkOnly": 60,
                "downlinkOnly": 30
            }
        }
    },

    "dns":{
        "servers": ["192.168.0.30"]
    },
    "routing" : {
        "strategy" : "rules",
        "settings" : {
            "domainStrategy" : "IPIfNonMatch", 
            "rules" : [
                {
                    "type" : "field",
                    "outboundTag" : "dns-fake"
                    ,"ip":[
                        //"8.8.8.8"
                        "114.114.114.114"
                    ]
                    ,"port": "53"
                    ,"network": "tcp,udp"
                    ,"inboundTag" :["shadowsocks-in"]
                },                
                {
                    "type" : "field",
                    "outboundTag" : "direct",
                    "ip" : [
                        "0.0.0.0/8",
                        "10.0.0.0/8",
                        "100.64.0.0/10",
                        "127.0.0.0/8",
                        "169.254.0.0/16",
                        "172.16.0.0/12",
                        "192.0.0.0/24",
                        "192.0.2.0/24",
                        "192.168.0.0/16",
                        "198.18.0.0/15",
                        "198.51.100.0/24",
                        "203.0.113.0/24",
                        "::1/128",
                        "fc00::/7",
                        "fe80::/10",
                        "geoip:cn"
                    ]
                },
                {
                    "type" : "field",
                    "outboundTag" : "vmess-gcp"
                    ,"domain" : [
                        /* google域名 */
                    ]
                },
                {
                    "type" : "field",
                    "outboundTag" : "vmess-gcp"
                    ,"inboundTag" :["shadowsocks-in"]
                    ,"ip" :[
                        /* googleIP */
                    ]
                }
            ]
        }
    }
}

客户端配置:

    // 在这里附上客户端配置

6) 请附上出错时软件输出的错误日志。在 Linux 中，日志通常在 /var/log/v2ray/error.log 文件中。

服务器端错误日志:

    2018/03/04 19:46:59 [Info] [302455775] Proxy|Shadowsocks: tunnelling request to tcp:114.114.114.114:53
2018/03/04 19:46:59 [Info] [302455775] App|Dispatcher: taking detour [dns-fake] for [tcp:114.114.114.114:53]
2018/03/04 19:46:59 [Info] [302455775] Proxy|Freedom: opening connection to tcp:127.0.0.1:53
2018/03/04 19:46:59 [Info] [302455775] Transport|Internet|TCP: dialing TCP to tcp:127.0.0.1:53
2018/03/04 19:47:01 [Info] [1726762277] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:01 [Info] [1599425208] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:01 [Info] [1726762277] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:01 [Info] [1599425208] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:01 [Info] [1284659133] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:01 [Info] [1284659133] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:04 [Info] [741636329] Proxy|Shadowsocks: tunnelling request to tcp:114.114.114.114:53
2018/03/04 19:47:04 [Info] [741636329] App|Dispatcher: taking detour [dns-fake] for [tcp:114.114.114.114:53]
2018/03/04 19:47:04 [Info] [741636329] Proxy|Freedom: opening connection to tcp:127.0.0.1:53
2018/03/04 19:47:04 [Info] [741636329] Transport|Internet|TCP: dialing TCP to tcp:127.0.0.1:53
2018/03/04 19:47:06 [Info] [3735725937] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:06 [Info] [3735725937] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:06 [Info] [2986977334] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:06 [Info] [2986977334] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:06 [Info] [1870120712] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:06 [Info] [1870120712] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:06 [Info] [587753784] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:06 [Info] [587753784] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:09 [Info] [1899824252] Proxy|Shadowsocks: tunnelling request to tcp:91.108.56.109:443
2018/03/04 19:47:09 [Info] [1899824252] App|Dispatcher: default route for tcp:91.108.56.109:443
2018/03/04 19:47:09 [Info] [1899824252] App|Proxyman|Mux: dispatching request to tcp:91.108.56.109:443
2018/03/04 19:47:11 [Info] [3722958417] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:11 [Info] [3722958417] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:11 [Info] [447564512] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:11 [Info] [447564512] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:11 [Info] [394752855] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:11 [Info] [394752855] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:11 [Info] [3272563266] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:11 [Info] [3272563266] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:16 [Info] [3063128731] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:16 [Info] [3063128731] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:16 [Info] [48686042] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:16 [Info] [48686042] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:16 [Info] [3402573702] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:16 [Info] [3402573702] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled
2018/03/04 19:47:16 [Info] [3929709879] App|Proxyman|Inbound: connection ends > Proxy|Shadowsocks: connection ends > context canceled
2018/03/04 19:47:16 [Info] [3929709879] App|Proxyman|Outbound: failed to process outbound traffic > Proxy|Freedom: connection ends > context canceled

