Comments (40)
RideWindOne
commented on August 24, 2024
1
感谢,昨天已成功运行,能够正常访问国内网站。
from ss-tproxy.
zfl9
commented on August 24, 2024
ss-tproxy stop
bash -x /usr/local/bin/ss-tproxy start
将 bash -x 的调试输出发送给我,敏感信息请自行替换掉。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
dnsmasq: bad option at line 6 of /dev/fd/63
iptables v1.4.21: host/network server' not found Try iptables -h' or 'iptables --help' for more information.
iptables v1.4.21: host/network server' not found Try iptables -h' or 'iptables --help' for more information.
mount: warning: /etc/resolv.conf seems to be mounted read-write.
mode: tproxy_chnroute
ss-redir: [running]
ss-tunnel: [running]
chinadns: [running]
dnsmasq: [stopped]
重新安装后是这个提示,谢谢。
bash -x /usr/local/bin/ss-tproxy start
- main_cfg=/etc/tproxy/ss-tproxy.conf
- '[' -f /etc/tproxy/ss-tproxy.conf ']'
- source /etc/tproxy/ss-tproxy.conf
++ mode=tproxy_chnroute
++ socks5_listen=127.0.0.1:1080
++ socks5_remote=node.proxy.net
++ socks5_runcmd='nohup ss-local -c /etc/ss/ss-local.json </dev/null &>>/var/log/ss-local.log &'
++ tun2socks_tundev=tun0
++ tun2socks_address=10.0.0.1
++ tun2socks_gateway=10.0.0.254
++ tun2socks_netmask=255.255.255.0
++ tun2socks_log=/var/log/tun2socks.log
++ server_addr=server
++ server_port=1234
++ server_method=rc4-md5
++ server_passwd=password
++ server_use_ssr=false
++ server_protocol=origin
++ server_protocol_param=
++ server_obfs=plain
++ server_obfs_param=
++ redir_fast_open=true
++ redir_verbose=false
++ redir_log=/var/log/ss-redir.log
++ tunnel_verbose=false
++ tunnel_log=/var/log/ss-tunnel.log
++ dnsmasq_gfwlist=/etc/tproxy/gfwlist.txt
++ dnsmasq_gfwlist_ext=/etc/tproxy/gfwlist.ext
++ dnsmasq_cache_size=10240
++ dnsmasq_cache_time=3600
++ dnsmasq_log_on=false
++ dnsmasq_log_file=/var/log/dnsmasq.log
++ dnsfwd_log_on=false
++ dnsfwd_log_dir=/var/log
++ dnsfwd_cache_on=true
++ dnsfwd_cache_mem=true
++ dnsfwd_cache_size=1048576
++ dnsfwd_ignore_ttl=true
++ chinadns_chnroute=/etc/tproxy/chnroute.txt
++ chinadns_mutation=true
++ chinadns_verbose=false
++ chinadns_log=/var/log/chinadns.log
++ dns_direct=114.114.114.114
++ dns_remote=8.8.8.8:53
++ iptables_pbr_number=100
++ iptables_pbr_fwmark=0x2333/0x2333
++ iptables_ipset_file=/etc/tproxy/chnroute.set
++ iptables_intranet=(192.168.0.0/16) - case $1 in
- start
- check_depend
- case "$mode" in
- command -v ss-redir
- command -v ss-tunnel
- command -v haveged
- modprobe xt_TPROXY
- command -v ip
- command -v ipset
- command -v chinadns
- command -v dnsmasq
- command -v curl
- start_socks
- case "$mode" in
- '[' false = false ']'
- redir_params='-s'''server''' -p'''1234''' -m'''rc4-md5''' -k'''password''' -b0.0.0.0 -l60080 --no-delay --reuse-port'
- [[ tproxy_chnroute != *tcp ]]
- redir_params+=' -u'
- '[' false = true ']'
- '[' true = true ']'
- redir_params+=' --fast-open'
- eval 'nohup ss-redir -s'''server''' -p'''1234''' -m'''rc4-md5''' -k'''password''' -b0.0.0.0 -l60080 --no-delay --reuse-port -u --fast-open </dev/null &>>'''/var/log/ss-redir.log''' &'
- [[ tproxy_chnroute != *tcp ]]
- tunnel_params='-s'''server''' -p'''1234''' -m'''rc4-md5''' -k'''password''' -b0.0.0.0 -l60053 -L'''8.8.8.8:53''' -U --no-delay --reuse-port'
- '[' false = true ']'
- eval 'nohup ss-tunnel -s'''server''' -p'''1234''' -m'''rc4-md5''' -k'''password''' -b0.0.0.0 -l60053 -L'''8.8.8.8:53''' -U --no-delay --reuse-port </dev/null &>>'''/var/log/ss-tunnel.log''' &'
- start_dns
- case "$mode" in
++ mktemp
++ nohup ss-tunnel -sserver -p1234 -mrc4-md5 -kpassword -b0.0.0.0 -l60053 -L8.8.8.8:53 -U --no-delay --reuse-port - chinadns_chnroute_temp=/tmp/tmp.AnQ8A2mVeB
- cat /etc/tproxy/chnroute.txt
++ nohup ss-redir -sserver -p1234 -mrc4-md5 -kpassword -b0.0.0.0 -l60080 --no-delay --reuse-port -u --fast-open - echo 114.114.114.114/32
- chinadns_params='-b 0.0.0.0 -p 65353 -s 114.114.114.114,127.0.0.1:60053 -c /tmp/tmp.AnQ8A2mVeB'
- '[' true = true ']'
- chinadns_params+=' -m'
- '[' false = true ']'
- dnsmasq -C /dev/fd/63
++ cat - nohup chinadns -b 0.0.0.0 -p 65353 -s 114.114.114.114,127.0.0.1:60053 -c /tmp/tmp.AnQ8A2mVeB -m
+++ '[' false = true ']'
dnsmasq: bad option at line 6 of /dev/fd/63
- start_rule
- for cidr in '"${iptables_intranet[@]}"'
++ net2bin 192.168.0.0/16
+++ awk -F/ '{print $1}'
++ net=192.168.0.0
+++ awk -F/ '{print $2}'
++ len=16
++ IFS=.
