Xray-core
Xray-core copied to clipboard
XTLS
Can't proxy ssh correctly.
I had update my xray-core to 1.6.4(both server and client). After the updating, I can't use it to proxy the ssh, but the browser works well. And they both work well in xray 1.6.1client+1.6.4server or 1.6.1client+1.6.1server. WIndows11 ssh_tool:MobaXterm client:v2rayN5.38-xray1.6.4 server:xray1.6.4
Log in 1.6.1client & 1.6.4 server's case(proxy the ssh correctly) server's Log: 2022/11/17 15:04:34 [Info] [475707042] proxy/vless/inbound: firstLen = 390 2022/11/17 15:04:34 [Info] [475707042] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version 2022/11/17 15:04:34 [Info] [475707042] proxy/vless/inbound: realName = My_Domain 2022/11/17 15:04:34 [Info] [475707042] proxy/vless/inbound: realAlpn = 2022/11/17 15:04:34 [Info] [475707042] proxy/vless/inbound: realPath = /My_path 2022/11/17 15:04:35 [Info] [2636963520] proxy/vless/inbound: firstLen = 26 2022/11/17 15:04:35 [Info] [2636963520] proxy/vless/inbound: received request for tcp:My_ip:22 2022/11/17 15:04:35 [Info] [2636963520] app/dispatcher: default route for tcp:My_ip:22 2022/11/17 15:04:35 [Info] [2636963520] proxy/freedom: opening connection to tcp:My_ip:22 2022/11/17 15:04:35 [Info] [2636963520] transport/internet/tcp: dialing TCP to tcp:My_ip:22 2022/11/17 15:04:35 [Debug] transport/internet: dialing to tcp:My_ip:22 2022/11/17 15:04:37 [Info] [1477477343] proxy/vless/inbound: firstLen = 390 2022/11/17 15:04:37 [Info] [1477477343] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version 2022/11/17 15:04:37 [Info] [1477477343] proxy/vless/inbound: realName = My_Domain 2022/11/17 15:04:37 [Info] [1477477343] proxy/vless/inbound: realAlpn = 2022/11/17 15:04:37 [Info] [1477477343] proxy/vless/inbound: realPath = /My_path 2022/11/17 15:04:37 [Info] [2238137567] proxy/vless/inbound: firstLen = 26 2022/11/17 15:04:37 [Info] [2238137567] proxy/vless/inbound: received request for tcp:My_ip:22 2022/11/17 15:04:37 [Info] [2238137567] app/dispatcher: default route for tcp:My_ip:22 2022/11/17 15:04:37 [Info] [2238137567] proxy/freedom: opening connection to tcp:My_ip:22 2022/11/17 15:04:37 [Info] [2238137567] transport/internet/tcp: dialing TCP to tcp:My_ip:22 2022/11/17 15:04:37 [Debug] transport/internet: dialing to tcp:My_ip:22
client's Log: 2022/11/17 15:08:52 [Debug] app/log: Logger started 2022/11/17 15:08:53 [Debug] app/router: MphDomainMatcher is enabled for 59079 domain rule(s) 2022/11/17 15:08:53 [Debug] app/router: MphDomainMatcher is enabled for 66589 domain rule(s) 2022/11/17 15:08:53 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:10808 2022/11/17 15:08:53 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:10809 2022/11/17 15:08:53 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:10808 2022/11/17 15:08:53 [Info] transport/internet/udp: listening UDP on 127.0.0.1:10808 2022/11/17 15:08:53 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:10809 2022/11/17 15:08:53 [Warning] core: Xray 1.6.1 started 2022/11/17 15:08:56 [Info] [2216554267] proxy/socks: TCP Connect request to tcp:My_ip:22 2022/11/17 15:08:56 [Info] [2216554267] app/dispatcher: taking detour [proxy] for [tcp:My_ip:22] 2022/11/17 15:08:56 [Info] [2216554267] transport/internet/websocket: creating connection to tcp:104.19.243.230:443 2022/11/17 15:08:56 [Debug] transport/internet: dialing to tcp:104.19.243.230:443 2022/11/17 15:08:57 [Info] [2216554267] proxy/vless/outbound: tunneling request to tcp:My_ip:22 via 104.19.243.230:443 2022/11/17 15:08:58 [Info] [988073026] proxy/socks: TCP Connect request to tcp:My_ip:22 2022/11/17 15:08:59 [Info] [988073026] app/dispatcher: taking detour [proxy] for [tcp:My_ip:22] 2022/11/17 15:08:59 [Info] [988073026] transport/internet/websocket: creating connection to tcp:104.19.243.230:443 2022/11/17 15:08:59 [Debug] transport/internet: dialing to tcp:104.19.243.230:443 2022/11/17 15:08:59 [Info] [988073026] proxy/vless/outbound: tunneling request to tcp:My_ip:22 via 104.19.243.230:443
