Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

shadowsocks-windows UDP问题 #1881

Closed
Bluemiaocat opened this issue Jun 10, 2018 · 31 comments
Closed

shadowsocks-windows UDP问题 #1881

Bluemiaocat opened this issue Jun 10, 2018 · 31 comments
Labels
help wanted question

Comments

@Bluemiaocat
Copy link

使用SuperSocks5Cap搭配shadowsocks-windows版本是4.0.10,测试NAT类型(所有开启UDP转发的节点),得到的结果是UdpBlocked,而使用shadowsocksR版本是4.7(使用同样节点)得到的结果是PortRestrictedCone
snipaste_2018-06-10_16-52-59
photo_2018-06-10_16-42-17
@celeron533 @madeye
@Bluemiaocat
Copy link
Author

我有经过游戏(GTA5)测试,NAT类型是UDP被屏蔽,并不能正常游戏,使用SSR客户端来使用SS则一切正常

@chenshaoju
Copy link
Collaborator

感谢报告,测试了一下,的确有问题,服务器端开启UDP支持的情况下,客户端不会发送UDP请求到服务器,感觉SS客户端什么地方有问题。

如果你用于游戏,个人建议使用SSTap: https://www.sockscap64.com/zh-hans/sstap/

请注意:SSTap不是 Shadowsocks for Windows 的一部分。

@Bluemiaocat
Copy link
Author

@chenshaoju 使用SSTap会导致游戏的nat类型是nat3,根本没办法游戏,所以希望能尽快修复这个BUG

@Rem1x-2019
Copy link

我直接安装anyconnect上游戏,完全没问题,SS的UDP支持还是不太好,

@celeron533
Copy link
Contributor

celeron533 commented Jun 12, 2018
edited
Loading

了解了, @xyj1999
服务端用的是libev还是python?

@Bluemiaocat
Copy link
Author

@celeron533 服务端用的是libev

@celeron533
Copy link
Contributor

celeron533 commented Jun 12, 2018
edited
Loading

Hi @wongsyrone , I noticed in UDPRelay.cs:

shadowsocks-windows/shadowsocks-csharp/Controller/Service/UDPRelay.cs

Line 83 in 79f33bc

Array.Copy(data, 3, dataIn, 0, length - 3);

shadowsocks-windows/shadowsocks-csharp/Controller/Service/UDPRelay.cs

Line 86 in 79f33bc

encryptor.EncryptUDP(dataIn, length - 3, dataOut, out outlen); 

            public void Send(byte[] data, int length)
            {
                IEncryptor encryptor = EncryptorFactory.GetEncryptor(_server.method, _server.password);
                byte[] dataIn = new byte[length - 3];
                Array.Copy(data, 3, dataIn, 0, length - 3);
                byte[] dataOut = new byte[65536];  // enough space for AEAD ciphers
                int outlen;
                encryptor.EncryptUDP(dataIn, length - 3, dataOut, out outlen);
                Logging.Debug(_localEndPoint, _remoteEndPoint, outlen, "UDP Relay");
                _remote?.SendTo(dataOut, outlen, SocketFlags.None, _remoteEndPoint);
            }

But I am not sure why there is a 3 byte offset?

@wongsyrone
Copy link
Contributor

忽略两字节rsv和一字节frag

@celeron533
Copy link
Contributor

忽略两字节rsv和一字节frag

Thx

# SOCKS5 UDP Request
# +----+------+------+----------+----------+----------+
# |RSV | FRAG | ATYP | DST.ADDR | DST.PORT |   DATA   |
# +----+------+------+----------+----------+----------+
# | 2  |  1   |  1   | Variable |    2     | Variable |
# +----+------+------+----------+----------+----------+

# SOCKS5 UDP Response
# +----+------+------+----------+----------+----------+
# |RSV | FRAG | ATYP | DST.ADDR | DST.PORT |   DATA   |
# +----+------+------+----------+----------+----------+
# | 2  |  1   |  1   | Variable |    2     | Variable |
# +----+------+------+----------+----------+----------+

# shadowsocks UDP Request (before encrypted)
# +------+----------+----------+----------+
# | ATYP | DST.ADDR | DST.PORT |   DATA   |
# +------+----------+----------+----------+
# |  1   | Variable |    2     | Variable |
# +------+----------+----------+----------+

