Giter Club home page Giter Club logo

Comments (7)

wangyu- avatar wangyu- commented on August 18, 2024

是不是 udp2raw 默认生成的 iptables 规则不适用这种场景?

udp2raw生成的规则仅仅供udp2raw自己使用,udp2raw不生成任何供vpn用的iptables规则。

既然你ping 10.7.0.1已经通了,那说明你的vpn已经正常连通了。如果需要通过这条VPN上网,你需要自己添加iptables规则。可能还要改路由表,还要开启ip forward,具体内容要自己google一下。

(之前你用的L2TP没问题,是因为L2TP默认帮你把规则添加好了)

from udpspeeder.

sdysj avatar sdysj commented on August 18, 2024

shadowvpn + UDPSpeeder 默认 shadowvpn 规则就正常上网,套上 udp2raw 就不行了。现在不清楚是需要添加例外的规则还是程序问题,你能测试一下吗?

from udpspeeder.

wangyu- avatar wangyu- commented on August 18, 2024

你试一下在两边加上--lower-level auto

另外,你贴一下两边的iptables-save结果。

==update==
还有贴一下,routeip route的结果

不清楚是需要添加例外的规则还是程序问题

都ping通了,基本可以确认不是程序问题。

openvpn/l2tp +udpspeeder+udp2raw经测试都是可以的。

另外shadowvpn+udp2raw,也有人反馈是可以的( https://www.v2ex.com/t/382261

from udpspeeder.

sdysj avatar sdysj commented on August 18, 2024 
root@orangepipc:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
udp2rawDwrW_c3fb6161_C0  tcp  --  SERVERIP  anywhere             tcp spt:36480

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ShadowVPN  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain ShadowVPN (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED

Chain udp2rawDwrW_c3fb6161_C0 (1 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere


root@orangepipc:~# iptables -t nat -L                                                               
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
ShadowVPN  all  --  anywhere             anywhere

Chain ShadowVPN (1 references)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere


root@orangepipc:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         128.0.0.0       U     0      0        0 tun0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
10.7.0.0        0.0.0.0         255.255.255.0   U     0      0        0 tun0
SERVERIP        192.168.1.1     255.255.255.255 UGH   0      0        0 eth0
128.0.0.0       0.0.0.0         128.0.0.0       U     0      0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

from udpspeeder.

sdysj avatar sdysj commented on August 18, 2024

加上 --lower-level auto 也不行。
shadowvpn+udp2raw 可以。

from udpspeeder.

wangyu- avatar wangyu- commented on August 18, 2024

你贴的只有一边的,把client和server两边都贴一下。
iptables -L格式我不熟悉,请你贴一下iptables-save的输出
route也贴一下两边的。

另外再贴一下ifconfig的两边输出。
两边的udp2raw和udpspeeder的命令和日志也贴一下。

==update==

shadowvpn + UDPSpeeder 默认 shadowvpn 规则就正常上网,套上 udp2raw 就不行了。

shadowvpn+udp2raw 可以。

所以shadowvpn + UDPSpeeder 和shadowvpn+udp2raw都可以,只有2个都套上以后才不可以是吗?

可能是MTU问题,尝试在shadowvpn的client和server端把mtu都改成1200.

from udpspeeder.

sdysj avatar sdysj commented on August 18, 2024

确实是 MTU 问题,设置为 1200 就好了。

from udpspeeder.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.