Log in 1.6.4 client & 1.6.4 server's case(it can't proxy the ssh) server's Log:
2022/11/17 15:17:10 [Info] [1144491904] proxy/vless/inbound: firstLen = 390 2022/11/17 15:17:10 [Info] [1144491904] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version 2022/11/17 15:17:10 [Info] [1144491904] proxy/vless/inbound: realName = My_Domain 2022/11/17 15:17:10 [Info] [1144491904] proxy/vless/inbound: realAlpn = 2022/11/17 15:17:10 [Info] [1144491904] proxy/vless/inbound: realPath = /My_path 2022/11/17 15:17:42 [Info] [1776693493] proxy/vless/inbound: firstLen = 304 2022/11/17 15:17:42 [Info] [1776693493] proxy/vless/inbound: fallback starts > proxy/vless/encoding: invalid request version 2022/11/17 15:17:42 [Info] [1776693493] proxy/vless/inbound: realName = 2022/11/17 15:17:42 [Info] [1776693493] proxy/vless/inbound: realAlpn = 2022/11/17 15:17:42 [Warning] [1776693493] app/proxyman/inbound: connection ends > proxy/vless/inbound: failed to find the default "alpn" config 2022/11/17 15:18:10 [Info] [465813691] proxy/vless/inbound: firstLen = 0 2022/11/17 15:18:10 [Info] [465813691] app/proxyman/inbound: connection ends > proxy/vless/inbound: invalid request from 129.227.150.234:0 > proxy/vless/encoding: failed to read request version > read tcp 127.0.0.1:444->127.0.0.1:58576: i/o timeout 2022/11/17 15:18:10 [Info] [1144491904] app/proxyman/inbound: connection ends > proxy/vless/inbound: fallback ends > proxy/vless/inbound: failed to fallback request payload > read tcp My_ip:443->172.71.218.29:42544: use of closed network connection
client's Log: 2022/11/17 14:53:25 [Debug] app/log: Logger started 2022/11/17 14:53:26 [Debug] app/router: MphDomainMatcher is enabled for 59079 domain rule(s) 2022/11/17 14:53:26 [Debug] app/router: MphDomainMatcher is enabled for 66589 domain rule(s) 2022/11/17 14:53:26 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:10808 2022/11/17 14:53:26 [Debug] app/proxyman/inbound: creating stream worker on 127.0.0.1:10809 2022/11/17 14:53:26 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:10808 2022/11/17 14:53:26 [Info] transport/internet/udp: listening UDP on 127.0.0.1:10808 2022/11/17 14:53:26 [Info] transport/internet/tcp: listening TCP on 127.0.0.1:10809 2022/11/17 14:53:26 [Warning] core: Xray 1.6.4 started 2022/11/17 14:53:28 [Info] [3422584225] proxy/socks: TCP Connect request to tcp:My_ip:22 2022/11/17 14:53:29 [Info] [3422584225] app/dispatcher: taking detour [proxy] for [tcp:My_ip:22] 2022/11/17 14:53:29 [Info] [3422584225] transport/internet/websocket: creating connection to tcp:104.19.243.230:443 2022/11/17 14:53:29 [Debug] transport/internet: dialing to tcp:104.19.243.230:443 2022/11/17 14:53:29 [Info] [3422584225] proxy/vless/outbound: tunneling request to tcp:My_ip:22 via 104.19.243.230:443 2022/11/17 14:54:29 [Info] [3422584225] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to decode response header > proxy/vless/encoding: failed to read response version > websocket: close 1000 (normal) 2022/11/17 14:54:29 [Info] [3422584225] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
please show your config file. If it was working normally before the upgrade, please use the old version. the 1.6.4 is pre release, maybe have some new bug,you can use the latest release.
please show your config file. If it was working normally before the upgrade, please use the old version. the 1.6.4 is pre release, maybe have some new bug,you can use the latest release.
I know it. I am testing the newest prerelease to help them solve problems thx bro.
