udp2raw
udp2raw copied to clipboard
Published
20 hours ago •
wangyu-
wangyu-
客户端与服务端无法到ready状态
平台
服务端(VPS) CentOS 7 64bit 客户端 Win10 1803 64Bit 假设服务端IP为 202.91.32.100 ,客户端为普通家用宽带,出口IP为 100.100.165.25
启动参数
服务端
./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:10110 -a -k "passwd" --raw-mode faketcp
客户端
udp2raw_mp_nolibnet -c -r202.91.32.100:10120 -l0.0.0.0:4000 --raw-mode easy-faketcp -k "passwd"
LOG
服务端
[2018-08-31 14:28:49][INFO]argc=10 ./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:10110 -a -k passwd --raw-mode faketcp
[2018-08-31 14:28:49][INFO]parsing address: 0.0.0.0:10120
[2018-08-31 14:28:49][INFO]its an ipv4 adress
[2018-08-31 14:28:49][INFO]ip_address is {0.0.0.0}, port is {10120}
[2018-08-31 14:28:49][INFO]parsing address: 127.0.0.1:10110
[2018-08-31 14:28:49][INFO]its an ipv4 adress
[2018-08-31 14:28:49][INFO]ip_address is {127.0.0.1}, port is {10110}
[2018-08-31 14:28:49][INFO]important variables: log_level=4:INFO raw_mode=faketcp cipher_mode=aes128cbc auth_mode=md5 key=passwd local_addr=0.0.0.0:10120 remote_addr=127.0.0.1:10110 socket_buf_size=1048576
[2018-08-31 14:28:49][WARN]you can run udp2raw with non-root account for better security. check README.md in repo for more info.
[2018-08-31 14:28:49][INFO]remote_ip=[127.0.0.1], make sure this is a vaild IP address
[2018-08-31 14:28:49][INFO]const_id:716cf8
[2018-08-31 14:28:49][INFO]run_command iptables -N udp2rawDwrW_716cf8_C0
[2018-08-31 14:28:49][INFO]run_command iptables -F udp2rawDwrW_716cf8_C0
[2018-08-31 14:28:49][INFO]run_command iptables -I udp2rawDwrW_716cf8_C0 -j DROP
[2018-08-31 14:28:49][INFO]run_command iptables -I INPUT -p tcp -m tcp --dport 10120 -j udp2rawDwrW_716cf8_C0
[2018-08-31 14:28:49][WARN]auto added iptables rules
[2018-08-31 14:28:49][INFO]now listening at 0.0.0.0:10120
[2018-08-31 14:29:15][INFO][100.100.165.25:9749]received syn,sent syn ack back
[2018-08-31 14:29:15][INFO][100.100.165.25:9749]got packet from a new ip
[2018-08-31 14:29:15][INFO][100.100.165.25:9749]created new conn,state: server_handshake1,my_id is 102d7826
[2018-08-31 14:29:15][INFO][100.100.165.25:9749]changed state to server_handshake1,my_id is 102d7826
[2018-08-31 14:29:16][INFO][100.100.165.25:9749]changed state to server_handshake1,my_id is 102d7826
[2018-08-31 14:29:17][INFO][100.100.165.25:9749]changed state to server_handshake1,my_id is 102d7826
[2018-08-31 14:29:18][INFO][100.100.165.25:9749]changed state to server_handshake1,my_id is 102d7826
[2018-08-31 14:29:19][INFO][100.100.165.25:9749]changed state to server_handshake1,my_id is 102d7826
[2018-08-31 14:29:20][INFO][100.100.165.25:9760]received syn,sent syn ack back
[2018-08-31 14:29:20][INFO][100.100.165.25:9760]got packet from a new ip
[2018-08-31 14:29:20][INFO][100.100.165.25:9760]created new conn,state: server_handshake1,my_id is bdf4046a
[2018-08-31 14:29:20][INFO][100.100.165.25:9760]changed state to server_handshake1,my_id is bdf4046a
[2018-08-31 14:29:22][INFO][100.100.165.25:9760]changed state to server_handshake1,my_id is bdf4046a
[2018-08-31 14:29:23][INFO][100.100.165.25:9760]changed state to server_handshake1,my_id is bdf4046a
[2018-08-31 14:29:24][INFO][100.100.165.25:9760]changed state to server_handshake1,my_id is bdf4046a
[2018-08-31 14:29:25][INFO][100.100.165.25:9749]inactive conn cleared
[2018-08-31 14:29:25][INFO][100.100.165.25:9760]changed state to server_handshake1,my_id is bdf4046a
[2018-08-31 14:29:26][INFO][100.100.165.25:9763]received syn,sent syn ack back
[2018-08-31 14:29:26][INFO][100.100.165.25:9763]got packet from a new ip
[2018-08-31 14:29:26][INFO][100.100.165.25:9763]created new conn,state: server_handshake1,my_id is e3cc5c99
[2018-08-31 14:29:26][INFO][100.100.165.25:9763]changed state to server_handshake1,my_id is e3cc5c99
[2018-08-31 14:29:28][INFO][100.100.165.25:9763]changed state to server_handshake1,my_id is e3cc5c99
[2018-08-31 14:29:29][INFO][100.100.165.25:9763]changed state to server_handshake1,my_id is e3cc5c99
[2018-08-31 14:29:30][INFO][100.100.165.25:9763]changed state to server_handshake1,my_id is e3cc5c99
[2018-08-31 14:29:31][INFO][100.100.165.25:9760]inactive conn cleared
[2018-08-31 14:29:31][INFO][100.100.165.25:9763]changed state to server_handshake1,my_id is e3cc5c99
[2018-08-31 14:29:32][INFO][100.100.165.25:9767]received syn,sent syn ack back
