Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.

Project X

Project X originates from XTLS protocol, provides a set of network tools such as Xray-core and Xray-flutter.

License

Mozilla Public License Version 2.0

Installation

Usage

Xray-examples / VLESS-TCP-XTLS-WHATEVER

GUI Clients

Credits

This repo relies on the following third-party projects:

Compilation

Windows

go build -o xray.exe -trimpath -ldflags "-s -w -buildid=" ./main

Linux / macOS

go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main

Telegram

Project X

Project X Channel

Stargazers over time

Stargazers over time

Owner
Project X Community
Cryptography and Internet. XTLS are brilliant ideas for TLS we study, while Xray is the best practice we maintain.
Project X Community
Comments
  • 用xray的shadowsocks协议玩彩虹六号会出现打一把就掉线的情况

    用xray的shadowsocks协议玩彩虹六号会出现打一把就掉线的情况

    首先非常感谢大佬付出,但是我用xray的shadowsocks协议玩彩虹六号时,会出现:玩一把对局结束后就掉线然后再重连,就这样循环。。。。 这是我服务端的配置文件: { "log": { "loglevel": "warning", "access": "/overgfw/xray/log/access.log", "error": "/overgfw/xray/log/error.log" },

    "inbounds": [ { "port": number, "protocol": "shadowsocks", "settings": { "method": "chacha20-ietf-poly1305", "password": "password", "network": "tcp,udp" } } ],

    "outbounds": [ { "protocol": "freedom", "settings": { "domainStrategy": "AsIs" } } ] } 客户端用的是netch, 这是怎么回事呢? 之前用的是原版shadowsocks和shadowsocksR倒没问题

  • Add XTLS RPRX's Vision

    Add XTLS RPRX's Vision

    新流控实验选项:xtls-rprx-vision

    • 解决已知漏洞
    • 针对 tls1.3 开启 xtls (直接拷贝) 模式
    • 增加 tls 握手长度混淆
    • 简化代码

    注意:"streamSettings" "security" 必须使用 “tls” "tlsSettings" 不能使用 “xtls” “xtlsSettings”

  • openwrt主路由iptables透明代理时,路由器自身不能解析域名

    openwrt主路由iptables透明代理时,路由器自身不能解析域名

    使用场景: openwrt主路由iptables透明代理

    版本: 服务端,客户端都是1.2.2

    现象: 局域网内各客户端正常 主路由自身不能解析国内、境外所有域名(dig返回status: REFUSED

    dig baidu.com
    
    ; <<>> DiG 9.16.8 <<>> baidu.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 40939
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;baidu.com.			IN	A
    
    ;; Query time: 20 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Tue Jan 19 01:58:38 CST 2021
    ;; MSG SIZE  rcvd: 38
    

    xray客户端配置(小幅修改自 https://xtls.github.io/documents/level-2/tproxy/ ):

    {
    	"log": {
    		"loglevel": "error",
    		"error": "/var/log/xray_error.log"
    	},
    	
    	"inbounds": [
    		{
    			"tag": "all-in",
    			"port": 12345,
    			"protocol": "dokodemo-door",
    			"settings": {
    				"network": "tcp,udp",
    				"followRedirect": true
    			},
    			"sniffing": {
    				"enabled": true,
    				"destOverride": ["http", "tls"]
    			},
    			"streamSettings": {
    				"sockopt": {
    					"tproxy": "tproxy"
    				}
    			}
    		}
    	],
    	
    	"outbounds": [
    		{
    			"tag": "direct",
    			"protocol": "freedom",
    			"settings": {
    				"domainStrategy": "UseIPv4"
    			},
    			"streamSettings": {
    				"sockopt": {
    					"mark": 2
    				}
    			}
    		},
    		{
    			"tag": "proxy",
    			"protocol": "vless",
    			"settings": {
    				"vnext": [{
    					"address": "服务器域名",
    					"port": 443,
    					"users": [{
    						"id": "uuid",
    						"flow": "xtls-rprx-splice",
    						"encryption": "none"
    					}]
    				}]
    			},
    			"streamSettings": {
    				"network": "tcp",
    				"security": "xtls",
    				"sockopt": {
    					"mark": 2
    				}
    			}
    		},
    		{
    			"tag": "block",
    			"protocol": "blackhole",
    			"settings": {
    				"response": {
    					"type": "http"
    				}
    			}
    		},
    		{
    			"tag": "dns-out",
    			"protocol": "dns",
    			"settings": {
    				"address": "1.1.1.1"
    			},
    			"proxySettings": {
    				"tag": "proxy"
    			},
    			"streamSettings": {
    				"sockopt": {
    					"mark": 2
    				}
    			}
    		}
    	],
    	
    	"dns": {
    		"hosts": {
    			"服务器域名": "服务器IP",
    		},
    		"servers": [
    			{
    				"address": "223.5.5.5",
    				"port": 53,
    				"domains": ["geosite:cn"],
    				"expectIPs": ["geoip:cn"]
    			},
    			{
    				"address": "1.1.1.1",
    				"port": 53,
    				"domains": ["geosite:geolocation-!cn"]
    			},
    			"8.8.8.8"
    		]
    	},
    	
    	"routing": {
    		"domainStrategy": "IPIfNonMatch",
    		"rules": [
    			{
    				"type": "field",
    				"inboundTag": ["all-in"],
    				"port": 53,
    				"outboundTag": "dns-out"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"223.5.5.5"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"8.8.8.8",
    					"1.1.1.1"
    				],
    				"outboundTag": "proxy"
    			},
    			{
    				"type": "field",
    				"domain": [
    					"geosite:category-ads-all"
    				],
    				"outboundTag": "block"
    			},
    			{
    				"type": "field",
    				"domain": [
    					"geosite:cn"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"geoip:cn",
    					"geoip:private"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"domain": [
    					"geosite:geolocation-!cn"
    				],
    				"outboundTag": "proxy"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"geoip:jp",
    					"geoip:us",
    					"geoip:sg",
    					"geoip:hk",
    					"geoip:tw",
    					"109.239.140.0/24",
    					"14.102.250.18",
    					"14.102.250.19",
    					"149.154.164.0/22",
    					"149.154.168.0/22",
    					"149.154.172.0/22",
    					"174.142.105.153",
    					"50.7.31.230",
    					"67.220.91.15",
    					"67.220.91.18",
    					"67.220.91.23",
    					"69.65.19.160",
    					"72.52.81.22",
    					"85.17.73.31",
    					"91.108.4.0/22",
    					"91.108.56.0/22",
    					"91.108.56.0/23",
    					"108.177.120.94",
    					"108.177.120.0/24",
    					"172.217.0.0/16",
    					"74.125.0.0/16",
    					"23.246.0.0/18",
    					"37.77.184.0/21",
    					"45.57.0.0/17",
    					"64.120.128.0/17",
    					"66.197.128.0/17",
    					"108.175.32.0/20",
    					"192.173.64.0/18",
    					"198.38.96.0/19",
    					"198.45.48.0/20",
    					"173.245.48.0/20",
    					"103.21.244.0/22",
    					"103.22.200.0/22",
    					"103.31.4.0/22",
    					"141.101.64.0/18",
    					"108.162.192.0/18",
    					"190.93.240.0/20",
    					"188.114.96.0/20",
    					"197.234.240.0/22",
    					"198.41.128.0/17",
    					"162.158.0.0/15",
    					"104.16.0.0/12",
    					"172.64.0.0/13",
    					"131.0.72.0/22",
    					"144.220.0.0/16",
    					"52.124.128.0/17",
    					"54.230.0.0/16",
    					"54.239.128.0/18",
    					"52.82.128.0/19",
    					"99.84.0.0/16",
    					"204.246.172.0/24",
    					"54.239.192.0/19",
    					"70.132.0.0/18",
    					"13.32.0.0/15",
    					"205.251.208.0/20",
    					"13.224.0.0/14",
    					"13.35.0.0/16",
    					"204.246.164.0/22",
    					"204.246.168.0/22",
    					"71.152.0.0/17",
    					"216.137.32.0/19",
    					"205.251.249.0/24",
    					"99.86.0.0/16",
    					"52.46.0.0/18",
    					"52.84.0.0/15",
    					"204.246.173.0/24",
    					"130.176.0.0/16",
    					"205.251.200.0/21",
    					"204.246.174.0/23",
    					"64.252.128.0/18",
    					"205.251.254.0/24",
    					"143.204.0.0/16",
    					"205.251.252.0/23",
    					"204.246.176.0/20",
    					"13.249.0.0/16",
    					"54.240.128.0/18",
    					"205.251.250.0/23",
    					"52.222.128.0/17",
    					"54.182.0.0/16",
    					"54.192.0.0/16",
    					"103.2.30.0/23",
    					"125.209.208.0/20",
    					"147.92.128.0/17",
    					"203.104.144.0/21",
    					"91.108.8.0/22",
    					"91.108.12.0/22",
    					"91.108.16.0/22",
    					"149.154.160.0/20",
    					"3.123.36.126/32",
    					"35.157.215.84/32",
    					"35.157.217.255/32",
    					"52.58.209.134/32",
    					"54.93.124.31/32",
    					"54.162.243.80/32",
    					"54.173.34.141/32",
    					"54.235.23.242/32",
    					"169.45.248.118/32"
    				],
    				"outboundTag": "proxy"
    			}
    		]
    	}
    }
    

    iptables规则(小幅修改自 https://xtls.github.io/documents/level-2/tproxy/ ):

    ip rule add fwmark 1 table 100
    ip route add local 0.0.0.0/0 dev lo table 100
    
    iptables -t mangle -N XRAY
    iptables -t mangle -A XRAY ! -s 192.168.50.0/24 -j RETURN
    iptables -t mangle -A XRAY -s 192.168.50.122/32 -j RETURN
    iptables -t mangle -A XRAY -d 10.0.0.0/8 -j RETURN
    iptables -t mangle -A XRAY -d 100.64.0.0/10 -j RETURN
    iptables -t mangle -A XRAY -d 127.0.0.0/8 -j RETURN
    iptables -t mangle -A XRAY -d 169.254.0.0/16 -j RETURN
    iptables -t mangle -A XRAY -d 172.16.0.0/12 -j RETURN
    iptables -t mangle -A XRAY -d 192.0.0.0/24 -j RETURN
    iptables -t mangle -A XRAY -d 224.0.0.0/4 -j RETURN
    iptables -t mangle -A XRAY -d 240.0.0.0/4 -j RETURN
    iptables -t mangle -A XRAY -d 255.255.255.255/32 -j RETURN
    iptables -t mangle -A XRAY -d 192.168.0.0/16 -p tcp ! --dport 53 -j RETURN
    iptables -t mangle -A XRAY -d 192.168.0.0/16 -p udp ! --dport 53 -j RETURN
    iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 12345 --tproxy-mark 1
    iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 12345 --tproxy-mark 1
    iptables -t mangle -A PREROUTING -j XRAY
    
    iptables -t mangle -N XRAY_SELF
    iptables -t mangle -A XRAY_SELF -d 10.0.0.0/8 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 100.64.0.0/10 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 127.0.0.0/8 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 169.254.0.0/16 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 172.16.0.0/12 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 192.0.0.0/24 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 224.0.0.0/4 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 240.0.0.0/4 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 255.255.255.255/32 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 192.168.0.0/16 -p tcp ! --dport 53 -j RETURN
    iptables -t mangle -A XRAY_SELF -d 192.168.0.0/16 -p udp ! --dport 53 -j RETURN
    iptables -t mangle -A XRAY_SELF -m mark --mark 2 -j RETURN
    iptables -t mangle -A XRAY_SELF -p tcp -j MARK --set-mark 1
    iptables -t mangle -A XRAY_SELF -p udp -j MARK --set-mark 1
    iptables -t mangle -A OUTPUT -j XRAY_SELF
    
  • 我觉得可以引入可选的分享加密(基于AES),自定义密钥,防止未授权的传播,之前的vmess就有很多泄露出去的,根本base64只是让人看不懂。而且实现AES也不会很复杂,更加保护分享的安全。适用于个人分享,以及保护订阅被盗时阻止非法访问。

    我觉得可以引入可选的分享加密(基于AES),自定义密钥,防止未授权的传播,之前的vmess就有很多泄露出去的,根本base64只是让人看不懂。而且实现AES也不会很复杂,更加保护分享的安全。适用于个人分享,以及保护订阅被盗时阻止非法访问。

    我觉得可以引入可选的分享加密(基于AES),自定义密钥,防止未授权的传播,之前的vmess就有很多泄露出去的,根本base64只是让人看不懂。而且实现AES也不会很复杂,更加保护分享的安全。适用于个人分享,以及保护订阅被盗时阻止非法访问。 具体可以这样 :密文头部改为 Avless://或 Avmess:// 以提示需要自定义密钥解密。

    Originally posted by @RainThings in https://github.com/XTLS/Xray-core/issues/91#issuecomment-765059563

  • VMessAEAD / VLESS 分享链接标准提案

    VMessAEAD / VLESS 分享链接标准提案

    VMess / VLESS 分享链接提案

    0 致谢

    • @DuckSoft (@Qv2ray): 作者
    • @huyz: 提出了非常多的宝贵意见
    • @rprx: 审校

    1 原则

    • 必须是合法的 URL
    • 对机器友好、对人类可读

    2 约定

    • URL 字段对出现顺序不敏感,但同一字段禁止重复出现
    • 所有 URL 字段的 Value 都必须使用 encodeURIComponent 进行转义处理
    • 所有参数名和常数字符串均区分大小写