++ read -ra bytes
++ for byte in '"${bytes[@]}"'
+++ dec2bin 192
+++ (( n = 192 ))
+++ (( n > 0 ))
+++ bit=0
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=0000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=1000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=11000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ printf '%08d\n' 11000000
++ result+=11000000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 168
+++ (( n = 168 ))
+++ (( n > 0 ))
+++ bit=0
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=1000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=01000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=0101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=10101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ printf '%08d\n' 10101000
++ result+=10101000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 0
+++ (( n = 0 ))
+++ (( n > 0 ))
+++ printf '%08d\n' ''
++ result+=00000000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 0
+++ (( n = 0 ))
+++ (( n > 0 ))
+++ printf '%08d\n' ''
++ result+=00000000
++ echo 1100000010101000 - curnet=1100000010101000
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \0\0\0\0\1\0\1\0* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\0\1\0\1\1\0\0\0\0\0\1* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\0\1\0\1\0\0\1\1\1\1\1\1\1\1\0* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\1\0\0\0\0\0\0\1\0\1\0\1\0\0\0* ]]
- continue 2
- case "$mode" in
- iptables -t nat -F OUTPUT
- iptables -t nat -F PREROUTING
- iptables -t nat -F POSTROUTING
- iptables -t nat -F SS-TCP
- iptables -t nat -X SS-TCP
- iptables -t nat -N SS-TCP
- iptables -t nat -A SS-TCP -d 0/8 -j RETURN
- iptables -t nat -A SS-TCP -d 10/8 -j RETURN
- iptables -t nat -A SS-TCP -d 127/8 -j RETURN
- iptables -t nat -A SS-TCP -d 169.254/16 -j RETURN
- iptables -t nat -A SS-TCP -d 172.16/12 -j RETURN
- iptables -t nat -A SS-TCP -d 192.168/16 -j RETURN
- iptables -t nat -A SS-TCP -d 224/4 -j RETURN
- iptables -t nat -A SS-TCP -d 240/4 -j RETURN
- iptables -t nat -A SS-TCP -d server -j RETURN
iptables v1.4.21: host/networkserver' not found Tryiptables -h' or 'iptables --help' for more information. - [[ tproxy_chnroute == chnroute ]]
- ipset -X chnroute
- ipset -R
- iptables -t nat -A SS-TCP -m set --match-set chnroute dst -j RETURN
- iptables -t nat -A SS-TCP -p tcp -j REDIRECT --to-ports 60080
- [[ tproxy_chnroute != *tcp ]]
- iptables -t mangle -F PREROUTING
- iptables -t mangle -F SS-UDP
- iptables -t mangle -X SS-UDP
- iptables -t mangle -N SS-UDP
- iptables -t mangle -A SS-UDP -d 0/8 -j RETURN
- iptables -t mangle -A SS-UDP -d 10/8 -j RETURN
- iptables -t mangle -A SS-UDP -d 127/8 -j RETURN
- iptables -t mangle -A SS-UDP -d 169.254/16 -j RETURN
- iptables -t mangle -A SS-UDP -d 172.16/12 -j RETURN
- iptables -t mangle -A SS-UDP -d 192.168/16 -j RETURN
- iptables -t mangle -A SS-UDP -d 224/4 -j RETURN
- iptables -t mangle -A SS-UDP -d 240/4 -j RETURN
- iptables -t mangle -A SS-UDP -d server -j RETURN
iptables v1.4.21: host/networkserver' not found Tryiptables -h' or 'iptables --help' for more information. - [[ tproxy_chnroute == chnroute ]]
- iptables -t mangle -A SS-UDP -m set --match-set chnroute dst -j RETURN
- iptables -t mangle -A SS-UDP -p udp -j TPROXY --tproxy-mark 0x2333/0x2333 --on-ip 127.0.0.1 --on-port 60080
- ip route add local 0/0 dev lo table 100
- ip rule add fwmark 0x2333/0x2333 table 100
- iptables -t nat -A OUTPUT -p tcp -j SS-TCP
- for intranet in '"${iptables_intranet[@]}"'
- [[ tproxy_chnroute == *tcp ]]
- iptables -t mangle -A PREROUTING -p udp -s 192.168.0.0/16 '!' -d 192.168.0.0/16 --dport 53 -j ACCEPT
- iptables -t nat -A PREROUTING -p udp -s 192.168.0.0/16 '!' -d 192.168.0.0/16 --dport 53 -j REDIRECT --to-ports 53
- iptables -t mangle -A PREROUTING -p udp -s 192.168.0.0/16 -j SS-UDP
- iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/16 -j SS-TCP
- iptables -t nat -A POSTROUTING -s 192.168.0.0/16 '!' -d 192.168.0.0/16 -j MASQUERADE
- start_kopts
++ awk '{print $3}'
++ sysctl net.ipv4.ip_forward - '[' 1 -ne 1 ']'
- [[ tproxy_chnroute == tun2socks* ]]
- dns_proxy
++ mktemp - resolv=/tmp/tmp.6Lp80sK9sd
- chmod 0644 /tmp/tmp.6Lp80sK9sd
- cat
++ date '+%F %T' - mount -rB /tmp/tmp.6Lp80sK9sd /etc/resolv.conf
mount: warning: /etc/resolv.conf seems to be mounted read-write. - rm -f /tmp/tmp.6Lp80sK9sd
- rm -f /tmp/tmp.AnQ8A2mVeB
- status
- case "$mode" in
- echo 'mode: tproxy_chnroute'
mode: tproxy_chnroute - '[' false '!=' true ']'
++ pgrep -c '^ss-redir$' - '[' 1 -ne 0 ']'
- echo -e 'ss-redir: \e[32m[running]\e[0m'
ss-redir: [running]
++ pgrep -c '^ss-tunnel$' - '[' 1 -ne 0 ']'
- echo -e 'ss-tunnel: \e[32m[running]\e[0m'
ss-tunnel: [running]
++ pgrep -c '^chinadns$' - '[' 1 -ne 0 ']'
- echo -e 'chinadns: \e[32m[running]\e[0m'
chinadns: [running]
++ pgrep -c '^dnsmasq$' - '[' 0 -ne 0 ']'
- echo -e 'dnsmasq: \e[35m[stopped]\e[0m'
dnsmasq: [stopped]
from ss-tproxy.
zfl9
commented on August 24, 2024
你有没按照 README.md 里面的配置步骤修改指定的 ss-tproxy.conf 信息?
from ss-tproxy.
RideWindOne
commented on August 24, 2024
修改了啊。 我用的是chnonly 模式
使用ssr代理国内网站。
from ss-tproxy.
zfl9
commented on August 24, 2024
chnonly 模式?可能是 bug?(话说我也没仔细测试)
不对啊,你的 dns_direct、dns_remote 都没变化(要互换的)
还有,chnonly 模式必须使用 gfwlist 模式啊,你用的 chnroute 模式什么鬼
from ss-tproxy.
RideWindOne
commented on August 24, 2024
好吧,感谢解答问题。
from ss-tproxy.
zfl9
commented on August 24, 2024
还有,如果可以,请把 /var/log/ 下的几个 log 发过来。谢谢!
from ss-tproxy.
