search

yinqiwen / gsnova

Private proxy solution & network troubleshooting tool.
BSD 3-Clause "New" or "Revised" License
560 stars 190 forks source link

Is the sniproxy function for PaaS deprecated in version 0.28.0? #60

Open Alexeieva opened 6 years ago

Alexeieva commented 6 years ago

Looks like this project still keeps the string 'SNIProxy' ,however I cannot estabish websocket connection through a sni proxy via configuring client.json as follows, which works well for version 0.26.3:

"Channel":[ { "Enable":true, "Name":"heroku-websocket", //Allowed server url with schema 'http/http2/https/ws/wss/tcp/tls/quic/kcp/ssh' //"ServerList":["quic://1.1.1.1:48101"], "ServerList":[ "wss://example.herokuapp.com" ], "SNI": ["herokuapp.com"], "SNIProxy" : "cn_sni_proxy", //"ServerList":["tcp://127.0.0.1:18080"], //"ServerList":["ssh://root@1.1.1.1:22?key=./PPP"], //if u are behind a HTTP proxy "Proxy":"", "ConnsPerServer":3, //Unit: second "DialTimeout":6, //Unit: second "ReadTimeout":15, //Reconnect after 120s "ReconnectPeriod": 300, //ReconnectPeriod rand adjustment, the real reconnect period is random value between [P - adjust, P + adjust] "RCPRandomAdjustment" : 10, //Send heartbeat msg to keep alive "HeartBeatPeriod": 30, "Compressor":"none" },

Although sniproxy is specified in client.json & hosts.json respectively, the client in version 0.28.0 ignore that and still connect wss server directly. Is the sniproxy function for PaaS deprecated in version 0.28.0?

Alexeieva commented 6 years ago

Here is the output for the client in version 0.26.3:

2017/10/17 08:24:40 Proxy channel(DIRECT):Direct init success 2017/10/17 08:24:40 Proxy channel(REJECT):Reject init success 2017/10/17 08:24:40 [Proxy]Connect 172.0.0.1:443 2017/10/17 08:24:42 Connect wss://example.herokuapp.com success. 2017/10/17 08:24:42 Channel[0] connect wss://example.herokuapp.com success. 2017/10/17 08:24:42 Server:wss://example.herokuapp.com authed success. 2017/10/17 08:24:42 Proxy channel(PAAS):heroku init success 2017/10/17 08:24:42 proxy.go:106: Starting GSnova r8.

And the output in version 0.28.0 with almost same configuration goes as:

2017/10/17 21:06:23 proxy.go:385: Allowed proxy channel with schema:[http http2 https kcp quic ssh tcp tls ws wss] 2017/10/17 21:06:23 proxy.go:281: Proxy channel:direct init success 2017/10/17 21:06:23 dial.go:100: Connect tcp://example.herokuapp.com:443 success. 2017/10/17 21:06:24 ws.go:37: Connect wss://example.herokuapp.com success. 2017/10/17 21:06:25 proxy.go:196: Mux session woulde expired after 402 seconds. 2017/10/17 21:06:25 proxy.go:281: Proxy channel:heroku-websocket init success 2017/10/17 21:06:25 proxy.go:409: Started GSnova r11.

yinqiwen commented 6 years ago

fixed in v0.29.0

Alexeieva commented 6 years ago

the problem still occurs in v0.29.0:

2017/10/18 18:40:50 proxy.go:372: Allowed proxy channel with schema:[http http2 https kcp quic ssh tcp tls ws wss] 2017/10/18 18:40:50 proxy.go:282: Proxy channel:direct init success 2017/10/18 18:40:50 dial.go:101: Connect wss://example.herokuapp.com:443 success. 2017/10/18 18:40:52 ws.go:37: Connect wss://example.herokuapp.com success. 2017/10/18 18:40:53 proxy.go:197: Mux session woulde expired after 310 seconds. 2017/10/18 18:40:53 proxy.go:282: Proxy channel:heroku-websocket init success 2017/10/18 18:40:53 proxy.go:396: Started GSnova r13. 2017/10/18 18:40:53 local_server.go:260: Listen on address :48100 2017/10/18 18:40:53 local_server.go:260: Listen on address :48101 2017/10/18 18:40:53 local_server.go:260: Listen on address :48102

As seen the sni proxy specified in client.json doesn't work in v0.29.0 .

yinqiwen commented 6 years ago

the log did not print actual IP for the domain now, u can use netstat -an to show the network status to see if it's not connect via sniproxy

kirbyzhu commented 6 years ago

image

使用了.29的客户端出错了 不知道是啥回事 .28的能正常使用的

yinqiwen commented 6 years ago

@kirbyzhu dns 不通? 0.29中国外地址都用trusted dns解析了,需要保证client.json中的TrustedDNS是可用的(默认的时opendns地址)

MeABc commented 6 years ago

我用的也没有楼主的问题(commit 498f306)。

我想到的是,在用 SNI 时能不能支持 host 选项,理由是:

  1. 用 SNI 时,本地 DNS 这个貌似作用不大。
  2. 还能改善效率。
MeABc commented 6 years ago

看到最新的貌似强调 local dns 的作用了,我都没敢更新 ---- 由于一些原因,如果 dns 不通,走 SNI 时 gsnova 就不能用了?

yinqiwen commented 6 years ago

@MeABc DNS 解析是在SNI判断之后的,不存在上述问题 https://github.com/yinqiwen/gsnova/blob/master/local/proxy/dial.go#L74

local dns的作用主要在于用作dnsmasq的上游,兼顾gsnova内部域名解析之用,用在路由器上做透明代理比较有用;其它地方用处不大。

MeABc commented 6 years ago

@yinqiwen 谢谢解惑!

jzp820927 commented 6 years ago

@MeABc 借个地问你一个问题,你上次弄的集成 meek 的 gop 服务端能不能发我一份,或者给我说说集成的方法,另外,你说的计划用 go 来重新实现那个项目,进展怎么样了,目前我也需要这个东西,有进展的话,望分享一下,谢谢!

MeABc commented 6 years ago

@jzp820927 还没有什么进展。。。整合的服务端代码等我整理好了会建一个仓库,(现在代码是脏乱差----没想过有人会要这个),到时会在这里回复你。

addsun commented 6 years ago

@yinqiwen 你好, v0.29.0 按楼主这个份配置, SNI 好像不能加速 Heroku, 是不是去掉这个功能了

yinqiwen commented 6 years ago

@addsun 仍然保留,只是日志不显示,你可以用相关网络工具命令确认,例如netstat

kirbyzhu commented 6 years ago

@yinqiwen 其他配置都不变,使用0.29就出现dns问题,可执行程序换回0.28可以正常连接。所以我觉得应该是0.29哪里的设置导致的。

yinqiwen commented 6 years ago

@kirbyzhu 区别在于0.28的内部DNS查询逻辑是如果不在gfwlist里的用FastDNS查询,0.29改成国外的用TrustedDNS查询

jzp820927 commented 6 years ago

@MeABc 好的,谢谢,只是个人需求罢了,好像目前没什么人研究 meek,应该不会有太大众化的需求吧, 因为我目前也在研究 meek 的实现技术,有什么进展望分享,那我就关注你的项目了,谢谢 话说,py 版那个代码太老旧 (2015 年的),实际使用效率太低,频繁报错,如果能 fork meek 的官方源码来实现 py 版的功能,应该非常完美。在 github 上搜了一下,除了 2015 年那个 py 版的,基本上找不到任何和那个 py 版相关的代码了。看 MeABc 兄,你有没有做这个项目的想法了?