Comments (15)
HirbodBehnam
commented on July 1, 2024
Hello
Does it fail with specific error? For example conflict error or etc?
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
I found part of the problem. I use IPtables instead of FirewallD. I already had working IPTables firewall rules. I commented out the part of the script that edits firewall rules for CentOS since your script enables FirewallD.
Another problem is that it failed to install shadowsocks-libev because it failed to resolve ‘copr-be.cloud.fedoraproject.org’. I do not know why because it would always resolve if I used host, ping or nslookup on the same server.
After many failed install attempts, it finally resolved and completed the installation but I cannot get Cloak to work. I have been working on this issue non-stop for hours. I just don’t know what else to try. Everything was working before I updated.
When you have time, can you please help me with troubleshooting steps?
from shadowsocks-cloak-installer.
HirbodBehnam
commented on July 1, 2024
Hello
I tested the copr-be.cloud.fedoraproject.org out and it was fine on two of my servers.
For firewallD, later I will add some options to check if the firewall is running or not, and ask the user if he likes to enable firewallD.
And for the last problem, can you send the logs of systemctl status cloak-server?
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
# systemctl status cloak-server
? cloak-server.service - Cloak Server Service
Loaded: loaded (/etc/systemd/system/cloak-server.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2019-11-28 10:21:15 EST; 8min ago
Main PID: 833 (ck-server)
CGroup: /system.slice/cloak-server.service
??833 /usr/local/bin/ck-server -c ckserver.json
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42594" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42596" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42604" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42570" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42612" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42614" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42616" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42626" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42606" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42608" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42630" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42632" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42638" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42644" sessionId=0
Nov 28 10:30:09 www.my_REDACTED_site.com ck-server[833]: time="2019-11-28T10:30:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:42628" sessionId=0
from shadowsocks-cloak-installer.
HirbodBehnam
commented on July 1, 2024
Did you updated the client side cloak?
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
Did you updated the client side cloak?
Yes, I used the example from https://github.com/cbeuw/Cloak/archive/v2.1.2.zip. I replaced the keys and server with the correct info.
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
Here's more info:
cbeuw/Cloak#79 (comment)
I don't feel comfortable posting my actual config files with the real keys, website and IP addresses. I can share them with you privately if you need them.
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
I just checked, again, and it appears to have failed on its own:
# systemctl status cloak-server
? cloak-server.service - Cloak Server Service
Loaded: loaded (/etc/systemd/system/cloak-server.service; enabled; vendor preset: disabled)
Active: failed (Result: signal) since Thu 2019-11-28 12:06:17 EST; 6h ago
Process: 1521 ExecStart=/usr/local/bin/ck-server -c ckserver.json (code=killed, signal=KILL)
Main PID: 1521 (code=killed, signal=KILL)
Nov 28 12:06:08 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:06-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40786" sessionId=0
Nov 28 12:06:09 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:07-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40790" sessionId=0
Nov 28 12:06:10 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:07-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40794" sessionId=0
Nov 28 12:06:11 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:08-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40798" sessionId=0
Nov 28 12:06:12 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40800" sessionId=0
Nov 28 12:06:13 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:09-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40802" sessionId=0
Nov 28 12:06:15 www.my_REDACTED_site.com ck-server[1521]: time="2019-11-28T12:06:11-05:00" level=warning msg="duplicate random" UID= encryptionMethod=0 proxyMethod= remoteAddr="127.0.0.1:40804" sessionId=0
Nov 28 12:06:17 www.my_REDACTED_site.com systemd[1]: cloak-server.service: main process exited, code=killed, status=9/KILL
Nov 28 12:06:17 www.my_REDACTED_site.com systemd[1]: Unit cloak-server.service entered failed state.
Nov 28 12:06:17 www.my_REDACTED_site.com systemd[1]: cloak-server.service failed.
from shadowsocks-cloak-installer.
HirbodBehnam
commented on July 1, 2024
Another question;
Does this thing happen when you install the cloak manually? (without the script)
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
My attempts to manually install Cloak have been unsuccessful because the instructions on the Cloak Github page are not detailed enough for me to get it working. I have tried on different server instances. That's why I used your script. Your script worked for me previously. I used an earlier version of the script to update Cloak, several month ago, on my production server.
Does your script totally remove all traces of the previous installation of Cloak/Shadowsocks and reset all settings? I'm wondering if some remnant of the previous install is causing the issue.
Please tell me if the current version of the Cloak plug-in still supports redirecting non-client (regular HTTPS) traffic to a local web server. It seems the current version does not allow adding a port number to the redirect IP address (e.g., 127.0.0.1:123). If you cannot add a port number to the redirect IP address, then how can the server serve a standard, local web page to non-client traffic?
from shadowsocks-cloak-installer.
HirbodBehnam
commented on July 1, 2024
Hello
Depends; For example if you had compiled the shadowsocks, the script won't remove it. But if your last installation was with my script, it will remove all of the files.
For your next question, I think the answer is no it does not support it. Look here. This means that if the port is present in the config file, Cloak simply ignores it.
And I'm not really sure how you must redirect the traffic to a non 443 port https server.
And can you try to setup my script with default settings? I just want to know if it solves the problem or not. (Even let the redir address be the bing IP)
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
And can you try to setup my script with default settings? I just want to know if it solves the problem or not. (Even let the redir address be the bing IP)
I already tried uninstalling and re-installing with your script, with default settings. I still encounter the same issue on my production server.