[2018-08-31 14:29:32][INFO][100.100.165.25:9767]got packet from a new ip
[2018-08-31 14:29:32][INFO][100.100.165.25:9767]created new conn,state: server_handshake1,my_id is 2bccc672
[2018-08-31 14:29:32][INFO][100.100.165.25:9767]changed state to server_handshake1,my_id is 2bccc672
[2018-08-31 14:29:33][INFO][100.100.165.25:9767]changed state to server_handshake1,my_id is 2bccc672
客户端
[2018-08-31 14:29:13][INFO]source_addr is now 192.168.1.146
[2018-08-31 14:29:13][INFO]using port 59644
[2018-08-31 14:29:13][INFO]filter expression is [ip and tcp and src 202.91.32.100 and src port 10120 and dst port 59644]
[2018-08-31 14:29:13][INFO]ret=-1,errno=0:,472 202.91.32.100:10120
[2018-08-31 14:29:13][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 14:29:13][INFO]state changed from client_tcp_dummy to client_handshake1
[2018-08-31 14:29:13][INFO](re)sent handshake1
[2018-08-31 14:29:14][INFO](re)sent handshake1
[2018-08-31 14:29:15][INFO](re)sent handshake1
[2018-08-31 14:29:17][INFO](re)sent handshake1
[2018-08-31 14:29:18][INFO](re)sent handshake1
[2018-08-31 14:29:18][INFO]state back to client_idle from client_handshake1
[2018-08-31 14:29:19][INFO]source_addr is now 192.168.1.146
[2018-08-31 14:29:19][INFO]using port 61597
[2018-08-31 14:29:19][INFO]filter expression is [ip and tcp and src 202.91.32.100 and src port 10120 and dst port 61597]
[2018-08-31 14:29:19][INFO]ret=-1,errno=0:,440 202.91.32.100:10120
[2018-08-31 14:29:19][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 14:29:19][INFO]state changed from client_tcp_dummy to client_handshake1
[2018-08-31 14:29:19][INFO](re)sent handshake1
[2018-08-31 14:29:20][INFO](re)sent handshake1
[2018-08-31 14:29:21][INFO](re)sent handshake1
[2018-08-31 14:29:23][INFO](re)sent handshake1
[2018-08-31 14:29:24][INFO](re)sent handshake1
[2018-08-31 14:29:24][INFO]state back to client_idle from client_handshake1
[2018-08-31 14:29:25][INFO]source_addr is now 192.168.1.146
[2018-08-31 14:29:25][INFO]using port 30248
[2018-08-31 14:29:25][INFO]filter expression is [ip and tcp and src 202.91.32.100 and src port 10120 and dst port 30248]
[2018-08-31 14:29:25][INFO]ret=-1,errno=0:,552 202.91.32.100:10120
[2018-08-31 14:29:25][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 14:29:25][INFO]state changed from client_tcp_dummy to client_handshake1
[2018-08-31 14:29:25][INFO](re)sent handshake1
[2018-08-31 14:29:26][INFO](re)sent handshake1
[2018-08-31 14:29:27][INFO](re)sent handshake1
[2018-08-31 14:29:29][INFO](re)sent handshake1
[2018-08-31 14:29:30][INFO](re)sent handshake1
[2018-08-31 14:29:30][INFO]state back to client_idle from client_handshake1
[2018-08-31 14:29:31][INFO]source_addr is now 192.168.1.146
[2018-08-31 14:29:31][INFO]using port 61771
[2018-08-31 14:29:31][INFO]filter expression is [ip and tcp and src 202.91.32.100 and src port 10120 and dst port 61771]
[2018-08-31 14:29:31][INFO]ret=-1,errno=0:,420 202.91.32.100:10120
[2018-08-31 14:29:31][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 14:29:31][INFO]state changed from client_tcp_dummy to client_handshake1
以上不断循环显示。
参考一下这个连接:
https://github.com/wangyu-/udp2raw-tunnel/wiki/%E5%B8%B8%E8%A7%81%E9%94%99%E8%AF%AF
我上面所使用的VPS是HostDare的ovz。我尝试换成了谷歌云主机来操作,LOG发生不同,但依然不能到ready状态。
谷歌云已清空的iptables设置(bty,希望清空iptables的介绍能添加提醒“需确认INPUT的默认规则为ACCEPT,为DROP的话会断开所有连接”)
假设谷歌云IP为 35.194.100.3 谷歌云使用Ubuntu 16
启动参数
服务端
./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:443 -a -k "passwd" --raw-mode faketcp
客户端
udp2raw_mp_nolibnet -c -r35.194.100.3:10120 -l0.0.0.0:443 --raw-mode easy-faketcp -k "passwd"
LOG
服务端
[2018-08-31 08:56:45][INFO]argc=10 ./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:443 -a -k passwd --raw-mode faketcp
[2018-08-31 08:56:45][INFO]parsing address: 0.0.0.0:10120
[2018-08-31 08:56:45][INFO]its an ipv4 adress
[2018-08-31 08:56:45][INFO]ip_address is {0.0.0.0}, port is {10120}
[2018-08-31 08:56:45][INFO]parsing address: 127.0.0.1:443
[2018-08-31 08:56:45][INFO]its an ipv4 adress
[2018-08-31 08:56:45][INFO]ip_address is {127.0.0.1}, port is {443}
[2018-08-31 08:56:45][INFO]important variables: log_level=4:INFO raw_mode=faketcp cipher_mode=aes128cbc auth_mode=md5 key=passwd local_addr=0.0.0.0:10120 remote_addr=127.0.0.1:443 socket_buf_size=1048576
