A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
udpraw日志:
[2018-12-24 15:22:44][INFO]state back to client_idle from client_ready bc of client-->server direction timeout
[2018-12-24 15:22:45][INFO]source_addr is now 172.31.100.2
[2018-12-24 15:22:45][INFO]using port 51992
[2018-12-24 15:22:45][INFO]state changed from client_idle to client_tcp_handshake
[2018-12-24 15:22:45]INFOsent tcp syn
[2018-12-24 15:22:46]INFOsent tcp syn
[2018-12-24 15:22:47]INFOsent tcp syn
[2018-12-24 15:22:48]INFOsent tcp syn
[2018-12-24 15:22:49]INFOsent tcp syn
xueyichen
commented
5 years ago
Hi, 再次来打扰询问。 之前建议我使用openvpn + raw方式进行游戏加速,这几天试了下,没有搞定,特来提问,望解答。
环境: openwrt(18.06) , openvpn(tun, (网段:172.31.100.0/24))模式, vps。
xbox --> openwrt --> openvpn --> udpraw client--> udpraw server --> openvpn --> vps
现象情况:直接用openvpn,能够正常访问网络, 访问https://www.whatismyip.com/ 获得的ip是我vps的ip。这个情况正常,这一步上面添加了几个iptable的rule。 路由器上面加了: iptables -t nat -I POSTROUTING -s 192.168.0.0/16 -o tun0 -j MASQUERADE 服务端添加了: -A FORWARD -i tun0 -j ACCEPT -A INPUT -i tun0 -j ACCEPT
但是添加了udpraw之后,就出现访问不了网站的情况了,dig域名也不行(dns也不行了), ping openvpn的tun的ip(172.31.100.1)也不行。
试着把 iptables -t nat -I POSTROUTING -s 192.168.0.0/16 -o tun0 -j MASQUERADE这条规则去掉也不行。
猜测是iptable的某些规则配置错了,或者还能采取哪些办法排查呢,能帮忙分析下原因吗,多谢了。
另外搭车问个问题,也尝试了另外一种办法:梅林固件,ss插件加上udpraw,udpspeed,一切都是ok的,唯独进入尤其匹配(fifa19)的时候,就出现卡住页面情况,这个页面应该是udp某个固定ip。有何办法排查这种现象吗
附上材料
udpraw日志: [2018-12-24 15:22:44][INFO]state back to client_idle from client_ready bc of client-->server direction timeout [2018-12-24 15:22:45][INFO]source_addr is now 172.31.100.2 [2018-12-24 15:22:45][INFO]using port 51992 [2018-12-24 15:22:45][INFO]state changed from client_idle to client_tcp_handshake [2018-12-24 15:22:45]INFOsent tcp syn [2018-12-24 15:22:46]INFOsent tcp syn [2018-12-24 15:22:47]INFOsent tcp syn [2018-12-24 15:22:48]INFOsent tcp syn [2018-12-24 15:22:49]INFOsent tcp syn
openvpn添加router Mon Dec 24 15:22:32 2018 /sbin/ifconfig tun0 172.31.100.2 netmask 255.255.255.0 mtu 1500 broadcast 172.31.100.255 Mon Dec 24 15:22:32 2018 /sbin/route add -net 192.168.1.1 netmask 255.255.255.255 gw 221.221.160.1 Mon Dec 24 15:22:32 2018 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.31.100.1 Mon Dec 24 15:22:32 2018 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.31.100.1
服务端的iptable, 除了屏蔽一个作恶ip外,没其他任何规则。
(mangle) :PREROUTING ACCEPT [358413:121889922] :INPUT ACCEPT [219196:89429629] :FORWARD ACCEPT [46702:26409153] :OUTPUT ACCEPT [201412:112226089] :POSTROUTING ACCEPT [248114:138635242] COMMIT
(nat) :PREROUTING ACCEPT [97165:6353532] :INPUT ACCEPT [8782:583275] :OUTPUT ACCEPT [6022:384127] :POSTROUTING ACCEPT [9:594] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT
(filter) :INPUT ACCEPT [4654:845327] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [6588:3988009] :udp2rawDwrW_b91d741f_C0 - [0:0] -A INPUT -p tcp -m tcp --dport 4096 -j udp2rawDwrW_b91d741f_C0 -A INPUT -i eth0 -p udp -m state --state NEW -m udp --dport 1194 -j ACCEPT -A INPUT -i tun0 -j ACCEPT -A INPUT -s 58.242.83.6/32 -j DROP -A INPUT -s 218.92.1.168/32 -j DROP -A INPUT -s 78.5.0.195/32 -j DROP -A INPUT -s 106.12.11.233/32 -j DROP -A FORWARD -i tun0 -j ACCEPT -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j REJECT --reject-with icmp-port-unreachable -A OUTPUT -o tun0 -j ACCEPT -A udp2rawDwrW_b91d741f_C0 -j DROP COMMIT
Chain INPUT (policy ACCEPT) target prot opt source destination
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination postrouting_rule all -- anywhere anywhere / !fw3: Custom postrouting rule chain / zone_lan_postrouting all -- anywhere anywhere / !fw3 / zone_wan_postrouting all -- anywhere anywhere / !fw3 / zone_wan_postrouting all -- anywhere anywhere / !fw3 /
Chain postrouting_lan_rule (1 references) target prot opt source destination
Chain postrouting_rule (1 references) target prot opt source destination
Chain postrouting_wan_rule (1 references) target prot opt source destination
Chain prerouting_lan_rule (1 references) target prot opt source destination
Chain prerouting_rule (1 references) target prot opt source destination
Chain prerouting_wan_rule (1 references) target prot opt source destination
Chain zone_lan_postrouting (1 references) target prot opt source destination postrouting_lan_rule all -- anywhere anywhere / !fw3: Custom lan postrouting rule chain /
Chain zone_lan_prerouting (1 references) target prot opt source destination prerouting_lan_rule all -- anywhere anywhere / !fw3: Custom lan prerouting rule chain /
Chain zone_wan_postrouting (2 references) target prot opt source destination postrouting_wan_rule all -- anywhere anywhere / !fw3: Custom wan postrouting rule chain / MASQUERADE all -- anywhere anywhere / !fw3 /
Chain zone_wan_prerouting (2 references) target prot opt source destination prerouting_wan_rule all -- anywhere anywhere / !fw3: Custom wan prerouting rule chain /
For English speaking user: https://github.com/wangyu-/UDPspeeder/wiki/Issue-Guide
中文用户请看: https://github.com/wangyu-/UDPspeeder/wiki/发Issue前请看 (否则Issue可能被忽略,或被直接关掉)