WOW! The main reason I went with GoQuiet and then Cloak was because I could run it on the same server that runs Apache as a web server. It worked flawlessly with previous versions of Cloak. So are you telling me there is no way to do this with the current version of Cloak? I just want to make sure I am understanding you correctly. To my knowledge, you cannot have Apache and Cloak both listen on port 443, correct? That is why I made Apache listen on port 123 and had Cloak redirect regular traffic to port 123.
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
I tried running your script with defaults, again. However, before running the script, I manually removed rng-tools, haveged and lsof. Next, I ran your script and selected the uninstall option and then I rebooted the server and ran the script again.
I reconfigured my Shadowsocks client and tested. It seems to partially work. Most pages are extremly slow loading and some never load. What do the errors below mean:
systemctl status cloak-server -l
? cloak-server.service - Cloak Server Service
Loaded: loaded (/etc/systemd/system/cloak-server.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-12-02 13:55:36 EST; 13min ago
Main PID: 1349 (ck-server)
CGroup: /system.slice/cloak-server.service
??1349 /usr/local/bin/ck-server -c ckserver.json
Dec 02 14:05:03 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:05:03-05:00" level=warning msg="failed to unmarshal ClientHello into authenticationInfo: malformed key_share" UID= encryptionMethod=0 proxyMethod= remoteAddr="56.247.90.134:48732" sessionId=0
Dec 02 14:05:03 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:05:03-05:00" level=warning msg="failed to unmarshal ClientHello into authenticationInfo: malformed key_share" UID= encryptionMethod=0 proxyMethod= remoteAddr="107.175.132.187:34932" sessionId=0
Dec 02 14:05:03 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:05:03-05:00" level=warning msg="failed to unmarshal ClientHello into authenticationInfo: malformed key_share" UID= encryptionMethod=0 proxyMethod= remoteAddr="56.247.90.134:48734" sessionId=0
Dec 02 14:05:03 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:05:03-05:00" level=warning msg="failed to unmarshal ClientHello into authenticationInfo: malformed key_share" UID= encryptionMethod=0 proxyMethod= remoteAddr="107.175.132.187:34948" sessionId=0
Dec 02 14:05:37 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:05:37-05:00" level=warning msg="transport TLS in correct format but not Cloak: cipher: message authentication failed" UID= encryptionMethod=0 proxyMethod= remoteAddr="198.23.172.66:41458" sessionId=0
Dec 02 14:05:38 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:05:38-05:00" level=info msg="New session" UID="-REDACTED-==" sessionID=1015995996
Dec 02 14:06:08 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:06:08-05:00" level=info msg="Session closed" UID="-REDACTED-==" reason=timeout sessionID=1015995996
Dec 02 14:06:35 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:06:35-05:00" level=info msg="New session" UID="-REDACTED-==" sessionID=2176641424
Dec 02 14:07:07 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:07:07-05:00" level=warning msg="transport TLS in correct format but not Cloak: cipher: message authentication failed" UID= encryptionMethod=0 proxyMethod= remoteAddr="198.23.172.66:41838" sessionId=0
Dec 02 14:08:37 www.my_REDACTED_site.com ck-server[1349]: time="2019-12-02T14:08:37-05:00" level=warning msg="transport TLS in correct format but not Cloak: cipher: message authentication failed" UID= encryptionMethod=0 proxyMethod= remoteAddr="198.23.172.66:42188" sessionId=0
from shadowsocks-cloak-installer.
jeffshead
commented on July 1, 2024
I have verified that setting 127.0.0.1:123 as the redirect address was causing the initial problem. Cloak no longer supports redirecting non-shadowsocks client traffic to a local webserver the way that it used to.
I have been working on this issue, practically non-stop, since I first reported it. I have rebuilt the CentOS7 server and ran your script with all defaults. I still get the same error indicated in my most recent post. I even rebuilt the server, again, and used a different installation script from another Github repository and got the same exact results. I have concluded that the later versions of Cloak just do not work correctly on CentOS 7. Some pages never load and some take a very long time to load.
My latest test was to reinstall Shadowsocks and the v2ray-plugin. It is working better than Cloak ever did. Fast page loads and it does not drop the connection. Plus I can redirect to my local server with HTTPS or any other HTTPS public web page without encountering the SSL cert mismatch errors that I got when using Cloak.
Thanks for your help. I will watch for any updates and continue testing.
from shadowsocks-cloak-installer.
HirbodBehnam
commented on July 1, 2024
So it might be a server issue if another script is also failing. I might be a cloak incompatibility.
I'm closing this issue because you said another script also generated the same results.
Feel free to tell me to reopen it if you think that it is still a script problem.
from shadowsocks-cloak-installer.
Related Issues (20)
- Extreme conditions HOT 4
- Encryption HOT 2
- Just a question. HOT 2
- iOS Update HOT 1
- Question HOT 2
- Clock On OpenWRT HOT 1
- Cloak client error with openvpn HOT 3
- Does this work in the current situation in Iran? HOT 1
- Ck-Client Error
- WhatsApp does not work over Shadowsocks-Cloak-Installer HOT 4
- 9
- question about cloak HOT 1
- shadowsocks-rust status log after running for hours. HOT 1
- Loading websites issues after ipv6 update. HOT 3
- Config issue
- How to update shadowsocks-rust?
- MacOS support
- Browser Signature update. HOT 2
- ارور در اتصال
- Error in connection
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from shadowsocks-cloak-installer.