[2018-08-31 08:56:45][WARN]you can run udp2raw with non-root account for better security. check README.md in repo for more info.
[2018-08-31 08:56:45][INFO]remote_ip=[127.0.0.1], make sure this is a vaild IP address
[2018-08-31 08:56:45][INFO]const_id:82e084b6
[2018-08-31 08:56:45][INFO]run_command iptables -N udp2rawDwrW_82e084b6_C0
[2018-08-31 08:56:45][INFO]run_command iptables -F udp2rawDwrW_82e084b6_C0
[2018-08-31 08:56:45][INFO]run_command iptables -I udp2rawDwrW_82e084b6_C0 -j DROP
[2018-08-31 08:56:45][INFO]run_command iptables -I INPUT -p tcp -m tcp --dport 10120 -j udp2rawDwrW_82e084b6_C0
[2018-08-31 08:56:45][WARN]auto added iptables rules
[2018-08-31 08:56:45][INFO]now listening at 0.0.0.0:10120
[2018-08-31 08:56:54][INFO][100.100.165.25:11018]received syn,sent syn ack back
[2018-08-31 08:56:57][INFO][100.100.165.25:11018]received syn,sent syn ack back
[2018-08-31 08:57:00][INFO][100.100.165.25:11022]received syn,sent syn ack back
[2018-08-31 08:57:03][INFO][100.100.165.25:11022]received syn,sent syn ack back
[2018-08-31 08:57:03][INFO][100.100.165.25:11025]received syn,sent syn ack back
[2018-08-31 08:57:05][INFO][100.100.165.25:11026]received syn,sent syn ack back
[2018-08-31 08:57:08][INFO][100.100.165.25:11026]received syn,sent syn ack back
[2018-08-31 08:57:09][INFO][100.100.165.25:11031]received syn,sent syn ack back
[2018-08-31 08:57:11][INFO][100.100.165.25:11033]received syn,sent syn ack back
[2018-08-31 08:57:14][INFO][100.100.165.25:11033]received syn,sent syn ack back
[2018-08-31 08:57:14][INFO][100.100.165.25:11035]received syn,sent syn ack back
[2018-08-31 08:57:16][INFO][100.100.165.25:11039]received syn,sent syn ack back
[2018-08-31 08:57:19][INFO][100.100.165.25:11039]received syn,sent syn ack back
[2018-08-31 08:57:20][INFO][100.100.165.25:11033]received syn,sent syn ack back
[2018-08-31 08:57:22][INFO][100.100.165.25:11044]received syn,sent syn ack back
[2018-08-31 08:57:25][INFO][100.100.165.25:11044]received syn,sent syn ack back
[2018-08-31 08:57:25][INFO][100.100.165.25:11048]received syn,sent syn ack back
客户端
[2018-08-31 16:56:52][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:56:52][INFO]using port 26190
[2018-08-31 16:56:52][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 26190]
[2018-08-31 16:56:52][INFO]ret=-1,errno=0:,336 35.194.100.3:10120
[2018-08-31 16:56:52][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:56:58][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:56:58][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:56:58][INFO]using port 16431
[2018-08-31 16:56:58][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 16431]
[2018-08-31 16:56:58][INFO]ret=-1,errno=0:,448 35.194.100.3:10120
[2018-08-31 16:56:58][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:57:03][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:57:04][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:57:04][INFO]using port 29236
[2018-08-31 16:57:04][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 29236]
[2018-08-31 16:57:04][INFO]ret=-1,errno=0:,512 35.194.100.3:10120
[2018-08-31 16:57:04][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:57:09][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:57:09][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:57:09][INFO]using port 18204
[2018-08-31 16:57:09][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 18204]
[2018-08-31 16:57:09][INFO]ret=-1,errno=0:,416 35.194.100.3:10120
[2018-08-31 16:57:09][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:57:14][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:57:15][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:57:15][INFO]using port 29576
[2018-08-31 16:57:15][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 29576]
[2018-08-31 16:57:15][INFO]ret=-1,errno=0:,504 35.194.100.3:10120
[2018-08-31 16:57:15][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:57:20][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:57:20][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:57:20][INFO]using port 26725
[2018-08-31 16:57:20][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 26725]
[2018-08-31 16:57:20][INFO]ret=-1,errno=0:,372 35.194.100.3:10120
[2018-08-31 16:57:20][INFO]state changed from client_idle to client_tcp_handshake_dummy
以上循环显示
这是否说明我所使用的这两台主机不支持raw流量呢?
