Giter VIP home page Giter VIP logo

snet's People

Contributors

monsterxx03 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

wade-welles logonod wzlyvg387u banben woshilaiba allenhsu error996 gonejack qingchen1984 fbion oxj4ck

snet's Issues

小米路由器3上 无法工作

  1. 下载的 snet_mipsle
  2. mode: 'local' 在路由器上工作正常
  3. mode: 'router' 在路由器上只能访问国内网站, 无法访问国外网站, 在连接该wifi的电脑上无法访问任何网站
  4. 即使停止 甚至 iptables -t nat -F 电脑都无法访问外网
  5. 重启路由器后正常
iptables -L -n --line-number -t nat 
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    REDIRECT   udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53 redir ports 1211
2    SNET       tcp  --  0.0.0.0/0            0.0.0.0/0
3    delegate_prerouting  all  --  0.0.0.0/0            0.0.0.0/0

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
1    SNET       tcp  --  0.0.0.0/0            0.0.0.0/0

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    delegate_postrouting  all  --  0.0.0.0/0            0.0.0.0/0

Chain MINIUPNPD (1 references)
num  target     prot opt source               destination

Chain SNET (2 references)
num  target     prot opt source               destination
1    RETURN     tcp  --  0.0.0.0/0            0.0.0.0/0            match-set BYPASS_SNET dst
2    REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0            redir ports 1111

Chain delegate_postrouting (1 references)
num  target     prot opt source               destination
1    postrouting_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for postrouting */
2    zone_lan_postrouting  all  --  0.0.0.0/0            0.0.0.0/0
3    zone_wan_postrouting  all  --  0.0.0.0/0            0.0.0.0/0
4    zone_ready_postrouting  all  --  0.0.0.0/0            0.0.0.0/0

Chain delegate_prerouting (1 references)
num  target     prot opt source               destination
1    prerouting_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for prerouting */
2    zone_lan_prerouting  all  --  0.0.0.0/0            0.0.0.0/0
3    zone_wan_prerouting  all  --  0.0.0.0/0            0.0.0.0/0
4    zone_ready_prerouting  all  --  0.0.0.0/0            0.0.0.0/0

Chain postrouting_lan_rule (1 references)
num  target     prot opt source               destination

Chain postrouting_ready_rule (1 references)
num  target     prot opt source               destination

Chain postrouting_rule (1 references)
num  target     prot opt source               destination

Chain postrouting_wan_rule (1 references)
num  target     prot opt source               destination

Chain prerouting_lan_rule (1 references)
num  target     prot opt source               destination
1    rr_rule    tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
2    REDIRECT   udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53 u32 "0x0>>0x16&0x3c@0x14&0xffdfdfdf=0x3575757&&0x0>>0x16&0x3c@0x18&0xffdfdfdf=0x64d4957&&0x0>>0x16&0x3c@0x1c&0xdfdfdfff=0x49464903&&0x0>>0x16&0x3c@0x20&0xdfdfdf00=0x434f4d00" redir ports 53
3    REDIRECT   udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53 u32 "0x0>>0x16&0x3c@0x14&0xffdfdfdf=0x64d4957&&0x0>>0x16&0x3c@0x18&0xdfdfdfff=0x49464903&&0x0>>0x16&0x3c@0x1c&0xdfdfdf00=0x434f4d00" redir ports 53

Chain prerouting_ready_rule (1 references)
num  target     prot opt source               destination

Chain prerouting_rule (1 references)
num  target     prot opt source               destination

Chain prerouting_wan_rule (1 references)
num  target     prot opt source               destination

Chain rr_rule (1 references)
num  target     prot opt source               destination

Chain zone_lan_postrouting (1 references)
num  target     prot opt source               destination
1    postrouting_lan_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for postrouting */

Chain zone_lan_prerouting (1 references)
num  target     prot opt source               destination
1    prerouting_lan_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for prerouting */
2    REDIRECT   tcp  --  0.0.0.0/0            198.51.100.9         tcp dpt:80 /* nxdomain */ redir ports 8190

Chain zone_ready_postrouting (1 references)
num  target     prot opt source               destination
1    postrouting_ready_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for postrouting */

Chain zone_ready_prerouting (1 references)
num  target     prot opt source               destination
1    prerouting_ready_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for prerouting */

Chain zone_wan_postrouting (1 references)
num  target     prot opt source               destination
1    postrouting_wan_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for postrouting */
2    MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0

