Comments (7)
redudp {
bind = "0.0.0.0:10053";
relay = "x.x.x.x:1080";
//login = username;// field 'login' is reused as encryption
// method of shadowsocks
//password = pazzw0rd;
// know types: socks5, shadowsocks
type = socks5;
// redsocks knows about two options while redirecting UDP packets at
// linux: TPROXY and REDIRECT. TPROXY requires more complex routing
// configuration and fresh kernel (>= 2.6.37 according to squid
// developers[1]) but has hack-free way to get original destination
// address, REDIRECT is easier to configure, but requires `dest`
// to be set, limiting packet redirection to single destination.
// [1] http://wiki.squid-cache.org/Features/Tproxy4
//dest = "8.8.8.8:53";
udp_timeout = 30;
// udp_timeout_stream = 180;
}
from redsocks.
我修改了redudp.c打印日志的代码
if (0 != bind(node->fd, (struct sockaddr*)addr, sizeof(*addr))) { const struct sockaddr_in *v4 = (const struct sockaddr_in*)addr; char str[1000]; char* ipAddressStr = inet_ntoa(v4->sin_addr); sprintf(str, "bind %s:%d", ipAddressStr,v4->sin_port); log_errno(LOG_ERR, str); goto fail; }
重新编译后的报错内容
1705994981.498481 err redudp.c:155 bound_udp_get(...) bind 192.168.11.53:37395: Address already in use
1705994981.498513 warning redudp.c:302 redudp_fwd_pkt_to_sender(...) [172.16.168.53:4780->192.168.11.53:5010]: bound_udp_get failure
发现redsocks把目标端口号5010=0x1392读取成了37395=0x9213,应该是大小端问题。
然后我使用抓包工具分析socks5代理服务器的回复数据包没有问题
![f41e0a9687bc8c8f00a1296718b132c](https://private-user-images.githubusercontent.com/35891490/298860542-a7fa9a0c-193a-4817-ba84-52db26ccb730.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MDkyNjcwMDIsIm5iZiI6MTcwOTI2NjcwMiwicGF0aCI6Ii8zNTg5MTQ5MC8yOTg4NjA1NDItYTdmYTlhMGMtMTkzYS00ODE3LWJhODQtNTJkYjI2Y2NiNzMwLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDAzMDElMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwMzAxVDA0MTgyMlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWQ5MTgwZjVhNTZmZmIxNzQxZWNhMjdkNTI2MDgzOGM3OWM3MjZjNGEwOTAzNTIzNDhhZmI4MWExYWI0MjNmYzQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.mn2DfGZWJdhwRvPsHGtL3vD_YgmI_DZ17UxYEwiSXAM)
我是用java实现的socks5服务器,下面是udp穿透中代理服务器给客户端回复部分的代码
`//从真实服务器发来的数据,封装后转发给客户端
ByteBuf originData = msg.content();
SocketAddress remoteServerAddress = msg.sender();
int remoteServerPort = msg.sender().getPort();
ByteBuf respBuff = Unpooled.buffer(originData.capacity() + 4 + ((InetSocketAddress) remoteServerAddress).getAddress().getAddress().length + 2);
// resp.put((byte)0x00); //保留
// resp.put((byte)0x00); //保留
// resp.put((byte)0x00); //分片
byte type = ((InetSocketAddress) remoteServerAddress).getAddress().getAddress().length == 4 ? TYPE_IPV4 : TYPE_IPV6;
byte[] header = new byte[]{0x00, 0x00, 0x00, type};
respBuff.writeBytes(header);
respBuff.writeBytes(((InetSocketAddress) remoteServerAddress).getAddress().getAddress()); //远程地址 0x08 0x08 0x08 0x08
Short remotePort = (short) (remoteServerPort & 0xFFFF);
respBuff.writeShort(remotePort); // 远程地址端口 0x00 0x35
//真实数据
respBuff.writeBytes(originData);
ctx.channel().writeAndFlush(new DatagramPacket(respBuff,
new InetSocketAddress(clientAddress, clientPort)));`
另外我发现同样的redsocks代码再ubuntu上可以正常运行,在centos7上会出现这样的问题
from redsocks.
from redsocks.
from redsocks.
花了点时间调查了一下。你这个问题我没办法确认。你看到的端口错误其实是因为你打印的时候没有做ntohs。#194 的问题没解决之前,兼容性是个问题。
from redsocks.
的确是打印错误,但是我已经找到了原因。当udp穿透的目标端口是53时,如果允许redsocks的主机上已经运行了dns服务就会出现bound_udp_get(...) bind: Address already in use。同样的我上面提到的目标端口是5010的错误也是因为本机udp5010端口已经被占用了。当我把5010端口所在的服务监听的地址从绑定所有地址0.0.0.0:5010改成其中一个地址172.16.0.8:5010后错误就消失了。虽然错误解决了,但是我不理解为什么redsocks转发udp数据时要在本机上绑定目标端口,这是TPROXY机制吗?
from redsocks.
要绑定的是目标地址,以便以目标地址向客户端发响应数据。
from redsocks.
Related Issues (20)
- Use redsocks2 to relay UDP packets over QUIC protocol HOT 2
- Support remote dns via socks5 HOT 1
- macos 12.2.1 编译失败 HOT 2
- Please help me I can't figure out how to compile on android
- Tailscale redirect HOT 1
- SSL Error: SSL routines ssl3_get_record: wrong version number [For redsocks2 type - HTTPS-CONNECT] HOT 4
- Can we use HTTP proxy, when redsocks2 is configured with type=https-connect ? HOT 1
- invalid client request received: no host header received - For type=https-connect method HOT 1
- help me configering simple socks4 proxy. HOT 1
- Help, problem with reudp( HOT 4
- git apply patches/disable-ss.patch 也不能用了 HOT 3
- 求助大神,编译不成功 HOT 3
- 开发者你好,烦请提供编译好的可执行文件吧 HOT 6
- What is needed to proxy HTTP3/QUIC requests? HOT 1
- Compilation error on Debian 11 HOT 1
- s5代理失败 HOT 2
- 出现了accept: out of file descriptors, backing off HOT 1
- 如果服务器(就是说没有网络)没有返回请求,那这个fd岂不是一直增加得不到释放? HOT 2
- socks5 UDP全局转发下 如果遇到socks服务器下发的relay服务器地址为0.0.0.0,下发的端口不为0,会出现代理失败 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from redsocks.