希望清空iptables的介绍能添加提醒“需确认INPUT的默认规则为ACCEPT
你按我链接里方法操作,INPUT的默认规则就一定为ACCEPT
这是否说明我所使用的这两台主机不支持raw流量呢?
不清楚,谷歌云貌似是支持的。 你可以先试一下Linux版的客户端。另外确保你用的是非pre-release版的。
谷歌云确认是支持的,你参考一下这个issue,谷歌云貌似有一层额外的防火墙:
https://github.com/wangyu-/udp2raw-tunnel/issues/179
建议你在调试通之前先用非pre-release版。 如果windows版的client连不上,先拿linux版的client试一下(在本地的虚拟机或另一个vps)。
上面我所使用的版本是:服务端 20180830.0 ,Win客户端 20180830.0 至于谷歌云的防火墙问题,已确认设置好,不然server端就不会显示日志了。 接着我尝试使用非pre-release版:
谷歌云服务端20180225.0+Win客户端20180701.0 情况和上面一样,服务端无限 received syn,sent syn ack back
谷歌云服务端20180225.0+HostDare上的Linux客户端20180225.0 此时客户端启动参数
./udp2raw_amd64 -c -r35.194.100.3:10120 -l0.0.0.0:4000 --raw-mode faketcp -a -k "passwd"
服务端与客户端都成功进入ready状态。
所以是Win客户端兼容性问题还是Win上面还需要进一步操作? (目前在Win的操作除了启动命令外只有一个防火墙弹出联网提示并放行)
所以是Win客户端兼容性问题还是Win上面还需要进一步操作?
不清楚。
你可以尝试一下在windows上配合-g手动添加防火墙规则,然后用faketcp模式(非easy)。排除easyfaketcp模式的兼容问题。
还可以尝试一下在本地桥接的虚拟机里运行linux版的客户端,排除一下本地宽带不支持raw流量的可能。
你可以尝试一下在windows上配合-g手动添加防火墙规则
尝试后不能到ready状态,LOG同上
还可以尝试一下在本地桥接的虚拟机里运行linux版的客户端,排除一下本地宽带不支持raw流量的可能。
依然不能到ready状态,LOG同Win客户端。
如此看来是本地带宽不支持raw流量?(ISP为福建联通)
如此看来是本地带宽不支持raw流量?(ISP为福建联通)
如果排除掉操作有错误的情况,看起来问题确实是出在本地。 有可能是宽带的问题(不过联通应该没问题呀),也有可能是路由器的问题(在issue里没遇到过)。
如果有机会,建议试一下这台电脑在其他网络环境下是否可以。
另外你试一下两边用--log-level 5,看log里显示什么。
我再进行了一次测试,这次尝试使用ICMP伪装。 这次在虚拟机和实机都成功到了ready状态。
HostDare VPS 上服务端的启动参数
./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:10110 -a -k "passwd" --raw-mode icmp
虚拟机Linux客户端(版本20180225.0)启动参数
./udp2raw_amd64 -c -r202.91.32.100:10120 -l0.0.0.0:4000 --raw-mode icmp -a -k "passwd"
Win客户端(版本20180701.0)启动参数
udp2raw_mp_nolibnet -c -r202.91.32.100:10120 -l0.0.0.0:4000 --raw-mode icmp -k "passwd"
这是否说明ISP已经能够阻止使用udp2raw处理出来的伪TCP流量?
这是否说明ISP已经能够阻止使用udp2raw处理出来的伪TCP流量?
