Closed vahobrsti closed 1 year ago
you should do portMapping like this. Not use -F
-F is used to forward the connection to another gost connection.
gost -L tcp://:3443/:9443
I recommend you don't use ssh program, directly use gost is easy and safe.
# xray server listen on :1234
# Poland Server
./gost -L relay+ssh://:9000
# IranServer
./gost -L=tcp://:1234/127.0.0.1:1234 -F relay+ssh://polanddomain.com:9000
ssh in the cmd can be replaced with kcp,tls,quic or what ever listed here:
It depends on which protocal can pass the wall.
tcp - raw TCP
tls - TLS
mtls - Multiplex TLS, add multiplex on TLS (2.5+)
ws - Websocket
mws - Multiplex Websocket (2.5+)
wss - Websocket Secure Websocket based on wss
mwss - Multiplex Websocket Secure, multiplex on TLS secured Websocket (2.5+)
kcp - KCP (2.3+)
quic - QUIC (2.4+)
ssh - SSH (2.4+)
h2 - HTTP2 (2.4+)
h2c - HTTP2 Cleartext (2.4+)
obfs4 - OBFS4 (2.4+)
ohttp - HTTP Obfuscation (2.7+)
otls - TLS Obfuscation (2.11+)
Thanks. It seems the issue was that I was forwarding the traffic not realying. so basically relaying changes the data channel while forwarding is acting like a switch in Layer 3. I managed to get it work by a bit modification in poland server: design:
[xray client] -----tcp---> [gost client:1234]-----ssh tunnel----> [gost server:9000] ----tcp---->[xray server:1234]
Here is the modification
# xray server listen on :1234
# Poland Server
./gost -L relay+ssh://:9000/:1234
# IranServer
./gost -L=tcp://:1234 -F relay+ssh://polanddomain.com:9000
Thanks for your help.
They all works. There is little difference between these two cmds. I like do port mapping on client.
#port mapping on server
./gost -L relay+ssh://:9000/:1234
./gost -L=tcp://:1234 -F relay+ssh://polanddomain.com:9000
#port mapping on client
./gost -L relay+ssh://:9000
./gost -L=tcp://:1234/127.0.0.1:1234 -F relay+ssh://polanddomain.com:9000
Hi my friend, I see your point now. Just tested your setup and works perfectly fine. Is there any reason why you recommend port mapping in the client?
I can change the dest ip+port easily on client without login server.
hi my friend,
thanks for the repository and examples. It helped a lot; I have
1- ServerIran: Domestic VPS with outgoing udp blocked. So no udp will be allowed to go outside of Iran. 2- ServerPoland: Foreign VPS which has V2ray (vmess - could be any other protocol- running on 3443 port) installed
In your example, you have included
kcp/tls/quic/wss
I wanna achieve this:
From ServerIran to ServerPoland, I have a ssh tunnel (forward 9443 local to 3443 foreign) with port forwarding by running:
On ServerIran, I have this:
Expectation is whatever comes through xray client on port 3443 will be forwarded to 9443 local and from 9443 will be forwarded through ssh and reach to PoalndServer. This doesn't work. Any idea why is that?