RideWindOne
commented on August 24, 2024
不好意思,确实ss-tproxy.conf配置没有保存成功。
重新修改后这个提示。
dnsmasq: bad option at line 6 of /dev/fd/63
mount: warning: /etc/resolv.conf seems to be mounted read-write.
mode: tproxy_gfwlist_tcp
ssr-redir: [stopped]
dnsforwarder: [running]
dnsmasq: [stopped]
root@instance-2:~# bash -x /usr/local/bin/ss-tproxy start
- main_cfg=/etc/tproxy/ss-tproxy.conf
- '[' -f /etc/tproxy/ss-tproxy.conf ']'
- source /etc/tproxy/ss-tproxy.conf
++ mode=tproxy_gfwlist_tcp
++ socks5_listen=127.0.0.1:1080
++ socks5_remote=node.proxy.net
++ socks5_runcmd='nohup ss-local -c /etc/ss/ss-local.json </dev/null &>>/var/log/ss-local.log &'
++ tun2socks_tundev=tun0
++ tun2socks_address=10.0.0.1
++ tun2socks_gateway=10.0.0.254
++ tun2socks_netmask=255.255.255.0
++ tun2socks_log=/var/log/tun2socks.log
++ server_addr=ns.info
++ server_port=8389
++ server_method=***
++ server_passwd=****
++ server_use_ssr=true
++ server_protocol=auth_aes128_sha1
++ server_protocol_param=
++ server_obfs=http_simple
++ server_obfs_param=
++ redir_fast_open=true
++ redir_verbose=false
++ redir_log=/var/log/ss-redir.log
++ tunnel_verbose=false
++ tunnel_log=/var/log/ss-tunnel.log
++ dnsmasq_gfwlist=/etc/tproxy/gfwlist.txt
++ dnsmasq_gfwlist_ext=/etc/tproxy/gfwlist.ext
++ dnsmasq_cache_size=10240
++ dnsmasq_cache_time=3600
++ dnsmasq_log_on=false
++ dnsmasq_log_file=/var/log/dnsmasq.log
++ dnsfwd_log_on=false
++ dnsfwd_log_dir=/var/log
++ dnsfwd_cache_on=true
++ dnsfwd_cache_mem=true
++ dnsfwd_cache_size=1048576
++ dnsfwd_ignore_ttl=true
++ chinadns_chnroute=/etc/tproxy/chnroute.txt
++ chinadns_mutation=true
++ chinadns_verbose=false
++ chinadns_log=/var/log/chinadns.log
++ dns_direct=114.114.114.114
++ dns_remote=8.8.8.8:53
++ iptables_pbr_number=100
++ iptables_pbr_fwmark=0x2333/0x2333
++ iptables_ipset_file=/etc/tproxy/chnroute.set
++ iptables_intranet=(192.168.0.0/16) - case $1 in
- start
- check_depend
- case "$mode" in
- command -v ss-redir
- command -v haveged
- command -v dnsforwarder
- command -v dnsmasq
- command -v ipset
- command -v perl
- command -v curl
- command -v base64
- start_socks
- case "$mode" in
- '[' true = false ']'
- redir_params='-s'''*****''' -p'''8389''' -m'''aes-256-ctr''' -k'''f****''' -O'''auth_aes128_sha1''' -o'''http_simple''' -b0.0.0.0 -l60080'
- '[' -n '' ']'
- '[' -n '' ']'
- [[ tproxy_gfwlist_tcp != *tcp ]]
- '[' false = true ']'
- eval 'nohup ssr-redir -s'''k3c.ddns.info''' -p'''8389''' -m'''aes-256-ctr''' -k'''f82fladf82f''' -O'''auth_aes128_sha1''' -o'''http_simple''' -b0.0.0.0 -l60080 </dev/null &>>'''/var/log/ss-redir.log''' &'
- [[ tproxy_gfwlist_tcp != *tcp ]]
- start_dns
- case "$mode" in
- dnsforwarder -q -d -f /dev/fd/63
++ cat - dnsmasq -C /dev/fd/63
++ nohup ssr-redir -sk3c.ddns.info -p8389 -maes-256-ctr -kf82fladf82f -Oauth_aes128_sha1 -ohttp_simple -b0.0.0.0 -l60080
++ cat
+++ '[' false = true ']'
+++ perl -pe 's@^.*+$@server=/$&/127.0.0.1#60053\nipset=/$&/gfwlist@' /etc/tproxy/gfwlist.txt /dev/fd/63
++++ perl -ne 'print unless m@^\s|\s\n$|^#|^\d++.\d++.\d++.\d++(?:/\d++)?$@' /etc/tproxy/gfwlist.ext
dnsmasq: bad option at line 6 of /dev/fd/63
- start_rule
- for cidr in '"${iptables_intranet[@]}"'
++ net2bin 192.168.0.0/16
+++ awk -F/ '{print $1}'
++ net=192.168.0.0
+++ awk -F/ '{print $2}'
++ len=16
++ IFS=.
++ read -ra bytes
++ for byte in '"${bytes[@]}"'
+++ dec2bin 192
+++ (( n = 192 ))
+++ (( n > 0 ))
+++ bit=0
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=0000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=1000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=11000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ printf '%08d\n' 11000000
++ result+=11000000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 168
+++ (( n = 168 ))
+++ (( n > 0 ))
+++ bit=0
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=1000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=01000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=0101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=10101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ printf '%08d\n' 10101000
++ result+=10101000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 0
+++ (( n = 0 ))
+++ (( n > 0 ))
+++ printf '%08d\n' ''
++ result+=00000000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 0
+++ (( n = 0 ))
+++ (( n > 0 ))
+++ printf '%08d\n' ''
++ result+=00000000
++ echo 1100000010101000 - curnet=1100000010101000
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \0\0\0\0\1\0\1\0* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\0\1\0\1\1\0\0\0\0\0\1* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\0\1\0\1\0\0\1\1\1\1\1\1\1\1\0* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\1\0\0\0\0\0\0\1\0\1\0\1\0\0\0* ]]
- continue 2
- case "$mode" in
- iptables -t nat -F OUTPUT
- iptables -t nat -F PREROUTING
- iptables -t nat -F POSTROUTING
- iptables -t nat -F SS-TCP
- iptables -t nat -X SS-TCP
- iptables -t nat -N SS-TCP
- ipset -N gfwlist hash:net
- xargs -n1 ipset -A gfwlist
- perl -ne 'print if m@^\d++.\d++.\d++.\d++(?:/\d++)?$@' /etc/tproxy/gfwlist.ext
- [[ tproxy_gfwlist_tcp == *tcp ]]
- iptables -t nat -A SS-TCP -p tcp -d 8.8.8.8 -j REDIRECT --to-ports 60080
- iptables -t nat -A SS-TCP -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-ports 60080
- [[ tproxy_gfwlist_tcp != *tcp ]]
- iptables -t nat -A OUTPUT -p tcp -j SS-TCP
- for intranet in '"${iptables_intranet[@]}"'
- [[ tproxy_gfwlist_tcp == *tcp ]]
- iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/16 -j SS-TCP
- iptables -t nat -A PREROUTING -p udp -s 192.168.0.0/16 '!' -d 192.168.0.0/16 --dport 53 -j REDIRECT --to-ports 53
- iptables -t nat -A POSTROUTING -s 192.168.0.0/16 '!' -d 192.168.0.0/16 -j MASQUERADE
- start_kopts
++ awk '{print $3}'
++ sysctl net.ipv4.ip_forward - '[' 1 -ne 1 ']'
- [[ tproxy_gfwlist_tcp == tun2socks* ]]
- dns_proxy
++ mktemp - resolv=/tmp/tmp.jcWTEBMuQs
- chmod 0644 /tmp/tmp.jcWTEBMuQs
- cat
++ date '+%F %T' - mount -rB /tmp/tmp.jcWTEBMuQs /etc/resolv.conf
mount: warning: /etc/resolv.conf seems to be mounted read-write. - rm -f /tmp/tmp.jcWTEBMuQs
- rm -f
- status
- case "$mode" in
- echo 'mode: tproxy_gfwlist_tcp'
mode: tproxy_gfwlist_tcp - '[' true '!=' true ']'
++ pgrep -c '^ssr-redir$' - '[' 0 -ne 0 ']'
- echo -e 'ssr-redir: \e[35m[stopped]\e[0m'
ssr-redir: [stopped]
++ pgrep -c '^dnsforwarder$' - '[' 1 -ne 0 ']'
- echo -e 'dnsforwarder: \e[32m[running]\e[0m'
dnsforwarder: [running]
++ pgrep -c '^dnsmasq$' - '[' 0 -ne 0 ']'
- echo -e 'dnsmasq: \e[35m[stopped]\e[0m'
dnsmasq: [stopped]
from ss-tproxy.