感觉不像。
client端:
[2018-08-31 16:56:52][INFO]using port 26190
[2018-08-31 16:56:52][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 26190]
[2018-08-31 16:56:52][INFO]ret=-1,errno=0:,336 35.194.100.3:10120
[2018-08-31 16:56:52][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:56:58][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:56:58][INFO]source_addr is now 192.168.1.146
[2018-08-31 16:56:58][INFO]using port 16431
[2018-08-31 16:56:58][INFO]filter expression is [ip and tcp and src 35.194.100.3 and src port 10120 and dst port 16431]
[2018-08-31 16:56:58][INFO]ret=-1,errno=0:,448 35.194.100.3:10120
[2018-08-31 16:56:58][INFO]state changed from client_idle to client_tcp_handshake_dummy
[2018-08-31 16:57:03][INFO]state back to client_idle from client_tcp_handshake_dummy
[2018-08-31 16:57:04][INFO]source_addr is now 192.168.1.146
server端:
[2018-08-31 08:57:00][INFO][100.100.165.25:11022]received syn,sent syn ack back
[2018-08-31 08:57:03][INFO][100.100.165.25:11022]received syn,sent syn ack back
[2018-08-31 08:57:03][INFO][100.100.165.25:11025]received syn,sent syn ack back
从你最后一次发的log来看, client发了个 syn, server收到后回了syn ack, 然后client端就收不到这个server回的syn ack了。 如果ISP能检测出udp2raw的协议来,应该不会只发了个syn和syn ack就检测出来了,这个阶段跟普通tcp是一样的。 感觉还是出了什么问题。
你可以尝试下,用nc监听在udp2raw server的端口,然后在本地用另一个nc去连,看能否正常收发数据(双向)
可能是路由器的问题
我使用的是OpenWRT Chaos Calmer 15.05.1,我也想过是不是路由器问题,尝试在“防火墙”设置里开关“启用SYN-flood防御”,“MSS钳制”,流量设置全部选择“接受”,情况并没有发生变化。
如果有机会,建议试一下这台电脑在其他网络环境下是否可以。
暂时没有除了联通以外的ISP,尝试过使用手机热点(联通)结果相同。
另外你试一下两边用--log-level 5
服务端启动参数
./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:10110 -a -k "passwd" --raw-mode faketcp --log-level 5
Win客户端启动参数
>udp2raw_mp_nolibnet -c -r202.91.32.100:10120 -l0.0.0.0:4000 --raw-mode faketcp -k "passwd" --log-level 5
客户端LOG
using system32/wpcap.dll
The Winsock 2.2 dll was found okay, _setmaxstdio() was set to 4000
[2018-08-31 21:28:37][INFO]argc=10 udp2raw_mp_nolibnet -c -r202.91.32.100:10120 -l0.0.0.0:4000 --raw-mode faketcp -k passwd --log-level 5
[2018-08-31 21:28:37][DEBUG]option_index: 6
[2018-08-31 21:28:37][DEBUG]parsing key option
[2018-08-31 21:28:37][DEBUG]option_index: 2
[2018-08-31 21:28:37][INFO]important variables: log_level=5:DEBUG raw_mode=faketcp cipher_mode=aes128cbc auth_mode=md5 key=passwd local_ip=0.0.0.0 local_port=4000 remote_address=202.91.32.100 remote_port=10120 source_ip=0.0.0.0 source_port=0 socket_buf_size=1048576
[2018-08-31 21:28:37][INFO]remote_ip=[202.91.32.100], make sure this is a vaild IP address
[2018-08-31 21:28:37][INFO]const_id:5fb26b55
<71><d4><88><f9><e9><70><a2><84><69><4f><06><45><23><2d><3f><a6>
<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>
<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>
<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>
<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>
[2018-08-31 21:28:38][INFO]get_src_adress called
[2018-08-31 21:28:38][DEBUG]created new udp_fd 336
[2018-08-31 21:28:38][INFO]source ip = 192.168.1.146
[2018-08-31 21:28:38][INFO]--dev have not been set, trying to detect automatically, avaliable deives:
[2018-08-31 21:28:38][INFO]avaliable deives(device name: ip address ; description):
\Device\NPF_{1E6E1A23-9F91-4236-A9D0-A358032A7BD2}: [unknow:23] [192.168.180.1]; VMware Virtual Ethernet Adapter
\Device\NPF_{4C04AAE8-8AFC-4183-996E-337AF53DC4C5}: [unknow:23] [0.0.0.0]; VPN Client Adapter - VPN
\Device\NPF_{C4BDCF2F-016B-4F84-BC89-767659395205}: [unknow:23] [unknow:23] [no ip found]; TAP-Windows Adapter V9
\Device\NPF_{6C7F3A21-5D32-4109-A21D-FFAAD961EB58}: [unknow:23] [unknow:23] [no ip found]; Microsoft
\Device\NPF_{9D60222B-4063-4DFA-8F73-DE41CFC3B685}: [unknow:23] [10.0.4.10]; TAP-Windows Adapter V9
\Device\NPF_{78FB8BA9-B4EF-4E8E-B35F-564FF1DE85F8}: [unknow:23] [10.0.4.10]; TAP-Windows Adapter V9
\Device\NPF_{E81E97DE-AF43-4C02-A281-97C0263D4835}: [unknow:23] [10.0.66.10]; ZeroTier One Virtual Port
