Giter VIP home page Giter VIP logo

Comments (8)

hongwenjun avatar hongwenjun commented on June 13, 2024

参考这个,就是 把kcptun 换成了 speeder

参数参考 udp2raw+kcptun 加速tcp流量 Step by Step 教程
https://github.com/wangyu-/udp2raw-tunnel/blob/master/doc/kcptun_step_by_step.md

from vps_setup.

hongwenjun avatar hongwenjun commented on June 13, 2024

WireGuard + Speeder + Udp2Raw

如果你客户端是 unbuntu 客户端使用一键脚本安装,从服务器下载客户端配置,替换本地的 wg0 就可以

from vps_setup.

butterl avatar butterl commented on June 13, 2024

我拆开了UDP2RAW 和speeder, 使用 wireguard + UDP2RAW 调试,发现wireguard 启动后就无法ping 通了

Server side:
udp2raw -s -l0.0.0.0:8888 -r127.0.0.1:443 -k "passwd" --raw-mode faketcp -a

Client side:
udp2raw -c -rserverip:8888 -l0.0.0.0:8887 --raw-mode faketcp -a -k"passwd"

未连接wg 时,udp2raw 的server he client 均为ready 状态

[2018-12-24 09:53:45][INFO][45.249.212.49:2293]received syn,sent syn ack back
[2018-12-24 09:53:45][INFO][45.249.212.49:2293]got packet from a new ip
[2018-12-24 09:53:45][INFO][45.249.212.49:2293]created new conn,state: server_handshake1,my_id is d5339b09
[2018-12-24 09:53:45][INFO][45.249.212.49:2293]changed state to server_handshake1,my_id is d5339b09
[2018-12-24 09:53:45][INFO][45.249.212.49:2293]received handshake oppsite_id:5c78d937  my_id:d5339b09
[2018-12-24 09:53:45][INFO][45.249.212.49:2293]oppsite const_id:e5b9e7db 
[2018-12-24 09:53:45][INFO][45.249.212.49:2293]changed state to server_ready

Wg0配置如下
Client:

[Interface]
PrivateKey = <client privatekey>
Address = 10.0.0.3/24
DNS = 8.8.8.8
MTU = 1300
[Peer]
PublicKey = <server pubkey>
Endpoint = 127.0.0.1:8887
AllowedIPs = 0.0.0.0/0, ::0/0
PersistentKeepalive = 25

server wg0 config

[Interface]
Address = 10.0.0.1/24
MTU = 1420
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 443
PrivateKey = <server private key>

[Peer]
PublicKey = <client pubkey>
AllowedIPs = 10.0.0.3/32

from vps_setup.

hongwenjun avatar hongwenjun commented on June 13, 2024

单独 wg+ udp2raw 需要把 MTU 改成1300以下

from vps_setup.

butterl avatar butterl commented on June 13, 2024

MTU 改成了1280 或者更低, 依旧是 wg up 后 udp2raw就断流

[2018-12-24 20:33:25][INFO]source_addr is now 192.168.42.95
[2018-12-24 20:33:25][INFO]using port 31194
[2018-12-24 20:33:25][INFO]state changed from client_idle to client_tcp_handshake
[2018-12-24 20:33:25][INFO](re)sent tcp syn
[2018-12-24 20:33:25][INFO]state changed from client_tcp_handshake to client_handshake1
[2018-12-24 20:33:25][INFO](re)sent handshake1
[2018-12-24 20:33:26][INFO]changed state from to client_handshake1 to client_handshake2,my_id is a3bacc41,oppsite id is 24dc0fee
[2018-12-24 20:33:26][INFO](re)sent handshake2
[2018-12-24 20:33:26][INFO]changed state from to client_handshake2 to client_ready
///////// wg-quick up wg0
[2018-12-24 20:34:24][INFO]new packet from 127.0.0.1:46086,conv_id=62de6c9a
[2018-12-24 20:34:36][INFO]state back to client_idle from  client_ready bc of client-->server direction timeout
[2018-12-24 20:34:37][INFO]source_addr is now 10.0.0.3
[2018-12-24 20:34:37][INFO]using port 14613
[2018-12-24 20:34:37][INFO]state changed from client_idle to client_tcp_handshake
[2018-12-24 20:34:37][INFO](re)sent tcp syn
[2018-12-24 20:34:38][INFO](re)sent tcp syn
[2018-12-24 20:34:39][INFO](re)sent tcp syn
[2018-12-24 20:34:40][INFO](re)sent tcp syn
[2018-12-24 20:34:42][INFO](re)sent tcp syn
[2018-12-24 20:34:42][INFO]state back to client_idle from client_tcp_handshake
[2018-12-24 20:34:42][INFO]source_addr is now 10.0.0.3
[2018-12-24 20:34:42][INFO]using port 25136
[2018-12-24 20:34:42][INFO]state changed from client_idle to client_tcp_handshake
[2018-12-24 20:34:42][INFO](re)sent tcp syn
[2018-12-24 20:34:44][INFO](re)sent tcp syn
[2018-12-24 20:34:45][INFO](re)sent tcp syn
[2018-12-24 20:34:46][INFO](re)sent tcp syn
[2018-12-24 20:34:47][INFO](re)sent tcp syn
[2018-12-24 20:34:48][INFO]state back to client_idle from client_tcp_handshake

from vps_setup.

butterl avatar butterl commented on June 13, 2024

问题已经解决 增加 如下路由即可,默认情况下wireguard 截获了所有的流量,udp2raw的出口流量又重定向到了wireguard, 形成了回环
ip route add $server via $(ip route | awk '$1=="default" {print $3}')

from vps_setup.

hongwenjun avatar hongwenjun commented on June 13, 2024

问题已经解决 增加 如下路由即可,默认情况下wireguard 截获了所有的流量,udp2raw的出口流量又重定向到了wireguard, 形成了回环
ip route add $server via $(ip route | awk '$1=="default" {print $3}')

windows 客户段是先加这句,和你发现的应该同样道理
@route add %SERVER_IP% mask 255.255.255.0 default METRIC default IF default

wg0.conf 列 iptables 语句是网上流传,听大神说写的不太好。

测试新的路由防火墙规则,你改下试试

PostUp = iptables -I FORWARD -i wg0 -j ACCEPT; iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

from vps_setup.

butterl avatar butterl commented on June 13, 2024

这个新的规则是添加到sever侧的? 不需要指定网络出口的网卡了啊

from vps_setup.

Related Issues (15)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.