Open oing9179 opened 6 years ago
系统: Ubuntu 1604 x64 网卡: 桥接模式 已开启 IP 转发 (sysctl -w net.ipv4.ip_forward=1) 防火墙已关闭
sysctl -w net.ipv4.ip_forward=1
系统: Arch Linux 已开启 IP 转发 防火墙已关闭 已添加路由表:
ip route add 10.192.0.0/16 via 192.168.1.16 dev enp4s0f2
宿主机 DNS 已改为 10.192.0.1.
10.192.0.1
[general] # outbound network interface #out = eth0 # out = enp4s0f2 # virtual network # tun name, auto allocate if not set # DEFAULT VALUE: "" # tun = tun0 # inet addr/mask # DEFAULT VALUE: 10.192.0.1/16 network = 10.192.0.1/16 # nat config [tcp] #listen-port = 82 #nat-port-start = 10000 #nat-port-end = 60000 [udp] #listen-port = 82 #nat-port-start = 10000 #nat-port-end = 60000 [dns] # DEFAULT VALUE: 53 dns-port = 53 # backend dns # DEFAULT VALUE: 114.114.114.114, 223.5.5.5 # nameserver = 172.16.100.200 # nameserver = 172.16.100.202 # 虚拟机的 127.0.0.1:53 上运行了一个dns服务 nameserver = 127.0.0.1 # dns-ttl = 600 # dns-packet-size = 4096 # dns-read-timeout = 5 # dns-write-timeout = 5 [route] # eg: sudo ip route add 91.108.4.0/22 dev tun0 v = 91.108.4.0/22 v = 91.108.56.0/22 v = 109.239.140.0/24 v = 149.154.160.0/20 v = 149.154.167.0/24 # define a proxy named "A" # [proxy "A"] # url = http://example.com:3228 # define a proxy named "B" [proxy "socks5-default"] url = socks5://127.0.0.1:1080 default = yes # define a pattern and outbound proxy # if don't set proxy, packets will be sent to target directly [pattern "proxy-website"] proxy = socks5-default scheme = DOMAIN-SUFFIX v = twitter.com v = facebook.com [pattern "proxy-website-keyword"] proxy = socks5-default scheme = DOMAIN-KEYWORD v = google v = gmail [pattern "direct-website"] scheme = DOMAIN-SUFFIX v = cn v = apple.com [pattern "direct-website-keyword"] scheme = DOMAIN-KEYWORD v = baidu v = qq [pattern "internal-ip"] scheme = IP-CIDR v = 172.16.0.0/16 v = 192.168.0.0/16 [pattern "proxy-country"] proxy = socks5-default scheme = IP-COUNTRY v = US v = HK # rules define the order of checking pattern [rule] # pattern = proxy-website # pattern = proxy-website-keyword # pattern = direct-website # pattern = direct-website-keyword # pattern = internal-ip # pattern = proxy-country # set to a proxy for domaines that don't match any pattern # DEFAULT VALUE: "" final = socks5-default [manager] listen = "127.0.0.1:9200"
上述配置在宿主机内均能正常使用。 在虚拟机内运行 kone 后,运行命令 curl https://google.com 能在虚拟机内看到 kone 收到了 DNS 请求。同时使用 WireShark 抓包,发现 crul 在向 10.192.x.x 发送 SYN 请求,但未能从 10.192.x.x 收到 ACK。 运行命令 dig google.com 后得到 10.192.25.217,然后 ping 该 IP 有时候得不到任何回应,有时候会收到 Redirect Host(New addr: 192.168.1.x(虚拟机的IP地址))。
curl https://google.com
dig google.com
10.192.25.217
Redirect Host(New addr: 192.168.1.x(虚拟机的IP地址))
虚拟机配置
系统: Ubuntu 1604 x64
网卡: 桥接模式
已开启 IP 转发 (
sysctl -w net.ipv4.ip_forward=1)防火墙已关闭
宿主机配置
系统: Arch Linux
已开启 IP 转发
防火墙已关闭
已添加路由表:
宿主机 DNS 已改为
10.192.0.1.kone 配置文件
问题描述
上述配置在宿主机内均能正常使用。
在虚拟机内运行 kone 后,运行命令
curl https://google.com能在虚拟机内看到 kone 收到了 DNS 请求。同时使用 WireShark 抓包,发现 crul 在向 10.192.x.x 发送 SYN 请求,但未能从 10.192.x.x 收到 ACK。运行命令
dig google.com后得到10.192.25.217,然后 ping 该 IP 有时候得不到任何回应,有时候会收到Redirect Host(New addr: 192.168.1.x(虚拟机的IP地址))。