    3 概览

    protocol://
    	$(uuid)
    	@
    	remote-host
    	:
    	remote-port
    ?
    	<protocol-specific fields>
    	<transport-specific fields>
    	<tls-specific fields>
    #$(descriptive-text)
    

    特别说明:$() 代表此处需要 encodeURIComponent

    4 详述

    4.1 基本信息段

    4.1.1 协议名称 protocol

    所使用的协议名称。取值必须为 vmessvless

    不可省略,不能为空字符串。

    4.1.2 uuid

    UUID。对应配置文件该项出站中 settings.vnext[0].users[0].id 的值。

    不可省略,不能为空字符串。

    4.1.3 remote-host

    服务器的域名或 IP 地址。

    不可省略,不能为空字符串。

    IPv6 地址必须括上方括号。

    IDN 域名(如“百度.cn”)必须使用 xn--xxxxxx 格式。

    4.1.4 remote-port

    服务器的端口号。

    不可省略,必须取 [1,65535] 中的整数。

    4.1.5 descriptive-text

    服务器的描述信息。

    可省略,不推荐为空字符串

    必须使用 encodeURIComponent 转义。

    4.2 协议相关段

    4.2.1 传输方式 type

    协议的传输方式。对应配置文件出站中 settings.vnext[0].streamSettings.network 的值。

    当前的取值必须为 tcpkcpwshttpquic 其中之一,分别对应 TCP、mKCP、WebSocket、HTTP/2、QUIC 传输方式。

    修订:取值还可以是 grpc,代表 gRPC 传输方式。

    4.2.2 (VMess/VLESS) encryption

    当协议为 VMess 时,对应配置文件出站中 settings.security,可选值为 auto / aes-128-gcm / chacha20-poly1305 / none

    省略时默认为 auto,但不可以为空字符串。除非指定为 none,否则建议省略。

    当协议为 VLESS 时,对应配置文件出站中 settings.encryption,当前可选值只有 none

    省略时默认为 none,但不可以为空字符串。

    特殊说明:之所以不使用 security 而使用 encryption,是因为后面还有一个底层传输安全类型 security 与这个冲突。 由 @huyz 提议,将此字段重命名为 encryption,这样不仅能避免命名冲突,还与 VLESS 保持了一致。

    4.2.3 (VMess) alterIdaid

    没有这些字段。旧的 VMess 因协议设计出现致命问题,不再适合使用或分享。

    此分享标准仅针对 VMess AEAD 和 VLESS。

    4.3 传输层相关段

    4.3.1 底层传输安全 security

    设定底层传输所使用的 TLS 类型。当前可选值有 nonetlsxtls

    省略时默认为 none,但不可以为空字符串。

    4.3.2 (HTTP/2) path

    HTTP/2 的路径。省略时默认为 /,但不可以为空字符串。不推荐省略。

    必须使用 encodeURIComponent 转义。

    4.3.3 (HTTP/2) host

    客户端进行 HTTP/2 通信时所发送的 Host 头部。

    省略时复用 remote-host,但不可以为空字符串。

    若有多个域名,可使用英文逗号隔开,但中间及前后不可有空格。

    必须使用 encodeURIComponent 转义。

    4.3.4 (WebSocket) path

    WebSocket 的路径。省略时默认为 /,但不可以为空字符串。不推荐省略。

    必须使用 encodeURIComponent 转义。

    4.3.5 (WebSocket) host

    WebSocket 请求时 Host 头的内容。不推荐省略,不推荐设为空字符串。

    必须使用 encodeURIComponent 转义。

    4.3.6 (mKCP) headerType

    mKCP 的伪装头部类型。当前可选值有 none / srtp / utp / wechat-video / dtls / wireguard

    省略时默认值为 none,即不使用伪装头部,但不可以为空字符串。

    4.3.7 (mKCP) seed

    mKCP 种子。省略时不使用种子,但不可以为空字符串。建议 mKCP 用户使用 seed

    必须使用 encodeURIComponent 转义。

    4.3.8 (QUIC) quicSecurity

    QUIC 的加密方式。当前可选值有 none / aes-128-gcm / chacha20-poly1305

    省略时默认值为 none

    4.3.9 (QUIC) key

    当 QUIC 的加密方式不为 none 时的加密密钥。

    当 QUIC 的加密方式为 none 时,此项不得出现;否则,此项必须出现,且不可为空字符串。

    若出现此项,则必须使用 encodeURIComponent 转义。

    4.3.10 (QUIC) headerType

    QUIC 的伪装头部类型。其他同 mKCP headerType 字段定义。

    4.3.11 (gRPC) serviceName

    对应 gRPC 的 ServiceName。建议仅使用英文字母数字和英文句号、下划线组成。

    不建议省略,不可为空字符串。

    4.3.12 (gRPC) mode

    对应 gRPC 的传输模式,目前有以下三种:

    • gun: 即原始的 gun 传输模式,将单个 []byte 封在 Protobuf 里通过 gRPC 发送(参考资料);
    • multi: 即 Xray-Core 的 multiMode,将多组 []byte 封在一条 Protobuf 里通过 gRPC 发送;
    • guna: 即通过使用自定义 Codec 的方式,直接将数据包封在 gRPC 里发送。(参考资料

    省略时默认为 gun,不可以为空字符串。

    4.4 TLS 相关段

    4.4.1 sni

    TLS SNI,对应配置文件中的 serverName 项目。

    省略时复用 remote-host,但不可以为空字符串。

    4.4.2 alpn

    TLS ALPN,对应配置文件中的 alpn 项目。

    多个 ALPN 之间用英文逗号隔开,中间无空格。

    省略时由内核决定具体行为,但不可以为空字符串。

    必须使用 encodeURIComponent 转义。

    4.4.3 allowInsecure

    没有这个字段。不安全的节点,不适合分享。

    4.4.4 (XTLS) flow

    XTLS 的流控方式。可选值为 xtls-rprx-directxtls-rprx-splice 等。

    若使用 XTLS,此项不可省略,否则无此项。此项不可为空字符串。

    5 举例

    # VMess + TCP,不加密(仅作示例,不安全)
    vmess://[email protected]:31415?encryption=none#VMessTCPNaked
    # VMess + TCP,自动选择加密。编程人员特别注意不是所有的 URL 都有问号,注意处理边缘情况。
    vmess://[email protected]:9265#VMessTCPAuto
    # VMess + TCP,手动选择加密
    vmess://[email protected]:35897?encryption=aes-128-gcm#VMessTCPAES
    # VMess + TCP + TLS,内层不加密
    vmess://[email protected]:9323?encryption=none&security=tls#VMessTCPTLSNaked
    # VMess + TCP + TLS,内层也自动选择加密
    vmess://[email protected]:8462?security=tls#VMessTCPTLS
    # VMess + TCP + TLS,内层不加密,手动指定 SNI
    vmess://[email protected]:64338?encryption=none&security=tls&sni=fastgit.org#VMessTCPTLSSNI
    # VLESS + TCP + XTLS
    vless://[email protected]:3279?security=xtls&flow=rprx-xtls-splice#VLESSTCPXTLSSplice
    # VLESS + mKCP + Seed
    vless://[email protected]:50288?type=kcp&seed=69f04be3-d64e-45a3-8550-af3172c63055#VLESSmKCPSeed
    # VLESS + mKCP + Seed,伪装成 Wireguard
    vless://[email protected]:41971?type=kcp&headerType=wireguard&seed=69f04be3-d64e-45a3-8550-af3172c63055#VLESSmKCPSeedWG
    # VMess + WebSocket + TLS
    vmess://[email protected]:6939?type=ws&security=tls&host=qv2ray.net&path=%2Fsomewhere#VMessWebSocketTLS
    

    6 补充

    6.1 2020/12/21 @rprx 关于 flow 选项的补充说明

    https://github.com/XTLS/Xray-core/issues/91#issuecomment-748899964

    1. -udp443 系列属于客户端选项,不建议服务器下发,是否开启应由客户端决定。

    2. splice 的使用场景比较苛刻,目前要求入站“纯粹”、且运行在 Linux / Android 操作系统上。若不满足相关要求,客户端使用 direct 模式即可。

    @DuckSoft 的唠叨:

    1. 目前 splice 与否对服务器方面没有要求,服务器使用 direct 即可支持 splicedirect建议服务器下发 direct,开启 splice 与否应由客户端自行决定。
    2. 必须充分认识到,XTLS 仍处于实验性阶段,当前阶段分享链接的主要目标是方便 XTLS 节点的交换与传播,并不适用于机场大规模下发。分享链接标准的更新会紧跟 XTLS 的任何变化,在稳定版之前出现破坏性变更是大概率事件,请知悉。
  • 证书的问题

    证书的问题

    弱弱的问一下,之前木有vless的时候,是caddy监听443,通过path转发给v2ray (vmess+tls+websocket),这样的话,caddy可以自动更新证书(Let's Encrypt)。

    现在打开vless,要求v2ray/xray监听443,于是无法通过caddy自动更新证书了,请问有解吗?还是需要每隔一段时间自己手动折腾一下。

  • 1.2.1版本的CPU资源占用率高的问题

    1.2.1版本的CPU资源占用率高的问题

    新版的1.2.1在多款路由器上测试,发现openwrt的负载一直居高不下,长时间保持在2-4之间,有时甚至达到8以上,查看系统进程发现只有Xray的占用率始终居高不下。测试用的几款路由器CPU是MT7621ST和MT7620、MT7628,内存大小是128MB和512MB的。

    不过新版的在树莓派上没什么问题,树莓派是3B+的。

  • 如何将DNS请求分流至不同的服务器呢?

    如何将DNS请求分流至不同的服务器呢?

    现有 hk 和 us 两台机器,Netflix、Spotify 等流媒体通过规则走的 us 隧道,其他的域名走 hk 隧道,

    现在有个问题是 DNS 全部走 hk 隧道了,虽然最终的请求走 us,但这应该达不到最好的效果,我想要的效果是 DNS 和请求都都分别走 hk 和 us。

    我尝试这么配,貌似不起效果

    {
        "log": {
            "loglevel": "warning", 
            "dnsLog": true
        }, 
        "inbounds": [
            {
                "listen": "0.0.0.0", 
                "port": "1089", 
                "protocol": "socks", 
                "settings": {
                    "udp": true, 
                    "ip": "192.168.1.8"
                }, 
                "sniffing": {
                    "enabled": true, 
                    "destOverride": [
                        "http", 
                        "tls"
                    ], 
                    "metadataOnly": false, 
                    "routeOnly": false
                }
            }
        ], 
        "outbounds": [
            {
                "protocol": "trojan", 
                "tag": "us", 
                "settings": {
                    "servers": [
                        {
                            "address": "1.2.3.4", 
                            "port": 123, 
                            "password": "password"
                        }
                    ]
                }, 
                "streamSettings": {
                    "network": "tcp", 
                    "security": "tls", 
                    "tlsSettings": {
                        "serverName": "xx.com", 
                        "allowInsecure": false
                    }
                }
            }, 
            {
                "protocol": "trojan", 
                "tag": "hk", 
                "settings": {
                    "servers": [
                        {
                            "address": "1.2.3.4", 
                            "port": 123, 
                            "password": "password"
                        }
                    ]
                }, 
                "streamSettings": {
                    "network": "tcp", 
                    "security": "tls", 
                    "tlsSettings": {
                        "serverName": "xx.com", 
                        "allowInsecure": false
                    }
                }
            }, 
            {
                "protocol": "socks", 
                "tag": "fw-clash", 
                "settings": {
                    "servers": [
                        {
                            "address": "127.0.0.1", 
                            "port": 1081
                        }
                    ]
                }
            }
        ], 
        "routing": {
            "domainStrategy": "AsIs", 
            "rules": [
                {
                    "type": "field", 
                    "outboundTag": "us", 
                    "domain": [
                        "geosite:google", 
                        "geosite:netflix"
                    ]
                }, 
                {
                    "type": "field", 
                    "outboundTag": "us", 
                    "ip": [
                        "8.8.4.4"
                    ]
                }, 
                {
                    "type": "field", 
                    "outboundTag": "hk", 
                    "network": "udp,tcp"
                }
            ]
        }, 
        "dns": {
            "servers": [
                {
                    "tag": "us-dns", 
                    "address": "8.8.4.4", 
                    "domain": [
                        "geosite:google", 
                        "geosite:netflix"
                    ]
                }, 
                "8.8.8.8"
            ]
        }
    }
    
  • VLESS over http/2 模式下,客户端运行一段时间后就无法正常工作

    VLESS over http/2 模式下,客户端运行一段时间后就无法正常工作

    整个配置思路参考了 https://github.com/XTLS/Xray-examples/tree/main/VLESS-H2C-Caddy2 服务端是通过Caddy2反向代理了VLESS over h2c,客户端为VLESS over http/2。客户端启动后正常运行一段时间后(大约在1小时以内),就无法正常工作(无法通过xray访问网站),并输出日志2021/02/20 10:19:13 [Warning] [4163186524] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed。必须重启客户端后才能暂时恢复正常

    xray服务端配置
    {
        "log": {
            "access": "/var/log/xray/access.log",
            "error": "/var/log/xray/error.log",
            "loglevel": "debug"
        },
        "inbounds": [
            {
                "port": 12345,
                "protocol": "vless",
                "settings": {
                    "clients": [
                        {
                            "id": "uuid",
                            "email": "[email protected]"
                        }
                    ],
                    "decryption": "none"
                },
                "streamSettings": {
                    "network": "http",
                    "security": "none",
                    "httpSettings": {
                        "path": "/path",
                        "host": [
                            "host"
                        ]
                    }
                }
            }
        ],
        "outbounds": [
            {
                "protocol": "freedom",
                "settings": {
                    "domainStrategy": "UseIPv4"
                }
            },
            {
                "protocol": "blackhole",
                "settings": {},
                "tag": "blocked"
            }
        ],
        "routing": {
            "rules": [
                {
                    "type": "field",
                    "ip": [
                        "geoip:private"
                    ],
                    "outboundTag": "blocked"
                }
            ]
        }
    }
    

