semigodking / redsocks Goto Github PK

运行一个白天剩余内存就只有3M了,然后redsocks2自己就很容易挂掉.
貌似是有内存泄漏
使用的是
https://github.com/aa65535/openwrt-redsocks2
编译版

openssl库现在都改用 libmbedtls 了

之前用darkk原版的遇到了这个问题
这是redsocks的日志
1453627149.720556 redudp.c:415 redudp_first_pkt_from_client(...) [127.0.0.1:47731->8.8.4.4:53]: got 1st packet from client
1453627149.720589 redudp.c:347 redudp_relay_connected(...) [127.0.0.1:47731->8.8.4.4:53]:
1453627149.722619 redudp.c:304 redudp_read_auth_methods(...) [127.0.0.1:47731->8.8.4.4:53]:
1453627149.722845 redudp.c:203 redudp_read_assoc_reply(...) [127.0.0.1:47731->8.8.4.4:53]:
1453627149.722890 redudp.c:186 redudp_flush_queue(...) [127.0.0.1:47731->8.8.4.4:53]: Starting UDP relay
1453627149.722938 redudp.c:373 redudp_relay_error(...) [127.0.0.1:47731->8.8.4.4:53]: redudp_relay_error
1453627149.722953 redudp.c:89 redudp_drop_client(...) [127.0.0.1:47731->8.8.4.4:53]: Dropping...
ss-loadl的日志是
2016-01-24 01:18:59 INFO: [udp] cache miss: 8.8.4.4:53 <-> 127.0.0.1:60175
2016-01-24 01:18:59 INFO: [udp] remote receive a packet
2016-01-24 01:19:04 INFO: udp assc request accepted
2016-01-24 01:19:04 INFO: [udp] server receive a packet
2016-01-24 01:19:04 INFO: [udp] cache miss: 8.8.4.4:53 <-> 127.0.0.1:50688
2016-01-24 01:19:05 INFO: [udp] remote receive a packet
2016-01-24 01:19:09 INFO: udp assc request accepted
2016-01-24 01:19:09 INFO: [udp] server receive a packet
2016-01-24 01:19:09 INFO: [udp] cache miss: 8.8.4.4:53 <-> 127.0.0.1:51463
后来改用你的redsocks。仍然有此问题。服务端支持udp。

我设置了antoproxy=1可是仍然不起作用，不是说能自动区分墙内和墙外流量么？还是我得有ipset辅助？

安装完以后/etc/init.d/redsocks2 start就会出现这个错误：
redsocks2 is not enabled.Exit now.

直接用 /usr/sbin/redsocks2 -c xxx.conf 就可以。

小白我看了这段代码，但不太明白应该怎么改。求助，谢谢

if_enabled() {
local cfg="$1"
config_get_bool enabled "$cfg" 'enabled' '0'
[ $enabled = '0' ] && {
echo "redsocks2 is not enabled.Exit now."
exit 1
}
}

分别是search.h,tsearch.c,twalk.c,twalk.c,tdelte.c,tdenstroy.c ，不知道网上找到的不对还是怎么样，无法编译通过。

make 显示 .depend:1: *** missing separator. Stop.
是gcc问题？MacOSX的gcc是基于LLVM的，可能因为这个的原因？

路由器上转发到 socks5 代理，iOS 上使用 twitter.app 一段时间后（使用 - home键退出 - 玩会别的app - 再打开 twitter.app），会出现一直转菊花的情况，kill 掉app重开即可。或者重启 redsocks2 也可。

先描述下我的网络结构：
服务器（A）和路由器（B）在同一个局域网内，A 能直接联网，B 不能直接联网，但是可以连到A，因此在 A 上起了个ss 的 server，B 里起了个 ss-redir ，然后把B中 OUTPUT 链的流量全部导入 ss-redir 监听的端口，这样B上跑的程序都能正常联网。

redsocks2 跑在上述路由器B上，配置成ss模式（服务器为墙外一台VPS），将路由器中 PREROUTING 链的流量导入 redsocks2 监听的端口，此时在连接该路由器的PC机中访问被封网站，无法自动切换使用代理。
redsocks2日志如下：

Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: accepted
Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: data relaying started
Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: WCB relay, fs: 0, ts: 0, fin: 137, fout: 0, tin: 0
Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: sent: 0, recv: 0, in:137, out:0
Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: WCB client, fs: 0, ts: 0, fin: 0, fout: 137, tin: 137
Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: WCB relay, fs: 0, ts: 0, fin: 137, fout: 0, tin: 0
Thu Nov  5 14:16:33 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: sent: 137, recv: 0, in:137, out:0
Thu Nov  5 14:16:34 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: RECV Timeout, state: 10001, data_sent: 137
Thu Nov  5 14:16:34 2015 daemon.debug redsocks[2574]: [192.168.2.157:49504->173.252.120.6:80]: IP Confirmed

我尝试了下， 如果只将路由器 OUTPUT 链中连接 VPS 的流量导入ss-redir 监听的端口，其余流量不处理，此时redsocks2能正常切换到ss代理模式并正常连接，日志如下：

Thu Nov  5 14:18:47 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: accepted
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: relay, errno(0), State: 10000, what: 0|WRITING|0|0|TIMEOUT|0|0x0: Success
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: IP Blocked
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: ADD IP to cache: 173.252.120.6
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: dropping relay only 
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: data relaying started
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: WCB relay, fs: 0, ts: 0, fin: 137, fout: 0, tin: 0
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: WCB client, fs: 0, ts: 0, fin: 0, fout: 160, tin: 0
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: WCB relay, fs: 0, ts: 0, fin: 0, fout: 0, tin: 0
Thu Nov  5 14:18:49 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: WCB client, fs: 0, ts: 0, fin: 0, fout: 0, tin: 0
Thu Nov  5 14:18:51 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: client, what: READING|0|EOF|0|0|0|0x0: Success
Thu Nov  5 14:18:51 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: WCB relay, fs: 2, ts: 0, fin: 0, fout: 0, tin: 0
Thu Nov  5 14:18:51 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: relay, what: READING|0|EOF|0|0|0|0x0: Success
Thu Nov  5 14:18:51 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: WCB client, fs: 6, ts: 2, fin: 0, fout: 0, tin: 0
Thu Nov  5 14:18:51 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: both client and server disconnected
Thu Nov  5 14:18:51 2015 daemon.debug redsocks[2659]: [192.168.2.157:49541->173.252.120.6:80]: dropping client

我发现如果我的ss服务器出现有一段时间连接不上后，redsocks2需要restart才能继续使用，否则走代理的部分就会打不开。

I am trying to redirect the udp packet to particular port where I run
my proxy (SOCKS) . I am supposed to obtain the original destination
ipaddress of the client to add to the data field of socks message as
per the RFC .

However , when I use REDIRECT chain as it sets the dest addr to the LO
address i get the LO address 127.0.0.1 and the port where socks proxy
client runs .

I tried patching SO_ORIGINAL_DST to obtain for UDP protocol also . In
this case it would work if I use single FD for single dest . However
when I use single FD for multiple connection it might not work .

I cannot add as part of rsvmsg , as I have to send to the proxy server
in advance .

TPROXY works in prerouting , I am not sure how we use in the client
side to send the first packet with the dest address . (I am not sure
about the TPROXYing though)

Can you please suggest the method to overcome the problem . Thanks in advance.

若支持，如何打开？

配置tcpdns之后，用dig测试请求总是报malformed DNS request，用nslookup测试总是报errno(150), what: READING|0|0|0|TIMEOUT|0|0x0: Operation now in progress，太难用了

现象：在路由器(openwrt )设置内网机器的端口映射，如果启动 redsocks2，则映射后的端口无法使用。
如果关闭redsocks2，则正常。换成ss-redir也正常。

这个问题如何解决？

已通过iptables 设置了 iptables -t nat -A REDSOCKS2 -d 192.168.0.0/16 -j RETURN

blog.csdn.net 无法打开,不能走代理.