zfl9
commented on August 24, 2024
你的 ssr-redir、dnsmasq 什么版本,ssr 是编译安装的吗?会不会是版本问题,按道理来说 ssr-redir 不会 stopped 的,你把 /var/log/ssr-redir.log 发来看下
from ss-tproxy.
RideWindOne
commented on August 24, 2024
ssr-redir 重启后又正常了。现在在运行了。
root@instance-2:~/ss-tproxy# ss-tproxy start
dnsmasq: bad option at line 6 of /dev/fd/63
mount: warning: /etc/resolv.conf seems to be mounted read-write.
mode: tproxy_gfwlist
ss-redir: [running]
ss-tunnel: [running]
dnsmasq: [stopped]
root@instance-2:/ss-tproxy# cat /var/log/ssr-redir.log/ss-tproxy# bash -x /usr/local/bin/ss-tproxy start
cat: /var/log/ssr-redir.log: No such file or directory
root@instance-2:
- main_cfg=/etc/tproxy/ss-tproxy.conf
- '[' -f /etc/tproxy/ss-tproxy.conf ']'
- source /etc/tproxy/ss-tproxy.conf
++ mode=tproxy_gfwlist
++ socks5_listen=127.0.0.1:1080
++ socks5_remote=node.proxy.net
++ socks5_runcmd='nohup ss-local -c /etc/ss/ss-local.json </dev/null &>>/var/log/ss-local.log &'
++ tun2socks_tundev=tun0
++ tun2socks_address=10.0.0.1
++ tun2socks_gateway=10.0.0.254
++ tun2socks_netmask=255.255.255.0
++ tun2socks_log=/var/log/tun2socks.log
++ server_addr=121.61.252.177
++ server_port=8389
++ server_method=aes-256-ctr
++ server_passwd=f82fladf82f
++ server_use_ssr=false
++ server_protocol=auth_aes128_sha1
++ server_protocol_param=
++ server_obfs=http_simple
++ server_obfs_param=
++ redir_fast_open=true
++ redir_verbose=false
++ redir_log=/var/log/ss-redir.log
++ tunnel_verbose=false
++ tunnel_log=/var/log/ss-tunnel.log
++ dnsmasq_gfwlist=/etc/tproxy/gfwlist.txt
++ dnsmasq_gfwlist_ext=/etc/tproxy/gfwlist.ext
++ dnsmasq_cache_size=10240
++ dnsmasq_cache_time=3600
++ dnsmasq_log_on=false
++ dnsmasq_log_file=/var/log/dnsmasq.log
++ dnsfwd_log_on=false
++ dnsfwd_log_dir=/var/log
++ dnsfwd_cache_on=true
++ dnsfwd_cache_mem=true
++ dnsfwd_cache_size=1048576
++ dnsfwd_ignore_ttl=true
++ chinadns_chnroute=/etc/tproxy/chnroute.txt
++ chinadns_mutation=true
++ chinadns_verbose=false
++ chinadns_log=/var/log/chinadns.log
++ dns_direct=8.8.8.8
++ dns_remote=114.114.114.114:53
++ iptables_pbr_number=100
++ iptables_pbr_fwmark=0x2333/0x2333
++ iptables_ipset_file=/etc/tproxy/chnroute.set
++ iptables_intranet=(192.168.0.0/16) - case $1 in
- start
- check_depend
- case "$mode" in
- command -v ss-redir
- command -v ss-tunnel
- command -v haveged
- modprobe xt_TPROXY
- command -v ip
- command -v dnsmasq
- command -v ipset
- command -v perl
- command -v curl
- command -v base64
- start_socks
- case "$mode" in
- '[' false = false ']'
- redir_params='-s'''121.61.252.177''' -p'''8389''' -m'''aes-256-ctr''' -k'''f82fladf82f''' -b0.0.0.0 -l60080 --no-delay --reuse-port'
- [[ tproxy_gfwlist != *tcp ]]
- redir_params+=' -u'
- '[' false = true ']'
- '[' true = true ']'
- redir_params+=' --fast-open'
- eval 'nohup ss-redir -s'''121.61.252.177''' -p'''8389''' -m'''aes-256-ctr''' -k'''f82fladf82f''' -b0.0.0.0 -l60080 --no-delay --reuse-port -u --fast-open </dev/null &>>'''/var/log/ss-redir.log''' &'
- [[ tproxy_gfwlist != *tcp ]]
- tunnel_params='-s'''121.61.252.177''' -p'''8389''' -m'''aes-256-ctr''' -k'''f82fladf82f''' -b0.0.0.0 -l60053 -L'''114.114.114.114:53''' -U --no-delay --reuse-port'
- '[' false = true ']'
- eval 'nohup ss-tunnel -s'''121.61.252.177''' -p'''8389''' -m'''aes-256-ctr''' -k'''f82fladf82f''' -b0.0.0.0 -l60053 -L'''114.114.114.114:53''' -U --no-delay --reuse-port </dev/null &>>'''/var/log/ss-tunnel.log''' &'
- start_dns
- case "$mode" in
- dnsmasq -C /dev/fd/63
++ cat
++ nohup ss-tunnel -s121.61.252.177 -p8389 -maes-256-ctr -kf82fladf82f -b0.0.0.0 -l60053 -L114.114.114.114:53 -U --no-delay --reuse-port
++ nohup ss-redir -s121.61.252.177 -p8389 -maes-256-ctr -kf82fladf82f -b0.0.0.0 -l60080 --no-delay --reuse-port -u --fast-open
+++ '[' false = true ']'
+++ perl -pe 's@^.*+$@server=/$&/127.0.0.1#60053\nipset=/$&/gfwlist@' /etc/tproxy/gfwlist.txt /dev/fd/63
++++ perl -ne 'print unless m@^\s|\s\n$|^#|^\d++.\d++.\d++.\d++(?:/\d++)?$@' /etc/tproxy/gfwlist.ext
dnsmasq: bad option at line 6 of /dev/fd/63
- start_rule
- for cidr in '"${iptables_intranet[@]}"'
++ net2bin 192.168.0.0/16
+++ awk -F/ '{print $1}'
++ net=192.168.0.0
+++ awk -F/ '{print $2}'
++ len=16
++ IFS=.