    服务端使用了Caddy2反向代理到443端口(https),

    xray客户端配置
    [[inbounds]]
    listen = "127.0.0.1"
    port = 7071
    protocol = "socks"
    
    [inbounds.settings]
    udp = true
    
    [inbounds.sniffing]
    destOverride = ["http", "tls"]
    enabled = true
    
    [[inbounds]]
    listen = "127.0.0.1"
    port = 7072
    protocol = "http"
    
    [inbounds.settings]
    allowTransparent = false
    userLevel = 0
    
    [inbounds.sniffing]
    destOverride = ["http", "tls"]
    enabled = true
    
    [[inbounds]]
    listen = "127.0.0.1"
    port = 10221
    protocol = "dokodemo-door"
    tag = "ibp"
    
    [inbounds.settings]
    address = "xxxxx.com"
    network = "tcp"
    port = 443
    
    [[outbounds]]
    protocol = "vless"
    tag = "proxy"
    
    [outbounds.settings]
    [[outbounds.settings.vnext]]
    address = "127.0.0.1"
    port = 10221
    
    [[outbounds.settings.vnext.users]]
    id = "uuid"
    encryption = "none"
    
    [outbounds.streamSettings]
    network = "http"
    security = "tls"
    
    [outbounds.streamSettings.tlsSettings]
    allowInsecure = false
    serverName = "xxxxx.com"
    
    [outbounds.streamSettings.httpSettings]
    path = "/path/"
    host = ["xxxxx.com"]
    
    [[outbounds]]
    protocol = "http"
    tag = "localproxy"
    
    [outbounds.settings]
    [[outbounds.settings.servers]]
    address = "proxy2.xxxx.xxxx"
    port = 8080
    
    [log]
    # loglevel = "debug"
    # access = "./access.log"
    # error = "./error.log"
    
    [routing]
    domainStrategy = "IPIfNonMatch"
    
    [[routing.rules]]
    inboundTag = ["ibp"]
    outboundTag = "localproxy"
    type = "field"
    
    

    由于测试并输出日志时客户端在内网,在streamSettings是ws或者h2时,v2ray不支持前置代理,因此使用了dokodemo-door进行了桥接。但是可以确定,在外网环境客户端直连,一样会出这个问题。

