sing-box
sing-box copied to clipboard
Published
20 hours ago •
SagerNet
SagerNet
curl http3 connection TO tproxy udp inbound TO TUIC remote server
Operating system
Linux
System version
Podman on Linux
Installation type
Original sing-box Command Line
If you are using a graphical client, please provide the version of the client.
No response
Version
docker image v1.9.0-alpha.6
sing-box version unknown
Environment: go1.22.0 linux/amd64
Tags: with_gvisor,with_quic,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_acme,with_clash_api
Revision: 63124a8c6a8feb52b638aa7c471e062f8c9dd2dc
CGO: disabled
Description
$ curl -V
curl 7.88.1 (x86_64-pc-linux-gnu) libcurl/7.88.1 OpenSSL/3.0.11 zlib/1.2.13 brotli/1.0.9 zstd/1.5.4 libidn2/2.3.3 libpsl/0.21.2 (+libidn2/2.3.3) libssh2/1.10.0 nghttp2/1.52.0 librtmp/2.3 OpenLDAP/2.5.13
Release-Date: 2023-02-20, security patched: 7.88.1-10+deb12u5
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd
$ curl https://[2001:4860:4860::8844] --http3-only -v
* Trying [2001:4860:4860::8844]:443...
* QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* QUIC connectin has been shut down
* QUIC connect to 2001:4860:4860::8844 port 443 failed: Couldn't connect to server
* Failed to connect to 2001:4860:4860::8844 port 443 after 30000 ms: Couldn't connect to server
* Closing connection
curl: (7) QUIC connectin has been shut down
Client side sing-box:
INFO[0021] [2312534408 0ms] inbound/tproxy[TProxy IN]: inbound packet connection from [240e:abcd::1]:37823 INFO[0021] [2312534408 0ms] inbound/tproxy[TProxy IN]: inbound packet connection to [2001:4860:4860::8844]:443 DEBUG[0021] [2312534408 0ms] router: match[3] inbound=[TProxy IN] network=udp => TUIC INFO[0021] [2312534408 0ms] outbound/tuic[TUIC]: outbound packet connection to [2001:4860:4860::8844]:443
Server side sing-box:
*No log rolled out even under debug mode
Reproduction
...
"inbounds": [
{
"tag": "TProxy IN",
"type": "tproxy",
"listen": "::",
"listen_port": 1079
}
],
"outbounds": [
{
"tag": "TUIC",
"type": "tuic",
"server": "tuic.example.local",
"server_port": 6789,
"uuid": "e640e473-1292-4f77-83a1-eca5cf51e74a",
"congestion_control": "bbr",
"tls": {
"enabled": true
},
"domain_strategy": "ipv6_only"
},
{
"tag": "DNS",
"type": "dns"
},
{
"tag": "Direct",
"type": "direct"
}
]
...
Logs
No response
Integrity requirements
- [X] I confirm that I have read the documentation, understand the meaning of all the configuration items I wrote, and did not pile up seemingly useful options or default values.
- [X] I confirm that I have provided the server and client configuration files and process that can be reproduced locally, instead of a complicated client configuration file that has been stripped of sensitive data.
- [X] I confirm that I have provided the simplest configuration that can be used to reproduce the error I reported, instead of depending on remote servers, TUN, graphical interface clients, or other closed-source software.
- [X] I confirm that I have provided the complete configuration files and logs, rather than just providing parts I think are useful out of confidence in my own intelligence.