路由器的性能，chacha20好像比较适合。

我用interface=转发流量不成功

根据最新版编译，conf中设置：
log_debug = off;
log_info = off;
这种设置应该能关闭绝大部分日志吧？但实际上还是打出了一大堆详细日志，太多（路由上面运行，而且重定向所有TCP和UDP包），根本不敢写入日志文件。临时只有将其输出重定向到 /dev/null。这个是bug？还是理解错误，配置错误？

1438847131.333197 redsocks.c:287 process_shutdown_on_write_(...) [192.168.2.101:50608->165.254.42.72:80]: WCB client, fs: 0, ts: 0, fin: 0, fout: 287, tin: 287
1438847131.333429 autoproxy.c:428 process_shutdown_on_write_2(...) [192.168.2.101:50608->165.254.42.72:80]: WCB relay, fs: 0, ts: 0, fin: 287, fout: 0, tin: 0
1438847131.333479 autoproxy.c:276 handle_write_to_relay(...) [192.168.2.101:50608->165.254.42.72:80]: sent: 287, recv: 0, in:287, out:0
1438847131.530038 autoproxy.c:388 direct_relay_relayreadcb(...) [192.168.2.101:50608->165.254.42.72:80]: relay in: 232
1438847131.530138 autoproxy.c:187 on_connection_confirmed(...) [192.168.2.101:50608->165.254.42.72:80]: IP Confirmed
1438847131.530371 redsocks.c:287 process_shutdown_on_write_(...) [192.168.2.101:50608->165.254.42.72:80]: WCB client, fs: 0, ts: 0, fin: 0, fout: 0, tin: 0
1438847137.634997 utils.c:68 red_recv_udp_pkt(...) IP_ORIGDSTADDR: 192.168.2.5:12345
1438847137.635574 redudp.c:335 redudp_first_pkt_from_client(...) [192.168.2.101:1238->192.168.2.5:12345]: got 1st packet from client
1438847137.635676 socks5-udp.c:355 socks5_relay_connected(...) [192.168.2.101:1238->192.168.2.5:12345]: via 192.168.2.5:1080
1438847137.636691 socks5-udp.c:310 socks5_read_auth_methods(...) [192.168.2.101:1238->192.168.2.5:12345]:
1438847137.637444 socks5-udp.c:205 socks5_read_assoc_reply(...) [192.168.2.101:1238->192.168.2.5:12345]:
1438847137.637574 redudp.c:284 redudp_flush_queue(...) [192.168.2.101:1238->192.168.2.5:12345]: Starting UDP relay
1438847137.637784 socks5-udp.c:381 socks5_relay_error(...) [192.168.2.101:1238->192.168.2.5:12345]: socks5_relay_error
1438847137.637830 redudp.c:196 redudp_drop_client(...) [192.168.2.101:1238->192.168.2.5:12345]: Dropping...
1438847143.539098 main.c:188 main(...) redsocks goes down
1438847143.539361 redsocks.c:1013 redsocks_fini_instance(...) There are connected clients during shutdown! Disconnecting them.
1438847143.539443 redsocks.c:388 redsocks_drop_client(...) [192.168.2.101:50608->165.254.42.72:80]: dropping client

Tried cross compile wrapper from https://github.com/aa65535/openwrt-redsocks2 and https://github.com/wongsyrone/openwrt-1/tree/master/package/external/redsocks2 but both of them lead to same error.

Compile on SDK OpenWrt-SDK-15.05-rc3-bcm53xx_gcc-4.8-linaro_uClibc-0.9.33.2_eabi.Linux-x86_64 is OK, but I am using dd-wrt, it's uClibc incompatible.

Output:

[someone@localhost OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64]$ make package/redsocks2/compile V=99
#
# configuration written to .config
#
make[1]: Entering directory `/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64'
make[2]: Entering directory `/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/package/redsocks2'
CFLAGS="-Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable -mfloat-abi=soft -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro  -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/usr/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/usr/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/include/fortify -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/include " CXXFLAGS="-Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable -mfloat-abi=soft -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro  -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/usr/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/usr/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/include/fortify -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/include " LDFLAGS="-L/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/usr/lib -L/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/lib -L/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/usr/lib -L/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/lib -znow -zrelro " make -j1 -C /home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/build_dir/target-arm_cortex-a9_musl-1.1.10_eabi/redsocks2//redsocks2-0.60/. AR="arm-openwrt-linux-muslgnueabi-gcc-ar" AS="arm-openwrt-linux-muslgnueabi-gcc -c -Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable -mfloat-abi=soft -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro" LD=arm-openwrt-linux-muslgnueabi-ld NM="arm-openwrt-linux-muslgnueabi-gcc-nm" CC="arm-openwrt-linux-muslgnueabi-gcc" GCC="arm-openwrt-linux-muslgnueabi-gcc" CXX="arm-openwrt-linux-muslgnueabi-g++" RANLIB="arm-openwrt-linux-muslgnueabi-gcc-ranlib" STRIP=arm-openwrt-linux-muslgnueabi-strip OBJCOPY=arm-openwrt-linux-muslgnueabi-objcopy OBJDUMP=arm-openwrt-linux-muslgnueabi-objdump SIZE=arm-openwrt-linux-muslgnueabi-size CROSS="arm-openwrt-linux-muslgnueabi-" ARCH="arm" ;
make[3]: Entering directory `/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/build_dir/target-arm_cortex-a9_musl-1.1.10_eabi/redsocks2/redsocks2-0.60'
arm-openwrt-linux-muslgnueabi-gcc -Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable -mfloat-abi=soft -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro  -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/usr/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/target-arm_cortex-a9_musl-1.1.10_eabi/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/usr/include -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/include/fortify -I/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_musl-1.1.10_eabi/include  -fPIC -O3  -std=gnu99 -Wall   -c -o parser.o parser.c
In file included from parser.c:29:0:
utils.h:43:41: warning: 'struct evbuffer' declared inside parameter list [enabled by default]
 char *redsocks_evbuffer_readline(struct evbuffer *buf);
                                         ^
utils.h:43:41: warning: its scope is only this definition or declaration, which is probably not what you want [enabled by default]
utils.h:46:33: error: unknown type name 'evbuffercb'
                                 evbuffercb readcb,
                                 ^
utils.h:47:33: error: unknown type name 'evbuffercb'
                                 evbuffercb writecb,
                                 ^
utils.h:48:33: error: unknown type name 'everrorcb'
                                 everrorcb errorcb,
                                 ^
utils.h:50:65: error: unknown type name 'evbuffercb'
 struct bufferevent* red_connect_relay(struct sockaddr_in *addr, evbuffercb readcb, evbuffercb writecb, everrorcb errorcb, void *cbarg);
                                                                 ^
utils.h:50:84: error: unknown type name 'evbuffercb'
 struct bufferevent* red_connect_relay(struct sockaddr_in *addr, evbuffercb readcb, evbuffercb writecb, everrorcb errorcb, void *cbarg);
                                                                                    ^
utils.h:50:104: error: unknown type name 'everrorcb'
 struct bufferevent* red_connect_relay(struct sockaddr_in *addr, evbuffercb readcb, evbuffercb writecb, everrorcb errorcb, void *cbarg);
                                                                                                        ^
In file included from parser.c:29:0:
utils.h:51:66: error: unknown type name 'evbuffercb'
 struct bufferevent* red_connect_relay2(struct sockaddr_in *addr, evbuffercb readcb, evbuffercb writecb, everrorcb errorcb, void *cbarg, const struct timeval *timeout_write);
                                                                  ^
utils.h:51:85: error: unknown type name 'evbuffercb'
 struct bufferevent* red_connect_relay2(struct sockaddr_in *addr, evbuffercb readcb, evbuffercb writecb, everrorcb errorcb, void *cbarg, const struct timeval *timeout_write);
                                                                                     ^
utils.h:51:105: error: unknown type name 'everrorcb'
 struct bufferevent* red_connect_relay2(struct sockaddr_in *addr, evbuffercb readcb, evbuffercb writecb, everrorcb errorcb, void *cbarg, const struct timeval *timeout_write);
                                                                                                         ^
make[3]: *** [parser.o] Error 1
make[3]: Leaving directory `/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/build_dir/target-arm_cortex-a9_musl-1.1.10_eabi/redsocks2/redsocks2-0.60'
make[2]: *** [/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/build_dir/target-arm_cortex-a9_musl-1.1.10_eabi/redsocks2//redsocks2-0.60/.built] Error 2
make[2]: Leaving directory `/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64/package/redsocks2'
make[1]: *** [package/redsocks2/compile] Error 2
make[1]: Leaving directory `/home/someone/code/OpenWrt-SDK-bcm53xx_gcc-4.8-linaro_musl-1.1.10_eabi.Linux-x86_64'
make: *** [package/redsocks2/compile] Error 2