    服务端日志
    2021/02/19 21:58:17 [Debug] app/log: Logger started
    2021/02/19 21:58:17 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:12345
    2021/02/19 21:58:17 [Warning] core: Xray 1.3.0 started
    .....
    2021/02/19 21:58:47 [Info] [3923791669] proxy/vless/inbound: firstLen = 183
    2021/02/19 21:58:47 [Info] [3923791669] proxy/vless/inbound: received request for tcp:dc.services.visualstudio.com:443
    2021/02/19 21:58:47 [Info] [3923791669] app/dispatcher: default route for tcp:dc.services.visualstudio.com:443
    2021/02/19 21:58:47 [Info] [3923791669] proxy/freedom: opening connection to tcp:dc.services.visualstudio.com:443
    2021/02/19 21:58:47 [Info] [3923791669] proxy/freedom: dialing to to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [3923791669] transport/internet/tcp: dialing TCP to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [1174341494] proxy/freedom: dialing to to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [1174341494] transport/internet/tcp: dialing TCP to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [3786443536] proxy/freedom: dialing to to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [3786443536] transport/internet/tcp: dialing TCP to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [2407104745] proxy/freedom: dialing to to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [2407104745] transport/internet/tcp: dialing TCP to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [1963521535] proxy/freedom: dialing to to tcp:13.86.218.255:443
    2021/02/19 21:58:47 [Info] [1963521535] transport/internet/tcp: dialing TCP to tcp:13.86.218.255:443
    2021/02/19 21:59:23 [Info] [3923791669] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 7; CANCEL
    2021/02/19 21:59:23 [Info] [1174341494] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 5; CANCEL
    2021/02/19 21:59:23 [Info] [2407104745] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 3; CANCEL
    2021/02/19 21:59:23 [Info] [3786443536] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 11; CANCEL
    2021/02/19 21:59:23 [Info] [1963521535] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 9; CANCEL
    2021/02/19 21:59:23 [Info] [3923791669] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 21:59:23 [Info] [1174341494] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 21:59:23 [Info] [2407104745] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 21:59:23 [Info] [3786443536] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 21:59:23 [Info] [1963521535] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:02:53 [Info] [3778768853] proxy/vless/inbound: firstLen = 535
    2021/02/19 22:02:53 [Info] [3778768853] proxy/vless/inbound: received request for tcp:sspanel.net:80
    2021/02/19 22:02:53 [Info] [3064443272] proxy/vless/inbound: firstLen = 617
    2021/02/19 22:02:53 [Info] [3064443272] proxy/vless/inbound: received request for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [3778768853] app/dispatcher: default route for tcp:sspanel.net:80
    2021/02/19 22:02:53 [Info] [3778768853] proxy/freedom: opening connection to tcp:sspanel.net:80
    2021/02/19 22:02:53 [Info] [3064443272] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [3064443272] proxy/freedom: opening connection to tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [2101954707] proxy/vless/inbound: firstLen = 554
    2021/02/19 22:02:53 [Info] [2101954707] proxy/vless/inbound: received request for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [4265457262] proxy/vless/inbound: firstLen = 554
    2021/02/19 22:02:53 [Info] [4265457262] proxy/vless/inbound: received request for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [2101954707] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [2101954707] proxy/freedom: opening connection to tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [2333394312] proxy/vless/inbound: firstLen = 554
    2021/02/19 22:02:53 [Info] [2333394312] proxy/vless/inbound: received request for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [599233613] proxy/vless/inbound: firstLen = 554
    2021/02/19 22:02:53 [Info] [599233613] proxy/vless/inbound: received request for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [1200564786] proxy/vless/inbound: firstLen = 617
    2021/02/19 22:02:53 [Info] [1200564786] proxy/vless/inbound: received request for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [4265457262] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [4265457262] proxy/freedom: opening connection to tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [2333394312] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [2333394312] proxy/freedom: opening connection to tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [599233613] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [599233613] proxy/freedom: opening connection to tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [1200564786] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [1200564786] proxy/freedom: opening connection to tcp:www.google.com:443
    2021/02/19 22:02:53 [Info] [3778768853] proxy/freedom: dialing to to tcp:104.21.70.10:80
    2021/02/19 22:02:53 [Info] [3778768853] transport/internet/tcp: dialing TCP to tcp:104.21.70.10:80
    2021/02/19 22:02:53 [Info] [1200564786] proxy/freedom: dialing to to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [1200564786] transport/internet/tcp: dialing TCP to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [3064443272] proxy/freedom: dialing to to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [3064443272] transport/internet/tcp: dialing TCP to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [2101954707] proxy/freedom: dialing to to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [2101954707] transport/internet/tcp: dialing TCP to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [4265457262] proxy/freedom: dialing to to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [4265457262] transport/internet/tcp: dialing TCP to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [2333394312] proxy/freedom: dialing to to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [2333394312] transport/internet/tcp: dialing TCP to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [599233613] proxy/freedom: dialing to to tcp:172.217.14.100:443
    2021/02/19 22:02:53 [Info] [599233613] transport/internet/tcp: dialing TCP to tcp:172.217.14.100:443
    2021/02/19 22:02:54 [Info] [2101954707] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 15; CANCEL
    2021/02/19 22:02:54 [Info] [2101954707] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:02:55 [Info] [3064443272] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 13; CANCEL
    2021/02/19 22:02:55 [Info] [3064443272] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:02:59 [Info] [3358807170] proxy/vless/inbound: firstLen = 627
    2021/02/19 22:02:59 [Info] [3358807170] proxy/vless/inbound: received request for tcp:clients4.google.com:443
    2021/02/19 22:02:59 [Info] [3358807170] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/19 22:02:59 [Info] [3358807170] proxy/freedom: opening connection to tcp:clients4.google.com:443
    2021/02/19 22:02:59 [Info] [3358807170] proxy/freedom: dialing to to tcp:172.217.4.142:443
    2021/02/19 22:02:59 [Info] [3358807170] transport/internet/tcp: dialing TCP to tcp:172.217.4.142:443
    2021/02/19 22:03:04 [Info] [2333394312] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:03:04 [Info] [2333394312] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > context canceled
    2021/02/19 22:03:04 [Info] [1200564786] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:03:04 [Info] [1200564786] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > context canceled
    2021/02/19 22:03:04 [Info] [599233613] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > context canceled
    2021/02/19 22:03:04 [Info] [599233613] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:06:10 [Info] [1145018563] proxy/vless/inbound: firstLen = 559
    2021/02/19 22:06:10 [Info] [1145018563] proxy/vless/inbound: received request for tcp:default.exp-tas.com:443
    2021/02/19 22:06:10 [Info] [1145018563] app/dispatcher: default route for tcp:default.exp-tas.com:443
    2021/02/19 22:06:10 [Info] [1145018563] proxy/freedom: opening connection to tcp:default.exp-tas.com:443
    2021/02/19 22:06:10 [Info] [1145018563] proxy/freedom: dialing to to tcp:13.107.5.93:443
    2021/02/19 22:06:10 [Info] [1145018563] transport/internet/tcp: dialing TCP to tcp:13.107.5.93:443
    2021/02/19 22:06:10 [Info] [4076461039] proxy/vless/inbound: firstLen = 568
    2021/02/19 22:06:10 [Info] [4076461039] proxy/vless/inbound: received request for tcp:update.code.visualstudio.com:443
    2021/02/19 22:06:10 [Info] [4076461039] app/dispatcher: default route for tcp:update.code.visualstudio.com:443
    2021/02/19 22:06:10 [Info] [4076461039] proxy/freedom: opening connection to tcp:update.code.visualstudio.com:443
    2021/02/19 22:06:10 [Info] [4076461039] proxy/freedom: dialing to to tcp:104.42.78.153:443
    2021/02/19 22:06:10 [Info] [4076461039] transport/internet/tcp: dialing TCP to tcp:104.42.78.153:443
    2021/02/19 22:06:11 [Info] [1180677676] proxy/vless/inbound: firstLen = 183
    2021/02/19 22:06:11 [Info] [1180677676] proxy/vless/inbound: received request for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [1180677676] app/dispatcher: default route for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [1180677676] proxy/freedom: opening connection to tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3384801828] proxy/vless/inbound: firstLen = 183
    2021/02/19 22:06:11 [Info] [3384801828] proxy/vless/inbound: received request for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [2076515969] proxy/vless/inbound: firstLen = 183
    2021/02/19 22:06:11 [Info] [2076515969] proxy/vless/inbound: received request for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3384801828] app/dispatcher: default route for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3384801828] proxy/freedom: opening connection to tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3296236113] proxy/vless/inbound: firstLen = 183
    2021/02/19 22:06:11 [Info] [3296236113] proxy/vless/inbound: received request for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [2076515969] app/dispatcher: default route for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [2076515969] proxy/freedom: opening connection to tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3296236113] app/dispatcher: default route for tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3296236113] proxy/freedom: opening connection to tcp:dc.services.visualstudio.com:443
    2021/02/19 22:06:11 [Info] [3296236113] proxy/freedom: dialing to to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [3296236113] transport/internet/tcp: dialing TCP to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [1180677676] proxy/freedom: dialing to to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [1180677676] transport/internet/tcp: dialing TCP to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [3384801828] proxy/freedom: dialing to to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [3384801828] transport/internet/tcp: dialing TCP to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [2076515969] proxy/freedom: dialing to to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [2076515969] transport/internet/tcp: dialing TCP to tcp:13.86.218.248:443
    2021/02/19 22:06:11 [Info] [1969373908] proxy/vless/inbound: firstLen = 300
    2021/02/19 22:06:11 [Info] [1969373908] proxy/vless/inbound: received request for tcp:default.exp-tas.com:443
    2021/02/19 22:06:11 [Info] [1969373908] app/dispatcher: default route for tcp:default.exp-tas.com:443
    2021/02/19 22:06:11 [Info] [1969373908] proxy/freedom: opening connection to tcp:default.exp-tas.com:443
    2021/02/19 22:06:11 [Info] [1969373908] proxy/freedom: dialing to to tcp:13.107.5.93:443
    2021/02/19 22:06:11 [Info] [1969373908] transport/internet/tcp: dialing TCP to tcp:13.107.5.93:443
    2021/02/19 22:06:12 [Info] [3207882939] proxy/vless/inbound: firstLen = 571
    2021/02/19 22:06:12 [Info] [3207882939] proxy/vless/inbound: received request for tcp:vscodeexperiments.azureedge.net:443
    2021/02/19 22:06:12 [Info] [3207882939] app/dispatcher: default route for tcp:vscodeexperiments.azureedge.net:443
    2021/02/19 22:06:12 [Info] [3207882939] proxy/freedom: opening connection to tcp:vscodeexperiments.azureedge.net:443
    2021/02/19 22:06:12 [Info] [3207882939] proxy/freedom: dialing to to tcp:72.21.81.200:443
    2021/02/19 22:06:12 [Info] [3207882939] transport/internet/tcp: dialing TCP to tcp:72.21.81.200:443
    2021/02/19 22:06:13 [Info] [977208902] proxy/vless/inbound: firstLen = 568
    2021/02/19 22:06:13 [Info] [977208902] proxy/vless/inbound: received request for tcp:marketplace.visualstudio.com:443
    2021/02/19 22:06:13 [Info] [977208902] app/dispatcher: default route for tcp:marketplace.visualstudio.com:443
    2021/02/19 22:06:13 [Info] [977208902] proxy/freedom: opening connection to tcp:marketplace.visualstudio.com:443
    2021/02/19 22:06:13 [Info] [977208902] proxy/freedom: dialing to to tcp:13.107.42.18:443
    2021/02/19 22:06:13 [Info] [977208902] transport/internet/tcp: dialing TCP to tcp:13.107.42.18:443
    2021/02/19 22:06:13 [Info] [1969373908] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 41; CANCEL
    2021/02/19 22:06:13 [Info] [1969373908] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:06:22 [Info] [2093435488] proxy/vless/inbound: firstLen = 6536
    2021/02/19 22:06:22 [Info] [2093435488] proxy/vless/inbound: received request for tcp:v1.mux.cool:0
    2021/02/19 22:06:22 [Info] [2093435488] common/mux: received request for udp:239.255.255.250:1900
    2021/02/19 22:06:22 [Info] [2093435488] app/dispatcher: taking detour [blocked] for [udp:239.255.255.250:1900]
    2021/02/19 22:06:22 [Info] [2093435488] common/mux: session 0 ends. > io: read/write on closed pipe
    2021/02/19 22:06:25 [Info] [2093435488] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 47; CANCEL
    2021/02/19 22:06:25 [Info] [2093435488] common/mux: unexpected EOF > common/mux: failed to read metadata > io: read/write on closed pipe
    2021/02/19 22:06:26 [Info] [423179001] proxy/vless/inbound: firstLen = 1011
    2021/02/19 22:06:26 [Info] [423179001] proxy/vless/inbound: received request for tcp:vortex.data.microsoft.com:443
    2021/02/19 22:06:26 [Info] [423179001] app/dispatcher: default route for tcp:vortex.data.microsoft.com:443
    2021/02/19 22:06:26 [Info] [423179001] proxy/freedom: opening connection to tcp:vortex.data.microsoft.com:443
    2021/02/19 22:06:26 [Info] [423179001] proxy/freedom: dialing to to tcp:64.4.54.254:443
    2021/02/19 22:06:26 [Info] [423179001] transport/internet/tcp: dialing TCP to tcp:64.4.54.254:443
    2021/02/19 22:06:26 [Info] [423179001] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp 67.230.164.246:60362->64.4.54.254:443: read: connection reset by peer
    2021/02/19 22:06:26 [Info] [423179001] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > io: read/write on closed pipe
    2021/02/19 22:06:55 [Info] [4265457262] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 25; CANCEL
    2021/02/19 22:06:55 [Info] [4265457262] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:07:04 [Info] [977208902] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 45; CANCEL
    2021/02/19 22:07:04 [Info] [977208902] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:07:04 [Info] [3207882939] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 43; CANCEL
    2021/02/19 22:07:04 [Info] [4076461039] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 31; CANCEL
    2021/02/19 22:07:04 [Info] [1145018563] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 29; CANCEL
    2021/02/19 22:07:04 [Info] [3207882939] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:07:04 [Info] [4076461039] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:07:04 [Info] [1145018563] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:08:13 [Info] [3296236113] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp 67.230.164.246:46676->13.86.218.248:443: read: connection reset by peer
    2021/02/19 22:08:13 [Info] [3296236113] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > io: read/write on closed pipe
    2021/02/19 22:08:15 [Info] [2076515969] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp 67.230.164.246:46682->13.86.218.248:443: read: connection reset by peer
    2021/02/19 22:08:15 [Info] [2076515969] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > io: read/write on closed pipe
    2021/02/19 22:08:15 [Info] [3384801828] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp 67.230.164.246:46680->13.86.218.248:443: read: connection reset by peer
    2021/02/19 22:08:15 [Info] [3384801828] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > io: read/write on closed pipe
    2021/02/19 22:08:15 [Info] [1180677676] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process response > read tcp 67.230.164.246:46678->13.86.218.248:443: read: connection reset by peer
    2021/02/19 22:08:15 [Info] [1180677676] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > io: read/write on closed pipe
    2021/02/19 22:08:51 [Info] [3358807170] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 27; CANCEL
    2021/02/19 22:08:51 [Info] [3358807170] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:09:10 [Info] [808924924] proxy/vless/inbound: firstLen = 91
    2021/02/19 22:09:10 [Info] [808924924] proxy/vless/inbound: received request for tcp:v1.mux.cool:0
    2021/02/19 22:09:10 [Info] [808924924] common/mux: received request for udp:8.8.8.8:53
    2021/02/19 22:09:10 [Info] [808924924] app/dispatcher: default route for udp:8.8.8.8:53
    2021/02/19 22:09:10 [Info] [808924924] proxy/freedom: opening connection to udp:8.8.8.8:53
    ......
    2021/02/19 22:10:31 [Info] [3729288746] proxy/vless/inbound: firstLen = 639
    2021/02/19 22:10:31 [Info] [3729288746] proxy/vless/inbound: received request for tcp:lh3.googleusercontent.com:443
    2021/02/19 22:10:31 [Info] [3729288746] app/dispatcher: default route for tcp:lh3.googleusercontent.com:443
    2021/02/19 22:10:31 [Info] [3729288746] proxy/freedom: opening connection to tcp:lh3.googleusercontent.com:443
    2021/02/19 22:10:31 [Info] [3729288746] proxy/freedom: dialing to to tcp:172.217.14.97:443
    2021/02/19 22:10:31 [Info] [3729288746] transport/internet/tcp: dialing TCP to tcp:172.217.14.97:443
    2021/02/19 22:10:32 [Info] [1316064278] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 73; CANCEL
    2021/02/19 22:10:32 [Info] [1316064278] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:10:35 [Info] [2961152879] proxy/vless/inbound: firstLen = 627
    2021/02/19 22:10:35 [Info] [2961152879] proxy/vless/inbound: received request for tcp:clients4.google.com:443
    2021/02/19 22:10:35 [Info] [2961152879] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/19 22:10:35 [Info] [2961152879] proxy/freedom: opening connection to tcp:clients4.google.com:443
    2021/02/19 22:10:35 [Info] [2961152879] proxy/freedom: dialing to to tcp:142.250.72.238:443
    2021/02/19 22:10:35 [Info] [2961152879] transport/internet/tcp: dialing TCP to tcp:142.250.72.238:443
    ......
    2021/02/19 22:12:54 [Info] [3531128196] proxy/vless/inbound: firstLen = 619
    2021/02/19 22:12:54 [Info] [3531128196] proxy/vless/inbound: received request for tcp:www.gstatic.com:443
    2021/02/19 22:12:54 [Info] [1736996345] proxy/vless/inbound: firstLen = 619
    2021/02/19 22:12:54 [Info] [1736996345] proxy/vless/inbound: received request for tcp:apis.google.com:443
    2021/02/19 22:12:54 [Info] [3531128196] app/dispatcher: default route for tcp:www.gstatic.com:443
    2021/02/19 22:12:54 [Info] [3531128196] proxy/freedom: opening connection to tcp:www.gstatic.com:443
    2021/02/19 22:12:54 [Info] [1736996345] app/dispatcher: default route for tcp:apis.google.com:443
    2021/02/19 22:12:54 [Info] [1736996345] proxy/freedom: opening connection to tcp:apis.google.com:443
    2021/02/19 22:12:54 [Info] [3531128196] proxy/freedom: dialing to to tcp:172.217.5.67:443
    2021/02/19 22:12:54 [Info] [3531128196] transport/internet/tcp: dialing TCP to tcp:172.217.5.67:443
    2021/02/19 22:12:54 [Info] [1736996345] proxy/freedom: dialing to to tcp:172.217.11.174:443
    2021/02/19 22:12:54 [Info] [1736996345] transport/internet/tcp: dialing TCP to tcp:172.217.11.174:443
    2021/02/19 22:14:32 [Info] [1151394390] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 69; CANCEL
    2021/02/19 22:14:32 [Info] [3610659176] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 71; CANCEL
    2021/02/19 22:14:32 [Info] [1151394390] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:14:32 [Info] [3610659176] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:14:32 [Info] [3729288746] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 75; CANCEL
    2021/02/19 22:14:32 [Info] [3729288746] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:15:10 [Info] [808924924] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 51; CANCEL
    2021/02/19 22:15:10 [Info] [808924924] common/mux: unexpected EOF > common/mux: failed to read metadata > io: read/write on closed pipe
    2021/02/19 22:15:10 [Info] [808924924] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:15:10 [Info] [808924924] common/mux: session 0 ends. > io: read/write on closed pipe
    2021/02/19 22:16:19 [Info] [3290604842] proxy/vless/inbound: firstLen = 741
    2021/02/19 22:16:19 [Info] [3290604842] proxy/vless/inbound: received request for tcp:v1.mux.cool:0
    2021/02/19 22:16:19 [Info] [3290604842] common/mux: received request for udp:239.255.255.250:1900
    2021/02/19 22:16:19 [Info] [3290604842] app/dispatcher: taking detour [blocked] for [udp:239.255.255.250:1900]
    2021/02/19 22:16:19 [Info] [3290604842] common/mux: session 0 ends. > io: read/write on closed pipe
    2021/02/19 22:16:24 [Info] [3290604842] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 91; CANCEL
    2021/02/19 22:16:24 [Info] [3290604842] common/mux: unexpected EOF > common/mux: failed to read metadata > io: read/write on closed pipe
    2021/02/19 22:16:43 [Info] [3934826751] proxy/vless/inbound: firstLen = 557
    2021/02/19 22:16:43 [Info] [3934826751] proxy/vless/inbound: received request for tcp:beacons5.gvt3.com:443
    2021/02/19 22:16:43 [Info] [3934826751] app/dispatcher: default route for tcp:beacons5.gvt3.com:443
    2021/02/19 22:16:43 [Info] [3934826751] proxy/freedom: opening connection to tcp:beacons5.gvt3.com:443
    2021/02/19 22:16:43 [Info] [3934826751] proxy/freedom: dialing to to tcp:172.217.11.67:443
    2021/02/19 22:16:43 [Info] [3934826751] transport/internet/tcp: dialing TCP to tcp:172.217.11.67:443
    2021/02/19 22:16:44 [Info] [1413663804] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 85; CANCEL
    2021/02/19 22:16:44 [Info] [1413663804] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:16:44 [Info] [3531128196] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 87; CANCEL
    2021/02/19 22:16:44 [Info] [1736996345] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 89; CANCEL
    2021/02/19 22:16:44 [Info] [3531128196] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:16:44 [Info] [1736996345] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:16:48 [Info] [4169111218] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 81; CANCEL
    2021/02/19 22:16:48 [Info] [4169111218] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:16:54 [Info] [4277291177] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 61; CANCEL
    2021/02/19 22:16:54 [Info] [4277291177] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:16:55 [Info] [3666755441] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 67; CANCEL
    2021/02/19 22:16:55 [Info] [3666755441] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:16:57 [Info] [2961152879] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 77; CANCEL
    2021/02/19 22:16:57 [Info] [2961152879] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:17:54 [Info] [3454973650] proxy/vless/inbound: firstLen = 619
    2021/02/19 22:17:54 [Info] [3454973650] proxy/vless/inbound: received request for tcp:play.google.com:443
    2021/02/19 22:17:54 [Info] [3454973650] app/dispatcher: default route for tcp:play.google.com:443
    2021/02/19 22:17:54 [Info] [3454973650] proxy/freedom: opening connection to tcp:play.google.com:443
    2021/02/19 22:17:54 [Info] [3454973650] proxy/freedom: dialing to to tcp:172.217.5.206:443
    2021/02/19 22:17:54 [Info] [3454973650] transport/internet/tcp: dialing TCP to tcp:172.217.5.206:443
    2021/02/19 22:17:54 [Info] [2762086688] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 83; CANCEL
    2021/02/19 22:17:54 [Info] [2762086688] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:18:22 [Info] [2572041676] proxy/vless/inbound: firstLen = 627
    2021/02/19 22:18:22 [Info] [2572041676] proxy/vless/inbound: received request for tcp:clients4.google.com:443
    2021/02/19 22:18:22 [Info] [2572041676] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/19 22:18:22 [Info] [2572041676] proxy/freedom: opening connection to tcp:clients4.google.com:443
    2021/02/19 22:18:22 [Info] [2572041676] proxy/freedom: dialing to to tcp:172.217.5.206:443
    2021/02/19 22:18:22 [Info] [2572041676] transport/internet/tcp: dialing TCP to tcp:172.217.5.206:443
    2021/02/19 22:19:27 [Info] [181127508] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 53; CANCEL
    2021/02/19 22:19:27 [Info] [181127508] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:20:44 [Info] [3934826751] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 93; CANCEL
    2021/02/19 22:20:44 [Info] [3934826751] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:21:01 [Info] [3090294666] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 79; CANCEL
    2021/02/19 22:21:01 [Info] [3090294666] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:21:55 [Info] [3454973650] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 95; CANCEL
    2021/02/19 22:21:55 [Info] [3454973650] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 22:22:19 [Info] [166330718] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 55; CANCEL
    2021/02/19 22:22:19 [Info] [166330718] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 22:29:01 [Info] [2572041676] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 97; CANCEL
    2021/02/19 22:29:01 [Info] [2572041676] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > proxy/freedom: failed to process request > io: read/write on closed pipe
    2021/02/19 23:01:32 [Info] [420084968] proxy/vless/inbound: firstLen = 91
    2021/02/19 23:01:32 [Info] [420084968] proxy/vless/inbound: received request for tcp:v1.mux.cool:0
    2021/02/19 23:01:32 [Info] [420084968] common/mux: received request for udp:8.8.8.8:53
    2021/02/19 23:01:32 [Info] [420084968] app/dispatcher: default route for udp:8.8.8.8:53
    2021/02/19 23:01:32 [Info] [420084968] proxy/freedom: opening connection to udp:8.8.8.8:53
    2021/02/19 23:06:14 [Info] [1320467717] proxy/vless/inbound: firstLen = 741
    2021/02/19 23:06:14 [Info] [1320467717] proxy/vless/inbound: received request for tcp:v1.mux.cool:0
    2021/02/19 23:06:14 [Info] [1320467717] common/mux: received request for udp:239.255.255.250:1900
    2021/02/19 23:06:14 [Info] [1320467717] app/dispatcher: taking detour [blocked] for [udp:239.255.255.250:1900]
    2021/02/19 23:06:14 [Info] [1320467717] common/mux: session 0 ends. > io: read/write on closed pipe
    2021/02/19 23:06:19 [Info] [1320467717] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 101; CANCEL
    2021/02/19 23:06:19 [Info] [1320467717] common/mux: unexpected EOF > common/mux: failed to read metadata > io: read/write on closed pipe
    2021/02/19 23:07:32 [Info] [420084968] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > stream error: stream ID 99; CANCEL
    2021/02/19 23:07:32 [Info] [420084968] common/mux: unexpected EOF > common/mux: failed to read metadata > io: read/write on closed pipe
    2021/02/19 23:07:32 [Info] [420084968] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
    2021/02/19 23:07:32 [Info] [420084968] common/mux: session 0 ends. > io: read/write on closed pipe
    