Chain zone_wan_prerouting (1 references)
num  target     prot opt source               destination
1    MINIUPNPD  all  --  0.0.0.0/0            0.0.0.0/0
2    prerouting_wan_rule  all  --  0.0.0.0/0            0.0.0.0/0            /* user chain for prerouting */

能否检测一个网址/一个域名 是走的 fq 还是 bypass 还是 block

首先, 谢谢作者 创建了 Snet, 已经切换该工具作为默认

因为从其他工具转换过来, 有强迫症想知道 哪些请求走了代理, 哪些没有

配置了

{
 'proxy-scope': 'bypassCN',
}

能否获取 某个 域名 是用了哪个DNS查询返回的IP, 通过代理还是本地直接请求的?

macos 作为router

sudo sysctl -w net.inet.ip.forwarding=1

lo="lo0"
dev="en0"
client = "192.168.1.5"
rdr on $lo inet proto tcp from {$dev $client} to any port 1:65535 -> {{.snetHost }} port {{ .snetPort }} # let proxy handle tcp
rdr on $lo inet proto udp from {$dev $client} to any port 53 -> {{ .snetHost }} port {{ .dnsPort }} # let proxy handle dns query
pass out on $dev route-to $lo inet proto tcp from {$dev} to any port 1:65535 # re-route outgoing tcp
pass out on $dev route-to $lo inet proto udp from {$dev} to any port 53 # re-route outgoing udp

提供一种电脑做网关的思路

可以的
https://github.com/FlowerWrong/tun2socks
https://github.com/xjasonlyu/tun2socks
这两个已经实现fake dns
surge增强模式也是这样
有两种方式
google.com -> 192.18.0.1
google.com.hk -> 192.18.0.2

google.com -> 192.18.0.1:1111
google.com.hk -> 192.18.0.2:1112

通过这种关联即可

个人系统192.168.1.2开启
net.inet.ip.forwarding=1
开启tun2socks
sudo route add 198.18.0.2/24 240.0.0.1(tun网关)

手机设置网关192.168.1.2
所有流量走192.168.1.2了吧
192.168.1.2开启fake dns
手机dns服务器也设置为192.168.1.2
手机访问google.com 得到ip 192.18.0.1
手机连接192.18.0.1经过192.168.1.2
192.18.0.1走tun接口
tun2socks检测到访问192.18.0.1->google.com

此时tun2socks->v2ray inbounds
由v2ray来识别国外国内 google facebook twitter等域名

假如手机访问baidu,v2ray直接识别为geosite:cn ip 流量直接国内走

tun2socks只需要提供fake dns和代理功能
分流交给v2ray来做
这样

support udp protocol

hi, any plan for supporting udp protocol ? i think the kcptun has significant improvement to speed up network

【提议】可否将刷路由表的操作与运行分开

刷路由表需要 sudo 权限,运行需要输入密码会比较麻烦,如果能够分开的话,可以把 snet 一直放在后台运行,而只需要在终端控制一下路由表来控制是否走代理,这样会方便许多。

[建议]Server 增加websocket,并支持自定义tls common name

建议,来源,本地网络环境恶劣,本地宽带200m联通,光猫已改桥接,i7软路由,千兆网卡,运营商QOS限速,udp阻断(超级长城宽带,我感觉也就西北大省和我这有的一拼)

本地网络环境(以阿里云北京BGP-1000Mbps测速):

  • 低峰时期:城际出口可达50M
  • 晚高峰时期:城际出口最高1.6M

隧道实际测试情况:

  • VLESS:2M
  • Xray:5M
  • WS:10M
  • WSS:12M
  • WSS+CDN:40-180M

也就是我这里要想愉悦的使用,只能使用wss,并且cdn优选,目前我这里是用go简单写了个wss在使用,套娃clash,但是iptables下tproxy导致的锥形网络始终有瓶颈,这也算给大家一种解决方案吧,有时候有全栈网络需求时候,只能用socks over tun来搞,因为基本一到下午4点,城际出口只有2m,王者荣耀ping值没低于200的时候
算是个建议吧
T_T

关于Tproxy的问题可以参考:

https://blog.51cto.com/dog250/1315782

个人建议能不用这玩意做透明代理就别用

我目前的方案:
CN2 GIA LSJ-DC6和ASN9929圣何塞两台vps做前端,nginx做wss负载均衡,后端用8刀一年的同机房vps做后端,本地用wss客户端,走cdn到前端,目前除了谷歌不定时需要点验证码,速度基本能压榨到极限

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.