客户端错误日志:

    // 在这里附上客户端日志

7) 请附上访问日志。在 Linux 中，日志通常在 /var/log/v2ray/access.log 文件中。

   2018/03/04 19:45:05 192.168.0.1:43993 accepted tcp:180.149.136.55:4828
2018/03/04 19:45:08 192.168.0.1:43996 accepted tcp:91.108.56.109:443
2018/03/04 19:45:08 192.168.0.1:43998 accepted tcp:114.114.114.114:53
2018/03/04 19:45:08 192.168.0.1:44001 accepted tcp:203.208.50.94:443
2018/03/04 19:45:09 192.168.0.1:44003 accepted tcp:114.114.114.114:53
2018/03/04 19:45:09 192.168.0.1:44008 accepted tcp:172.217.6.36:443
2018/03/04 19:45:09 192.168.0.1:44009 accepted tcp:172.217.6.36:443
2018/03/04 19:45:09 192.168.0.1:44011 accepted tcp:114.114.114.114:53
2018/03/04 19:45:09 192.168.0.1:44014 accepted tcp:64.233.187.188:5228
2018/03/04 19:45:10 192.168.0.1:44019 accepted tcp:114.114.114.114:53
2018/03/04 19:45:10 192.168.0.1:44020 accepted tcp:114.114.114.114:53
2018/03/04 19:45:10 192.168.0.1:44021 accepted tcp:114.114.114.114:53
2018/03/04 19:45:14 192.168.0.1:44024 accepted tcp:172.217.6.36:443
2018/03/04 19:45:14 192.168.0.1:44028 accepted tcp:114.114.114.114:53
2018/03/04 19:45:14 192.168.0.1:44029 accepted tcp:114.114.114.114:53
2018/03/04 19:45:14 192.168.0.1:44030 accepted tcp:114.114.114.114:53
2018/03/04 19:45:15 192.168.0.1:44037 accepted tcp:114.114.114.114:53
2018/03/04 19:45:15 192.168.0.1:44038 accepted tcp:114.114.114.114:53
2018/03/04 19:45:15 192.168.0.1:44039 accepted tcp:114.114.114.114:53
2018/03/04 19:45:15 192.168.0.1:44040 accepted tcp:114.114.114.114:53
2018/03/04 19:45:15 192.168.0.1:44041 accepted tcp:114.114.114.114:53
2018/03/04 19:45:15 192.168.0.1:44042 accepted tcp:114.114.114.114:53
2018/03/04 19:45:16 192.168.0.1:44045 accepted tcp:180.149.136.55:4828
2018/03/04 19:45:19 192.168.0.1:44050 accepted tcp:114.114.114.114:53
2018/03/04 19:45:19 192.168.0.1:44049 accepted tcp:114.114.114.114:53
2018/03/04 19:45:19 192.168.0.1:44051 accepted tcp:114.114.114.114:53
2018/03/04 19:45:20 192.168.0.1:44060 accepted tcp:114.114.114.114:53
2018/03/04 19:45:20 192.168.0.1:44061 accepted tcp:114.114.114.114:53
2018/03/04 19:45:20 192.168.0.1:44063 accepted tcp:114.114.114.114:53
2018/03/04 19:45:20 192.168.0.1:44062 accepted tcp:114.114.114.114:53
2018/03/04 19:45:20 192.168.0.1:44064 accepted tcp:114.114.114.114:53
2018/03/04 19:45:20 192.168.0.1:44065 accepted tcp:114.114.114.114:53
2018/03/04 19:45:23 192.168.0.1:44068 accepted tcp:172.217.6.36:443
2018/03/04 19:45:24 192.168.0.1:44078 accepted tcp:114.114.114.114:53