++ read -ra bytes
++ for byte in '"${bytes[@]}"'
+++ dec2bin 192
+++ (( n = 192 ))
+++ (( n > 0 ))
+++ bit=0
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=0000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=1000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=11000000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ printf '%08d\n' 11000000
++ result+=11000000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 168
+++ (( n = 168 ))
+++ (( n > 0 ))
+++ bit=0
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=00
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=1000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=01000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=0101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ bit=10101000
+++ (( n >>= 1 ))
+++ (( n > 0 ))
+++ printf '%08d\n' 10101000
++ result+=10101000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 0
+++ (( n = 0 ))
+++ (( n > 0 ))
+++ printf '%08d\n' ''
++ result+=00000000
++ for byte in '"${bytes[@]}"'
+++ dec2bin 0
+++ (( n = 0 ))
+++ (( n > 0 ))
+++ printf '%08d\n' ''
++ result+=00000000
++ echo 1100000010101000 - curnet=1100000010101000
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \0\0\0\0\1\0\1\0* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\0\1\0\1\1\0\0\0\0\0\1* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\0\1\0\1\0\0\1\1\1\1\1\1\1\1\0* ]]
- for stdnet in 00001010 101011000001 1010100111111110 1100000010101000
- [[ 1100000010101000 == \1\1\0\0\0\0\0\0\1\0\1\0\1\0\0\0* ]]
- continue 2
- case "$mode" in
- iptables -t nat -F OUTPUT
- iptables -t nat -F PREROUTING
- iptables -t nat -F POSTROUTING
- iptables -t nat -F SS-TCP
- iptables -t nat -X SS-TCP
- iptables -t nat -N SS-TCP
- ipset -N gfwlist hash:net
- xargs -n1 ipset -A gfwlist
- perl -ne 'print if m@^\d++.\d++.\d++.\d++(?:/\d++)?$@' /etc/tproxy/gfwlist.ext
- [[ tproxy_gfwlist == *tcp ]]
- iptables -t nat -A SS-TCP -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-ports 60080
- [[ tproxy_gfwlist != *tcp ]]
- iptables -t mangle -F PREROUTING
- iptables -t mangle -F SS-UDP
- iptables -t mangle -X SS-UDP
- iptables -t mangle -N SS-UDP
- iptables -t mangle -A SS-UDP -p udp -m set --match-set gfwlist dst -j TPROXY --tproxy-mark 0x2333/0x2333 --on-ip 127.0.0.1 --on-port 60080
- ip route add local 0/0 dev lo table 100
RTNETLINK answers: File exists - ip rule add fwmark 0x2333/0x2333 table 100
- iptables -t nat -A OUTPUT -p tcp -j SS-TCP
- for intranet in '"${iptables_intranet[@]}"'
- [[ tproxy_gfwlist == *tcp ]]
- iptables -t mangle -A PREROUTING -p udp -s 192.168.0.0/16 '!' -d 192.168.0.0/16 --dport 53 -j ACCEPT
- iptables -t nat -A PREROUTING -p udp -s 192.168.0.0/16 '!' -d 192.168.0.0/16 --dport 53 -j REDIRECT --to-ports 53
- iptables -t mangle -A PREROUTING -p udp -s 192.168.0.0/16 -j SS-UDP
- iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/16 -j SS-TCP
- iptables -t nat -A POSTROUTING -s 192.168.0.0/16 '!' -d 192.168.0.0/16 -j MASQUERADE
- start_kopts
++ awk '{print $3}'
++ sysctl net.ipv4.ip_forward - '[' 1 -ne 1 ']'
- [[ tproxy_gfwlist == tun2socks* ]]
- dns_proxy
++ mktemp - resolv=/tmp/tmp.GVK6lYuUxW
- chmod 0644 /tmp/tmp.GVK6lYuUxW
- cat
++ date '+%F %T' - mount -rB /tmp/tmp.GVK6lYuUxW /etc/resolv.conf
mount: warning: /etc/resolv.conf seems to be mounted read-write. - rm -f /tmp/tmp.GVK6lYuUxW
- rm -f
- status
- case "$mode" in
- echo 'mode: tproxy_gfwlist'
mode: tproxy_gfwlist - '[' false '!=' true ']'
++ pgrep -c '^ss-redir$' - '[' 2 -ne 0 ']'
- echo -e 'ss-redir: \e[32m[running]\e[0m'
ss-redir: [running]
++ pgrep -c '^ss-tunnel$' - '[' 2 -ne 0 ']'
- echo -e 'ss-tunnel: \e[32m[running]\e[0m'
ss-tunnel: [running]
++ pgrep -c '^dnsmasq$' - '[' 0 -ne 0 ']'
- echo -e 'dnsmasq: \e[35m[stopped]\e[0m'
dnsmasq: [stopped]
from ss-tproxy.
zfl9
commented on August 24, 2024
dnsmasq 版本不对,或者是某个程序版本不对,你等会,我发修改后的 ss-tproxy 给你,你使用 tproxy_gfwlist(chnonly) 模式测试。然后将 /var/log/dnsmasq.conf.dump 内容发给我。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
好的,谢谢。
from ss-tproxy.