    客户端日志
    2021/02/20 11:02:26 [Debug] app/log: Logger started
    2021/02/20 11:02:26 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:7071
    2021/02/20 11:02:26 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:7072
    2021/02/20 11:02:26 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:10221
    2021/02/20 11:02:26 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:10221
    2021/02/20 11:02:26 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:7071
    2021/02/20 11:02:26 [Info] transport/internet/udp: listening UDP on 127.0.0.1:7071
    2021/02/20 11:02:26 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:7072
    2021/02/20 11:02:26 [Warning] core: Xray 1.3.0 started
    2021/02/20 11:02:51 [Info] [3210243817] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [3210243817] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 11:02:51 [Info] [3210243817] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 11:02:51 [Debug] [540396215] proxy/dokodemo: processing connection from: 127.0.0.1:61492
    2021/02/20 11:02:51 [Info] [540396215] proxy/dokodemo: received request for 127.0.0.1:61492
    2021/02/20 11:02:51 [Info] [540396215] app/dispatcher: taking detour [ptr] for [tcp:xxxxx.com:443]
    2021/02/20 11:02:51 [Info] [540396215] transport/internet/tcp: dialing TCP to tcp:proxy2.xxxxxxxx:8080
    2021/02/20 11:02:51 [Info] [472358339] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [472358339] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 11:02:51 [Info] [472358339] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [147318947] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [147318947] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 11:02:51 [Info] [147318947] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [3854233974] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [1177537532] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [3854233974] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 11:02:51 [Info] [3854233974] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 11:02:51 [Info] [1177537532] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 11:02:51 [Info] [1177537532] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 11:02:52 [Info] [4071749959] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:02:52 [Info] [4071749959] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 11:02:52 [Info] [4071749959] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 11:02:53 [Info] [4099243180] proxy/socks: TCP Connect request to tcp:sspanel.net:80
    2021/02/20 11:02:53 [Info] [4099243180] app/dispatcher: sniffed domain: sspanel.net
    2021/02/20 11:02:53 [Info] [4099243180] app/dispatcher: default route for tcp:sspanel.net:80
    2021/02/20 11:02:53 [Info] [4099243180] proxy/vless/outbound: tunneling request to tcp:sspanel.net:80 via tcp:127.0.0.1:10221
    2021/02/20 11:02:53 [Info] [3210243817] proxy/vless/outbound: tunneling request to tcp:www.google.com:443 via tcp:127.0.0.1:10221
    2021/02/20 11:02:53 [Info] [3854233974] proxy/vless/outbound: tunneling request to tcp:www.google.com:443 via tcp:127.0.0.1:10221
    2021/02/20 11:02:53 [Info] [1177537532] proxy/vless/outbound: tunneling request to tcp:www.google.com:443 via tcp:127.0.0.1:10221
    2021/02/20 11:02:53 [Info] [147318947] proxy/vless/outbound: tunneling request to tcp:www.google.com:443 via tcp:127.0.0.1:10221
    ......
    2021/02/20 11:06:13 [Info] [957801894] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:06:25 [Info] [2629614933] proxy/http: request to Method [POST] Host [vortex.data.microsoft.com] with URL [https://vortex.data.microsoft.com/collect/v1]
    2021/02/20 11:06:25 [Info] [2629614933] app/dispatcher: default route for tcp:vortex.data.microsoft.com:443
    2021/02/20 11:06:26 [Info] [2629614933] proxy/vless/outbound: tunneling request to tcp:vortex.data.microsoft.com:443 via tcp:127.0.0.1:10221
    2021/02/20 11:06:26 [Info] [2629614933] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to decode response header > proxy/vless/encoding: failed to read response version > EOF
    2021/02/20 11:06:26 [Warning] [2629614933] proxy/http: failed to read response from vortex.data.microsoft.com > io: read/write on closed pipe
    2021/02/20 11:06:55 [Info] [147318947] app/proxyman/inbound: connection ends > proxy/socks: connection ends > context canceled
    2021/02/20 11:06:55 [Info] [147318947] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [1258001730] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [3926815241] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [3944163696] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [3730451202] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [1258001730] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [3926815241] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [3944163696] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:07:04 [Info] [3730451202] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:08:13 [Info] [2172074902] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to decode response header > proxy/vless/encoding: failed to read response version > EOF
    2021/02/20 11:08:13 [Warning] [2172074902] proxy/http: failed to read response from dc.services.visualstudio.com > io: read/write on closed pipe
    2021/02/20 11:08:13 [Warning] [2172074902] app/proxyman/inbound: connection ends > proxy/http: connection ends > proxy/http: failed to write response > write tcp 127.0.0.1:7072->127.0.0.1:61539: wsasend: An existing connection was forcibly closed by the remote host.
    2021/02/20 11:08:15 [Info] [547163133] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to decode response header > proxy/vless/encoding: failed to read response version > EOF
    2021/02/20 11:08:15 [Warning] [547163133] proxy/http: failed to read response from dc.services.visualstudio.com > io: read/write on closed pipe
    2021/02/20 11:08:15 [Warning] [547163133] app/proxyman/inbound: connection ends > proxy/http: connection ends > proxy/http: failed to write response > write tcp 127.0.0.1:7072->127.0.0.1:61537: wsasend: An existing connection was forcibly closed by the remote host.
    2021/02/20 11:08:15 [Info] [2984001397] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to decode response header > proxy/vless/encoding: failed to read response version > EOF
    2021/02/20 11:08:15 [Warning] [2984001397] proxy/http: failed to read response from dc.services.visualstudio.com > io: read/write on closed pipe
    2021/02/20 11:08:15 [Warning] [2984001397] app/proxyman/inbound: connection ends > proxy/http: connection ends > proxy/http: failed to write response > write tcp 127.0.0.1:7072->127.0.0.1:61535: wsasend: An existing connection was forcibly closed by the remote host.
    2021/02/20 11:08:15 [Info] [1005520017] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to decode response header > proxy/vless/encoding: failed to read response version > EOF
    2021/02/20 11:08:15 [Warning] [1005520017] proxy/http: failed to read response from dc.services.visualstudio.com > io: read/write on closed pipe
    2021/02/20 11:08:15 [Warning] [1005520017] app/proxyman/inbound: connection ends > proxy/http: connection ends > proxy/http: failed to write response > write tcp 127.0.0.1:7072->127.0.0.1:61536: wsasend: An existing connection was forcibly closed by the remote host.
    2021/02/20 11:08:50 [Info] [2549946933] app/proxyman/inbound: connection ends > proxy/socks: connection ends > context canceled
    2021/02/20 11:08:50 [Info] [2549946933] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:09:27 [Info] [2329770006] proxy/socks: TCP Connect request to tcp:mtalk.google.com:443
    2021/02/20 11:09:27 [Info] [2329770006] app/dispatcher: sniffed domain: mtalk.google.com
    2021/02/20 11:09:27 [Info] [2329770006] app/dispatcher: default route for tcp:mtalk.google.com:443
    2021/02/20 11:09:27 [Info] [2329770006] proxy/vless/outbound: tunneling request to tcp:mtalk.google.com:443 via tcp:127.0.0.1:10221
    2021/02/20 11:09:36 [Info] [4099243180] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > context canceled
    2021/02/20 11:09:36 [Info] [4099243180] app/proxyman/inbound: connection ends > proxy/socks: connection ends > context canceled
    2021/02/20 11:10:16 [Info] [44223394] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 11:10:16 [Info] [44223394] app/dispatcher: sniffed domain: www.google.com
    ......
    2021/02/20 11:35:21 [Info] [3736507882] app/dispatcher: default route for tcp:mtalk.google.com:443
    2021/02/20 11:35:23 [Warning] [3736507882] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:35:23 [Info] [3736507882] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:35:23 [Info] [2079741756] proxy/socks: TCP Connect request to tcp:mtalk.google.com:443
    2021/02/20 11:35:23 [Info] [2079741756] app/dispatcher: sniffed domain: mtalk.google.com
    2021/02/20 11:35:23 [Info] [2079741756] app/dispatcher: default route for tcp:mtalk.google.com:443
    2021/02/20 11:35:25 [Warning] [2079741756] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:35:25 [Info] [2079741756] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:35:25 [Info] [1347633850] proxy/socks: TCP Connect request to tcp:64.233.188.188:443
    2021/02/20 11:35:25 [Info] [1347633850] app/dispatcher: sniffed domain: mtalk.google.com
    2021/02/20 11:35:25 [Info] [1347633850] app/dispatcher: default route for tcp:mtalk.google.com:443
    2021/02/20 11:35:27 [Warning] [1347633850] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:35:27 [Info] [1347633850] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:35:27 [Info] [3697594325] proxy/socks: TCP Connect request to tcp:64.233.188.188:443
    2021/02/20 11:35:27 [Info] [3697594325] app/dispatcher: sniffed domain: mtalk.google.com
    2021/02/20 11:35:27 [Info] [3697594325] app/dispatcher: default route for tcp:mtalk.google.com:443
    2021/02/20 11:35:29 [Warning] [3697594325] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:35:29 [Info] [3697594325] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:51:29 [Info] [52781454] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 11:51:29 [Info] [52781454] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 11:51:29 [Info] [52781454] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 11:51:31 [Warning] [52781454] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:51:31 [Info] [52781454] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:51:31 [Info] [2436546668] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 11:51:31 [Info] [2436546668] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 11:51:31 [Info] [2436546668] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 11:51:33 [Warning] [2436546668] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:51:33 [Info] [2436546668] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:51:34 [Info] [1864970991] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:51:34 [Info] [1864970991] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 11:51:34 [Info] [1864970991] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:51:36 [Warning] [1864970991] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:51:36 [Info] [1864970991] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:51:36 [Info] [2588380550] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:51:36 [Info] [2588380550] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 11:51:36 [Info] [2588380550] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:51:38 [Warning] [2588380550] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:51:38 [Info] [2588380550] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:52:48 [Info] [1502493801] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 11:52:48 [Info] [1502493801] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 11:52:48 [Info] [1502493801] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 11:52:50 [Warning] [1502493801] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:52:50 [Info] [1502493801] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:52:50 [Info] [2116711658] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 11:52:50 [Info] [2116711658] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 11:52:50 [Info] [2116711658] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 11:52:52 [Warning] [2116711658] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:52:52 [Info] [2116711658] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:52:53 [Info] [1585978055] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:52:53 [Info] [1585978055] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 11:52:53 [Info] [1585978055] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:52:55 [Warning] [1585978055] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:52:55 [Info] [1585978055] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:52:55 [Info] [3383309761] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:52:55 [Info] [3383309761] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 11:52:55 [Info] [3383309761] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:52:57 [Warning] [3383309761] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:52:57 [Info] [3383309761] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:55:59 [Info] [1634539254] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 11:55:59 [Info] [1634539254] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 11:55:59 [Info] [1634539254] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 11:56:02 [Warning] [1634539254] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:56:02 [Info] [1634539254] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:56:02 [Info] [2455967664] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 11:56:02 [Info] [2455967664] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 11:56:02 [Info] [2455967664] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 11:56:04 [Warning] [2455967664] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:56:04 [Info] [2455967664] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:56:04 [Info] [3964888726] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:56:04 [Info] [3964888726] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 11:56:04 [Info] [3964888726] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:56:06 [Warning] [3964888726] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:56:06 [Info] [3964888726] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 11:56:06 [Info] [3092782991] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:56:06 [Info] [3092782991] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 11:56:06 [Info] [3092782991] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 11:56:08 [Warning] [3092782991] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 11:56:08 [Info] [3092782991] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:03:51 [Info] [3626139911] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 12:03:51 [Info] [3626139911] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 12:03:51 [Info] [3626139911] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 12:03:53 [Warning] [3626139911] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:03:53 [Info] [3626139911] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:03:53 [Info] [1411945882] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 12:03:53 [Info] [1411945882] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 12:03:53 [Info] [1411945882] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 12:03:55 [Warning] [1411945882] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:03:55 [Info] [1411945882] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:03:55 [Info] [2749635035] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:03:55 [Info] [2749635035] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 12:03:55 [Info] [2749635035] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:03:57 [Warning] [2749635035] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:03:57 [Info] [2749635035] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:03:57 [Info] [2506946492] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:03:57 [Info] [2506946492] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 12:03:57 [Info] [2506946492] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:03:59 [Warning] [2506946492] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:03:59 [Info] [2506946492] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:13:55 [Info] [3443407717] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 12:13:55 [Info] [3443407717] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 12:13:55 [Info] [3443407717] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 12:13:57 [Warning] [3443407717] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:13:57 [Info] [3443407717] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:13:57 [Info] [571038832] proxy/socks: TCP Connect request to tcp:clients4.google.com:443
    2021/02/20 12:13:57 [Info] [571038832] app/dispatcher: sniffed domain: clients4.google.com
    2021/02/20 12:13:57 [Info] [571038832] app/dispatcher: default route for tcp:clients4.google.com:443
    2021/02/20 12:13:59 [Warning] [571038832] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:13:59 [Info] [571038832] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:13:59 [Info] [3256905498] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:13:59 [Info] [3256905498] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 12:13:59 [Info] [3256905498] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:14:01 [Warning] [3256905498] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:14:01 [Info] [3256905498] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:14:01 [Info] [4278828398] proxy/socks: TCP Connect request to tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:14:01 [Info] [4278828398] app/dispatcher: sniffed domain: oauthaccountmanager.googleapis.com
    2021/02/20 12:14:01 [Info] [4278828398] app/dispatcher: default route for tcp:oauthaccountmanager.googleapis.com:443
    2021/02/20 12:14:03 [Warning] [4278828398] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:14:03 [Info] [4278828398] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:17:20 [Info] [278680833] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 12:17:20 [Info] [278680833] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 12:17:20 [Info] [278680833] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 12:17:20 [Info] [1276125749] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 12:17:20 [Info] [1276125749] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 12:17:20 [Info] [1276125749] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 12:17:22 [Info] [277596725] proxy/socks: TCP Connect request to tcp:sspanel.net:80
    2021/02/20 12:17:22 [Info] [277596725] app/dispatcher: sniffed domain: sspanel.net
    2021/02/20 12:17:22 [Info] [277596725] app/dispatcher: default route for tcp:sspanel.net:80
    2021/02/20 12:17:22 [Warning] [278680833] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:17:22 [Info] [278680833] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:17:22 [Info] [675766784] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 12:17:22 [Info] [675766784] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 12:17:22 [Info] [675766784] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 12:17:22 [Warning] [1276125749] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:17:22 [Info] [1276125749] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:17:22 [Info] [3459633080] proxy/socks: TCP Connect request to tcp:www.google.com:443
    2021/02/20 12:17:22 [Info] [3459633080] app/dispatcher: sniffed domain: www.google.com
    2021/02/20 12:17:22 [Info] [3459633080] app/dispatcher: default route for tcp:www.google.com:443
    2021/02/20 12:17:24 [Warning] [277596725] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:17:24 [Info] [277596725] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:17:24 [Warning] [675766784] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:17:24 [Info] [675766784] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:17:24 [Warning] [3459633080] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:17:24 [Info] [3459633080] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:18:35 [Info] [1471660221] proxy/socks: TCP Connect request to tcp:sspanel.net:80
    2021/02/20 12:18:35 [Info] [1471660221] app/dispatcher: sniffed domain: sspanel.net
    2021/02/20 12:18:35 [Info] [1471660221] app/dispatcher: default route for tcp:sspanel.net:80
    2021/02/20 12:18:37 [Warning] [1471660221] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:127.0.0.1:10221 > Put "https://127.0.0.1:10221/path/": dial tcp 127.0.0.1:10221: operation was canceled] > common/retry: all retry attempts failed
    2021/02/20 12:18:37 [Info] [1471660221] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    2021/02/20 12:19:28 [Debug] app/log: Logger closing
    