And I just noticed that it's maybe a same error on openwrt buildbot: http://buildbot.openwrt.org:8010/broken_packages/ar71xx/redsocks/compile.txt

local_port端口如果被占用了，redsocks2还是可以正常启动，但是端口没有打开是无法使用的。
ps：感谢作者的付出

您好！我用BRCM53XX的SDK出现一下的错误，用toolchain-arm编译也是一样！

arm-openwrt-linux-gcc -I/home/houzi/OpenWrt-SDK-15.05-bcm53xx_gcc-4.8-linaro_uClibc-0.9.33.2_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_uClibc-0.9.33.2_eabi/usr/include/ -L/home/houzi/OpenWrt-SDK-15.05-bcm53xx_gcc-4.8-linaro_uClibc-0.9.33.2_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-4.8-linaro_uClibc-0.9.33.2_eabi/usr/lib/ -fPIC -O3 -std=gnu99 -Wall -DUSE_CRYPTO_OPENSSL -c -o parser.o parser.c
In file included from parser.c:29:0:
utils.h:6:19: fatal error: event.h: No such file or directory
#include <event.h>
^
compilation terminated
make: *** [parser.o] 错误 1

本机系统：Ubuntu 16.04
虚拟机：VMware Workstation 12.1.1 build-3770994
系统：最新的 Debian Jessie 最小化安装版本

依赖包 及 Build-Essential 均已安装

症状：
编译时缺少 "parser.o" .
如图：
http://moefq.com/image/LNxSA

Hello Gentlemen.

Had somebody successfully compile and use redsocks2 on modern branches of FreeBSD? Please share you experience, tricks and configuration tips.

Thank You.

环境：
Lenovo Y1 mini running Openwrt PandoraBox
Redsocks2 （端口1081）来自于openwrt.org.cn的PandoraBox/Barrier Breaker (14.09)源
ss-redir（端口1080）
ss-local（端口1082）
iptables配置如下


思路是如果在gfwlist内则直接转发给shadowsocks，如果不在白名单（大陆IP段）内再转给redsocks2
而redsocks2的配置是转发给本地的1082端口上的ss-local
发现只要是经由Redsocks2的流量，如果远端time out（例如Google）则可以自动转发给代理并写入IP缓存，但是如果远端不在gfwlist内又返回reset，则无法正常访问，浏览器也会给出reset，IP缓存中也没有对应IP，log也没有错误信息。如下（其实这个网站在gfwlist里面，只是为了演示我手动去除了它）
注：我的shadowsocks服务器在国内，故也是在whitelist里面，不会引起forward loop



在网上搜索以后并没有发现有人有类似的症状，不知是何故？

Hi!
I'm looking for a way to tunnel OpenVPN(UDP) over Shadowsocks on android.
Turns out Shadowsocks for Android isn't quite up for the task
shadowsocks/shadowsocks-android#726 (comment)

So... I started looking around, stumbled upon your project, and now I have a bunch of questions.

The questions are:

1. Can Redsocks2 be built for Android 5.0+ (PIE, etc) ?

2. If yes, how :-) ?

3. Can it be used to tunnel OpenVPN's UDP traffic over Shadowsocks ?

4. If yes, would it rely on TPROXY support in iptables ? (many android devices don't have TPROXY destination support in iptables)

5. And last (and somewhat unrelated) question, does Redsocks2 support Shadowsocks One-Time-Auth feature (https://shadowsocks.org/en/spec/one-time-auth.html)?

Thank you very much!

有的网段没被墙但是传输速度慢，比如github，走代理快很多，redsocks2可以实现吗？

if (!config->quick_connect_timeout)
err = "Timeout value for quick check can not be 0. Default: 3";

quick_connect_timeout = 0; // 别检查了，如果认为被屏蔽了就直接走代理吧
无法启动

Hi Semi,

Many thanks for your great work.
I use your redsocks2 as a https transparent proxy.