zfl9
commented on August 24, 2024
https://gist.github.com/zfl9/b27b622a3bce87c07b0a2bd3d5716790
先 ss-tproxy stop,然后从这里获取修改的 ss-tproxy,替换的,然后 start。发送 /var/log/dnsmasq.conf.dump 给我。
因为你的 dnsmasq 总是提示
dnsmasq: bad option at line 6 of /dev/fd/63
所以我想检查一下文件内容,看是脚本生成错误还是 dnsmasq 认不到这个参数。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
root@instance-2:/usr/local/bin# cat /var/log/dnsmasq.conf.dump
log-queries
log-async = 20
log-facility = /var/log/dnsmasq.log
domain-needed
cache-size = 10240
min-cache-ttl = 3600
no-negcache
no-resolv
port = 53
server = 8.8.8.8
server=/0-6.com/127.0.0.1#60053
ipset=/0-6.com/gfwlist
server=/0-gold.net/127.0.0.1#60053
ipset=/0-gold.net/gfwlist
server=/00.net/127.0.0.1#60053
ipset=/00.net/gfwlist
server=/0001688.com/127.0.0.1#60053
ipset=/0001688.com/gfwlist
server=/000219.com/127.0.0.1#60053
ipset=/000219.com/gfwlist
server=/0007.net/127.0.0.1#60053
ipset=/0007.net/gfwlist
server=/000dn.com/127.0.0.1#60053
ipset=/000dn.com/gfwlist
server=/000e.com/127.0.0.1#60053
ipset=/000e.com/gfwlist
server=/000w.net/127.0.0.1#60053
ipset=/000w.net/gfwlist
server=/001-us.com/127.0.0.1#60053
ipset=/001-us.com/gfwlist
server=/001.tn/127.0.0.1#60053
ipset=/001.tn/gfwlist
server=/00137.net/127.0.0.1#60053
ipset=/00137.net/gfwlist
server=/001bank.com/127.0.0.1#60053
ipset=/001bank.com/gfwlist
server=/001ce.com/127.0.0.1#60053
ipset=/001ce.com/gfwlist
server=/001cndc.com/127.0.0.1#60053
ipset=/001cndc.com/gfwlist
server=/001dianying.com/127.0.0.1#60053
ipset=/001dianying.com/gfwlist
server=/001en.com/127.0.0.1#60053
ipset=/001en.com/gfwlist
server=/001fzc.com/127.0.0.1#60053
ipset=/001fzc.com/gfwlist
server=/001jm.com/127.0.0.1#60053
ipset=/001jm.com/gfwlist
server=/001job.com/127.0.0.1#60053
ipset=/001job.com/gfwlist
server=/001pp.com/127.0.0.1#60053
ipset=/001pp.com/gfwlist
server=/001sxy.com/127.0.0.1#60053
ipset=/001sxy.com/gfwlist
server=/001town.com/127.0.0.1#60053
ipset=/001town.com/gfwlist
server=/001xin.com/127.0.0.1#60053
ipset=/001xin.com/gfwlist
server=/0027.net/127.0.0.1#60053
ipset=/0027.net/gfwlist
server=/0033.com/127.0.0.1#60053
ipset=/0033.com/gfwlist
server=/003593.com/127.0.0.1#60053
ipset=/003593.com/gfwlist
server=/0037wan.com/127.0.0.1#60053
ipset=/0037wan.com/gfwlist
server=/00394.net/127.0.0.1#60053
ipset=/00394.net/gfwlist
server=/003store.com/127.0.0.1#60053
ipset=/003store.com/gfwlist
server=/005.tv/127.0.0.1#60053
ipset=/005.tv/gfwlist
server=/00544.com/127.0.0.1#60053
ipset=/00544.com/gfwlist
server=/00615.net/127.0.0.1#60053
ipset=/00615.net/gfwlist
server=/00636.net/127.0.0.1#60053
ipset=/00636.net/gfwlist
server=/006ky.com/127.0.0.1#60053
ipset=/006ky.com/gfwlist
server=/007.mx/127.0.0.1#60053
ipset=/007.mx/gfwlist
server=/007gp.com/127.0.0.1#60053
ipset=/007gp.com/gfwlist
server=/007gxzt.com/127.0.0.1#60053
ipset=/007gxzt.com/gfwlist
server=/007shoes.com/127.0.0.1#60053
ipset=/007shoes.com/gfwlist
server=/007swz.com/127.0.0.1#60053
ipset=/007swz.com/gfwlist
server=/007wr.com/127.0.0.1#60053
ipset=/007wr.com/gfwlist
server=/007yx.com/127.0.0.1#60053
ipset=/007yx.com/gfwlist
server=/008008.net/127.0.0.1#60053
ipset=/008008.net/gfwlist
server=/00817.com/127.0.0.1#60053
ipset=/00817.com/gfwlist
server=/0082tv.com/127.0.0.1#60053
ipset=/0082tv.com/gfwlist
server=/0082tv.net/127.0.0.1#60053
ipset=/0082tv.net/gfwlist
server=/008321.com/127.0.0.1#60053
ipset=/008321.com/gfwlist
server=/00853.la/127.0.0.1#60053
ipset=/00853.la/gfwlist
server=/0086gd.com/127.0.0.1#60053
ipset=/0086gd.com/gfwlist
server=/0086l.com/127.0.0.1#60053
ipset=/0086l.com/gfwlist
server=/008yx.com/127.0.0.1#60053
ipset=/008yx.com/gfwlist
server=/0099524.com/127.0.0.1#60053
ipset=/0099524.com/gfwlist
server=/009y.com/127.0.0.1#60053
ipset=/009y.com/gfwlist
server=/00base.com/127.0.0.1#60053
ipset=/00base.com/gfwlist
server=/00cdn.com/127.0.0.1#60053
ipset=/00cdn.com/gfwlist
server=/00h5.com/127.0.0.1#60053
ipset=/00h5.com/gfwlist
server=/00it.net/127.0.0.1#60053
ipset=/00it.net/gfwlist
server=/00l.me/127.0.0.1#60053
ipset=/00l.me/gfwlist
server=/00oo00.com/127.0.0.1#60053
ipset=/00oo00.com/gfwlist
server=/00pic.com/127.0.0.1#60053
ipset=/00pic.com/gfwlist
server=/00red.com/127.0.0.1#60053
ipset=/00red.com/gfwlist
server=/00tera.com/127.0.0.1#60053
ipset=/00tera.com/gfwlist
server=/00v10.com/127.0.0.1#60053
ipset=/00v10.com/gfwlist
server=/01-123.com/127.0.0.1#60053
ipset=/01-123.com/gfwlist
server=/0101122.com/127.0.0.1#60053
ipset=/0101122.com/gfwlist
server=/010116.com/127.0.0.1#60053
ipset=/010116.com/gfwlist
server=/0101shop.com/127.0.0.1#60053
ipset=/0101shop.com/gfwlist
server=/010530.com/127.0.0.1#60053
