shadowsocks-go
shadowsocks-go copied to clipboard
database64128
Need config sample using the unsafe stream prefix feature
https://github.com/shadowsocks/shadowsocks-org/issues/204#issuecomment-1266710067
Based on the configuration above, it does not work.
Full config example file would be appreciated.
thanks.
Based on the configuration above, it does not work.
Post your full config so I can take a look.
Based on the configuration above, it does not work.
Post your full config so I can take a look.
server_config.json:
{
"servers": [
{
"name": "ss-2022",
"listen": ":20220",
"protocol": "2022-blake3-aes-128-gcm",
"enableTCP": true,
"listenerTFO": true,
"enableUDP": true,
"mtu": 1500,
"psk": "FSr6Pkyq3VrDOelPrByuUA==",
"uPSKs": [
"AXRWODoYoAky8MJOwKMvGA=="
]
}
],
"unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
"unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
"udpPreferIPv6": true
}
client_config.json:
{
"servers": [
{
"name": "socks5",
"listen": ":1080",
"protocol": "socks5",
"enableTCP": true,
"listenerTFO": true,
"enableUDP": true,
"mtu": 1500
}
],
"clients": [
{
"name": "ss-2022",
"endpoint": "xxx.xxx.xxx.xxx:20220",
"protocol": "2022-blake3-aes-128-gcm",
"enableTCP": true,
"dialerTFO": true,
"enableUDP": true,
"mtu": 1500,
"psk": "FSr6Pkyq3VrDOelPrByuUA==",
"iPSKs": [
"AXRWODoYoAky8MJOwKMvGA=="
]
},
{
"name": "direct",
"protocol": "direct",
"enableTCP": true,
"dialerTFO": true,
"enableUDP": true,
"mtu": 1500
}
],
"dns": [
{
"name": "cf-v6",
"addrPort": "8.8.8.8:53",
"tcpClientName": "ss-2022",
"udpClientName": "ss-2022"
}
],
"unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
"unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
"udpPreferIPv6": true
}
When the shadowsocks-go service is started, the client test has a response using "tcping xxx.xxx.xxx.xxx 20220".
You put these fields in the wrong place. The unsafeRequestStreamPrefix and unsafeResponseStreamPrefix fields are supposed to be in the client and server blocks, not in the root structure.
Now I changed the position of the unsafeRequestStreamPrefix and unsafeResponseStreamPrefix fields, but it still doesn't work.
server_config.json:
{
"servers": [
{
"name": "ss-2022",
"listen": ":20220",
"protocol": "2022-blake3-aes-128-gcm",
"enableTCP": true,
"listenerTFO": true,
"enableUDP": true,
"mtu": 1500,
"unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
"unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
"psk": "FSr6Pkyq3VrDOelPrByuUA==",
"uPSKs": [
"AXRWODoYoAky8MJOwKMvGA=="
]
}
],
"udpPreferIPv6": true
}
client_config.json:
{
"servers": [
{
"name": "socks5",
"listen": ":1080",
"protocol": "socks5",
"enableTCP": true,
"listenerTFO": true,
"enableUDP": true,
"mtu": 1500
}
],
"clients": [
{
"name": "ss-2022",
"endpoint": "xxx.xxx.xxx.xxx:20220",
"protocol": "2022-blake3-aes-128-gcm",
"enableTCP": true,
"dialerTFO": true,
"enableUDP": true,
"mtu": 1500,
"unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
"unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
"psk": "FSr6Pkyq3VrDOelPrByuUA==",
"iPSKs": [
"AXRWODoYoAky8MJOwKMvGA=="
]
},
{
"name": "direct",
"protocol": "direct",
"enableTCP": true,
"dialerTFO": true,
"enableUDP": true,
"mtu": 1500
}
],
"dns": [
{
"name": "cf-v6",
"addrPort": "8.8.8.8:53",
"tcpClientName": "ss-2022",
"udpClientName": "ss-2022"
}
],
"udpPreferIPv6": true
}
What's the version of your shadowsocks-go? Did both the server and client print the warning message "Unsafe stream prefix taints the server/client" on startup?
In your client config, you have 2 clients configured, but there is no router configuration. If you don't want to use the router feature, you need to remove the direct client, so the router can automatically pick the only client. The dns configuration is also unnecessary when you don't have IP rules.
Now, I modified the client config. I am using the latest version (shadowsocks-go-v1.4.0-linux-x86-64-v3) . the message "Unsafe stream prefix taints the server/client {"name": "ss-2022"}" is displayed when both the client and the server are started. but it still doesn't work.
my new client config file:
{
"servers": [
{
"name": "socks5",
"listen": ":1080",
"protocol": "socks5",
"enableTCP": true,
"listenerTFO": true,
"enableUDP": true,
"mtu": 1500
}
],
"clients": [
{
"name": "ss-2022",
"endpoint": "xxx.xxx.xxx.xxx:20220",
"protocol": "2022-blake3-aes-128-gcm",
"enableTCP": true,
"dialerTFO": true,
"enableUDP": true,
"mtu": 1500,
"unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
"unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
"psk": "FSr6Pkyq3VrDOelPrByuUA==",
"iPSKs": [
"AXRWODoYoAky8MJOwKMvGA=="
]
}
],
"udpPreferIPv6": true
}
In your server config, FSr6Pkyq3VrDOelPrByuUA== was configured as the iPSK. But in your client config it was configured as the uPSK. You are making the same mistake as #20.
If you don't need multiple uPSKs, you can just drop the iPSKs and uPSKs fields and use the same PSK in the psk field.
Next time please post the logs, and remember to enclose your configuration in ```json and ```, so it's formatted and readable.