2018/03/04 19:45:24 192.168.0.1:44075 accepted tcp:114.114.114.114:53
2018/03/04 19:45:24 192.168.0.1:44076 accepted tcp:114.114.114.114:53
2018/03/04 19:45:24 192.168.0.1:44077 accepted tcp:114.114.114.114:53
2018/03/04 19:45:24 192.168.0.1:44079 accepted tcp:114.114.114.114:53
2018/03/04 19:45:24 192.168.0.1:44080 accepted tcp:114.114.114.114:53
2018/03/04 19:45:25 192.168.0.1:44086 accepted tcp:114.114.114.114:53
2018/03/04 19:45:25 192.168.0.1:44087 accepted tcp:114.114.114.114:53
2018/03/04 19:45:25 192.168.0.1:44085 accepted tcp:114.114.114.114:53
2018/03/04 19:45:28 192.168.0.1:44090 accepted tcp:111.13.89.106:4828
2018/03/04 19:45:29 192.168.0.1:44093 accepted tcp:111.13.88.140:4829
2018/03/04 19:45:29 192.168.0.1:44102 accepted tcp:114.114.114.114:53
2018/03/04 19:45:29 192.168.0.1:44101 accepted tcp:114.114.114.114:53
2018/03/04 19:45:29 192.168.0.1:44103 accepted tcp:114.114.114.114:53
2018/03/04 19:45:29 192.168.0.1:44104 accepted tcp:114.114.114.114:53
2018/03/04 19:45:29 192.168.0.1:44105 accepted tcp:114.114.114.114:53
2018/03/04 19:45:29 192.168.0.1:44106 accepted tcp:114.114.114.114:53
2018/03/04 19:45:30 192.168.0.1:44111 accepted tcp:114.114.114.114:53
2018/03/04 19:45:30 192.168.0.1:44112 accepted tcp:114.114.114.114:53
2018/03/04 19:45:30 192.168.0.1:44113 accepted tcp:114.114.114.114:53
2018/03/04 19:45:33 192.168.0.1:44115 accepted tcp:114.114.114.114:53
2018/03/04 19:45:34 192.168.0.1:44123 accepted tcp:114.114.114.114:53
2018/03/04 19:45:34 192.168.0.1:44124 accepted tcp:114.114.114.114:53
2018/03/04 19:45:34 192.168.0.1:44121 accepted tcp:114.114.114.114:53
2018/03/04 19:45:34 192.168.0.1:44125 accepted tcp:114.114.114.114:53
2018/03/04 19:45:34 192.168.0.1:44126 accepted tcp:114.114.114.114:53
2018/03/04 19:45:34 192.168.0.1:44127 accepted tcp:114.114.114.114:53
2018/03/04 19:45:38 192.168.0.1:44129 accepted tcp:114.114.114.114:53
2018/03/04 19:45:39 192.168.0.1:44139 accepted tcp:114.114.114.114:53
2018/03/04 19:45:39 192.168.0.1:44138 accepted tcp:114.114.114.114:53
2018/03/04 19:45:39 192.168.0.1:44137 accepted tcp:114.114.114.114:53
2018/03/04 19:45:39 192.168.0.1:44140 accepted tcp:114.114.114.114:53
2018/03/04 19:45:39 192.168.0.1:44141 accepted tcp:114.114.114.114:53
2018/03/04 19:45:39 192.168.0.1:44142 accepted tcp:114.114.114.114:53
2018/03/04 19:45:43 192.168.0.1:44146 accepted tcp:114.114.114.114:53
2018/03/04 19:45:43 192.168.0.1:44147 accepted tcp:114.114.114.114:53