    
  • openwrt主路由运行xray客户端启用doh后大量出现`context deadline exceeded`错误信息

    openwrt主路由运行xray客户端启用doh后大量出现`context deadline exceeded`错误信息

    错误信息(大量出现,每秒数条):

    2021/01/19 13:48:21 [Error] app/dns: failed to retrieve response for p30-bookmarks.icloud.com. > Post "https://dns.google/dns-query": context deadline exceeded
    

    搭配这样的warning(同样大量出现):

    2021/01/19 13:49:01 [Warning] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [dial tcp: i/o timeout] > common/retry: all retry attempts failed
    

    使用感受:

    域名解析概率成功,伴随较明显卡顿感。

    客户端配置:

    {
    	"log": {
    		"loglevel": "warning",
    		"error": "/var/log/xray_error.log"
    	},
    	
    	"inbounds": [
    		{
    			"tag": "dns-in",
    			"port": 5300,
    			"protocol": "dokodemo-door",
    			"settings": {
    				"address": "1.1.1.1",
    				"port": 53,
    				"network": "tcp,udp"
    			}
    		},
    		{
    			"tag": "all-in",
    			"port": 12345,
    			"protocol": "dokodemo-door",
    			"settings": {
    				"network": "tcp,udp",
    				"followRedirect": true
    			},
    			"sniffing": {
    				"enabled": true,
    				"destOverride": ["http", "tls"]
    			},
    			"streamSettings": {
    				"sockopt": {
    					"tproxy": "tproxy"
    				}
    			}
    		},
    		{
    			"tag": "socks-in",
    			"protocol": "socks",
    			"port": 9050,
    			"settings": {
    				"udp": true
    			}
    		}
    	],
    	
    	"outbounds": [
    		{
    			"tag": "direct",
    			"protocol": "freedom",
    			"settings": {
    				"domainStrategy": "UseIPv4"
    			}
    		},
    		{
    			"tag": "proxy",
    			"protocol": "vless",
    			"settings": {
    				"vnext": [{
    					"address": "服务器URL",
    					"port": 443,
    					"users": [{
    						"id": "uuid",
    						"flow": "xtls-rprx-splice",
    						"encryption": "none"
    					}]
    				}]
    			},
    			"streamSettings": {
    				"network": "tcp",
    				"security": "xtls"
    			}
    		},
    		{
    			"tag": "block",
    			"protocol": "blackhole",
    			"settings": {
    				"response": {
    					"type": "http"
    				}
    			}
    		},
    		{
    			"tag": "dns-out",
    			"protocol": "dns"
    		}
    	],
    	
    	"dns": {
    		"hosts": {
    			"服务器URL": "服务器IP",
    			"dns.google": "8.8.8.8",
    			"dns.alidns.com": "223.5.5.5"
    		},
    		"servers": [
    			{
    				"address": "https://dns.google/dns-query",
    				"domains": [
    					"geosite:geolocation-!cn"
    				]
    			},
    			{
    				"address": "https+local://dns.alidns.com/dns-query",
    				"domains": [
    					"geosite:cn"
    				],
    				"expectIPs": [
    					"geoip:cn"
    				]
    			},
    			"114.114.114.114"
    		]
    	},
    	
    	"routing": {
    		"domainStrategy": "IPIfNonMatch",
    		"rules": [
    			{
    				"type": "field",
    				"domain": [
    					"geosite:category-ads-all"
    				],
    				"outboundTag": "block"
    			},
    			{
    				"type": "field",
    				"inboundTag": [
    					"dns-in"
    				],
    				"outboundTag": "dns-out"
    			},
    			{
    				"type": "field",
    				"inboundTag": [
    					"all-in"
    				],
    				"port": 53,
    				"network": "udp",
    				"outboundTag": "dns-out"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"223.5.5.5"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"1.1.1.1",
    					"8.8.8.8"
    				],
    				"outboundTag": "proxy"
    			},
    			{
    				"type": "field",
    				"domain": [
    					"geosite:cn"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"protocol":["bittorrent"],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"ip": [
    					"geoip:cn",
    					"geoip:private"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field", 
    				"domain": [
    					"geosite:tld-cn",
    					"geosite:apple-cn",
    					"geosite:private"
    				],
    				"outboundTag": "direct"
    			},
    			{
    				"type": "field",
    				"domain": [
    					"geosite:geolocation-!cn"
    				],
    				"outboundTag": "proxy"
    			},
    			{
    				"type": "field",
    				"outboundTag": "direct",
    				"domain": [
    					"geosite:cn"
    				]
    			},
    			{
    				"type": "field",
    				"network": "tcp,udp",
    				"outboundTag": "proxy"
    			}
    		]
    	}
    }
    
  • 研发请求:自适应服务器故障分流[解决代理服务器不稳定]

    研发请求:自适应服务器故障分流[解决代理服务器不稳定]

    希望增加自适应服务器分流,

    类似概念: Mutlipath TCP (MPTCP) 即多路径 TCP,是对传输控制协议 (TCP) 规范的一组扩展,可让客户端通过不同网络适配器建立到同一目标主机的多个连接。这可在各主机间建立灵活而高效的数据连接,并且仍与现有的网络基础设施兼容。

    发起连接后,当前线路不通时,自动切换至备用节点重新发起连接,选取返回最快的节点作为使用节点,60/300秒后再次检测主节点是否联通,联通再切换到主节点 特点因注重在用户端无感,例如打开google网站,浏览器载入中,只要有任何备用服务器在线,即5秒之内打开谷歌.期间不断连,不显示错误 整个过程在5秒之内完成.

    非主动式连接检测,主动式连接检测间隔期间仍导致代理不通,就算切换到新服务器,原有连接依然是不通或者关闭状态,必须要程序再次发起连接才可以使用. 这样的话就不会遇到服务器不稳定影响上网体验了

  • 1.7.2 首次访问浏览器报 SSL_ERROR_RX_UNKNOWN_RECORD_TYPE

    1.7.2 首次访问浏览器报 SSL_ERROR_RX_UNKNOWN_RECORD_TYPE

    首次通过代理访问某个网站时都会出错,需要点重试1到三次才能正常访问,浏览器用的火狐的SmartProxy插件,模式为全局代理。

    error

    smartproxy_setting

    服务器配置

    {
      "log": {
        "loglevel": "debug"
      },
      "inbounds": [
        {
          "listen": "0.0.0.0",
          "port": 443,
          "protocol": "vless",
          "settings": {
            "clients": [
              {
                "id": "",
                "flow": "xtls-rprx-vision"
              }
            ],
            "decryption": "none"
          },
          "streamSettings": {
            "network": "tcp",
            "security": "tls",
            "tlsSettings": {
              "certificates": [
                {
                  "certificateFile": "/opt/etc/cert/cert.pem",
                  "keyFile": "/opt/etc/cert/key.pem"
                }
              ]
            }
          },
          "sniffing": {
            "enabled": true,
            "destOverride": [
              "http",
              "tls"
            ]
          }
        }
      ],
      "outbounds": [
        {
          "protocol": "freedom",
          "tag": "direct"
        }
      ]
    }
    

    客户端配置

    {
      "log": {
        "loglevel": "debug"
      },
      "routing": {
        "domainStrategy": "IPIfNonMatch",
        "rules": [
          {
            "type": "field",
            "domain": [
              "geosite:cn",
              "geosite:private"
            ],
            "outboundTag": "direct"
          },
          {
            "type": "field",
            "ip": [
              "geoip:cn",
              "geoip:private"
            ],
            "outboundTag": "direct"
          }
        ]
      },
      "inbounds": [
        {
          "listen": "0.0.0.0",
          "port": 10808,
          "protocol": "socks",
          "settings": {
            "udp": true
          },
          "sniffing": {
            "enabled": true,
            "destOverride": [
              "http",
              "tls"
            ]
          }
        },
        {
          "listen": "0.0.0.0",
          "port": 10809,
          "protocol": "http",
          "sniffing": {
            "enabled": true,
            "destOverride": [
              "http",
              "tls"
            ]
          }
        }
      ],
      "outbounds": [
        {
          "protocol": "vless",
          "settings": {
            "vnext": [
              {
                "address": "",
                "port": 443,
                "users": [
                  {
                    "id": "",
                    "encryption": "none",
                    "flow": "xtls-rprx-vision"
                  }
                ]
              }
            ]
          },
          "streamSettings": {
            "network": "tcp",
            "security": "tls",
            "tlsSettings": {
              "serverName": "???.???",
              "allowInsecure": false,
              "fingerprint": "firefox"
            }
          },
          "tag": "proxy"
        },
        {
          "protocol": "freedom",
          "tag": "direct"
        }
      ]
    }
    
    

    附上debug下的双端log

    log.zip

  • Add new uTLS fingerprints

    Add new uTLS fingerprints

    • correct safari
    • new format is the variable name in https://github.com/refraction-networking/utls/blob/master/u_common.go#L163
    • notable ones "HelloChrome_106_Shuffle", "Hello360_Auto", "HelloQQ_Auto"

    CC @RPRX We will need to update this map every time, but at least we don't need to update documents. For the UI devs, the fingerprint field should be editable text (better with some base options).

