Closed j3l11234 closed 4 years ago
日志日志。
-v/--verbose 日志
另外你的 ip6tables 规则发来看下
ip6tables -t mangle -N REDSOCKS
ip6tables -t mangle -A REDSOCKS -p tcp -j TPROXY --on-ip ::1 --on-port 1234 --tproxy-mark 0x01/0x01
ip6tables -t mangle -A REDSOCKS -p udp -j TPROXY --on-ip ::1 --on-port 1234 --tproxy-mark 0x01/0x01
ip6tables -t mangle -N REDSOCKS_MARK
ip6tables -t mangle -A REDSOCKS_MARK -j MARK --set-mark 1
ip6tables -t mangle -A PREROUTING -m set --match-set gfwlist6 dst -j REDSOCKS
ip6tables -t mangle -A OUTPUT -m set --match-set gfwlist6 dst -j REDSOCKS_MARK
ip -6 rule add fwmark 1 lookup 100
ip -6 route add local default dev lo table 100
[tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:45:49 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:22
2020-05-08 10:45:49 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:45:55 INF: [tcp_tproxy_accept_cb] source socket address: 2408:8207:18a5:25a0:d0e0:e5d9:e7d5:a4#53300
2020-05-08 10:45:55 INF: [tcp_tproxy_accept_cb] target socket address: 2001:4860:4860::8844#443
2020-05-08 10:45:55 INF: [tcp_tproxy_accept_cb] try to connect to 127.0.0.1#1080 ...
2020-05-08 10:45:55 INF: [tcp_socks5_connect_cb] connect to 127.0.0.1#1080 succeeded
2020-05-08 10:45:55 INF: [tcp_socks5_send_authreq_cb] send to 127.0.0.1#1080, nsend:3
2020-05-08 10:45:55 INF: [tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:45:55 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:22
2020-05-08 10:45:55 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:45:56 ERR: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080: connection is closed
2020-05-08 10:45:58 INF: [udp_socks5_context_timeout_cb] context will be released, reason: timeout
2020-05-08 10:45:58 INF: [udp_socks5_context_timeout_cb] context will be released, reason: timeout
2020-05-08 10:45:58 ERR: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080: connection is closed
2020-05-08 10:45:58 INF: [tcp_tproxy_accept_cb] source socket address: 2408:8207:18a5:25a0:9d1b:bef9:a857:3811#60769
2020-05-08 10:45:58 INF: [tcp_tproxy_accept_cb] target socket address: 2404:6800:4004:80f::200e#443
2020-05-08 10:45:58 INF: [tcp_tproxy_accept_cb] try to connect to 127.0.0.1#1080 ...
2020-05-08 10:45:58 INF: [tcp_socks5_connect_cb] connect to 127.0.0.1#1080 succeeded
2020-05-08 10:45:58 INF: [tcp_socks5_send_authreq_cb] send to 127.0.0.1#1080, nsend:3
2020-05-08 10:45:58 INF: [tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:45:58 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:22
2020-05-08 10:45:58 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:45:58 INF: [udp_socks5_context_timeout_cb] context will be released, reason: timeout
2020-05-08 10:45:58 INF: [udp_socks5_context_timeout_cb] context will be released, reason: timeout
2020-05-08 10:46:00 INF: [tcp_tproxy_accept_cb] source socket address: 192.168.24.16#53954
2020-05-08 10:46:00 INF: [tcp_tproxy_accept_cb] target socket address: 172.217.174.116#80
2020-05-08 10:46:00 INF: [tcp_tproxy_accept_cb] try to connect to 127.0.0.1#1080 ...
2020-05-08 10:46:00 INF: [tcp_socks5_connect_cb] connect to 127.0.0.1#1080 succeeded
2020-05-08 10:46:00 INF: [tcp_socks5_send_authreq_cb] send to 127.0.0.1#1080, nsend:3
2020-05-08 10:46:00 INF: [tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:46:00 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:10
2020-05-08 10:46:00 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:46:00 INF: [tcp_socks5_recv_proxyresp_cb] tunnel is ready, start forwarding ...
2020-05-08 10:46:00 ERR: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080: connection is closed
2020-05-08 10:46:00 INF: [tcp_stream_payload_forward_cb] recv FIN from socks5 stream, release ctx
2020-05-08 10:46:00 INF: [tcp_tproxy_accept_cb] source socket address: 192.168.24.16#53959
2020-05-08 10:46:00 INF: [tcp_tproxy_accept_cb] target socket address: 172.217.174.116#80
2020-05-08 10:46:00 INF: [tcp_tproxy_accept_cb] try to connect to 127.0.0.1#1080 ...
2020-05-08 10:46:00 INF: [tcp_socks5_connect_cb] connect to 127.0.0.1#1080 succeeded
2020-05-08 10:46:00 INF: [tcp_socks5_send_authreq_cb] send to 127.0.0.1#1080, nsend:3
2020-05-08 10:46:00 INF: [tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:46:00 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:10
2020-05-08 10:46:00 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:46:00 INF: [tcp_socks5_recv_proxyresp_cb] tunnel is ready, start forwarding ...