I noticed that the ipset didn't work well in new lede version.
Please help to look into it.
'''
root@lede:# /etc/init.d/redsocks2 stop
root@lede:# /etc/init.d/redsocks2 start
iptables: Chain already exists.
ipset v6.30: Error in line 9: Syntax error: cannot parse 12.4.27.0.0: resolving to IPv4 address failed
root@lede:~#
'''
The redsocks2 is still working, but I am concerning it would bring some performance issues.

My config file:
'''
config redsocks2_base
option loglevel 'info'
option enabled '1'

config redsocks2_redirect
option local_port '11111'
option autoproxy '1'
option ip '172.22.22.22'
option port '80'
option proxy_type 'http-connect'
option timeout '2'
option local_ip '192.168.43.1'

config redsocks2_autoproxy
option no_quick_check_seconds '300'
option quick_connect_timeout '2'

config redsocks2_ipcache
option cache_size '4'
option cache_file '/tmp/redsocks2_ipcache.txt'
option stale_time '7200'
option autosave_interval '3600'
option port_check '0'

config redsocks2_iptables
option blacklist_enabled '0'
option whitelist_enabled '1'
option dest_port '11111'
option ipset_whitelist '/etc/aaa.txt'
'''

Thanks

从最新版本下载的源码编译成x86-64执行文件，redsock section的定义不起作用，无论在是shadowsocks/socks5模式下，autoproxy设成0/1，都无法重定向session，而且log文件无反应，server端也无数据。但是reudp可以工作，不知道为何？不知道是否可以放出4/5月份版本以供测试？

发现在目前的开发版libsodium中实现了一个IETF兼容的chacha20poly1305，不知菊苣有什么看法，这个和之前的有什么区别吗

开启了自动代理。

我测试了两种网络，1、电信有公网ip的，可以一直正常使用，2、长城宽带，无公网ip，出口ip时常变的。只能在重启路由后能用，一会儿就不能用了，打开要翻的网站都提示dns错误，然而之前，ss+redsocks+dns2socks方案是一直能用的。这问题可能跟issue #8有关联。

现在已经成功实现TPROXY直接将udp转发至ss-redir，可以上网没有问题，ss-server已经加-u。
tcp使用redsocks2的autoproxy功能，所以就想同时使用redsocks2的redudp，这样就不用开一个ss-local还要再开一个ss-redir
所以，
设置redudp type为socks5 （没有直接使用shadowsocks，因为服务器开启了OTA）
ip和port为ss-local的的地址和端口，没有设置dest_ip和port，日志有TPROXY出现

redudp.c:576 redudp_init_instance(...) redudp @ 0.0.0.0:1024: TPROXY

ss-local也开启-u，结果是无法转发udp，日志中出现udp relay error
想问是设置问题，还是没有这个功能。

redsocks始终不去连接shadowsocks

是否是深拷贝造成的? 另外，并不是每一次发送的大的字节流都慢，有的时候小字节流反而比大字节流慢。。

我的代理服务器是socks5，不是shadowsocks，使用pdnsd把udp请求转为到8.8.4.4的tcp包。再

ipset add gfwlist 8.8.4.4。
iptables -t nat -A OUTPUT -m -set --match-set gfwlist dst -j REDIRECT --to-port {redsocks2_port}

把包交给redsocks2代理，这里是没有问题的。

看到新版的redsocks2里关于redudp和tcpdns的介绍，也是摸索起来怎么把pdnsd省了。

但文档写得真的很简洁。

1、我不知道这两条通道的包是经过代理还是直接发出的。直接试失败，往OUTPUT链里加规则将包跳往redsocks2还是失败。

2、查看日志，又发现配置里base{}里 log debug 和 log info 的 off 和 on 开关无效，一定会写磁盘。

3、redudp可能是要shadowsocks服务器配合我不知道我的socks5行不行，文档也没写就不试了。

4、tcpdns 发出的包无论经不经过tcp代理，都是失败的，频繁报在tcpdns_event_error这个函数，错误信息看不懂。

翻代码发现下面，暂时需要作者解释。

/* connect to target directly without going through proxy */
        req->resolver = red_connect_relay2(destaddr,
                        tcpdns_readcb, tcpdns_connected, tcpdns_event_error, req, 
                        &tv);

最好的话能写一些交互性的安装脚本之类，至少大家用不动看不懂的时候，能够去翻看一下安装脚本在做什么，还能了解到一些

把local ip 和 port 当作 代理地址了
shadowsocks.c:360 ss_instance_init(...) shadowsocks @ 192.168.1.1:60001: encryption method: aes-256-cfb