  • xtls-rprx-vision 仍未能妥善处理好 浏览器 TLS-in-TLS 的特征?

    xtls-rprx-vision 仍未能妥善处理好 浏览器 TLS-in-TLS 的特征?

    本人与近期在 DMIT.io 购入一台 PVM.HKG.Lite.TINY 主机。经 TCP 路由跟踪测试,实际线路为去程绕东京NTT,回程移动CMI。 经反复测试,在该条线路上,Xray (含 xtls-rprx-vision)/trojan-go 等 TLS-in-TLS 代理工具均被稳定识别阻断。 有较大可能性 xtls-rprx-vision 仍未能妥善处理好 浏览器 TLS-in-TLS 的特征。

    如有疑问,请先看结尾的分析猜想部分。

    双端配置

    服务端使用 Xray(v1.7.2, xtls-rprx-vision) + Caddy(fallback)

    客户端使用 Xray(v1.7.2, xtls-rprx-vision) + Vivaldi(Chrome 108)/Firefox 浏览器 (以下实验使用 Vivaldi 浏览器,但 Firefox/Edge 等其他浏览器也能稳定复现)

    测试

    测试流程:

    1. 启动本地及服务器 Xray
    2. 启动 tcpdump 和 wireshark
    3. 使用浏览器连接 scholar.google.com (其他 https 网站较多次访问后也可复现,但因未知原因 Google 系网站接近 100% 被识别阻断)
    4. 依次关闭 浏览器, Xray, tcpdump 和 wireshark

    所有测试期间未发现主动探测。

    脱敏后的 IP 地址解释:

    192.168.1.2 = 本地计算机 124.91.0.1 = 本地出口 103.135.0.1 = PVM.HKG.Lite.TINY 主机 45.77.0.1 = SGP 中转机

    第一轮:本地 Xray 直连 PVM.HKG.Lite.TINY

    结果:无法连接 (ERR_CONNECTION_TIMED_OUT)

    注:浏览器连接超时后自动重试了三次

    客户端配置

    {
        "log": {
            "access": "a.log",
            "error": "e.log",
            "loglevel": "debug"
        },
        "inbounds": [
            {
                "port": 18080,
                "listen": "127.0.0.1",
                "protocol": "http"
            }
        ],
        "outbounds": [
            {
                "protocol": "vless",
                "settings": {
                    "vnext": [
                        {
                            "address": "103.135.0.1",
                            "port": 443,
                            "users": [
                                {
                                    "id": "c123321   ",
                                    "flow": "xtls-rprx-vision",
                                    "encryption": "none"
                                }
                            ]
                        }
                    ]
                },
                "streamSettings": {
                    "network": "tcp",
                    "security": "tls",
                    "tlsSettings": {
                        "serverName": "cross.yif.fyi",
                        "fingerprint": "firefox",
                        "alpn": ["h2", "http/1.1"]
                    }
                },
                "mux": {
                    "enabled": false,
                    "concurrency": 16
                }
            }
        ],
        "routing": {}
    }
    

    服务端配置

    {
        "log": {
            "access": "/etc/xray/a.log",
            "error": "/etc/xray/e.log",
            "loglevel": "debug"
        },
        "inbounds": [
            {
                "listen": "0.0.0.0",
                "port": 443,
                "protocol": "vless",
                "settings": {
                    "clients": [
                        {
                            "id": "c123321   ",
                            "flow": "xtls-rprx-vision"
                        }
                    ],
                    "decryption": "none"
                },
                "streamSettings": {
                    "network": "tcp",
                    "security": "tls",
                    "tlsSettings": {
                        "serverName": "cross.yif.fyi",
                        "alpn": [
                            "h2",
                            "http/1.1"
                        ],
                        "certificates": [
                            {
                                "certificateFile": "/caddy/certificates/acme-v02.api.letsencrypt.org-directory/cross.yif.fyi/cross.yif.fyi.crt",
                                "keyFile": "/caddy/certificates/acme-v02.api.letsencrypt.org-directory/cross.yif.fyi/cross.yif.fyi.key"
                            }
                        ]
                    }
                }
            }
        ],
        "outbounds": [
            {
                "protocol": "freedom"
            }
        ],
        "routing": {}
    }
    

    客户端 access.log

    2023/01/08 21:05:05 127.0.0.1:54279 accepted //scholar.google.com:443
    2023/01/08 21:05:26 127.0.0.1:54288 accepted //scholar.google.com:443
    2023/01/08 21:05:51 127.0.0.1:54292 accepted //scholar.google.com:443
    

    客户端 error.log

    2023/01/08 21:05:00 [Debug] app/log: Logger started
    2023/01/08 21:05:00 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:18080
    2023/01/08 21:05:00 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:18080
    2023/01/08 21:05:00 [Warning] core: Xray 1.7.2 started
    2023/01/08 21:05:05 [Info] [2822591811] proxy/http: request to Method [CONNECT] Host [scholar.google.com:443] with URL [//scholar.google.com:443]
    2023/01/08 21:05:05 [Info] [2822591811] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:05:05 [Info] [2822591811] transport/internet/tcp: dialing TCP to tcp:103.135.0.1:443
    2023/01/08 21:05:05 [Debug] transport/internet: dialing to tcp:103.135.0.1:443
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/outbound: tunneling request to tcp:scholar.google.com:443 via 103.135.0.1:443
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsPadding 773 366 0
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: Xtls Unpadding new block0 16 content 379 padding 808 0
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsPadding 74 1036 0
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsPadding 98 1250 2
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsWrite writeV 0 1353 0
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: Xtls Unpadding new block0 0 content 964 padding 0 2
    2023/01/08 21:05:05 [Info] [2822591811] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:05:25 [Info] [2822591811] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.1.2:54280->103.135.0.1:443: wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
    2023/01/08 21:05:25 [Info] [2822591811] app/proxyman/inbound: connection ends > proxy/http: connection ends > io: read/write on closed pipe
    2023/01/08 21:05:26 [Info] [4098146324] proxy/http: request to Method [CONNECT] Host [scholar.google.com:443] with URL [//scholar.google.com:443]
    2023/01/08 21:05:26 [Info] [4098146324] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:05:26 [Info] [4098146324] transport/internet/tcp: dialing TCP to tcp:103.135.0.1:443
    2023/01/08 21:05:26 [Debug] transport/internet: dialing to tcp:103.135.0.1:443
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/outbound: tunneling request to tcp:scholar.google.com:443 via 103.135.0.1:443
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsPadding 773 521 0
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: Xtls Unpadding new block0 16 content 379 padding 988 0
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsPadding 74 1178 0
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsPadding 98 1279 2
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsWrite writeV 0 1382 0
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: Xtls Unpadding new block0 0 content 995 padding 0 2
    2023/01/08 21:05:26 [Info] [4098146324] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:05:45 [Info] [4098146324] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.1.2:54289->103.135.0.1:443: wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
    2023/01/08 21:05:45 [Info] [4098146324] app/proxyman/inbound: connection ends > proxy/http: connection ends > io: read/write on closed pipe
    2023/01/08 21:05:51 [Info] [233712089] proxy/http: request to Method [CONNECT] Host [scholar.google.com:443] with URL [//scholar.google.com:443]
    2023/01/08 21:05:51 [Info] [233712089] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:05:51 [Info] [233712089] transport/internet/tcp: dialing TCP to tcp:103.135.0.1:443
    2023/01/08 21:05:51 [Debug] transport/internet: dialing to tcp:103.135.0.1:443
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/outbound: tunneling request to tcp:scholar.google.com:443 via 103.135.0.1:443
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsPadding 773 534 0
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: Xtls Unpadding new block0 16 content 379 padding 810 0
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsPadding 74 1109 0
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsPadding 98 1153 2
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsWrite writeV 0 1256 0
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: Xtls Unpadding new block0 0 content 964 padding 0 2
    2023/01/08 21:05:51 [Info] [233712089] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:06:10 [Info] [233712089] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.1.2:54293->103.135.0.1:443: wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
    2023/01/08 21:06:10 [Info] [233712089] app/proxyman/inbound: connection ends > proxy/http: connection ends > io: read/write on closed pipe
    2023/01/08 21:06:42 [Debug] app/log: Logger closing
    

    服务器 access.log

    2023/01/08 21:05:05 124.91.0.1:54280 accepted tcp:scholar.google.com:443
    2023/01/08 21:05:26 124.91.0.1:54289 accepted tcp:scholar.google.com:443
    2023/01/08 21:05:51 124.91.0.1:54293 accepted tcp:scholar.google.com:443
    

    服务器 error.log

    2023/01/08 21:04:47 [Debug] app/log: Logger started
    2023/01/08 21:04:47 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:443
    2023/01/08 21:04:47 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:443
    2023/01/08 21:04:47 [Warning] core: Xray 1.7.2 started
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/inbound: firstLen = 1186
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/inbound: received request for tcp:scholar.google.com:443
    2023/01/08 21:05:05 [Info] [513723113] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:05:05 [Info] [513723113] proxy/freedom: opening connection to tcp:scholar.google.com:443
    2023/01/08 21:05:05 [Info] [513723113] transport/internet/tcp: dialing TCP to tcp:scholar.google.com:443
    2023/01/08 21:05:05 [Debug] transport/internet: dialing to tcp:scholar.google.com:443
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: Xtls Unpadding new block0 16 content 773 padding 366 0
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: XtlsPadding 379 808 0
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: Xtls Unpadding new block0 0 content 74 padding 1036 0
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: XtlsPadding 964 0 2
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: XtlsWrite writeV 0 969 0
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: Xtls Unpadding new block0 0 content 98 padding 1250 2
    2023/01/08 21:05:05 [Info] [513723113] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:05:25 [Info] [513723113] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > read tcp 103.135.0.1:443->124.91.0.1:54280: read: connection reset by peer
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/inbound: firstLen = 1186
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/inbound: received request for tcp:scholar.google.com:443
    2023/01/08 21:05:26 [Info] [1898714411] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:05:26 [Info] [1898714411] proxy/freedom: opening connection to tcp:scholar.google.com:443
    2023/01/08 21:05:26 [Info] [1898714411] transport/internet/tcp: dialing TCP to tcp:scholar.google.com:443
    2023/01/08 21:05:26 [Debug] transport/internet: dialing to tcp:scholar.google.com:443
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: Xtls Unpadding new block0 16 content 773 padding 521 0
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: XtlsPadding 379 988 0
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: Xtls Unpadding new block0 0 content 74 padding 1178 0
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: Xtls Unpadding new block0 0 content 98 padding 1279 2
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: XtlsPadding 995 0 2
    2023/01/08 21:05:26 [Info] [1898714411] proxy/vless/encoding: XtlsWrite writeV 0 1000 0
    2023/01/08 21:05:45 [Info] [1898714411] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > read tcp 103.135.0.1:443->124.91.0.1:54289: read: connection reset by peer
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/inbound: firstLen = 1186
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/inbound: received request for tcp:scholar.google.com:443
    2023/01/08 21:05:51 [Info] [1397549088] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:05:51 [Info] [1397549088] proxy/freedom: opening connection to tcp:scholar.google.com:443
    2023/01/08 21:05:51 [Info] [1397549088] transport/internet/tcp: dialing TCP to tcp:scholar.google.com:443
    2023/01/08 21:05:51 [Debug] transport/internet: dialing to tcp:scholar.google.com:443
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: Xtls Unpadding new block0 16 content 773 padding 534 0
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: XtlsPadding 379 810 0
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: Xtls Unpadding new block0 0 content 74 padding 1109 0
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: Xtls Unpadding new block0 0 content 98 padding 1153 2
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: XtlsPadding 964 0 2
    2023/01/08 21:05:51 [Info] [1397549088] proxy/vless/encoding: XtlsWrite writeV 0 969 0
    2023/01/08 21:06:10 [Info] [1397549088] app/proxyman/inbound: connection ends > proxy/vless/inbound: connection ends > proxy/vless/inbound: failed to transfer request payload > read tcp 103.135.0.1:443->124.91.0.1:54293: read: connection reset by peer
    

    此处附上双端 pcap。 r1-client-443.zip r1-server-443.zip

    第二轮测试:中转连接 PVM.HKG.Lite.TINY

    通过 SSH 隧道(SGP 中转)将 PVM.HKG.Lite.TINY 的 443 端口映射至本地 localhost:443,并配置 Xray 连接

    结果:正常连接

    JSON 配置就不贴了,只是改了个地址

    客户端 access.log

    2023/01/08 21:12:15 127.0.0.1:54366 accepted //scholar.google.com:443
    

    客户端 error.log

    2023/01/08 21:11:59 [Debug] app/log: Logger started
    2023/01/08 21:11:59 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:18080
    2023/01/08 21:11:59 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:18080
    2023/01/08 21:11:59 [Warning] core: Xray 1.7.2 started
    2023/01/08 21:12:15 [Info] [2412398155] proxy/http: request to Method [CONNECT] Host [scholar.google.com:443] with URL [//scholar.google.com:443]
    2023/01/08 21:12:15 [Info] [2412398155] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:12:15 [Info] [2412398155] transport/internet/tcp: dialing TCP to tcp:localhost:443
    2023/01/08 21:12:15 [Debug] transport/internet: dialing to tcp:localhost:443
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/outbound: tunneling request to tcp:scholar.google.com:443 via localhost:443
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsPadding 773 408 0
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: Xtls Unpadding new block0 16 content 379 padding 961 0
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsPadding 74 846 0
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsPadding 98 983 2
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsWrite writeV 0 1086 0
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: Xtls Unpadding new block0 0 content 995 padding 0 2
    2023/01/08 21:12:16 [Info] [2412398155] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:12:53 [Debug] app/log: Logger closing
    