ipset=/010530.com/gfwlist
server=/010bjzs.com/127.0.0.1#60053
ipset=/010bjzs.com/gfwlist
server=/010dsmzyy.com/127.0.0.1#60053
ipset=/010dsmzyy.com/gfwlist
server=/010fk.com/127.0.0.1#60053
ipset=/010fk.com/gfwlist
server=/010hx.com/127.0.0.1#60053
ipset=/010hx.com/gfwlist
server=/010lf.com/127.0.0.1#60053
ipset=/010lf.com/gfwlist
server=/010lm.com/127.0.0.1#60053
ipset=/010lm.com/gfwlist
server=/010qxw.com/127.0.0.1#60053
ipset=/010qxw.com/gfwlist
server=/010teacher.com/127.0.0.1#60053
ipset=/010teacher.com/gfwlist
server=/012333.com/127.0.0.1#60053
ipset=/012333.com/gfwlist
server=/0123366.com/127.0.0.1#60053
ipset=/0123366.com/gfwlist
server=/0123401234.com/127.0.0.1#60053
ipset=/0123401234.com/gfwlist
server=/012logo.com/127.0.0.1#60053
ipset=/012logo.com/gfwlist
server=/0133hao.net/127.0.0.1#60053
ipset=/0133hao.net/gfwlist
server=/013hg.com/127.0.0.1#60053
ipset=/013hg.com/gfwlist
server=/014.cc/127.0.0.1#60053
ipset=/014.cc/gfwlist
server=/014bjldc.com/127.0.0.1#60053
ipset=/014bjldc.com/gfwlist
server=/016272.com/127.0.0.1#60053
ipset=/016272.com/gfwlist
server=/0168.cc/127.0.0.1#60053
ipset=/0168.cc/gfwlist
server=/0173.com/127.0.0.1#60053
ipset=/0173.com/gfwlist
server=/01bz.wang/127.0.0.1#60053
ipset=/01bz.wang/gfwlist
server=/01caijing.com/127.0.0.1#60053
ipset=/01caijing.com/gfwlist
server=/01dai.com/127.0.0.1#60053
ipset=/01dai.com/gfwlist
server=/01dianzi.com/127.0.0.1#60053
ipset=/01dianzi.com/gfwlist
server=/01faxing.com/127.0.0.1#60053
ipset=/01faxing.com/gfwlist
server=/01fe.com/127.0.0.1#60053
ipset=/01fe.com/gfwlist
server=/01happy.com/127.0.0.1#60053
ipset=/01happy.com/gfwlist
server=/01hn.com/127.0.0.1#60053
ipset=/01hn.com/gfwlist
server=/01home.com/127.0.0.1#60053
ipset=/01home.com/gfwlist
server=/01hr.com/127.0.0.1#60053
ipset=/01hr.com/gfwlist
server=/01hrheibei.com/127.0.0.1#60053
ipset=/01hrheibei.com/gfwlist
server=/01isp.com/127.0.0.1#60053
ipset=/01isp.com/gfwlist
server=/01isp.net/127.0.0.1#60053
ipset=/01isp.net/gfwlist
server=/01ke.com/127.0.0.1#60053
ipset=/01ke.com/gfwlist
server=/01p.com/127.0.0.1#60053
ipset=/01p.com/gfwlist
server=/01p2p.net/127.0.0.1#60053
ipset=/01p2p.net/gfwlist
server=/01w.com/127.0.0.1#60053
ipset=/01w.com/gfwlist
server=/01wb.com/127.0.0.1#60053
ipset=/01wb.com/gfwlist
server=/01wed.com/127.0.0.1#60053
ipset=/01wed.com/gfwlist
server=/01yo.com/127.0.0.1#60053
ipset=/01yo.com/gfwlist
server=/01yun.com/127.0.0.1#60053
ipset=/01yun.com/gfwlist
server=/01zhuanche.com/127.0.0.1#60053
ipset=/01zhuanche.com/gfwlist
server=/020.com/127.0.0.1#60053
ipset=/020.com/gfwlist
server=/020.net/127.0.0.1#60053
ipset=/020.net/gfwlist
server=/020banjia.net/127.0.0.1#60053
ipset=/020banjia.net/gfwlist
server=/020fk.net/127.0.0.1#60053
ipset=/020fk.net/gfwlist
server=/020h.com/127.0.0.1#60053
ipset=/020h.com/gfwlist
server=/020icp.com/127.0.0.1#60053
ipset=/020icp.com/gfwlist
server=/020job.com/127.0.0.1#60053
ipset=/020job.com/gfwlist
server=/020vv.com/127.0.0.1#60053
ipset=/020vv.com/gfwlist
server=/020yhy.com/127.0.0.1#60053
ipset=/020yhy.com/gfwlist
server=/020zp.net/127.0.0.1#60053
ipset=/020zp.net/gfwlist
server=/021-cz.com/127.0.0.1#60053
ipset=/021-cz.com/gfwlist
server=/021.net/127.0.0.1#60053
ipset=/021.net/gfwlist
server=/0214.com/127.0.0.1#60053
ipset=/0214.com/gfwlist
server=/02156506666.net/127.0.0.1#60053
ipset=/02156506666.net/gfwlist
server=/021bense.com/127.0.0.1#60053
ipset=/021bense.com/gfwlist
server=/021bike.net/127.0.0.1#60053
ipset=/021bike.net/gfwlist
server=/021bolang.com/127.0.0.1#60053
ipset=/021bolang.com/gfwlist
server=/021danei.com/127.0.0.1#60053
ipset=/021danei.com/gfwlist
server=/021df.com/127.0.0.1#60053
ipset=/021df.com/gfwlist
server=/021dianyuan.com/127.0.0.1#60053
ipset=/021dianyuan.com/gfwlist
server=/021dzjx.com/127.0.0.1#60053
ipset=/021dzjx.com/gfwlist
server=/021fitment.com/127.0.0.1#60053
ipset=/021fitment.com/gfwlist
server=/021fp.com/127.0.0.1#60053
ipset=/021fp.com/gfwlist
server=/021fx.com/127.0.0.1#60053
from ss-tproxy.
zfl9
commented on August 24, 2024
那应该是 min-ttl 参数的问题了,你的 dnsmasq 啥版本?dnsmasq --version
from ss-tproxy.
zfl9
commented on August 24, 2024
这是我自己的 dnsmasq 输出,你看下第二条命令,能不能输出 min-cache-ttl 行,如果没有那就是这个问题了。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
Dnsmasq version 2.68 Copyright (c) 2000-2013 Simon Kelley
from ss-tproxy.
zfl9
commented on August 24, 2024
你先使用这个版本试下,如果 dnsmasq running 了,说明是此问题。明天我会进行处理的。
https://gist.github.com/zfl9/544d6c32e3cb18e802f5cc21475e0b36
不好意思,刚才拷贝的时候出了点问题,现在好了。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
root@instance-2:# dnsmasq --help | grep min-cache-ttl#
root@instance-2:
from ss-tproxy.