2020-05-08 10:46:00 ERR: [tcp_stream_payload_forward_cb] recv from client stream: (null)
2020-05-08 10:46:01 ERR: [tcp_stream_payload_forward_cb] recv from client stream: (null)
2020-05-08 10:46:01 INF: [tcp_tproxy_accept_cb] source socket address: 192.168.24.16#53963
2020-05-08 10:46:01 INF: [tcp_tproxy_accept_cb] target socket address: 172.217.174.116#80
2020-05-08 10:46:01 INF: [tcp_tproxy_accept_cb] try to connect to 127.0.0.1#1080 ...
2020-05-08 10:46:01 INF: [tcp_socks5_connect_cb] connect to 127.0.0.1#1080 succeeded
2020-05-08 10:46:01 INF: [tcp_socks5_send_authreq_cb] send to 127.0.0.1#1080, nsend:3
2020-05-08 10:46:01 INF: [tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:46:01 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:10
2020-05-08 10:46:01 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:46:01 INF: [tcp_socks5_recv_proxyresp_cb] tunnel is ready, start forwarding ...
2020-05-08 10:46:01 ERR: [tcp_stream_payload_forward_cb] recv from client stream: (null)
^C
看日志完全没啥问题啊,你看下上游socks5服务器的日志,是不是socks5服务器不支持v6转发。
[tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080: connection is closed
这是上游 socks5 服务器关闭了连接,看下socks5的详细日志。
2020-05-08 10:45:55 INF: [tcp_tproxy_accept_cb] source socket address: 2408:8207:18a5:25a0:d0e0:e5d9:e7d5:a4#53300
2020-05-08 10:45:55 INF: [tcp_tproxy_accept_cb] target socket address: 2001:4860:4860::8844#443
2020-05-08 10:45:55 INF: [tcp_tproxy_accept_cb] try to connect to 127.0.0.1#1080 ...
2020-05-08 10:45:55 INF: [tcp_socks5_connect_cb] connect to 127.0.0.1#1080 succeeded
2020-05-08 10:45:55 INF: [tcp_socks5_send_authreq_cb] send to 127.0.0.1#1080, nsend:3
2020-05-08 10:45:55 INF: [tcp_socks5_recv_authresp_cb] recv from 127.0.0.1#1080, nrecv:2
2020-05-08 10:45:55 INF: [tcp_socks5_send_proxyreq_cb] send to 127.0.0.1#1080, nsend:22
2020-05-08 10:45:55 INF: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080, nrecv:10
2020-05-08 10:45:56 ERR: [tcp_socks5_recv_proxyresp_cb] recv from 127.0.0.1#1080: connection is closed
从这个日志可以看出,recv_proxyresp_cb 里面,socks5 服务器应该返回总共 22 字节的 reponse,但是只收到了 10 字节,然后 socks5 服务器直接就关了连接。所以要查看 socks5 服务器是否不支持 ipv6.
ipv4代理请求(proxyreq)和代理响应(proxyresp)都是10字节。你可以从你给的日志中观察的到。 ipv6代理请求(proxyreq)和代理响应(proxyresp)都是22字节,但是你的socks5服务器只返回了10字节。 这显然是有问题的。
作为对比,我使用chrome,指定sock5的代理,访问同一个ipv6地址就是可以的。
都说了,给我日志。不过,隐约能感觉到问题在哪里了。晚上有时间改一下,看下是否是猜想的这样。
作为对比,我使用chrome,指定sock5的代理,访问同一个ipv6地址就是可以的。
嗯,如果是这样的话,那确实是 ipt2socks 的问题,而且之前的版本也有这个问题。。
Fri May 8 15:29:57 2020 daemon.err trojan[13821]: [2020-05-08 15:29:57] [INFO] 192.168.24.18:61804 requested connection to 2001:19f0:7001:3b6:5400:ff:fe5b:133b:443
Fri May 8 15:29:57 2020 daemon.err trojan[13821]: [2020-05-08 15:29:57] [INFO] 192.168.24.18:61804 disconnected, 2216 bytes received, 547 bytes sent, lasted for 0 seconds
Fri May 8 15:30:44 2020 daemon.err trojan[13821]: [2020-05-08 15:30:44] [INFO] 127.0.0.1:57444 requested connection to 2001:19f0:7001:03b6:5400:00ff:fe5b:133b:443
Fri May 8 15:31:45 2020 daemon.err trojan[13821]: [2020-05-08 15:31:45] [INFO] 127.0.0.1:57444 disconnected, 0 bytes received, 0 bytes sent, lasted for 61 seconds
上边是我用chrome访问的 下边是ipt2socks访问的 同一个目的地址
ok,有时间我在解决。感谢提出.
已更新,应该是没问题了。有时间你再试下。给我个反馈哈。 UPDATE: 再更新下,发现1.1.1版本的udp有个bug。1.1.2已修正。
如题。 运行参数 /usr/bin/ipt2socks -l 1234 运行硬件 xiaomi r3g