# shadowsocks UDP Response (before encrypted)
# +------+----------+----------+----------+
# | ATYP | DST.ADDR | DST.PORT |   DATA   |
# +------+----------+----------+----------+
# |  1   | Variable |    2     | Variable |
# +------+----------+----------+----------+

# shadowsocks UDP Request and Response (after encrypted)
# +-------+--------------+
# |   IV  |    PAYLOAD   |
# +-------+--------------+
# | Fixed |   Variable   |
# +-------+--------------+

@Bluemiaocat
Copy link
Author

@celeron533 不好意思再次打扰,这个问题有望在下个版本解决吗?也非常感谢你们能抽空开发shadowsocks,让我们这些小白能愉快的墙外冲浪

@celeron533
Copy link
Contributor

@xyj1999 最近一直在外出。。。抱歉

@celeron533
Copy link
Contributor

#1106 (comment) 不知道GTA是不是带了FRAG?

@Bluemiaocat
Copy link
Author

GTA带不带FRAG这个要怎么进行测试?现在表示看91的时候视频也不能正常加载,,,,

@Bluemiaocat
Copy link
Author

91的是我自身设置问题,不好意思

@Bluemiaocat
Copy link
Author

@celeron533 很感谢更新,但是问题还是依旧,我这个问题不是一个BUG吗?

@celeron533
Copy link
Contributor

现在还不确定,试过ProxyCap和SocksCap吗

@Bluemiaocat
Copy link
Author

beta
问题复现~ @celeron533

@celeron533
Copy link
Contributor

我这边重现了一样问题。有空看看

@celeron533
Copy link
Contributor

加密后的UDP包送去了服务器就没有任何UDP返回。。。很有可能是服务器直接判断加密方法不符,然后就没有然后了

@celeron533
Copy link
Contributor

celeron533 commented Dec 13, 2018
edited
Loading

@Bluemiaocat 加密是不是用了AEAD相关?

可能是缺失socks5.bind导致UDP服务器发起连接打洞失败

@Bluemiaocat
Copy link
Author

是的,加密使用的AEAD @celeron533

@celeron533
Copy link
Contributor

image
@Bluemiaocat sockscap64 自带的测试结果是什么呢

@Bluemiaocat
Copy link
Author

@celeron533
image没有问题

@superdollar
Copy link

superdollar commented Jun 11, 2019
edited
Loading

这个问题后来解决了吗?

@celeron533
Copy link
Contributor

@superdollar please try https://ci.appveyor.com/project/celeron533/shadowsocks-windows/builds/25078158/job/ku65g6pncm2yseud/artifacts

@superdollar
Copy link

superdollar commented Jun 12, 2019
edited
Loading

试了一下还不行,目前还不确定是什么问题
target : openvpn over ss
openvpn : 2.3.2, udp (direct connection without ss is OK), turned on socks-proxy
server : shadowsocks-libev 3.1.3 (UDP relay enabled observed in log)(ubuntu 18.04 apt install)
client : shadowsocks-windows 4.1.6.8 & 4.1.6.18 (openvpn over TCP works)
method : aes-256-cfb
client log : Socket connected to ss server : **** : 443 (repeated 5 times, then)
connect to 0.0.0.0:0
server log : nothing

我没有打开server端防火墙的UDP input 443,打开后server log就有数据了,虽然openvpn连接还是authentication出错,但因该不是ss的问题了

@chenshaoju
Copy link
Collaborator

如果你希望使用OpenVPN over SS,你应该考虑使用OpenVPN的TCP模式。

@superdollar
Copy link

TCP模式是可以工作的,就是怕TCP over TCP的问题想试试能不能UDP over TCP
顺便问一下,如果是ss是UDP relay方式,ss server 和 client 之间因该还是tcp数据流吧?

@superdollar
Copy link

superdollar commented Jul 28, 2019
edited
Loading

UDP relay WORKS! i.e. OpenVPN over SS works in udp over udp mode.

  • SS server : shadowsocks-libev v3.1.3 (ubuntu 18.04) with UDP relay
  • SS client : v4.1.7.1
  • openvpn v2.2.3 UDP mode with socks-proxy option to SS

Thanks for fixing udp problem.

@ghost
Copy link

ghost commented Jan 5, 2020

#2387, maybe we can close it now?

@superdollar
Copy link

I personally believe that this ticket can be closed. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@chenshaoju @celeron533 @wongsyrone @Bluemiaocat @Rem1x-2019 @superdollar