server's config
{
"log": {
"loglevel": "warning", // 内容从少到多: "none", "error", "warning", "info", "debug"
"access": "/home/xrayLogs/access.log", // 访问记录
"error": "/home/xrayLogs/error.log" // 错误记录
},
"dns": {
"servers": [
"127.0.0.1"
]
},
"inbounds": [
{
"port": 446,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "My_ID",
"flow": "xtls-rprx-vision",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": "8080",
"alpn": "h2",
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"allowInsecure": false, // 正常使用应确保关闭
"minVersion": "1.3",
"alpn": [
"h2"
],
"certificates": [
{
"certificateFile": "crt",
"keyFile": "key"
}
]
}
}
},
{
"port": 444,
"listen": "127.0.0.1",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "My_ID",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/My_path"
}
}
},
{
"port": 514,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "My_ID",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "quic",
"quicSettings": {
"security": "chacha20-poly1305",
"key": "key",
"header": {
"type": "wechat-video"
}
},
"security": "tls",
"tlsSettings": {
"serverName": "My_domain",
"allowInsecure": false, // 正常使用应确保关闭
"minVersion": "1.3",
"alpn": "h2",
"certificates": [
{
"certificateFile": "/home/xraySSL/My_domain.crt",
"keyFile": "/home/xraySSL/My_domain.key"
}
]
}
}
},
{
"port": 443,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "My_ID",
"flow": "xtls-rprx-vision",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none",
"fallbacks": [
{
"name": "My_domain",
"path": "/My_path",
"dest": "444",
"xver": 1
},
{
"name": "adh.My_domain",
"alpn": "h2",
"dest": "501",
"xver": 0
},
{
"dest": "8080",
"alpn": "h2",
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"allowInsecure": false, // 正常使用应确保关闭
"minVersion": "1.3",
"alpn": [
"h2"
],
"certificates": [
{
"certificateFile": "/home/xraySSL/My_domain.crt",
"keyFile": "/home/xraySSL/My_domain.key"
}
]
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}
client's config
ws
{
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "127.0.0.1",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "104.19.243.230",
"port": 443,
"users": [
{
"id": "id",
"alterId": 0,
"email": "[email protected]",
"security": "auto",
"encryption": "none",
"flow": ""
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"allowInsecure": false,
"serverName": "My_domain",
"alpn": [
"h2",
"http/1.1"
],
"fingerprint": "chrome"
},
"wsSettings": {
"path": "/My_path",
"headers": {
"Host": "My_domain"
}
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api",
"enabled": true
},
{
"type": "field",
"inboundTag": [],
"outboundTag": "direct",
"ip": [
"geoip:private"
],
"enabled": true
},
{
"type": "field",
"outboundTag": "direct",
"protocol": [
"bittorrent"
],
"enabled": true
},
{
"type": "field",
"outboundTag": "block",
"domain": [
"geosite:category-ads-all"
],
"enabled": true
},
{
"type": "field",
"port": "0-65535",
"inboundTag": [],
"outboundTag": "proxy",
"enabled": true
}
]
}
}
quic
{
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "127.0.0.1",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "My_ip",
"port": 514,
"users": [
{
"id": "id",
"alterId": 0,
"email": "[email protected]",
"security": "auto",
"encryption": "none",
"flow": ""
}
]
}
]
},
"streamSettings": {
"network": "quic",
"security": "tls",
"tlsSettings": {
"allowInsecure": false,
"serverName": "My_domain",
"alpn": [
"h2",
"http/1.1"
],
"fingerprint": "chrome"
},
"quicSettings": {
"security": "chacha20-poly1305",
"key": "key",
"header": {
"type": "wechat-video"
}
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api",
"enabled": true
},
{
"type": "field",
"inboundTag": [],
"outboundTag": "direct",
"ip": [
"geoip:private"
],
"enabled": true
},
{
"type": "field",
"outboundTag": "direct",
"protocol": [
"bittorrent"
],
"enabled": true
},
{
"type": "field",
"outboundTag": "block",
"domain": [
"geosite:category-ads-all"
],
"enabled": true
},
{
"type": "field",
"port": "0-65535",
"inboundTag": [],
"outboundTag": "proxy",
"enabled": true
}
]
}
}
tls-vision
{
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "127.0.0.1",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "My_ip",
"port": 446,
"users": [
{
"id": "id",
"alterId": 0,
"email": "[email protected]",
"security": "auto",
"encryption": "none",
"flow": "xtls-rprx-vision"
}
]
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"allowInsecure": false,
"serverName": "My_domain",
"alpn": [
"h2",
"http/1.1"
],
"fingerprint": "chrome"
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api",
"enabled": true
},
{
"type": "field",
"inboundTag": [],
"outboundTag": "direct",
"ip": [
"geoip:private"
],
"enabled": true
},
{
"type": "field",
"outboundTag": "direct",
"protocol": [
"bittorrent"
],
"enabled": true
},
{
"type": "field",
"outboundTag": "block",
"domain": [
"geosite:category-ads-all"
],
"enabled": true
},
{
"type": "field",
"port": "0-65535",
"inboundTag": [],
"outboundTag": "proxy",
"enabled": true
}
]
}
}
应该修好了https://github.com/XTLS/Xray-core/pull/1425 https://github.com/XTLS/Xray-core/actions/runs/3667339817
应该修好了#1425 https://github.com/XTLS/Xray-core/actions/runs/3667339817
经测试,已修复,感谢