FreeInternet
FreeInternet copied to clipboard
WeAreMahsaAmini
shadow socks V2Ray not working from Iran.
I deployed a server on Vultr and used the shadow socks v2ray instructions. I can verify my config works, using devices outside of Iran. However when friends in Iran use the config they cannot connect. I followed the instructions and have verified my settings match that on the guide (I assume that this would be some config error with Arvancloud), and everything seems to be correct (see attached image).
Any idea on how to start troubleshooting this or what might be the cause of this malfunction?
take a look at container logs. docker-compose logs ss-server docker-compose logs nginx
Cheers, maybe you can help me find what to look for - here are some parts of the log:
ss-server_1 | 2022-10-27 07:19:33 INFO: enable TCP no-delay ss-server_1 | 2022-10-27 07:19:33 INFO: plugin "v2ray-plugin" enabled ss-server_1 | 2022-10-27 07:19:33 INFO: UDP relay enabled ss-server_1 | 2022-10-27 07:19:33 INFO: enable TCP no-delay ss-server_1 | 2022-10-27 07:19:33 INFO: initializing ciphers... aes-256-gcm ss-server_1 | 2022-10-27 07:19:33 INFO: using nameserver: 1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001 ss-server_1 | 2022-10-27 07:19:33 INFO: tcp server listening at 127.0.0.1:51517 ss-server_1 | 2022-10-27 07:19:33 INFO: tcp port reuse enabled ss-server_1 | 2022-10-27 07:19:33 INFO: udp server listening at 0.0.0.0:8080 ss-server_1 | 2022-10-27 07:19:33 INFO: udp port reuse enabled ss-server_1 | 2022/10/27 07:19:33 V2Ray 4.44.0 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.9 linux/amd64) ss-server_1 | 2022/10/27 07:19:33 A unified platform for anti-censorship. ss-server_1 | 2022/10/27 07:19:33 [Warning] V2Ray 4.44.0 started ss-server_1 | 2022/10/27 07:39:23 tcp:49.186.38.18:0 accepted tcp:127.0.0.1:0
there are several repeats of the following:
ss-server_1 | 2022-10-27 21:18:11 ERROR: remote recv: Connection reset by peer
and
ss-server_1 | 2022-10-27 21:21:41 ERROR: unable to resolve appsupport.abc-prod.net.au
ss-server_1 | 2022-10-27 21:23:56 ERROR: getpeername: Socket not connected ss-server_1 | 2022/10/27 21:23:57 tcp:172.18.0.4:43092 accepted tcp:127.0.0.1:0
ss-server_1 | 2022/10/27 22:17:12 [Warning] transport/internet/websocket: failed to serve http for WebSocket > accept tcp [::]:8080: use of closed network connection
For nginx I get many repeats of the following
ss-nginx-frontend | Waiting for certificate /etc/nginx/cert/limooamani.online.cer before starting nginx... ss-nginx-frontend | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration ss-nginx-frontend | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh ss-nginx-frontend | 20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/default.conf.template to /etc/nginx/conf.d/default.conf ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh ss-nginx-frontend | /docker-entrypoint.sh: Configuration complete; ready for start up ss-nginx-frontend | 2022/10/27 07:19:43 [emerg] 1#1: cannot load certificate "/etc/nginx/cert/limooamani.online.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) ss-nginx-frontend | nginx: [emerg] cannot load certificate "/etc/nginx/cert/limooamani.online.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) ss-nginx-frontend | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration ss-nginx-frontend | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh ss-nginx-frontend | 20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/default.conf.template to /etc/nginx/conf.d/default.conf ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh ss-nginx-frontend | /docker-entrypoint.sh: Configuration complete; ready for start up
Then a lot like this:
2022/10/27 07:26:42 [notice] 1#1: using the "epoll" event method
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: nginx/1.23.1
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: OS: Linux 5.15.0-52-generic
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 65535:65535
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: start worker processes
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: start worker process 35
ss-nginx-frontend | ***.187.187.59 - - [27/Oct/2022:07:37:19 +0000] "GET / HTTP/1.1" 404 0 "-" "python-requests/2.25.1" "***.45.90.36"
and then
ss-nginx-frontend | 2022/10/31 06:03:09 [crit] 35#35: *3165 SSL_do_handshake() failed (SSL: error:14201044:SSL routines:tls_choose_sigalg:internal error) while SSL handshaking, client: ***.241.218.246, server: 0.0.0.0:443
As I mentioned, I can connect to the server from outside of Iran, but no-one inside can use it. Any help or advice would be appreciated.
Cheers
Arvancloud is not reliable method anymore. They found out and are throttling to extreme extent.
