v2ray-core
v2ray-core copied to clipboard
Published
20 hours ago •
v2fly
v2fly
服务端开启Shadowsocks的UDP设置之后必须在防火墙添加与Shadowsocks入站TCP端口一致的UDP端口才能使UDP流入
你正在使用哪个版本的 V2Ray?
4.45.2,而且我猜在最新的5.16.1也有同样的问题,不过没有测试。
你的使用场景是什么?
使用Netch 1.9.7测试NAT类型。
你看到的异常现象是什么?
配置了"network": "tcp,udp",防火墙开放了供Shadowsocks通信的TCP端口,测试到的NAT类型结果为NoUDP;若使防火墙开放所有UDP端口,测试到的结果为“unsupported server”;若仅在防火墙中添加与前述TCP端口一致的UDP端口,则UDP正常通信。
你期待看到的正常表现是怎样的?
Shadowsocks难道不是个TCP协议吗?客户端的UDP流量被Socks入口接收以后,进行Shadowsocks出站,传到服务器的Shadowsocks入站,这个远程传输的过程应该是仅需要Shadowsocks的TCP端口就能完成,因为原始的TCP、UDP已经包含在Shadowsocks数据包中了,不应该需要开放对应的UDP端口才能使NAT是全锥形,更奇怪的是如果开放所有UDP端口反而“unsupported server”了。
请附上你的配置
服务端配置:
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"tag": "local",
"protocol": "socks",
"listen": "127.0.0.1",
"port": 1080,
"settings": {
"udp": true
},
"sniffing": {
"enabled": true
}
},
{
"tag": "us",
"protocol": "shadowsocks",
"listen": "0.0.0.0",
"port": 10800,
"settings": {
"password": "anonymous",
"method": "chacha20-ietf-poly1305",
"network": "tcp,udp"
},
"sniffing": {
"enabled": true
}
}
],
"outbounds": [
{
"tag": "direct",
"protocol": "freedom"
},
{
"tag": "block",
"protocol": "blackhole"
}
],
"routing": {
"domainStrategy": "IPIfNonMatch",
"domainMatcher": "mph",
"rules": [
{
"type": "field",
"ip": [
"geoip:private"
],
"outboundTag": "block"
},
{
"type": "field",
"protocol": [
"bittorrent"
],
"outboundTag": "block"
},
{
"type": "field",
"inboundTag": ["local", "us"],
"outboundTag": "direct"
}
]
}
}
客户端配置:
无法在Netch上找出对应的客户端配置,不过我让Netch去连v2rayN的入站Socks代理,也能实现一样的效果,以下是对应的配置:
{
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "0.0.0.0",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"routeOnly": false
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "0.0.0.0",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"routeOnly": false
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "api",
"port": 10813,
"listen": "127.0.0.1",
"protocol": "dokodemo-door",
"settings": {
"udp": false,
"address": "127.0.0.1",
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "shadowsocks",
"settings": {
"servers": [
{
"address": "example.com",
"method": "chacha20-ietf-poly1305",
"ota": false,
"password": "anonymous",
"port": 10800,
"level": 1
}
]
},
"streamSettings": {
"network": "tcp"
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"stats": {},
"api": {
"tag": "api",
"services": [
"StatsService"
]
},
"policy": {
"system": {
"statsOutboundUplink": true,
"statsOutboundDownlink": true
}
},
"dns": {
"hosts": {
"dns.google": "8.8.8.8",
"proxy.example.com": "127.0.0.1"
},
"servers": [
{
"address": "223.5.5.5",
"domains": [
"geosite:cn",
"geosite:geolocation-cn"
],
"expectIPs": [
"geoip:cn"
]
},
"1.1.1.1",
"8.8.8.8",
"https://dns.google/dns-query"
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"domainMatcher": "mph",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api"
},
{
"type": "field",
"port": "0-65535",
"outboundTag": "proxy"
}
]
}
}
请附上出错时软件输出的错误日志
该问题发生时不会有对应的日志输出。
服务器端错误日志:
该问题发生时不会有对应的日志输出。
客户端错误日志:
该问题发生时不会有对应的日志输出。
请附上访问日志
在开放Shadowsocks对应的UDP端口的情况下,NAT是连通状态,能够看到NAT检测的访问:
May 12 21:26:24 us1 v2ray[3726]: 2024/05/12 21:26:24 udp:(来源IP):2712 accepted udp:188.166.128.84:3478 [direct]
May 12 21:26:25 us1 v2ray[3726]: 2024/05/12 21:26:25 udp:(来源IP):2712 accepted udp:188.166.128.84:3479 [direct]
其它相关的配置文件(如 Nginx)和相关日志
无。
如果 V2Ray 无法启动,请附上 --test 命令的输出
无。
如果 V2Ray 服务运行异常,请附上 journal 日志
无。