2018/03/04 19:45:44 192.168.0.1:44153 accepted tcp:114.114.114.114:53
2018/03/04 19:45:44 192.168.0.1:44154 accepted tcp:114.114.114.114:53
2018/03/04 19:45:44 192.168.0.1:44152 accepted tcp:114.114.114.114:53
2018/03/04 19:45:45 192.168.0.1:44157 accepted tcp:198.35.26.96:443
2018/03/04 19:45:48 192.168.0.1:44161 accepted tcp:114.114.114.114:53
2018/03/04 19:45:48 192.168.0.1:44160 accepted tcp:114.114.114.114:53
2018/03/04 19:45:49 192.168.0.1:44168 accepted tcp:114.114.114.114:53
2018/03/04 19:45:49 192.168.0.1:44166 accepted tcp:114.114.114.114:53
2018/03/04 19:45:49 192.168.0.1:44167 accepted tcp:114.114.114.114:53
2018/03/04 19:45:53 192.168.0.1:44171 accepted tcp:198.35.26.96:443
2018/03/04 19:45:53 192.168.0.1:44173 accepted tcp:114.114.114.114:53
2018/03/04 19:45:53 192.168.0.1:44178 accepted tcp:114.114.114.114:53
2018/03/04 19:45:53 192.168.0.1:44177 accepted tcp:114.114.114.114:53
2018/03/04 19:45:53 192.168.0.1:44180 accepted tcp:114.114.114.114:53
2018/03/04 19:45:58 192.168.0.1:44182 accepted tcp:114.114.114.114:53
2018/03/04 19:45:58 192.168.0.1:44185 accepted tcp:114.114.114.114:53
2018/03/04 19:45:58 192.168.0.1:44186 accepted tcp:114.114.114.114:53
2018/03/04 19:45:58 192.168.0.1:44188 accepted tcp:114.114.114.114:53
2018/03/04 19:46:03 192.168.0.1:44191 accepted tcp:114.114.114.114:53
2018/03/04 19:46:03 192.168.0.1:44192 accepted tcp:114.114.114.114:53
2018/03/04 19:46:03 192.168.0.1:44194 accepted tcp:114.114.114.114:53
2018/03/04 19:46:03 192.168.0.1:44197 accepted tcp:114.114.114.114:53
2018/03/04 19:46:03 192.168.0.1:44198 accepted tcp:114.114.114.114:53
2018/03/04 19:46:08 192.168.0.1:44203 accepted tcp:114.114.114.114:53
2018/03/04 19:46:08 192.168.0.1:44202 accepted tcp:114.114.114.114:53
2018/03/04 19:46:08 192.168.0.1:44205 accepted tcp:114.114.114.114:53
2018/03/04 19:46:08 192.168.0.1:44208 accepted tcp:114.114.114.114:53
2018/03/04 19:46:08 192.168.0.1:44209 accepted tcp:114.114.114.114:53
2018/03/04 19:46:13 192.168.0.1:44213 accepted tcp:114.114.114.114:53
2018/03/04 19:46:13 192.168.0.1:44214 accepted tcp:114.114.114.114:53
2018/03/04 19:46:13 192.168.0.1:44216 accepted tcp:114.114.114.114:53
2018/03/04 19:46:13 192.168.0.1:44219 accepted tcp:114.114.114.114:53
2018/03/04 19:46:13 192.168.0.1:44220 accepted tcp:114.114.114.114:53
2018/03/04 19:46:15 192.168.0.1:44222 accepted tcp:114.114.114.114:53
2018/03/04 19:46:18 192.168.0.1:44226 accepted tcp:114.114.114.114:53