\Device\NPF_{FF649AED-DF57-43B0-9213-BC398B7AB677}: [192.168.2.201]; Realtek PCIe GBE Family Controller
\Device\NPF_{901E7296-8B72-4BF6-9B1B-B1A317D30BB6}: [unknow:23] [192.168.40.1]; VMware Virtual Ethernet Adapter
\Device\NPF_{CCE92692-CEAF-43A0-A857-6EDB796A3683}: [unknow:23] [0.0.0.0]; MS NDIS 6.0 LoopBack Driver
\Device\NPF_{5207454D-F560-4060-805E-33A7C71E55E0}: [unknow:23] [10.198.75.60]; TAP-Windows Adapter V9
\Device\NPF_{9457959D-717C-4C9F-8C69-1210A7237049}: [unknow:23] [192.168.137.1] [192.168.137.1]; Microsoft
\Device\NPF_{79332963-47D2-4B7E-8977-C3D1A9C3A13A}: [unknow:23] [unknow:23] [unknow:23] [unknow:23] [192.168.1.146]; Microsoft
[2018-08-31 21:28:39][INFO]using device:[\Device\NPF_{79332963-47D2-4B7E-8977-C3D1A9C3A13A}], ip: [192.168.1.146]
[2018-08-31 21:28:39][DEBUG]send_raw : from 9201a8c0 0 to ab205bca 10120
[2018-08-31 21:28:39][INFO]waiting for a use-able packet to be captured
link level header captured:
<74><7d><24><52><f3><43><f6><8e><38><e9><a0><18><8><0>
[2018-08-31 21:28:39][DEBUG]created new udp_fd 436
[2018-08-31 21:28:39][INFO]using port 13034
[2018-08-31 21:28:39][INFO]filter expression is [tcp and src 202.91.32.100 and src port 10120 and dst port 13034]
[2018-08-31 21:28:39][INFO]state changed from client_idle to client_tcp_handshake
[2018-08-31 21:28:39][INFO](re)sent tcp syn
[2018-08-31 21:28:39][INFO]state changed from client_tcp_handshake to client_handshake1
[2018-08-31 21:28:39][INFO](re)sent handshake1
[2018-08-31 21:28:39][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:39][DEBUG]recv_bare failed!
[2018-08-31 21:28:40][INFO](re)sent handshake1
[2018-08-31 21:28:40][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:40][DEBUG]recv_bare failed!
[2018-08-31 21:28:41][INFO](re)sent handshake1
[2018-08-31 21:28:42][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:42][DEBUG]recv_bare failed!
[2018-08-31 21:28:42][INFO](re)sent handshake1
[2018-08-31 21:28:43][INFO](re)sent handshake1
[2018-08-31 21:28:44][INFO]state back to client_idle from client_handshake1
[2018-08-31 21:28:44][DEBUG]created new udp_fd 532
[2018-08-31 21:28:44][INFO]using port 49958
[2018-08-31 21:28:44][INFO]filter expression is [tcp and src 202.91.32.100 and src port 10120 and dst port 49958]
[2018-08-31 21:28:44][INFO]state changed from client_idle to client_tcp_handshake
[2018-08-31 21:28:44][INFO](re)sent tcp syn
[2018-08-31 21:28:44][INFO]state changed from client_tcp_handshake to client_handshake1
[2018-08-31 21:28:44][INFO](re)sent handshake1
[2018-08-31 21:28:44][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:44][DEBUG]recv_bare failed!
[2018-08-31 21:28:45][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:45][DEBUG]recv_bare failed!
[2018-08-31 21:28:45][INFO](re)sent handshake1
[2018-08-31 21:28:47][INFO](re)sent handshake1
[2018-08-31 21:28:47][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:47][DEBUG]recv_bare failed!
[2018-08-31 21:28:48][INFO](re)sent handshake1
[2018-08-31 21:28:49][INFO](re)sent handshake1
[2018-08-31 21:28:49][INFO]state back to client_idle from client_handshake1
[2018-08-31 21:28:50][DEBUG]created new udp_fd 436
[2018-08-31 21:28:50][INFO]using port 63443
[2018-08-31 21:28:50][INFO]filter expression is [tcp and src 202.91.32.100 and src port 10120 and dst port 63443]
[2018-08-31 21:28:50][INFO]state changed from client_idle to client_tcp_handshake
[2018-08-31 21:28:50][INFO](re)sent tcp syn
[2018-08-31 21:28:50][INFO]state changed from client_tcp_handshake to client_handshake1
[2018-08-31 21:28:50][INFO](re)sent handshake1
[2018-08-31 21:28:50][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:50][DEBUG]recv_bare failed!
[2018-08-31 21:28:51][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:51][DEBUG]recv_bare failed!
[2018-08-31 21:28:51][INFO](re)sent handshake1
[2018-08-31 21:28:53][INFO](re)sent handshake1
[2018-08-31 21:28:53][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:53][DEBUG]recv_bare failed!