    服务端 access.log

    2023/01/08 21:12:16 45.77.0.1:54278 accepted tcp:scholar.google.com:443
    

    服务端 error.log

    2023/01/08 21:11:51 [Debug] app/log: Logger started
    2023/01/08 21:11:51 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:443
    2023/01/08 21:11:51 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:443
    2023/01/08 21:11:52 [Warning] core: Xray 1.7.2 started
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/inbound: firstLen = 1186
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/inbound: received request for tcp:scholar.google.com:443
    2023/01/08 21:12:16 [Info] [2622049850] app/dispatcher: default route for tcp:scholar.google.com:443
    2023/01/08 21:12:16 [Info] [2622049850] proxy/freedom: opening connection to tcp:scholar.google.com:443
    2023/01/08 21:12:16 [Info] [2622049850] transport/internet/tcp: dialing TCP to tcp:scholar.google.com:443
    2023/01/08 21:12:16 [Debug] transport/internet: dialing to tcp:scholar.google.com:443
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: Xtls Unpadding new block0 16 content 773 padding 408 0
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: XtlsFilterTls found tls client hello! 773
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 379 TLS_AES_128_GCM_SHA256
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: XtlsPadding 379 961 0
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: Xtls Unpadding new block0 0 content 74 padding 846 0
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: Xtls Unpadding new block0 0 content 98 padding 983 2
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: XtlsRead readV
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: XtlsPadding 995 0 2
    2023/01/08 21:12:16 [Info] [2622049850] proxy/vless/encoding: XtlsWrite writeV 0 1000 0
    

    此处附上 pcap r2-server-443.zip

    分析猜想

    是否是 Xray 实现出现了未知 bug?

    使用 SSH 中转后问题消失。 关闭 flow 后继续被阻断,现象相似。 改用 trojan-go 被阻断,现象相似。 直接在 SGP 中转机上使用相同配置重建,连接未被阻断。

    基本可以证明并非 Xray 实现问题。

    为什么说是 TLS-in-TLS 被识别?

    首先,访问 http 网站不会被阻断。 另外,在 Xray 配置 tlsSettings -> fingerprint 或者改换 cipherSuites 没有效果。 其次,使用 curl 代替浏览器访问不会被阻断(推测是特征不同)。 测试的 curl 版本是 curl 7.84.0 (i686-pc-cygwin) libcurl/7.84.0 OpenSSL/1.1.1q zlib/1.2.12 libssh2/1.10.0, 命令为 HTTPS_PROXY=http://localhost:18080 curl -o /dev/null -vv https://scholar.google.com 再者,即使是同一个服务器和端口,当一个特定的 Xray 连接被阻断时,其他 Xray 连接不受影响,且本地仍能正常发起新的 Xray 代理连接。

    另外,直接在 SGP 中转机上使用相同配置重建,连接未被阻断,则很有可能该识别机制正在灰度测试,后续极有可能推广。 鉴于其可怕的精准度,非常危险。

    不过,猜想仅供参考。如是其他问题,便是最好的事。 如开发组需要,可提供该台服务器访问方式。

  • v1.7.2 vision流控无法使用ss的2022-blake3-aes-256-gcm中转

    v1.7.2 vision流控无法使用ss的2022-blake3-aes-256-gcm中转

    所有服务端客户端版本均为v1.7.2 配置情况类似#1403 检查过配置文件,中转机和落地机流控均为xtls-rprx-vision,中转机入站的shadowsocks在使用chacha20-ietf-poly1305中转时正常,而使用2022-blake3-aes-256-gcm时无法访问网页 测试中转机使用2022-blake3-aes-256-gcm时不进行中转而是直连时网页访问正常 客户端日志:

    [Info] [1682512687] proxy/socks: TCP Connect request to tcp:ip.skk.moe:443
    [Info] [1682512687] app/dispatcher: sniffed domain: ip.skk.moe
    tcp:127.0.0.1:64301 accepted tcp:ip.skk.moe:443 [socks -> proxy]
    [Info] [1682512687] app/dispatcher: taking detour [proxy] for [tcp:ip.skk.moe:443]
    [Info] [1682512687] proxy/shadowsocks_2022: tunneling request to tcp:ip.skk.moe:443 via xxx
    [Info] [1682512687] transport/internet/tcp: dialing TCP to tcp:xxx
    [Debug] transport/internet: dialing to tcp:xxx
    [Info] [1682512687] app/proxyman/outbound: failed to process outbound traffic > download: cipher: message authentication failed | upload: EOF
    [Info] [1682512687] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
    

    中转机日志:

    [Info] [3046467828] proxy/shadowsocks_2022: tunnelling request to tcp:ip.skk.moe:443
    [Info] [3046467828] app/dispatcher: taking detour [aaaa] for [tcp:ip.skk.moe:443]
    [Info] [3046467828] transport/internet/tcp: dialing TCP to tcp:yyy:443
    [Info] [3046467828] proxy/vless/outbound: tunneling request to tcp:ip.skk.moe:443 via yyy:443
    [Info] [3046467828] proxy/vless/encoding: XtlsFilterTls found tls client hello! 547
    [Info] [3046467828] proxy/vless/encoding: XtlsPadding 547 818 0
    [Info] [3046467828] proxy/vless/encoding: Xtls Unpadding new block0 16 content 212 padding 1108 0
    [Info] [3046467828] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 212 TLS_AES_128_GCM_SHA256
    [Info] [3046467828] proxy/vless/encoding: XtlsPadding 64 890 0
    [Info] [3046467828] proxy/vless/encoding: XtlsPadding 98 818 2
    [Info] [3046467828] proxy/vless/encoding: XtlsWrite writeV 1 1880 0
    [Info] [3046467828] proxy/vless/encoding: Xtls Unpadding new block0 0 content 521 padding 737 2
    [Info] [3046467828] proxy/vless/encoding: XtlsRead splice
    [Info] [3046467828] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > readfrom tcp xxx->zzz: splice: broken pipe
    

    落地机日志:

    [Info] [1453989842] proxy/vless/inbound: firstLen = 1186
    [Info] [1453989842] proxy/vless/inbound: received request for tcp:ip.skk.moe:443
    [Info] [1453989842] proxy/vless/encoding: Xtls Unpadding new block0 16 content 547 padding 818 0
    [Info] [1453989842] proxy/vless/encoding: XtlsFilterTls found tls client hello! 547
    [Info] [1453989842] app/dispatcher: sniffed domain: ip.skk.moe
    [Info] [1453989842] app/dispatcher: taking detour [direct] for [tcp:ip.skk.moe:443]
    [Info] [1453989842] proxy/freedom: opening connection to tcp:ip.skk.moe:443
    [Info] [1453989842] transport/internet/tcp: dialing TCP to tcp:ip.skk.moe:443
    [Info] [1453989842] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 212 TLS_AES_128_GCM_SHA256
    [Info] [1453989842] proxy/vless/encoding: XtlsPadding 212 1108 0
    [Info] [1453989842] proxy/vless/encoding: Xtls Unpadding new block0 0 content 64 padding 890 0
    [Info] [1453989842] proxy/vless/encoding: Xtls Unpadding new block0 0 content 98 padding 818 2
    [Info] [1453989842] proxy/vless/encoding: XtlsRead readV
    [Info] [1453989842] proxy/vless/encoding: XtlsPadding 521 737 2
    [Info] [1453989842] proxy/vless/encoding: XtlsWrite writeV 0 1263 0
    
  • 添加 interface 指定出口网卡名称

    添加 interface 指定出口网卡名称

    "outbounds": [ { // Protocol name of the outbound proxy. "protocol": "freedom",

    // "sendThrough": "172.16.0.2",

    // Settings of the protocol. Varies based on protocol.
    "settings": {"domainStrategy": "AsIs"},
    
      "streamSettings": {
        "sockopt": {
          "tcpFastOpen": true,
          "interface": "wg0"
        }
      },
        "mux": { "enabled": false,
                  "concurrency": 8
        },
    // Tag of the outbound. May be used for routing.
    

    "tag": "direct" }]

A base gui tool for xray/v2ray/hysteria/trojan-go without system proxy

A base gui tool for xray/v2ray/hysteria/trojan-go without system proxy

Dec 8, 2022
Yet another SIP003 plugin for shadowsocks, based on Xray-core

Yet another SIP003 plugin for shadowsocks, based on Xray-core Build go build Usage See command line args for advanced usages.

Jan 8, 2023
An opinionated clean fork of v2fly/v2ray-core

v2ray-go An opinionated fork of v2fly/v2ray-core. Additional Features ?? Add flag -suppressTimestamps to suppress timestamps in logs ?? Refine systemd

Nov 21, 2022
A Xray backend framework that can easily support many panels. 一个基于Xray的后端框架,支持V2ay,Trojan,Shadowsocks协议,极易扩展,支持多面板对接

XRayR A Xray backend framework that can easily support many panels. 一个基于Xray的后端框架,支持V2ay,Trojan,Shadowsocks协议,极易扩展,支持多面板对接。 如果您喜欢本项目,可以右上角点个star+watch

Jan 4, 2023
一个多功能 SSPanel 机场后端, 支持 V2Ray(Vmess), Trojan, Shadowsocks(单端口多用户)
一个多功能 SSPanel 机场后端, 支持 V2Ray(Vmess), Trojan, Shadowsocks(单端口多用户)

一个多功能 SSPanel 机场后端, 支持 V2Ray(Vmess), Trojan, Shadowsocks(单端口多用户)

Jan 3, 2023
Yet another SIP003 plugin for shadowsocks, based on v2ray

Yet another SIP003 plugin for shadowsocks, based on v2ray Build go build Alternatively, you can grab the latest nightly from Circle CI by logging into

Oct 20, 2021
🛡 Several domain lists compiled into a database file used by V2Ray.

Domain list database This project is pulled from v2fly/domain-list-community, with only its data changed to use several blocklists. Purpose of this pr

May 22, 2022
Laptop Booking Application in Golang and gRPC, load-balancing with NGINX, and fully compatible with HTTPS OpenAPI v3

Laptop Booking Application in Golang and gRPC Goals GitHub CI & Coverage Badge Serialize protobuf messages Create laptop unary gRPC Search laptop Serv

Jun 17, 2022
Centralized Configuration System written in Golang - Spring cloud compatible
Centralized Configuration System written in Golang - Spring cloud compatible

Centralized Configuration System What is Vecosy Vecosy is a configuration service exposed through REST/GRPC. Is Spring Cloud Conf compatible and also

Dec 13, 2022
DeSo is a blockchain built from the ground up to support a fully-featured social network

DeSo is a blockchain built from the ground up to support a fully-featured social network. Its architecture is similar to Bitcoin, only it supports complex social network data like profiles, posts, follows, creator coin transactions, and more.

Dec 22, 2022
Traefik config validator: a CLI tool to (syntactically) validate your Traefik configuration filesTraefik config validator: a CLI tool to (syntactically) validate your Traefik configuration files
Traefik config validator: a CLI tool to (syntactically) validate your Traefik configuration filesTraefik config validator: a CLI tool to (syntactically) validate your Traefik configuration files

Traefik Config Validator Note This is currently pre-release software. traefik-config-validator is a CLI tool to (syntactically) validate your Traefik

Dec 16, 2021
x-crafter is used to quickly create templates from your prototype, also come with a builder to quickly regenerate your code

XCrafter ?? x-crafter is used to quickly create templates from your prototype, also come with a builder to quickly regenerate your code. Install Using

Nov 29, 2021
Open source 5G core network base on 3GPP R15
Open source 5G core network base on 3GPP R15

What is free5GC The free5GC is an open-source project for 5th generation (5G) mobile core networks. The ultimate goal of this project is to implement

Jan 4, 2023
Magma is an open-source software platform that gives network operators an open, flexible and extendable mobile core network solution.
Magma is an open-source software platform that gives network operators an open, flexible and extendable mobile core network solution.

Connecting the Next Billion People Magma is an open-source software platform that gives network operators an open, flexible and extendable mobile core

Dec 31, 2022
Baseledger core consensus for running validator, full and seed nodes

baseledger-core Baseledger core consensus client for running a validator, full or seed node. ⚠️ WARNING: this code has not been audited and is not rea

Jan 13, 2022
Reference implementation of the PLAN Data Model and core components

PLAN is a free and open platform for groups to securely communicate, collaborate, and coordinate projects and activities.

Nov 2, 2021
Courier Order Provider is a service that receives signals from core server in order to emit this orders to courier groups.

Courier Order Provider Courier Order Provider is a service that receives signals(messages) from core server in order to emit this orders to courier gr

Nov 4, 2021
Core is the next-generation digital data engine.
Core is the next-generation digital data engine.

tKeel-Core The digital engine of world ?? Core is the data centre of the tKeel IoT Open Platform, a high-performance, scalable and lightweight next-ge

Mar 28, 2022
Nid-core - nID Framework For Golang

nID Framework nID Framework The nID Framework is a reference architecture and co

Apr 19, 2022