2018/03/04 19:46:18 192.168.0.1:44227 accepted tcp:114.114.114.114:53
2018/03/04 19:46:18 192.168.0.1:44229 accepted tcp:114.114.114.114:53
2018/03/04 19:46:18 192.168.0.1:44232 accepted tcp:114.114.114.114:53
2018/03/04 19:46:18 192.168.0.1:44233 accepted tcp:114.114.114.114:53
2018/03/04 19:46:20 192.168.0.1:44235 accepted tcp:114.114.114.114:53
2018/03/04 19:46:23 192.168.0.1:44237 accepted tcp:114.114.114.114:53
2018/03/04 19:46:23 192.168.0.1:44241 accepted tcp:114.114.114.114:53
2018/03/04 19:46:23 192.168.0.1:44242 accepted tcp:114.114.114.114:53
2018/03/04 19:46:23 192.168.0.1:44244 accepted tcp:114.114.114.114:53
2018/03/04 19:46:25 192.168.0.1:44247 accepted tcp:114.114.114.114:53
2018/03/04 19:46:25 192.168.0.1:44248 accepted tcp:114.114.114.114:53
2018/03/04 19:46:28 192.168.0.1:44250 accepted tcp:114.114.114.114:53
2018/03/04 19:46:28 192.168.0.1:44253 accepted tcp:114.114.114.114:53
2018/03/04 19:46:28 192.168.0.1:44254 accepted tcp:114.114.114.114:53
2018/03/04 19:46:28 192.168.0.1:44256 accepted tcp:114.114.114.114:53
2018/03/04 19:46:30 192.168.0.1:44260 accepted tcp:114.114.114.114:53
2018/03/04 19:46:30 192.168.0.1:44261 accepted tcp:114.114.114.114:53
2018/03/04 19:46:33 192.168.0.1:44265 accepted tcp:114.114.114.114:53
2018/03/04 19:46:33 192.168.0.1:44264 accepted tcp:114.114.114.114:53
2018/03/04 19:46:35 192.168.0.1:44269 accepted tcp:114.114.114.114:53
2018/03/04 19:46:35 192.168.0.1:44270 accepted tcp:114.114.114.114:53
2018/03/04 19:46:38 192.168.0.1:44273 accepted tcp:114.114.114.114:53
2018/03/04 19:46:38 192.168.0.1:44274 accepted tcp:114.114.114.114:53
2018/03/04 19:46:40 192.168.0.1:44277 accepted tcp:114.114.114.114:53
2018/03/04 19:46:40 192.168.0.1:44278 accepted tcp:114.114.114.114:53
2018/03/04 19:46:43 192.168.0.1:44280 accepted tcp:114.114.114.114:53
2018/03/04 19:46:45 192.168.0.1:44282 accepted tcp:114.114.114.114:53
2018/03/04 19:46:48 192.168.0.1:44284 accepted tcp:114.114.114.114:53
2018/03/04 19:46:50 192.168.0.1:44286 accepted tcp:114.114.114.114:53
2018/03/04 19:46:59 192.168.0.1:44288 accepted tcp:114.114.114.114:53
2018/03/04 19:47:04 192.168.0.1:44290 accepted tcp:114.114.114.114:53
2018/03/04 19:47:09 192.168.0.4:39884 accepted tcp:91.108.56.109:443
2018/03/04 19:47:31 192.168.0.4:39897 accepted tcp:91.108.56.109:443
2018/03/04 19:47:59 192.168.0.4:39900 accepted tcp:111.13.89.106:4828
2018/03/04 19:47:59 192.168.0.4:39903 accepted tcp:111.13.88.140:4829