[2018-08-31 21:28:54][INFO](re)sent handshake1
[2018-08-31 21:28:55][INFO](re)sent handshake1
[2018-08-31 21:28:55][INFO]state back to client_idle from client_handshake1
[2018-08-31 21:28:56][DEBUG]created new udp_fd 532
[2018-08-31 21:28:56][INFO]using port 14979
[2018-08-31 21:28:56][INFO]filter expression is [tcp and src 202.91.32.100 and src port 10120 and dst port 14979]
[2018-08-31 21:28:56][INFO]state changed from client_idle to client_tcp_handshake
[2018-08-31 21:28:56][INFO](re)sent tcp syn
[2018-08-31 21:28:56][INFO]state changed from client_tcp_handshake to client_handshake1
[2018-08-31 21:28:56][INFO](re)sent handshake1
[2018-08-31 21:28:56][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:56][DEBUG]recv_bare failed!
[2018-08-31 21:28:57][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:57][DEBUG]recv_bare failed!
[2018-08-31 21:28:57][INFO](re)sent handshake1
[2018-08-31 21:28:59][INFO](re)sent handshake1
[2018-08-31 21:28:59][DEBUG]unexpect packet type recv_info.syn=1 recv_info.ack=1
[2018-08-31 21:28:59][DEBUG]recv_bare failed!
[2018-08-31 21:29:00][INFO](re)sent handshake1
[2018-08-31 21:29:00][INFO]got sigint, exit
服务端LOG
[2018-08-31 21:28:29][INFO]argc=12 ./udp2raw_amd64 -s -l0.0.0.0:10120 -r 127.0.0.1:10110 -a -k passwd --raw-mode faketcp --log- level 5
[2018-08-31 21:28:29][DEBUG]parsing key option
[2018-08-31 21:28:29][DEBUG]option_index: 6
[2018-08-31 21:28:29][DEBUG]option_index: 2
[2018-08-31 21:28:29][INFO]important variables: log_level=5:DEBUG raw_mode=faketcp cipher_mode=aes128cbc auth_mode=md5 key=pass wd local_ip=0.0.0.0 local_port=10120 remote_ip=127.0.0.1 remote_port=10110 source_ip=0.0.0.0 source_port=0 socket_buf_size=1048 576
[2018-08-31 21:28:29][WARN]you can run udp2raw with non-root account for better security. check README.md in repo for more info .
[2018-08-31 21:28:29][INFO]const_id:4f45e707
[2018-08-31 21:28:29][INFO]run_command iptables -N udp2rawDwrW_4f45e707_C0
[2018-08-31 21:28:29][INFO]run_command iptables -F udp2rawDwrW_4f45e707_C0
[2018-08-31 21:28:29][INFO]run_command iptables -I udp2rawDwrW_4f45e707_C0 -j DROP
[2018-08-31 21:28:29][INFO]run_command iptables -I INPUT -p tcp -m tcp --dport 10120 -j udp2rawDwrW_4f45e707_C0
[2018-08-31 21:28:29][WARN]auto added iptables rules
[2018-08-31 21:28:29][DEBUG]error remove fiter
[2018-08-31 21:28:29][INFO]now listening at 0.0.0.0:10120
[2018-08-31 21:28:40][INFO][100.100.165.25:11051]received syn,sent syn ack back
[2018-08-31 21:28:41][DEBUG]auth_verify failed
[2018-08-31 21:28:41][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:41][INFO][100.100.165.25:11051]got packet from a new ip
[2018-08-31 21:28:41][INFO][100.100.165.25:11051]created new conn,state: server_handshake1,my_id is 58a53864
[2018-08-31 21:28:41][INFO][100.100.165.25:11051]changed state to server_handshake1,my_id is 58a53864
[2018-08-31 21:28:42][DEBUG]auth_verify failed
[2018-08-31 21:28:42][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:42][INFO][100.100.165.25:11051]changed state to server_handshake1,my_id is 58a53864
[2018-08-31 21:28:43][DEBUG]auth_verify failed
[2018-08-31 21:28:43][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:43][INFO][100.100.165.25:11051]changed state to server_handshake1,my_id is 58a53864
[2018-08-31 21:28:44][INFO][100.100.165.25:11051]changed state to server_handshake1,my_id is 58a53864
[2018-08-31 21:28:44][DEBUG]auth_verify failed
[2018-08-31 21:28:44][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:45][DEBUG]auth_verify failed
[2018-08-31 21:28:45][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:45][INFO][100.100.165.25:11051]changed state to server_handshake1,my_id is 58a53864
[2018-08-31 21:28:46][INFO][100.100.165.25:11055]received syn,sent syn ack back
[2018-08-31 21:28:46][INFO][100.100.165.25:11055]got packet from a new ip
[2018-08-31 21:28:46][INFO][100.100.165.25:11055]created new conn,state: server_handshake1,my_id is 654b87bb
[2018-08-31 21:28:46][INFO][100.100.165.25:11055]changed state to server_handshake1,my_id is 654b87bb