RideWindOne
commented on August 24, 2024
root@instance-2:/usr/local/bin# ss-tproxy-fix start
/usr/local/bin/ss-tproxy-fix: line 20: syntax error near unexpected token ;;' /usr/local/bin/ss-tproxy-fix: line 20: ;;'
from ss-tproxy.
zfl9
commented on August 24, 2024
https://gist.github.com/zfl9/544d6c32e3cb18e802f5cc21475e0b36
不好意思,刚才拷贝的时候出了点问题,现在好了。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
root@instance-2:~# ss-tproxy-fix start
mount: warning: /etc/resolv.conf seems to be mounted read-write.
mode: tproxy_gfwlist
ss-redir: [running]
ss-tunnel: [running]
dnsmasq: [running]
from ss-tproxy.
zfl9
commented on August 24, 2024
是否运行正常?
from ss-tproxy.
RideWindOne
commented on August 24, 2024
是的,正常运行。国外网站可以正常访问。国内网站无法访问。
2018-08-30 20:45:28 INFO: enable TCP no-delay
2018-08-30 20:45:28 INFO: using tcp fast open
2018-08-30 20:45:28 INFO: enable TCP no-delay
2018-08-30 20:45:28 INFO: initializing ciphers... aes-256-ctr
2018-08-30 20:45:28 INFO: listening at 0.0.0.0:60080
2018-08-30 20:45:28 INFO: tcp port reuse enabled
2018-08-30 20:45:28 INFO: UDP relay enabled
2018-08-30 20:45:28 INFO: udp port reuse enabled
2018-08-30 20:45:28 INFO: running from root user
from ss-tproxy.
zfl9
commented on August 24, 2024
dig @127.0.0.1 -p60053 ip.cn
有没有反应?是 timeout 吗?
from ss-tproxy.
RideWindOne
commented on August 24, 2024
root@instance-2:~# dig @127.0.0.1 -p60053 ip.cn
; <<>> DiG 9.9.5-3ubuntu0.17-Ubuntu <<>> @127.0.0.1 -p60053 ip.cn
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
from ss-tproxy.
zfl9
commented on August 24, 2024
修改一下 /etc/tproxy/ss-tproxy.conf 里面的 ss-tunnel 的 verbose,然后 restart。再 dig @127.0.0.1 -p60053 ip.cn,看下 /var/log/ss-tunnel.log 内容。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
2018-08-30 20:56:25 INFO: enable TCP no-delay
2018-08-30 20:56:25 INFO: initializing ciphers... aes-256-ctr
2018-08-30 20:56:25 INFO: listening at 0.0.0.0:60053
2018-08-30 20:56:25 INFO: UDP relay enabled
2018-08-30 20:56:25 INFO: udp port reuse enabled
2018-08-30 20:56:25 INFO: TCP relay disabled
2018-08-30 20:56:25 INFO: running from root user
2018-08-30 20:56:26 INFO: [udp] server receive a packet
2018-08-30 20:56:26 INFO: [udp] cache miss: 114.114.114.114:53 <-> 127.0.0.1:26854
2018-08-30 20:56:26 INFO: [udp] server receive a packet
2018-08-30 20:56:26 INFO: [udp] cache miss: 114.114.114.114:53 <-> 127.0.0.1:3590
2018-08-30 20:56:31 INFO: [udp] server receive a packet
2018-08-30 20:56:31 INFO: [udp] cache miss: 114.114.114.114:53 <-> 127.0.0.1:16753
2018-08-30 20:56:31 INFO: [udp] server receive a packet
2018-08-30 20:56:31 INFO: [udp] cache miss: 114.114.114.114:53 <-> 127.0.0.1:18328
from ss-tproxy.
zfl9
commented on August 24, 2024
udp relay 也没问题啊。你现在是 www.baidu.com 都访问不了吗?
from ss-tproxy.
RideWindOne
commented on August 24, 2024
是啊,刚好用www.baidu.com测试的。无法访问。
from ss-tproxy.
zfl9
commented on August 24, 2024
奇怪,改为 119.29.29.29:53 试试?
from ss-tproxy.
zfl9
commented on August 24, 2024
或者试试 tproxy_gfwlist_tcp 。。看看是不是 udp relay 的问题(丢包也有可能,当然不确定。)
from ss-tproxy.
RideWindOne
commented on August 24, 2024
尝试用tproxy_gfwlist_tcp还是无法访问国内网站,改DNS也不行。
from ss-tproxy.
zfl9
commented on August 24, 2024
那估计是哪里出错了。明天讨论吧。我想休息了。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
好的,感谢,打扰了。
from ss-tproxy.
zfl9
commented on August 24, 2024
你试试 ss-local 运行 ssr socks5代理,然后使用 curl -xsocks5h://127.0.0.1:ss-local监听端口 www.baidu.com,看看能不能出内容
from ss-tproxy.
RideWindOne
commented on August 24, 2024
服务器是ssr,忘记把server_use_ssr='true' 改成true改完后
mode: tproxy_gfwlist_tcp
ssr-redir: [stopped]
dnsforwarder: [running]
dnsmasq: [running]
查看日志。
nohup: failed to run command ‘ssr-redir’: No such file or directory
nohup: failed to run command ‘ssr-redir’: No such file or directory
nohup: failed to run command ‘ssr-redir’: No such file or directory
nohup: failed to run command ‘ssr-redir’: No such file or directory
nohup: failed to run command ‘ssr-redir’: No such file or directory
from ss-tproxy.
zfl9
commented on August 24, 2024
ssr 没装好。请参考 https://www.zfl9.com/ss-redir.html 里面的 ssr-libev 安装方法,默认 ssr-libev 编译出来不是 ssr-redir 等命名的。
from ss-tproxy.
RideWindOne
commented on August 24, 2024
好的。我试试。
from ss-tproxy.
Related Issues (20)
- 关于ipts_proxy_dst_port的疑问 HOT 41
- 只有http代理应该如何使用 HOT 4
- 在树莓派5上运行.,不起作用 (tproxy模式但ss-redir缺少"tcp_tproxy": true) HOT 16
- Question.请问如何配置DNS HOT 4
- iptables相关内核模块缺失
- 是否有并发线程限制? HOT 12
- 端口检测时机的小疑问 HOT 3
- 教程修改建议,关于naive,. HOT 4
- 新版的能在ss-tproxy.conf里添加个设置参数来过滤IPV6吗? HOT 3
- 有关远程局域网 HOT 11
- Will this tool support trans-proxy a network behind a openvpn? HOT 9
- 按照clash的配置在docker上部署,似乎是没有生效,可以帮忙看下吗 HOT 18
- 4.8版本的ss-libev无法启动 HOT 2
- 怎么排查dns路由错误? HOT 29
- Question:如何只重启代理? HOT 7
- 有兴趣做singbox吗? HOT 1
- ignlist.ext设置无效的问题 HOT 2
- 如何设置指定域名的DNS转发规则? HOT 3
- wiki page about china-dns install was out-of-date HOT 2
- 麻烦分享一下文件 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ss-tproxy.