8) 其它相关的配置文件（如 Nginx）和相关日志。

DarienRaymond commented 6 years ago

从log看的确是收到了一个tcp::53的请求。你能确定一下传入数据是UDP的吗？一个简单的方法是关闭shadowsocks的udp(udp:false)，然后看一下能不能产生类似的log。

Cwek commented 6 years ago

裸连的情况，确认网络检测工具的DNS请求是UDP的。

我的想法，如果使用了ss的VPN模式，网络检测工具发出UDP的DNS请求，被ss的VPN服务收下，并负载在ss的链接上送出。ss应该是TCP连接，而且改造自socks5，socks5是可以在TCP上承载UDP报文的。

不太清楚，是ss承载这个UDP请求改了TCP，还是v2的ss收到这个请求后错误处理为TCP？

Cwek commented 6 years ago

使用以下配置做了相关测试：

{
    "log": {
        "access" : "./access.log",
        "error" : "./error.log",
        "loglevel": "debug"
    },
    "inbound": {
        "tag": "dns-in",
        "port": 53,
        "listen": "0.0.0.0",
        "protocol": "dokodemo-door",
        "allocate": {
            "strategy": "always"
        },
        "settings": {
            "address": "<上游DNS地址>",
            "port": 53,
            "network": "udp,tcp",
            "timeout": 500,
            "userLevel": 0,
            "followRedirect": false
        }
    },
    "inboundDetour": [
        {
            "tag": "shadowsocks-in",
            "port": 8010,
            "listen": "0.0.0.0",
            "protocol": "shadowsocks",
            "allocate": {
                "strategy": "always"
            },
            "settings": {
                "email": "*",
                "method": "chacha20-ietf",
                "password": "*",
                "udp": false,
                "level": 0
            }
        }
    ],
    "outbound": 
    {
        "tag": "direct3",
        "protocol": "freedom",
        "settings": {"domainStrategy": "UseIP"}
    },    
    /*{
        "tag": "blackhole",
        "protocol": "blackhole",
        "settings": {

        }
    },*/
    "outboundDetour": [
        {
            "tag": "direct",
            "protocol": "freedom",
            "settings": {

            }
        },
        {
            "tag": "direct2",
            "protocol": "freedom",
            "settings": {
                "domainStrategy": "UseIP"
                ,
                "redirect": "<上游DNS地址>:53"
            }
        }                             
    ],
    "routing": {
        "strategy" : "rules",
        "settings" : {
            "domainStrategy": "IPIfNonMatch",
            "rules": [
                {
                    "type" : "field",
                    //"outboundTag" : "direct"
                    "outboundTag" : "direct2"
                    //,"ip":["8.8.8.8"]
                    ,"port": "53"
                    ,"network": "tcp,udp"
                    ,"inboundTag" :["shadowsocks-in"]
                },

                {
                    "type": "field",
                    "outboundTag": "direct",
                    "ip":[
                            "0.0.0.0/8",
                            "10.0.0.0/8",
                            "100.64.0.0/10",
                            "127.0.0.0/8",
                            "169.254.0.0/16",
                            "172.16.0.0/12",
                            "192.0.0.0/24",
                            "192.0.2.0/24",
                            "192.168.0.0/16",
                            "198.18.0.0/15",
                            "198.51.100.0/24",
                            "203.0.113.0/24",
                            "::1/128",
                            "fc00::/7",
                            "fe80::/10"
                    ]
                }
            ]
        }
    }
}

ss-Android 客户端是4.5.0 证实了以下问题：

我使用的网络测试工具是UDP请求。
ss会”拦截了“相关的请求（可能是端口），并劫持到所设置的远程DNS做TCP请求。
在家里和工作地做测试并做了抓包，工作地使用工作地的内部DNS做上游，能正常工作。家里使用dnsmasq，会出现大量超时和重发。两地使用外部的DNS，都没问题。所以可能是家里的dnsmasq有问题。打扰了（囧）

Cwek commented 6 years ago

后话，用pdnsd代替dnsmasq接受ss的DNS请求，可能dnsmasq处理TCP的dnsmasq请求吃不消。

v2ray / v2ray-core

freedom转发UDP有问题？ #915