[2018-08-31 21:28:46][DEBUG]auth_verify failed
[2018-08-31 21:28:46][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:47][DEBUG]auth_verify failed
[2018-08-31 21:28:47][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:47][INFO][100.100.165.25:11055]changed state to server_handshake1,my_id is 654b87bb
[2018-08-31 21:28:48][DEBUG]auth_verify failed
[2018-08-31 21:28:48][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:48][INFO][100.100.165.25:11055]changed state to server_handshake1,my_id is 654b87bb
[2018-08-31 21:28:50][DEBUG]auth_verify failed
[2018-08-31 21:28:50][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:50][INFO][100.100.165.25:11055]changed state to server_handshake1,my_id is 654b87bb
[2018-08-31 21:28:51][DEBUG]auth_verify failed
[2018-08-31 21:28:51][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:51][INFO][100.100.165.25:11055]changed state to server_handshake1,my_id is 654b87bb
[2018-08-31 21:28:51][INFO][100.100.165.25:11051]inactive conn cleared
[2018-08-31 21:28:52][INFO][100.100.165.25:11060]received syn,sent syn ack back
[2018-08-31 21:28:52][INFO][100.100.165.25:11060]got packet from a new ip
[2018-08-31 21:28:52][INFO][100.100.165.25:11060]created new conn,state: server_handshake1,my_id is f8985915
[2018-08-31 21:28:52][INFO][100.100.165.25:11060]changed state to server_handshake1,my_id is f8985915
[2018-08-31 21:28:52][DEBUG]auth_verify failed
[2018-08-31 21:28:52][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:53][DEBUG]auth_verify failed
[2018-08-31 21:28:53][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:53][INFO][100.100.165.25:11060]changed state to server_handshake1,my_id is f8985915
[2018-08-31 21:28:54][DEBUG]auth_verify failed
[2018-08-31 21:28:54][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:54][INFO][100.100.165.25:11060]changed state to server_handshake1,my_id is f8985915
[2018-08-31 21:28:56][DEBUG]auth_verify failed
[2018-08-31 21:28:56][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:56][INFO][100.100.165.25:11060]changed state to server_handshake1,my_id is f8985915
[2018-08-31 21:28:57][DEBUG]auth_verify failed
[2018-08-31 21:28:57][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:57][INFO][100.100.165.25:11060]changed state to server_handshake1,my_id is f8985915
[2018-08-31 21:28:58][INFO][100.100.165.25:11063]received syn,sent syn ack back
[2018-08-31 21:28:58][DEBUG]auth_verify failed
[2018-08-31 21:28:58][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:58][INFO][100.100.165.25:11063]got packet from a new ip
[2018-08-31 21:28:58][INFO][100.100.165.25:11063]created new conn,state: server_handshake1,my_id is 5f2b97e9
[2018-08-31 21:28:58][INFO][100.100.165.25:11063]changed state to server_handshake1,my_id is 5f2b97e9
[2018-08-31 21:28:58][INFO][100.100.165.25:11055]inactive conn cleared
[2018-08-31 21:28:59][DEBUG]auth_verify failed
[2018-08-31 21:28:59][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:28:59][INFO][100.100.165.25:11063]changed state to server_handshake1,my_id is 5f2b97e9
[2018-08-31 21:29:00][DEBUG]auth_verify failed
[2018-08-31 21:29:00][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:29:00][INFO][100.100.165.25:11063]changed state to server_handshake1,my_id is 5f2b97e9
[2018-08-31 21:29:02][DEBUG]auth_verify failed
[2018-08-31 21:29:02][DEBUG]decrypt_fail in recv bare
[2018-08-31 21:29:02][INFO][100.100.165.25:11063]changed state to server_handshake1,my_id is 5f2b97e9
[2018-08-31 21:29:03][INFO][100.100.165.25:11060]inactive conn cleared
[2018-08-31 21:29:09][INFO][100.100.165.25:11063]inactive conn cleared
我使用的是OpenWRT Chaos Calmer 15.05.1,我也想过是不是路由器问题,尝试在“防火墙”设置里开关“启用SYN-flood防御”,“MSS钳制”,流量设置全部选择“接受”,情况并没有发生变化。
我也用的是OpenWRT CC 15.05.1,默认设置没问题。
我加一下你的telegram或者whatsapp吧,把你的号发到我的邮箱wangyucn at gmail.com。
我连你的服务器,你连我的服务器试试。
和wangyu大佬交流后问题大体明白了。HostDare是支持raw流量的,问题出在防火墙上,清空规则后faketcp模式已能联通,具体是和哪一条规则冲突,有机会的话日后补充。
至于谷歌云方面,因为上了TCP阻断豪华名单,暂无法确定是配置问题还是*FW的问题,不过还是能ping通的,因此可以尝试用ICMP模式来抢救一下。