另外polarssl 版本基本没法用吧，启动起来一个网页都没法完整打开就退出了

我使用redsocks+ss-local代理上网，不能访问网络。
本人是新手，期待各位大大的帮助
在路由器上执行测试命令：curl --proxy 192.168.1.1:8080 www.sina.com
返回结果为：curl: (52) Empty reply from server。
ss-local的代理可正常工作，测试方法是：curl --socks5 192.168.1.1:1080 www.sina.com；返回结果是正常的。
路由器上没有设置iptables，若需要请告知必须的设置。

redsocks的配置文件内容为：
base {
log_debug = on;
log_info = on;
//log = stderr;
log = "file:/jffs/redsocks2.log";
daemon = on;
redirector= iptables;
}

redsocks {
local_ip = 0.0.0.0;
local_port = 8080;
ip = 192.168.1.1;
port = 1080;
type = socks5;
timeout = 3;
autoproxy = 1;
}

autoproxy {
no_quick_check_seconds = 0;
quick_connect_timeout = 1;
}

ipcache {
cache_size = 8;
cache_file = "/jffs/test/redsocks2/ipcache.txt";
stale_time = 7200;
autosave_interval = 3600;
port_check = 1;
}

在faq里提到不支持黑名单是因为可以直接iptables流量到代理，但目前的版本支持了shadowsocks，再开一个ss-local显然是不合适的。因此建议重新考虑黑名单的添加。

在autoproxy模式几乎无法正常工作。
在非autoproxy模式下运行时间长了也会导致cpu占用率99%。
不知是哪里的问题。

感觉对于某些对于隐私非常敏感的场景，最好是能把所有外出请求，所有TCP和UDP请求导向Tor，然后Tor丢弃UDP请求，印象中Tor好像是不支持UDP的吧；对于DNS，把所有DNS请求导向TorDNS

您好！如果使用tcpdns查询来解决污染，那iptables应该如何设置，能否给个例子！还有能否设置208.67.222.222:443 的非标准端口？

目前后端多台ss-server希望加入负载均衡及后端可用性检查功能

如果没有这方面计划, 那么通过第三方的软件有没有什么好的解决方案?

The thumbnail is okay. But, receiver could not download picture.

In Chinese:
微信上传图片，对方只能看到缩略图，下载大图失败。很大几率出现这种问题。

redsocks.c: In function 'display_mallinfo':
redsocks.c:893:21: error: storage size of 'mi' isn't known
struct mallinfo mi;
^
redsocks.c:895:10: warning: implicit declaration of function 'mallinfo' [-Wimplicit-function-declaration]
mi = mallinfo();
^
redsocks.c:893:21: warning: unused variable 'mi' [-Wunused-variable]
struct mallinfo mi;
^
: recipe for target 'redsocks.o' failed

Many thank for your great work!

Hi semigodking谢谢开发这个项目，给我们的网络工作带来了极大的便利。
但是最近我碰到一个问题，是在Ubuntu上测试发现的。
就是redsocks2在负载比较高的时候会莫名其妙的崩溃，报的错误是，
redsocks[29116]: segfault at 9c ip b7740684 sp bfde666c error 4 in libevent-2.0.so.5.1.9[b772b000+4d000]
然后redsocks2就崩溃了，系统日志可以看到这个：
Mar 5 04:57:00 VPS systemd[1]: redsocks.service: main process exited, code=killed, status=11/SEGV
Mar 5 04:57:00 VPS systemd[1]: Unit redsocks.service entered failed state.
Mar 5 04:57:00 VPS systemd[1]: redsocks.service failed.
在这个错误之前就会报一些小错误：redsocks[29116]: [73.233.25.115:55405->104.23.18.178:80]: shutdown(relay, SHUT_WR): Transport endpoint is not connected

我搜了一下这个问题和libevent的一个bug有关系，这个如果您google搜索segfault error libevent就能类似的报告。求助有其他的解决办法吗？比如重新自己编译libevent修正这个bug，还是redsocks稍微调整一下避免这个bug呢？

测试成功应该给出一个ok的反馈。